From: Lukasz Jarocki Date: Tue, 17 Aug 2021 11:19:51 +0000 (+0200) Subject: SONAR-15142 adding user login to audit log when removing or adding permission X-Git-Tag: 9.1.0.47736~131 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=6684e2cb53b81ae3522c18efa2fe2f9d44bec5e9;p=sonarqube.git SONAR-15142 adding user login to audit log when removing or adding permission --- diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/GroupPermissionNewValue.java b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/GroupPermissionNewValue.java new file mode 100644 index 00000000000..ca0fec0c2dd --- /dev/null +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/GroupPermissionNewValue.java @@ -0,0 +1,74 @@ +/* + * SonarQube + * Copyright (C) 2009-2021 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.db.audit.model; + +import javax.annotation.Nullable; +import org.sonar.db.permission.GroupPermissionDto; + +public class GroupPermissionNewValue extends PermissionNewValue { + + @Nullable + private String groupUuid; + + @Nullable + private String groupName; + + public GroupPermissionNewValue(String uuid, String rootComponentUuid, String componentName, String role, String groupUuid, + String groupName, String qualifier) { + super(uuid, rootComponentUuid, componentName, role, qualifier); + this.groupUuid = groupUuid; + this.groupName = groupName; + } + + public GroupPermissionNewValue(String rootComponentUuid, String componentName, String role, String groupUuid, + String groupName, String qualifier) { + this(null, rootComponentUuid, componentName, role, groupUuid, groupName, qualifier); + } + + public GroupPermissionNewValue(GroupPermissionDto dto, String qualifier) { + this(dto.getUuid(), dto.getComponentUuid(), dto.getComponentName(), dto.getRole(), dto.getGroupUuid(), + dto.getGroupName(), qualifier); + } + + @Nullable + public String getGroupUuid() { + return groupUuid; + } + + @Nullable + public String getGroupName() { + return groupName; + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("{"); + addField(sb, "\"permissionUuid\": ", this.permissionUuid, true); + addField(sb, "\"role\": ", this.role, true); + addField(sb, "\"groupUuid\": ", this.groupUuid, true); + addField(sb, "\"groupName\": ", this.groupName, true); + addField(sb, "\"componentUuid\": ", this.componentUuid, true); + addField(sb, "\"componentName\": ", this.componentName, true); + addField(sb, "\"qualifier\": ", this.qualifier, true); + endString(sb); + return sb.toString(); + } + +} diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java index e0f8ed1c834..af12b7b4a4a 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java @@ -21,63 +21,30 @@ package org.sonar.db.audit.model; import javax.annotation.CheckForNull; import javax.annotation.Nullable; -import org.sonar.db.permission.GroupPermissionDto; -import org.sonar.db.permission.UserPermissionDto; -public class PermissionNewValue extends NewValue { +public abstract class PermissionNewValue extends NewValue { @Nullable - private String permissionUuid; + protected String permissionUuid; @Nullable - private String groupUuid; + protected String componentUuid; @Nullable - private String groupName; + protected String componentName; @Nullable - private String userUuid; + protected String role; @Nullable - private String componentUuid; + protected String qualifier; - @Nullable - private String componentName; - - @Nullable - private String role; - - @Nullable - private String qualifier; - - public PermissionNewValue(GroupPermissionDto groupPermissionDto, @Nullable String componentName, @Nullable String qualifier) { - this.permissionUuid = groupPermissionDto.getUuid(); - this.role = groupPermissionDto.getRole(); - this.groupUuid = groupPermissionDto.getGroupUuid(); - this.groupName = groupPermissionDto.getGroupName(); - this.componentUuid = groupPermissionDto.getComponentUuid(); - this.role = groupPermissionDto.getRole(); + protected PermissionNewValue(@Nullable String permissionUuid, @Nullable String componentUuid, @Nullable String componentName, + @Nullable String role, @Nullable String qualifier) { + this.permissionUuid = permissionUuid; + this.componentUuid = componentUuid; this.componentName = componentName; this.qualifier = getQualifier(qualifier); - } - - public PermissionNewValue(UserPermissionDto permissionDto, @Nullable String componentName, @Nullable String qualifier) { - this.permissionUuid = permissionDto.getUuid(); - this.userUuid = permissionDto.getUserUuid(); - this.componentUuid = permissionDto.getComponentUuid(); - this.role = permissionDto.getPermission(); - this.componentName = componentName; - this.qualifier = getQualifier(qualifier); - } - - public PermissionNewValue(@Nullable String role, @Nullable String groupUuid, @Nullable String groupName, @Nullable String rootComponentUuid, - @Nullable String componentName, @Nullable String qualifier, @Nullable String userUuid) { this.role = role; - this.groupUuid = groupUuid; - this.groupName = groupName; - this.componentUuid = rootComponentUuid; - this.componentName = componentName; - this.userUuid = userUuid; - this.qualifier = getQualifier(qualifier); } @CheckForNull @@ -85,16 +52,6 @@ public class PermissionNewValue extends NewValue { return this.permissionUuid; } - @CheckForNull - public String getGroupUuid() { - return this.groupUuid; - } - - @CheckForNull - public String getGroupName() { - return this.groupName; - } - @CheckForNull public String getComponentUuid() { return this.componentUuid; @@ -115,23 +72,4 @@ public class PermissionNewValue extends NewValue { return this.qualifier; } - @CheckForNull - public String getUserUuid() { - return this.userUuid; - } - - @Override - public String toString() { - StringBuilder sb = new StringBuilder("{"); - addField(sb, "\"permissionUuid\": ", this.permissionUuid, true); - addField(sb, "\"role\": ", this.role, true); - addField(sb, "\"groupUuid\": ", this.groupUuid, true); - addField(sb, "\"groupName\": ", this.groupName, true); - addField(sb, "\"componentUuid\": ", this.componentUuid, true); - addField(sb, "\"componentName\": ", this.componentName, true); - addField(sb, "\"qualifier\": ", this.qualifier, true); - addField(sb, "\"userUuid\": ", this.userUuid, true); - endString(sb); - return sb.toString(); - } } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/UserPermissionNewValue.java b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/UserPermissionNewValue.java new file mode 100644 index 00000000000..32cd484c326 --- /dev/null +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/UserPermissionNewValue.java @@ -0,0 +1,73 @@ +/* + * SonarQube + * Copyright (C) 2009-2021 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.db.audit.model; + +import javax.annotation.Nullable; +import org.sonar.db.permission.UserPermissionDto; + +public class UserPermissionNewValue extends PermissionNewValue { + + @Nullable + private String userUuid; + + @Nullable + private String userLogin; + + public UserPermissionNewValue(UserPermissionDto permissionDto, @Nullable String projectName, @Nullable String userLogin, String qualifier) { + super(permissionDto.getUuid(), permissionDto.getComponentUuid(), projectName, permissionDto.getPermission(), qualifier); + this.userUuid = permissionDto.getUserUuid(); + this.userLogin = userLogin; + } + + public UserPermissionNewValue(String userUuid, String qualifier) { + this(null, null, null, userUuid, null, qualifier); + } + + public UserPermissionNewValue(String role, String projectUuid, String projectName, String userUuid, String userLogin, String qualifier) { + super(null, projectUuid, projectName, role, qualifier); + this.userUuid = userUuid; + this.userLogin = userLogin; + } + + @Nullable + public String getUserUuid() { + return userUuid; + } + + @Nullable + public String getUserLogin() { + return userLogin; + } + + @Override + public String toString() { + StringBuilder sb = new StringBuilder("{"); + addField(sb, "\"permissionUuid\": ", this.permissionUuid, true); + addField(sb, "\"role\": ", this.role, true); + addField(sb, "\"componentUuid\": ", this.componentUuid, true); + addField(sb, "\"componentName\": ", this.componentName, true); + addField(sb, "\"userUuid\": ", this.userUuid, true); + addField(sb, "\"userLogin\": ", this.userLogin, true); + addField(sb, "\"qualifier\": ", this.qualifier, true); + endString(sb); + return sb.toString(); + } + +} diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java index a95cccfdf58..72a3a3a876e 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java @@ -30,7 +30,7 @@ import org.sonar.api.security.DefaultGroups; import org.sonar.db.Dao; import org.sonar.db.DbSession; import org.sonar.db.audit.AuditPersister; -import org.sonar.db.audit.model.PermissionNewValue; +import org.sonar.db.audit.model.GroupPermissionNewValue; import org.sonar.db.component.ComponentDto; import static org.sonar.db.DatabaseUtils.executeLargeInputs; @@ -127,9 +127,8 @@ public class GroupPermissionDao implements Dao { mapper(dbSession).insert(groupPermissionDto); if (auditPersister != null) { - String componentName = (componentDto != null) ? componentDto.name() : null; String qualifier = (componentDto != null) ? componentDto.qualifier() : null; - auditPersister.addGroupPermission(dbSession, new PermissionNewValue(groupPermissionDto, componentName, qualifier)); + auditPersister.addGroupPermission(dbSession, new GroupPermissionNewValue(groupPermissionDto, qualifier)); } } @@ -140,8 +139,8 @@ public class GroupPermissionDao implements Dao { int deletedRecords = mapper(dbSession).deleteByRootComponentUuid(component.uuid()); if (deletedRecords > 0 && auditPersister != null) { - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(null, null, null, component.uuid(), component.name(), - component.qualifier(), null)); + auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), + component.name(), null, null, null, component.qualifier())); } } @@ -153,8 +152,8 @@ public class GroupPermissionDao implements Dao { int deletedRecords = mapper(dbSession).deleteByRootComponentUuidAndGroupUuid(component.uuid(), groupUuid); if (deletedRecords > 0 && auditPersister != null) { - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(null, groupUuid, "", component.uuid(), component.name(), - component.qualifier(), null)); + auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), + component.name(), null, groupUuid, "", component.qualifier())); } return deletedRecords; } @@ -163,8 +162,8 @@ public class GroupPermissionDao implements Dao { int deletedRecords = mapper(dbSession).deleteByRootComponentUuidAndGroupUuid(component.uuid(), null); if (deletedRecords > 0 && auditPersister != null) { - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(null, null, null, component.uuid(), - component.name(), component.qualifier(), null)); + auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), + component.name(), null, null, null, component.qualifier())); } return deletedRecords; @@ -177,8 +176,8 @@ public class GroupPermissionDao implements Dao { int deletedRecords = mapper(dbSession).deleteByRootComponentUuidAndPermission(component.uuid(), permission); if (deletedRecords > 0 && auditPersister != null) { - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(permission, null, null, component.uuid(), - component.name(), component.qualifier(), null)); + auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), + component.name(), permission, null, null, component.qualifier())); } return deletedRecords; @@ -198,16 +197,16 @@ public class GroupPermissionDao implements Dao { * @param groupUuid if null, then anyone, else uuid of group * @param rootComponentUuid if null, then global permission, otherwise the uuid of root component (project) */ - public void delete(DbSession dbSession, String permission, - @Nullable String groupUuid, @Nullable String groupName, @Nullable String rootComponentUuid, @Nullable ComponentDto componentDto) { + public void delete(DbSession dbSession, String permission, @Nullable String groupUuid, + @Nullable String groupName, @Nullable String rootComponentUuid, @Nullable ComponentDto componentDto) { int deletedRecords = mapper(dbSession).delete(permission, groupUuid, rootComponentUuid); if (deletedRecords > 0 && auditPersister != null) { - String projectName = (componentDto != null) ? componentDto.name() : null; String qualifier = (componentDto != null) ? componentDto.qualifier() : null; - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(permission, groupUuid, groupName, rootComponentUuid, - projectName, qualifier, null)); + String componentName = (componentDto != null) ? componentDto.name() : null; + auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(rootComponentUuid, + componentName, permission, groupUuid, groupName, qualifier)); } } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java index 94868a08425..663b3657e4e 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java @@ -28,7 +28,7 @@ import org.sonar.db.Dao; import org.sonar.db.DatabaseUtils; import org.sonar.db.DbSession; import org.sonar.db.audit.AuditPersister; -import org.sonar.db.audit.model.PermissionNewValue; +import org.sonar.db.audit.model.UserPermissionNewValue; import org.sonar.db.component.ComponentDto; import static com.google.common.base.Preconditions.checkArgument; @@ -113,37 +113,36 @@ public class UserPermissionDao implements Dao { return mapper(session).selectUserUuidsWithPermissionOnProjectBut(projectUuid, permission); } - public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable ComponentDto componentDto) { + public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable String userLogin, @Nullable ComponentDto componentDto) { mapper(dbSession).insert(dto); if (auditPersister != null) { String componentName = (componentDto != null) ? componentDto.name() : null; String qualifier = (componentDto != null) ? componentDto.qualifier() : null; - auditPersister.addUserPermission(dbSession, new PermissionNewValue(dto, componentName, qualifier)); + auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, componentName, userLogin, qualifier)); } } /** * Removes a single global permission from user */ - public void deleteGlobalPermission(DbSession dbSession, String userUuid, String permission) { + public void deleteGlobalPermission(DbSession dbSession, String userUuid, String userLogin, String permission) { int deletedRows = mapper(dbSession).deleteGlobalPermission(userUuid, permission); if (deletedRows > 0 && auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, null, - null, null, null, userUuid)); + auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, null, null, userUuid, userLogin, null)); } } /** * Removes a single project permission from user */ - public void deleteProjectPermission(DbSession dbSession, String userUuid, String permission, ComponentDto component) { + public void deleteProjectPermission(DbSession dbSession, String userUuid, String userLogin, String permission, ComponentDto component) { int deletedRows = mapper(dbSession).deleteProjectPermission(userUuid, permission, component.uuid()); if (deletedRows > 0 && auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, null, component.uuid(), - component.name(), component.qualifier(), userUuid)); + auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, component.uuid(), + component.name(), userUuid, userLogin, component.qualifier())); } } @@ -154,8 +153,8 @@ public class UserPermissionDao implements Dao { int deletedRows = mapper(dbSession).deleteProjectPermissions(component.uuid()); if (deletedRows > 0 && auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(null, null, null, component.uuid(), component.name(), - component.qualifier(), null)); + auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(null, + component.uuid(), component.name(), null, null, component.qualifier())); } } @@ -166,8 +165,8 @@ public class UserPermissionDao implements Dao { int deletedRows = mapper(dbSession).deleteProjectPermissionOfAnyUser(project.uuid(), permission); if (deletedRows > 0 && auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, null, project.uuid(), project.name(), - project.qualifier(), null)); + auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, project.uuid(), + project.name(), null, null, project.qualifier())); } return deletedRows; @@ -177,8 +176,7 @@ public class UserPermissionDao implements Dao { int deletedRows = mapper(dbSession).deleteByUserUuid(userUuid); if (deletedRows > 0 && auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(null, null, null, null, - null, null, userUuid)); + auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(userUuid, null)); } } diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java index 4760eb99eda..9f3d03e4aee 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java @@ -27,7 +27,7 @@ import org.sonar.core.util.Uuids; import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.audit.AuditPersister; -import org.sonar.db.audit.model.PermissionNewValue; +import org.sonar.db.audit.model.GroupPermissionNewValue; import org.sonar.db.component.ComponentDto; import org.sonar.db.user.GroupDto; @@ -46,7 +46,7 @@ public class GroupPermissionDaoWithPersisterTest { @Rule public DbTester db = DbTester.create(System2.INSTANCE, auditPersister); - private final ArgumentCaptor newValueCaptor = ArgumentCaptor.forClass(PermissionNewValue.class); + private final ArgumentCaptor newValueCaptor = ArgumentCaptor.forClass(GroupPermissionNewValue.class); private final DbSession dbSession = db.getSession(); private final GroupPermissionDao underTest = db.getDbClient().groupPermissionDao(); @@ -61,11 +61,11 @@ public class GroupPermissionDaoWithPersisterTest { underTest.insert(dbSession, dto, null); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + GroupPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, - PermissionNewValue::getGroupName, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, + GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier) .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), null, dto.getRole(), null, null); assertThat(newValue.toString()).doesNotContain("projectUuid"); @@ -74,9 +74,9 @@ public class GroupPermissionDaoWithPersisterTest { verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, - PermissionNewValue::getGroupName, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, + GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName) .containsExactly(null, group.getUuid(), group.getName(), null, ADMIN, null); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } @@ -96,11 +96,11 @@ public class GroupPermissionDaoWithPersisterTest { underTest.insert(dbSession, dto, project); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + GroupPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, - PermissionNewValue::getGroupName, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, + GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier) .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name(), "project"); assertThat(newValue.toString()).contains("componentUuid"); @@ -109,9 +109,9 @@ public class GroupPermissionDaoWithPersisterTest { verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, - PermissionNewValue::getGroupName, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, + GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName) .containsExactly(null, null, null, project.uuid(), null, project.name()); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } @@ -134,11 +134,11 @@ public class GroupPermissionDaoWithPersisterTest { underTest.insert(dbSession, dto, project); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + GroupPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, - PermissionNewValue::getGroupName, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, + GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier) .containsExactly(dto.getUuid(), null, null, project.uuid(), dto.getRole(), project.name(), "project"); assertThat(newValue.toString()).contains("componentUuid"); @@ -147,9 +147,9 @@ public class GroupPermissionDaoWithPersisterTest { verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, - PermissionNewValue::getGroupName, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, + GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName) .containsExactly(null, null, null, project.uuid(), null, project.name()); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } @@ -172,11 +172,11 @@ public class GroupPermissionDaoWithPersisterTest { underTest.insert(dbSession, dto, project); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + GroupPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, - PermissionNewValue::getGroupName, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, + GroupPermissionNewValue::getGroupName, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName, GroupPermissionNewValue::getQualifier) .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name(), "project"); assertThat(newValue.toString()).contains("componentUuid"); @@ -185,8 +185,8 @@ public class GroupPermissionDaoWithPersisterTest { verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName) + .extracting(GroupPermissionNewValue::getPermissionUuid, GroupPermissionNewValue::getGroupUuid, GroupPermissionNewValue::getComponentUuid, + GroupPermissionNewValue::getRole, GroupPermissionNewValue::getComponentName) .containsExactly(null, null, project.uuid(), ADMIN, project.name()); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java index a276c319cd4..5e7f2e61bed 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java @@ -368,19 +368,19 @@ public class UserPermissionDaoTest { addProjectPermission("perm4", user2, project2); // user2 does not have global permissions -> do nothing - underTest.deleteGlobalPermission(dbSession, user2.getUuid(), "perm1"); + underTest.deleteGlobalPermission(dbSession, user2.getUuid(), user2.getLogin(), "perm1"); assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5); // global permission is not granted -> do nothing - underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "notGranted"); + underTest.deleteGlobalPermission(dbSession, user1.getUuid(), user1.getLogin(), "notGranted"); assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5); // permission is on project -> do nothing - underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "perm3"); + underTest.deleteGlobalPermission(dbSession, user1.getUuid(), user1.getLogin(), "perm3"); assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5); // global permission exists -> delete it, but not the project permission with the same name ! - underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "perm1"); + underTest.deleteGlobalPermission(dbSession, user1.getUuid(), user1.getLogin(), "perm1"); assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where role='perm1' and component_uuid is null")).isZero(); assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4); } @@ -397,10 +397,10 @@ public class UserPermissionDaoTest { addProjectPermission("perm", user2, project1); // no such provision -> ignore - underTest.deleteProjectPermission(dbSession, user1.getUuid(), "anotherPerm", project1); + underTest.deleteProjectPermission(dbSession, user1.getUuid(), user1.getLogin(), "anotherPerm", project1); assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4); - underTest.deleteProjectPermission(dbSession, user1.getUuid(), "perm", project1); + underTest.deleteProjectPermission(dbSession, user1.getUuid(), user1.getLogin(), "perm", project1); assertThatProjectPermissionDoesNotExist(user1, "perm", project1); assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(3); } @@ -633,14 +633,14 @@ public class UserPermissionDaoTest { private UserPermissionDto addGlobalPermission(String permission, UserDto user) { UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); - underTest.insert(dbSession, dto, null); + underTest.insert(dbSession, dto, user.getLogin(), null); db.commit(); return dto; } private UserPermissionDto addProjectPermission(String permission, UserDto user, ComponentDto project) { UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); - underTest.insert(dbSession, dto, project); + underTest.insert(dbSession, dto, user.getLogin(), project); db.commit(); return dto; } diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java index c6ff53983fb..09b29070621 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java @@ -28,7 +28,7 @@ import org.sonar.core.util.Uuids; import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.audit.AuditPersister; -import org.sonar.db.audit.model.PermissionNewValue; +import org.sonar.db.audit.model.UserPermissionNewValue; import org.sonar.db.component.ComponentDto; import org.sonar.db.user.UserDto; @@ -47,7 +47,7 @@ public class UserPermissionDaoWithPersisterTest { @Rule public final DbTester db = DbTester.create(System2.INSTANCE, auditPersister); - private final ArgumentCaptor newValueCaptor = ArgumentCaptor.forClass(PermissionNewValue.class); + private final ArgumentCaptor newValueCaptor = ArgumentCaptor.forClass(UserPermissionNewValue.class); private final DbSession dbSession = db.getSession(); private final UserPermissionDao underTest = db.getDbClient().userPermissionDao(); @@ -55,24 +55,24 @@ public class UserPermissionDaoWithPersisterTest { public void userGlobalPermissionInsertAndDeleteArePersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), null); - underTest.insert(dbSession, dto, null); + underTest.insert(dbSession, dto, user.getLogin(), null); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + UserPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) - .containsExactly(dto.getUuid(), user.getUuid(), null, dto.getPermission(), null, null); + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getUserLogin, + UserPermissionNewValue::getComponentUuid, UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName, UserPermissionNewValue::getQualifier) + .containsExactly(dto.getUuid(), user.getUuid(), user.getLogin(), null, dto.getPermission(), null, null); assertThat(newValue.toString()).doesNotContain("projectUuid"); - underTest.deleteGlobalPermission(dbSession, user.getUuid(), SYSTEM_ADMIN); + underTest.deleteGlobalPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN); verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName) - .containsExactly(null, user.getUuid(), null, dto.getPermission(), null); + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getUserLogin, UserPermissionNewValue::getComponentUuid, + UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName) + .containsExactly(null, user.getUuid(), user.getLogin(), null, dto.getPermission(), null); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } @@ -80,7 +80,7 @@ public class UserPermissionDaoWithPersisterTest { public void userGlobalPermissionDeleteWithoutAffectedRowsIsNotPersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); - underTest.deleteGlobalPermission(dbSession, user.getUuid(), SYSTEM_ADMIN); + underTest.deleteGlobalPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN); verify(auditPersister).addUser(any(), any()); verifyNoMoreInteractions(auditPersister); @@ -91,24 +91,24 @@ public class UserPermissionDaoWithPersisterTest { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid()); - underTest.insert(dbSession, dto, project); + underTest.insert(dbSession, dto, user.getLogin(), project); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + UserPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) - .containsExactly(dto.getUuid(), user.getUuid(), project.uuid(), dto.getPermission(), project.name(), "project"); + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getUserLogin, UserPermissionNewValue::getComponentUuid, + UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName, UserPermissionNewValue::getQualifier) + .containsExactly(dto.getUuid(), user.getUuid(), user.getLogin(), project.uuid(), dto.getPermission(), project.name(), "project"); assertThat(newValue.toString()).contains("componentUuid"); - underTest.deleteProjectPermission(dbSession, user.getUuid(), SYSTEM_ADMIN, project); + underTest.deleteProjectPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN, project); verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName) - .containsExactly(null, user.getUuid(), project.uuid(), dto.getPermission(), project.name()); + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getUserLogin, + UserPermissionNewValue::getComponentUuid, UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName) + .containsExactly(null, user.getUuid(), user.getLogin(), project.uuid(), dto.getPermission(), project.name()); assertThat(newValue.toString()) .doesNotContain("permissionUuid"); } @@ -118,7 +118,7 @@ public class UserPermissionDaoWithPersisterTest { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); - underTest.deleteProjectPermission(dbSession, user.getUuid(), SYSTEM_ADMIN, project); + underTest.deleteProjectPermission(dbSession, user.getUuid(), user.getLogin(), SYSTEM_ADMIN, project); verify(auditPersister).addUser(any(), any()); verify(auditPersister).addComponent(any(), any(), any()); @@ -130,13 +130,13 @@ public class UserPermissionDaoWithPersisterTest { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto portfolio = db.components().insertPublicPortfolio(); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), portfolio.uuid()); - underTest.insert(dbSession, dto, portfolio); + underTest.insert(dbSession, dto, user.getLogin(), portfolio); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + UserPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getComponentUuid, + UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName, UserPermissionNewValue::getQualifier) .containsExactly(dto.getUuid(), user.getUuid(), portfolio.uuid(), dto.getPermission(), portfolio.name(), "portfolio"); assertThat(newValue.toString()) .contains("componentUuid"); @@ -147,13 +147,13 @@ public class UserPermissionDaoWithPersisterTest { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto application = db.components().insertPublicApplication(); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), application.uuid()); - underTest.insert(dbSession, dto, application); + underTest.insert(dbSession, dto, user.getLogin(), application); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + UserPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getComponentUuid, + UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName, UserPermissionNewValue::getQualifier) .containsExactly(dto.getUuid(), user.getUuid(), application.uuid(), dto.getPermission(), application.name(), "application"); assertThat(newValue.toString()) .contains("componentUuid"); @@ -164,15 +164,15 @@ public class UserPermissionDaoWithPersisterTest { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SCAN_EXECUTION, user.getUuid(), project.uuid()); - underTest.insert(dbSession, dto, project); + underTest.insert(dbSession, dto, user.getLogin(), project); underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN_EXECUTION, project); verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + UserPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) - .containsExactly(null, null, project.uuid(), SCAN_EXECUTION, project.name(), "project"); + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getUserLogin, UserPermissionNewValue::getComponentUuid, + UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName, UserPermissionNewValue::getQualifier) + .containsExactly(null, null, null, project.uuid(), SCAN_EXECUTION, project.name(), "project"); assertThat(newValue.toString()).doesNotContain("userUuid"); } @@ -191,15 +191,15 @@ public class UserPermissionDaoWithPersisterTest { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid()); - underTest.insert(dbSession, dto, project); + underTest.insert(dbSession, dto, user.getLogin(), project); underTest.deleteByUserUuid(dbSession, user.getUuid()); verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); - PermissionNewValue newValue = newValueCaptor.getValue(); + UserPermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getUserUuid, PermissionNewValue::getComponentUuid, - PermissionNewValue::getRole, PermissionNewValue::getComponentName, PermissionNewValue::getQualifier) - .containsExactly(null, user.getUuid(), null, null, null, null); + .extracting(UserPermissionNewValue::getPermissionUuid, UserPermissionNewValue::getUserUuid, UserPermissionNewValue::getUserLogin, UserPermissionNewValue::getComponentUuid, + UserPermissionNewValue::getRole, UserPermissionNewValue::getComponentName, UserPermissionNewValue::getQualifier) + .containsExactly(null, user.getUuid(), null, null, null, null, null); assertThat(newValue.toString()).contains("userUuid"); } diff --git a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java index 2a5ac2dfa86..deded9683c2 100644 --- a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java +++ b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java @@ -295,18 +295,18 @@ public class UserDbTester { @Deprecated public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) { UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); - db.getDbClient().userPermissionDao().insert(db.getSession(), dto, null); + db.getDbClient().userPermissionDao().insert(db.getSession(), dto, user.getLogin(),null); db.commit(); return dto; } public void deletePermissionFromUser(UserDto user, GlobalPermission permission) { - db.getDbClient().userPermissionDao().deleteGlobalPermission(db.getSession(), user.getUuid(), permission.getKey()); + db.getDbClient().userPermissionDao().deleteGlobalPermission(db.getSession(), user.getUuid(), user.getLogin(), permission.getKey()); db.commit(); } public void deletePermissionFromUser(ComponentDto project, UserDto user, String permission) { - db.getDbClient().userPermissionDao().deleteProjectPermission(db.getSession(), user.getUuid(), permission, project); + db.getDbClient().userPermissionDao().deleteProjectPermission(db.getSession(), user.getUuid(), user.getLogin(), permission, project); db.commit(); } @@ -318,7 +318,7 @@ public class UserDbTester { "%s can't be granted on a public project", permission); checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); - db.getDbClient().userPermissionDao().insert(db.getSession(), dto, project); + db.getDbClient().userPermissionDao().insert(db.getSession(), dto, user.getLogin(), project); db.commit(); return dto; } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java index 76c8155e945..40ddcbcfe51 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java @@ -19,16 +19,6 @@ */ package org.sonar.server.permission; -import java.text.MessageFormat; -import java.util.ArrayList; -import java.util.Collection; -import java.util.Iterator; -import java.util.List; -import java.util.Map; -import java.util.Set; -import java.util.stream.Collectors; -import javax.annotation.CheckForNull; -import javax.annotation.Nullable; import org.apache.commons.lang.StringUtils; import org.sonar.api.resources.Qualifiers; import org.sonar.api.server.ServerSide; @@ -54,6 +44,16 @@ import static java.util.Collections.singletonList; import static org.sonar.api.security.DefaultGroups.isAnyone; import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS; import static org.sonar.db.permission.GlobalPermission.SCAN; +import javax.annotation.CheckForNull; +import javax.annotation.Nullable; +import java.text.MessageFormat; +import java.util.ArrayList; +import java.util.Collection; +import java.util.Iterator; +import java.util.List; +import java.util.Map; +import java.util.Set; +import java.util.stream.Collectors; @ServerSide public class PermissionTemplateService { @@ -137,7 +137,7 @@ public class PermissionTemplateService { .filter(up -> permissionValidForProject(project, up.getPermission())) .forEach(up -> { UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), userDtoMap.get(up.getUserUuid()), project.uuid()); - dbClient.userPermissionDao().insert(dbSession, dto, project); + dbClient.userPermissionDao().insert(dbSession, dto, up.getUserLogin(), project); }); List groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, template.getUuid()); @@ -172,7 +172,7 @@ public class PermissionTemplateService { .filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission())) .forEach(c -> { UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), project.uuid()); - dbClient.userPermissionDao().insert(dbSession, dto, project); + dbClient.userPermissionDao().insert(dbSession, dto, userDto.getLogin(), project); }); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java index 35edf77c0fb..f18321bab30 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java @@ -98,7 +98,7 @@ public class UserPermissionChanger { } UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), change.getPermission(), change.getUserId().getUuid(), change.getProjectUuid()); - dbClient.userPermissionDao().insert(dbSession, dto, change.getProject()); + dbClient.userPermissionDao().insert(dbSession, dto, change.getUserId().getLogin(), change.getProject()); return true; } @@ -108,11 +108,12 @@ public class UserPermissionChanger { } checkOtherAdminsExist(dbSession, change); ComponentDto project = change.getProject(); + UserId user = change.getUserId(); if (project != null) { - dbClient.userPermissionDao().deleteProjectPermission(dbSession, change.getUserId().getUuid(), change.getPermission(), + dbClient.userPermissionDao().deleteProjectPermission(dbSession, user.getUuid(), user.getLogin(), change.getPermission(), project); } else { - dbClient.userPermissionDao().deleteGlobalPermission(dbSession, change.getUserId().getUuid(), change.getPermission()); + dbClient.userPermissionDao().deleteGlobalPermission(dbSession, user.getUuid(), user.getLogin(), change.getPermission()); } return true; } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java index 0ad2ee8c327..c860f8b9981 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java @@ -26,6 +26,8 @@ import org.sonar.api.resources.Qualifiers; import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService; +import org.sonar.api.utils.log.Logger; +import org.sonar.api.utils.log.Loggers; import org.sonar.core.util.UuidFactory; import org.sonar.core.util.Uuids; import org.sonar.db.DbClient; @@ -36,6 +38,7 @@ import org.sonar.db.component.ComponentMapper; import org.sonar.db.permission.GroupPermissionDto; import org.sonar.db.permission.UserPermissionDto; import org.sonar.db.user.GroupDto; +import org.sonar.db.user.UserDto; import org.sonar.server.component.ComponentFinder; import org.sonar.server.es.ProjectIndexer; import org.sonar.server.es.ProjectIndexers; @@ -162,8 +165,13 @@ public class UpdateVisibilityAction implements ProjectsWsAction { } private void insertProjectPermissionOnUser(DbSession dbSession, ComponentDto component, String permission, String userUuid) { + UserDto userDto = dbClient.userDao().selectByUuid(dbSession, userUuid); + String userLogin = userDto != null ? userDto.getLogin() : null; + if(userLogin == null) { + LOG.warn("Updating project permissions for user uuid " + userUuid + " which does not exist"); + } dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(Uuids.create(), permission, userUuid, component.uuid()), - component); + userLogin, component); } private void insertProjectPermissionOnGroup(DbSession dbSession, ComponentDto component, String permission, String groupUuid) { diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java index af34d9d4c6e..caf681b45d8 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java @@ -19,11 +19,6 @@ */ package org.sonar.server.project.ws; -import java.util.Arrays; -import java.util.Random; -import java.util.Set; -import java.util.stream.IntStream; -import java.util.stream.Stream; import org.junit.Rule; import org.junit.Test; import org.sonar.api.config.Configuration; @@ -73,6 +68,11 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; import static org.sonar.api.CoreProperties.CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_PROPERTY; import static org.sonar.db.component.ComponentTesting.newProjectCopy; +import java.util.Arrays; +import java.util.Random; +import java.util.Set; +import java.util.stream.IntStream; +import java.util.stream.Stream; public class UpdateVisibilityActionTest { private static final String PARAM_VISIBILITY = "visibility"; @@ -489,6 +489,28 @@ public class UpdateVisibilityActionTest { .isEmpty(); } + @Test + public void update_a_portfolio_to_private_givenWeCanFindUserByUUID_stillUpdatePermissions() { + ComponentDto portfolio = dbTester.components().insertPublicPortfolio(); + GroupDto group = dbTester.users().insertGroup(); + dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, portfolio); + UserDto userDto = mock(UserDto.class); + when(userDto.getUuid()).thenReturn("uuid"); + when(userDto.getLogin()).thenReturn("login"); + dbTester.users().insertProjectPermissionOnUser(userDto, UserRole.ADMIN, portfolio); + userSessionRule.addProjectPermission(UserRole.ADMIN, portfolio); + + request.setParam(PARAM_PROJECT, portfolio.getDbKey()) + .setParam(PARAM_VISIBILITY, PRIVATE) + .execute(); + + assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.uuid()).get().isPrivate()).isTrue(); + assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), portfolio.uuid())) + .containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); + assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, "uuid", portfolio.uuid())) + .containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ADMIN); + } + @Test public void update_a_portfolio_to_private() { ComponentDto portfolio = dbTester.components().insertPublicPortfolio(); @@ -630,7 +652,7 @@ public class UpdateVisibilityActionTest { private void unsafeInsertProjectPermissionOnUser(ComponentDto component, UserDto user, String permission) { UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), component.uuid()); - dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto, component); + dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto, user.getLogin(), component); dbTester.commit(); }