From 2db16d6c36f6e1355353042027fbdefa281e9de1 Mon Sep 17 00:00:00 2001
From: Julien Lancelot <julien.lancelot@sonarsource.com>
Date: Tue, 19 Apr 2016 08:17:14 +0200
Subject: [PATCH] Add comment on query to keep authorized users for a project
 and a role

Anyone permission cannot be taking into by this method
---
 .../org/sonar/db/user/AuthorizationDao.java   |  4 +++
 .../sonar/db/user/AuthorizationDaoTest.java   |  4 +--
 ...ers_for_role_and_project_for_anomymous.xml | 18 -------------
 ...ers_for_role_and_project_for_anonymous.xml | 26 +++++++------------
 4 files changed, 15 insertions(+), 37 deletions(-)
 delete mode 100644 sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml

diff --git a/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java b/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java
index 446f810af85..41774598a70 100644
--- a/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java
@@ -60,6 +60,10 @@ public class AuthorizationDao implements Dao {
     });
   }
 
+  /**
+   * Keep only authorized user that have the given permission on a given project.
+   * Please Note that if the permission is 'Anyone' is NOT taking into account by thie method.
+   */
   public Collection<Long> keepAuthorizedUsersForRoleAndProject(final DbSession session, final Collection<Long> userIds, final String role, final long projectId) {
     return DatabaseUtils.executeLargeInputs(userIds, new SelectUsersByPermissionAndProject(session.getMapper(AuthorizationMapper.class), role, projectId));
   }
diff --git a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
index 328eb7c58dc..ed1a5747d14 100644
--- a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java
@@ -313,12 +313,12 @@ public class AuthorizationDaoTest {
   }
 
   @Test
-  public void keep_authorized_users_for_role_and_project_for_anonymous() {
+  public void keep_authorized_users_returns_empty_list_for_role_and_project_for_anonymous() {
     dbTester.prepareDbUnit(getClass(), "keep_authorized_users_for_role_and_project_for_anonymous.xml");
 
     assertThat(authorization.keepAuthorizedUsersForRoleAndProject(dbTester.getSession(),
       // Only 100 and 101 has 'user' role on project
-      newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).containsOnly(100L, 101L);
+      newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).isEmpty();
   }
 
 }
diff --git a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml
deleted file mode 100644
index 4de4f328925..00000000000
--- a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml
+++ /dev/null
@@ -1,18 +0,0 @@
-<dataset>
-
-  <!-- users 100 and 101 have no direct grant access, but are in the group 200 that has the role "user" on the project 300  -->
-  <user_roles id="1" user_id="100" resource_id="999" role="user"/>
-  <user_roles id="2" user_id="101" resource_id="999" role="user"/>
-  <user_roles id="3" user_id="102" resource_id="999" role="user"/>
-
-  <groups_users user_id="100" group_id="200"/>
-  <groups_users user_id="101" group_id="200"/>
-  <groups_users user_id="102" group_id="201"/>
-
-  <group_roles id="1" group_id="[null]" resource_id="300" role="user"/>
-  <group_roles id="2" group_id="201" resource_id="400" role="user"/>
-
-  <projects id="300" kee="pj-w-snapshot" uuid="DEFG" module_uuid="[null]"/>
-  <projects id="400" kee="pj-wo-snapshot" uuid="EFGH" module_uuid="[null]"/>
-
-</dataset>
diff --git a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml
index 491e1f8405d..4de4f328925 100644
--- a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml
+++ b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml
@@ -1,26 +1,18 @@
 <dataset>
 
-  <!-- Users 100 and 101 are 'user' on project 300 -->
-  <user_roles id="1" user_id="100" resource_id="300" role="user"/>
-  <user_roles id="2" user_id="101" resource_id="300" role="user"/>
-  <user_roles id="3" user_id="102" resource_id="300" role="admin"/>
-  <!-- User 100 is 'user' on project 400 -->
-  <user_roles id="4" user_id="100" resource_id="400" role="user"/>
+  <!-- users 100 and 101 have no direct grant access, but are in the group 200 that has the role "user" on the project 300  -->
+  <user_roles id="1" user_id="100" resource_id="999" role="user"/>
+  <user_roles id="2" user_id="101" resource_id="999" role="user"/>
+  <user_roles id="3" user_id="102" resource_id="999" role="user"/>
 
   <groups_users user_id="100" group_id="200"/>
-  <group_roles id="1" group_id="200" resource_id="400" role="user"/>
+  <groups_users user_id="101" group_id="200"/>
+  <groups_users user_id="102" group_id="201"/>
+
+  <group_roles id="1" group_id="[null]" resource_id="300" role="user"/>
+  <group_roles id="2" group_id="201" resource_id="400" role="user"/>
 
   <projects id="300" kee="pj-w-snapshot" uuid="DEFG" module_uuid="[null]"/>
   <projects id="400" kee="pj-wo-snapshot" uuid="EFGH" module_uuid="[null]"/>
 
-
-  <!-- user 100 has no direct grant access, but is in the group 200 that has the role "user"
-    on the project 300  -->
-  <!--<user_roles id="1" user_id="100" resource_id="999" role="user"/>-->
-
-  <!--<groups_users user_id="100" group_id="200"/>-->
-
-  <!--<group_roles id="1" group_id="200" resource_id="300" role="user"/>-->
-  <!--<group_roles id="2" group_id="200" resource_id="400" role="user"/>-->
-
 </dataset>
-- 
2.39.5