From 21d26b2b4dbc8d47e9972f45d402f86448b47f48 Mon Sep 17 00:00:00 2001 From: Simon Brandhof Date: Thu, 12 Jul 2012 00:08:27 +0200 Subject: [PATCH] Improve and refactor the ResourcePermissions component --- .../org/sonar/plugins/core/CorePlugin.java | 4 +- .../security/ApplyProjectRolesDecorator.java | 12 ++-- ...g.java => DefaultResourcePermissions.java} | 22 ++++--- .../ApplyProjectRolesDecoratorTest.java | 20 +++---- ...va => DefaultResourcePermissionsTest.java} | 60 ++++++++++++------- .../grantDefaultRoles-result.xml | 0 .../grantDefaultRoles.xml | 0 ...grantDefaultRoles_unknown_group-result.xml | 0 .../grantDefaultRoles_unknown_group.xml | 0 .../grantDefaultRoles_users-result.xml | 0 .../grantDefaultRoles_users.xml | 0 .../grantGroupRole-result.xml | 2 +- .../grantGroupRole.xml | 0 .../grantGroupRole_anyone-result.xml | 0 .../grantGroupRole_anyone.xml | 0 ...pRole_ignore_if_group_not_found-result.xml | 0 ...antGroupRole_ignore_if_group_not_found.xml | 0 ...oupRole_ignore_if_not_persisted-result.xml | 0 ...grantGroupRole_ignore_if_not_persisted.xml | 0 .../grantUserRole-result.xml | 6 ++ .../grantUserRole.xml | 3 + .../hasRoles.xml | 0 .../java/org/sonar/core/user/RoleMapper.java | 4 ++ .../org/sonar/core/user/RoleMapper.xml | 16 +++++ ...ssioning.java => ResourcePermissions.java} | 2 +- 25 files changed, 101 insertions(+), 50 deletions(-) rename plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/{DefaultResourcePermissioning.java => DefaultResourcePermissions.java} (86%) rename plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest.java => DefaultResourcePermissionsTest.java} (59%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantDefaultRoles-result.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantDefaultRoles.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantDefaultRoles_unknown_group-result.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantDefaultRoles_unknown_group.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantDefaultRoles_users-result.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantDefaultRoles_users.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole-result.xml (55%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole_anyone-result.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole_anyone.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole_ignore_if_group_not_found-result.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole_ignore_if_group_not_found.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole_ignore_if_not_persisted-result.xml (100%) rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/grantGroupRole_ignore_if_not_persisted.xml (100%) create mode 100644 plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole-result.xml create mode 100644 plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole.xml rename plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/{DefaultResourcePermissioningTest => DefaultResourcePermissionsTest}/hasRoles.xml (100%) rename sonar-plugin-api/src/main/java/org/sonar/api/security/{ResourcePermissioning.java => ResourcePermissions.java} (95%) diff --git a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java index cad94d72a16..6e8241b91f4 100644 --- a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java +++ b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/CorePlugin.java @@ -36,7 +36,7 @@ import org.sonar.plugins.core.filters.MyFavouritesFilter; import org.sonar.plugins.core.filters.ProjectFilter; import org.sonar.plugins.core.filters.TreeMapFilter; import org.sonar.plugins.core.security.ApplyProjectRolesDecorator; -import org.sonar.plugins.core.security.DefaultResourcePermissioning; +import org.sonar.plugins.core.security.DefaultResourcePermissions; import org.sonar.plugins.core.sensors.*; import org.sonar.plugins.core.testdetailsviewer.TestsViewerDefinition; import org.sonar.plugins.core.timemachine.*; @@ -306,7 +306,7 @@ public final class CorePlugin extends SonarPlugin { ItLineCoverageDecorator.class, ItCoverageDecorator.class, ItBranchCoverageDecorator.class, - DefaultResourcePermissioning.class, + DefaultResourcePermissions.class, ApplyProjectRolesDecorator.class, ExcludedResourceFilter.class, CommentDensityDecorator.class, diff --git a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java index 332014b1bd0..fc5e21bc95f 100644 --- a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java +++ b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/ApplyProjectRolesDecorator.java @@ -26,17 +26,17 @@ import org.sonar.api.batch.DecoratorContext; import org.sonar.api.resources.Project; import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.Resource; -import org.sonar.api.security.ResourcePermissioning; +import org.sonar.api.security.ResourcePermissions; import java.util.Set; public class ApplyProjectRolesDecorator implements Decorator { - private final ResourcePermissioning resourcePermissioning; + private final ResourcePermissions resourcePermissions; private final Set QUALIFIERS = ImmutableSet.of(Qualifiers.PROJECT, Qualifiers.VIEW, Qualifiers.SUBVIEW); - public ApplyProjectRolesDecorator(ResourcePermissioning resourcePermissioning) { - this.resourcePermissioning = resourcePermissioning; + public ApplyProjectRolesDecorator(ResourcePermissions resourcePermissions) { + this.resourcePermissions = resourcePermissions; } public boolean shouldExecuteOnProject(Project project) { @@ -46,12 +46,12 @@ public class ApplyProjectRolesDecorator implements Decorator { public void decorate(Resource resource, DecoratorContext context) { if (shouldDecorateResource(resource)) { LoggerFactory.getLogger(ApplyProjectRolesDecorator.class).info("Grant default permissions to {}", resource.getKey()); - resourcePermissioning.grantDefaultRoles(resource); + resourcePermissions.grantDefaultRoles(resource); } } private boolean shouldDecorateResource(Resource resource) { - return resource.getId() != null && QUALIFIERS.contains(resource.getQualifier()) && !resourcePermissioning.hasRoles(resource); + return resource.getId() != null && QUALIFIERS.contains(resource.getQualifier()) && !resourcePermissions.hasRoles(resource); } } diff --git a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissioning.java b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissions.java similarity index 86% rename from plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissioning.java rename to plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissions.java index dbb0313fd3f..67069da3a36 100644 --- a/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissioning.java +++ b/plugins/sonar-core-plugin/src/main/java/org/sonar/plugins/core/security/DefaultResourcePermissions.java @@ -24,7 +24,7 @@ import org.sonar.api.BatchExtension; import org.sonar.api.config.Settings; import org.sonar.api.resources.Resource; import org.sonar.api.security.DefaultGroups; -import org.sonar.api.security.ResourcePermissioning; +import org.sonar.api.security.ResourcePermissions; import org.sonar.api.web.UserRole; import org.sonar.core.persistence.MyBatis; import org.sonar.core.user.*; @@ -32,12 +32,12 @@ import org.sonar.core.user.*; /** * @since 3.2 */ -public class DefaultResourcePermissioning implements ResourcePermissioning, BatchExtension { +public class DefaultResourcePermissions implements ResourcePermissions, BatchExtension { private final Settings settings; private final MyBatis myBatis; - public DefaultResourcePermissioning(Settings settings, MyBatis myBatis) { + public DefaultResourcePermissions(Settings settings, MyBatis myBatis) { this.settings = settings; this.myBatis = myBatis; } @@ -66,8 +66,10 @@ public class DefaultResourcePermissioning implements ResourcePermissioning, Batc UserRoleDto userRole = new UserRoleDto() .setRole(role) .setUserId(user.getId()) - .setResourceId(Long.valueOf(resource.getId())); - session.getMapper(RoleMapper.class).insertUserRole(userRole); + .setResourceId(Long.valueOf(resource.getId())); + RoleMapper roleMapper = session.getMapper(RoleMapper.class); + roleMapper.deleteUserRole(userRole); + roleMapper.insertUserRole(userRole); session.commit(); } } finally { @@ -82,14 +84,18 @@ public class DefaultResourcePermissioning implements ResourcePermissioning, Batc try { GroupRoleDto groupRole = new GroupRoleDto() .setRole(role) - .setResourceId(Long.valueOf(resource.getId())); + .setResourceId(Long.valueOf(resource.getId())); + RoleMapper roleMapper = session.getMapper(RoleMapper.class); if (DefaultGroups.isAnyone(groupName)) { - session.getMapper(RoleMapper.class).insertGroupRole(groupRole); + roleMapper.deleteGroupRole(groupRole); + roleMapper.insertGroupRole(groupRole); session.commit(); } else { GroupDto group = session.getMapper(UserMapper.class).selectGroupByName(groupName); if (group != null) { - session.getMapper(RoleMapper.class).insertGroupRole(groupRole.setGroupId(group.getId())); + groupRole.setGroupId(group.getId()); + roleMapper.deleteGroupRole(groupRole); + roleMapper.insertGroupRole(groupRole); session.commit(); } } diff --git a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java index beccb6585cf..fae6c26ce5d 100644 --- a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java +++ b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/ApplyProjectRolesDecoratorTest.java @@ -22,20 +22,20 @@ package org.sonar.plugins.core.security; import org.junit.Before; import org.junit.Test; import org.sonar.api.resources.Project; -import org.sonar.api.security.ResourcePermissioning; +import org.sonar.api.security.ResourcePermissions; import static org.fest.assertions.Assertions.assertThat; import static org.mockito.Mockito.*; public class ApplyProjectRolesDecoratorTest { - private ResourcePermissioning resourcePermissioning; + private ResourcePermissions resourcePermissions; private ApplyProjectRolesDecorator decorator; @Before public void init() { - resourcePermissioning = mock(ResourcePermissioning.class); - decorator = new ApplyProjectRolesDecorator(resourcePermissioning); + resourcePermissions = mock(ResourcePermissions.class); + decorator = new ApplyProjectRolesDecorator(resourcePermissions); } @Test @@ -47,11 +47,11 @@ public class ApplyProjectRolesDecoratorTest { public void doNotGrantDefaultRolesWhenExistingPermissions() { Project project = new Project("project"); project.setId(10); - when(resourcePermissioning.hasRoles(project)).thenReturn(true); + when(resourcePermissions.hasRoles(project)).thenReturn(true); decorator.decorate(project, null); - verify(resourcePermissioning, never()).grantDefaultRoles(project); + verify(resourcePermissions, never()).grantDefaultRoles(project); } @Test @@ -59,22 +59,22 @@ public class ApplyProjectRolesDecoratorTest { Project project = new Project("project"); Project module = new Project("module").setParent(project); module.setId(10); - when(resourcePermissioning.hasRoles(project)).thenReturn(false); + when(resourcePermissions.hasRoles(project)).thenReturn(false); decorator.decorate(module, null); - verify(resourcePermissioning, never()).grantDefaultRoles(module); + verify(resourcePermissions, never()).grantDefaultRoles(module); } @Test public void grantDefaultRolesWhenNoPermissions() { Project project = new Project("project"); project.setId(10); - when(resourcePermissioning.hasRoles(project)).thenReturn(false); + when(resourcePermissions.hasRoles(project)).thenReturn(false); decorator.decorate(project, null); - verify(resourcePermissioning).grantDefaultRoles(project); + verify(resourcePermissions).grantDefaultRoles(project); } } diff --git a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissioningTest.java b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissionsTest.java similarity index 59% rename from plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissioningTest.java rename to plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissionsTest.java index 50afeaaf526..319c9b1d27e 100644 --- a/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissioningTest.java +++ b/plugins/sonar-core-plugin/src/test/java/org/sonar/plugins/core/security/DefaultResourcePermissionsTest.java @@ -28,7 +28,7 @@ import org.sonar.core.persistence.AbstractDaoTestCase; import static org.fest.assertions.Assertions.assertThat; -public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { +public class DefaultResourcePermissionsTest extends AbstractDaoTestCase { private Resource project = new Project("project").setId(123); @@ -36,18 +36,21 @@ public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { public void grantGroupRole() { setupData("grantGroupRole"); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis()); - permissioning.grantGroupRole(project, "sonar-administrators", "admin"); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis()); + permissions.grantGroupRole(project, "sonar-administrators", "admin"); - checkTables("grantGroupRole", "group_roles"); + // do not insert duplicated rows + permissions.grantGroupRole(project, "sonar-administrators", "admin"); + + checkColumns("grantGroupRole", "group_roles", "group_id", "resource_id", "role"); } @Test public void grantGroupRole_anyone() { setupData("grantGroupRole_anyone"); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis()); - permissioning.grantGroupRole(project, DefaultGroups.ANYONE, "admin"); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis()); + permissions.grantGroupRole(project, DefaultGroups.ANYONE, "admin"); checkTables("grantGroupRole_anyone", "group_roles"); } @@ -56,8 +59,8 @@ public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { public void grantGroupRole_ignore_if_group_not_found() { setupData("grantGroupRole_ignore_if_group_not_found"); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis()); - permissioning.grantGroupRole(project, "not_found", "admin"); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis()); + permissions.grantGroupRole(project, "not_found", "admin"); checkTables("grantGroupRole_ignore_if_group_not_found", "group_roles"); } @@ -66,13 +69,26 @@ public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { public void grantGroupRole_ignore_if_not_persisted() { setupData("grantGroupRole_ignore_if_not_persisted"); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis()); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis()); Project resourceWithoutId = new Project(""); - permissioning.grantGroupRole(resourceWithoutId, "sonar-users", "admin"); + permissions.grantGroupRole(resourceWithoutId, "sonar-users", "admin"); checkTables("grantGroupRole_ignore_if_not_persisted", "group_roles"); } + @Test + public void grantUserRole() { + setupData("grantUserRole"); + + DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis()); + permissions.grantUserRole(project, "marius", "admin"); + + // do not insert duplicated rows + permissions.grantUserRole(project, "marius", "admin"); + + checkColumns("grantUserRole", "user_roles", "user_id", "resource_id", "role"); + } + @Test public void grantDefaultRoles() { setupData("grantDefaultRoles"); @@ -84,9 +100,9 @@ public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { settings.setProperty("sonar.role.user.TRK.defaultUsers", ""); settings.setProperty("sonar.role.codeviewer.TRK.defaultGroups", "Anyone,sonar-users"); settings.setProperty("sonar.role.codeviewer.TRK.defaultUsers", ""); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(settings, getMyBatis()); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(settings, getMyBatis()); - permissioning.grantDefaultRoles(project); + permissions.grantDefaultRoles(project); checkTables("grantDefaultRoles", "user_roles", "group_roles"); } @@ -97,8 +113,8 @@ public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { Settings settings = new Settings(); settings.setProperty("sonar.role.admin.TRK.defaultGroups", "sonar-administrators,unknown"); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(settings, getMyBatis()); - permissioning.grantDefaultRoles(project); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(settings, getMyBatis()); + permissions.grantDefaultRoles(project); checkTables("grantDefaultRoles_unknown_group", "group_roles"); } @@ -109,8 +125,8 @@ public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { Settings settings = new Settings(); settings.setProperty("sonar.role.admin.TRK.defaultUsers", "marius,disabled,notfound"); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(settings, getMyBatis()); - permissioning.grantDefaultRoles(project); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(settings, getMyBatis()); + permissions.grantDefaultRoles(project); checkTables("grantDefaultRoles_users", "user_roles"); } @@ -118,21 +134,21 @@ public class DefaultResourcePermissioningTest extends AbstractDaoTestCase { @Test public void hasRoles() { setupData("hasRoles"); - DefaultResourcePermissioning permissioning = new DefaultResourcePermissioning(new Settings(), getMyBatis()); + DefaultResourcePermissions permissions = new DefaultResourcePermissions(new Settings(), getMyBatis()); // no groups and at least one user - assertThat(permissioning.hasRoles(new Project("only_users").setId(1))).isTrue(); + assertThat(permissions.hasRoles(new Project("only_users").setId(1))).isTrue(); // no users and at least one group - assertThat(permissioning.hasRoles(new Project("only_groups").setId(2))).isTrue(); + assertThat(permissions.hasRoles(new Project("only_groups").setId(2))).isTrue(); // groups and users - assertThat(permissioning.hasRoles(new Project("groups_and_users").setId(3))).isTrue(); + assertThat(permissions.hasRoles(new Project("groups_and_users").setId(3))).isTrue(); // no groups, no users - assertThat(permissioning.hasRoles(new Project("no_groups_no_users").setId(4))).isFalse(); + assertThat(permissions.hasRoles(new Project("no_groups_no_users").setId(4))).isFalse(); // does not exist - assertThat(permissioning.hasRoles(new Project("not_found"))).isFalse(); + assertThat(permissions.hasRoles(new Project("not_found"))).isFalse(); } } \ No newline at end of file diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles-result.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles-result.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles-result.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group-result.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group-result.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group-result.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_unknown_group.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_unknown_group.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users-result.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users-result.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users-result.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantDefaultRoles_users.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantDefaultRoles_users.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole-result.xml similarity index 55% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole-result.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole-result.xml index db7b21199a5..9d3ae472eb6 100644 --- a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole-result.xml +++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole-result.xml @@ -2,5 +2,5 @@ - + \ No newline at end of file diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone-result.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone-result.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone-result.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_anyone.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_anyone.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found-result.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found-result.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found-result.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_group_not_found.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_group_not_found.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted-result.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted-result.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted-result.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/grantGroupRole_ignore_if_not_persisted.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantGroupRole_ignore_if_not_persisted.xml diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole-result.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole-result.xml new file mode 100644 index 00000000000..7f154cd1915 --- /dev/null +++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole-result.xml @@ -0,0 +1,6 @@ + + + + + + \ No newline at end of file diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole.xml new file mode 100644 index 00000000000..d513321d554 --- /dev/null +++ b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/grantUserRole.xml @@ -0,0 +1,3 @@ + + + \ No newline at end of file diff --git a/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/hasRoles.xml b/plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/hasRoles.xml similarity index 100% rename from plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissioningTest/hasRoles.xml rename to plugins/sonar-core-plugin/src/test/resources/org/sonar/plugins/core/security/DefaultResourcePermissionsTest/hasRoles.xml diff --git a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java index 79e83c766be..9b7abc5a9bc 100644 --- a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java +++ b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java @@ -28,6 +28,10 @@ public interface RoleMapper { void insertUserRole(UserRoleDto userRole); + void deleteUserRole(UserRoleDto userRole); + + void deleteGroupRole(GroupRoleDto groupRole); + void deleteGroupRolesByResourceId(Long resourceId); void deleteUserRolesByResourceId(Long resourceId); diff --git a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml index 720a7690d4e..bbef4611eed 100644 --- a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml +++ b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml @@ -31,6 +31,22 @@ VALUES (#{id}, #{userId}, #{resourceId}, #{role}) + + delete from group_roles where resource_id=#{resourceId} and role=#{role} + + + and group_id=#{groupId} + + + and group_id is null + + + + + + delete from user_roles where resource_id=#{resourceId} and user_id=#{userId} and role=#{role} + + delete from group_roles where resource_id=#{id} diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissioning.java b/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java similarity index 95% rename from sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissioning.java rename to sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java index 270dd52f8d3..e63d963455d 100644 --- a/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissioning.java +++ b/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java @@ -29,7 +29,7 @@ import org.sonar.api.resources.Resource; * * @since 3.2 */ -public interface ResourcePermissioning extends BatchComponent { +public interface ResourcePermissions extends BatchComponent { boolean hasRoles(Resource resource); -- 2.39.5