From 3a250934c669b497e4c115740ed5a3418ef81fdc Mon Sep 17 00:00:00 2001 From: =?utf8?q?L=C3=A9o=20Geoffroy?= Date: Mon, 5 Jun 2023 16:52:09 +0200 Subject: [PATCH] SONAR-19445 Rename AuthorizationDao methods to use entity instead --- .../db/permission/AuthorizationDaoIT.java | 336 +++++++++--------- .../sonar/db/permission/AuthorizationDao.java | 34 +- .../db/permission/AuthorizationMapper.java | 12 +- .../db/permission/AuthorizationMapper.xml | 50 +-- .../DefaultNotificationManager.java | 2 +- .../DefaultNotificationManagerTest.java | 49 ++- .../sonar/server/user/ServerUserSession.java | 10 +- .../sonar/server/hotspot/ws/AssignAction.java | 2 +- .../server/notification/ws/ListAction.java | 2 +- .../server/qualitygate/ws/SearchAction.java | 2 +- .../qualityprofile/ws/ProjectsAction.java | 2 +- 11 files changed, 248 insertions(+), 253 deletions(-) diff --git a/server/sonar-db-dao/src/it/java/org/sonar/db/permission/AuthorizationDaoIT.java b/server/sonar-db-dao/src/it/java/org/sonar/db/permission/AuthorizationDaoIT.java index 1842fec46d2..c3e8b273655 100644 --- a/server/sonar-db-dao/src/it/java/org/sonar/db/permission/AuthorizationDaoIT.java +++ b/server/sonar-db-dao/src/it/java/org/sonar/db/permission/AuthorizationDaoIT.java @@ -67,8 +67,8 @@ public class AuthorizationDaoIT { private UserDto user; private GroupDto group1; private GroupDto group2; - private Set randomPublicProjectUuids; - private Set randomPrivateProjectUuids; + private Set randomPublicEntityUuids; + private Set randomPrivateEntityUuids; private Set randomExistingUserUuids; private String randomPermission = "p" + random.nextInt(); @@ -80,10 +80,10 @@ public class AuthorizationDaoIT { randomExistingUserUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) .mapToObj(i -> db.users().insertUser().getUuid()) .collect(MoreCollectors.toSet()); - randomPublicProjectUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) + randomPublicEntityUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) .mapToObj(i -> db.components().insertPublicProject().getProjectDto().getUuid()) .collect(MoreCollectors.toSet()); - randomPrivateProjectUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) + randomPrivateEntityUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) .mapToObj(i -> db.components().insertPrivateProject().getProjectDto().getUuid()) .collect(MoreCollectors.toSet()); } @@ -217,200 +217,200 @@ public class AuthorizationDaoIT { } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_group_AnyOne_if_project_set_is_empty_on_public_project() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, Collections.emptySet(), null, UserRole.USER)) + public void keepAuthorizedEntityUuids_returns_empty_for_group_AnyOne_if_project_set_is_empty_on_public_project() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, Collections.emptySet(), null, UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_user_if_project_set_is_empty_on_public_project() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, Collections.emptySet(), user.getUuid(), UserRole.USER)) + public void keepAuthorizedEntityUuids_returns_empty_for_user_if_project_set_is_empty_on_public_project() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, Collections.emptySet(), user.getUuid(), UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_group_AnyOne_for_non_existent_projects() { + public void keepAuthorizedEntityUuids_returns_empty_for_group_AnyOne_for_non_existent_projects() { Set randomNonProjectsSet = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) .mapToObj(i -> Integer.toString(3_562 + i)) .collect(MoreCollectors.toSet()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomNonProjectsSet, null, UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomNonProjectsSet, null, UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_user_for_non_existent_projects() { + public void keepAuthorizedEntityUuids_returns_empty_for_user_for_non_existent_projects() { Set randomNonProjectsSet = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) .mapToObj(i -> Integer.toString(9_666 + i)) .collect(MoreCollectors.toSet()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomNonProjectsSet, user.getUuid(), UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomNonProjectsSet, user.getUuid(), UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_any_public_project_for_group_AnyOne_without_any_permission_in_DB_and_permission_USER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPublicProjectUuids, null, UserRole.USER)) - .containsAll(randomPublicProjectUuids); + public void keepAuthorizedEntityUuids_returns_any_public_project_for_group_AnyOne_without_any_permission_in_DB_and_permission_USER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPublicEntityUuids, null, UserRole.USER)) + .containsAll(randomPublicEntityUuids); } @Test - public void keepAuthorizedProjectUuids_returns_any_public_project_for_user_without_any_permission_in_DB_and_permission_USER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPublicProjectUuids, user.getUuid(), UserRole.USER)) - .containsAll(randomPublicProjectUuids); + public void keepAuthorizedEntityUuids_returns_any_public_project_for_user_without_any_permission_in_DB_and_permission_USER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPublicEntityUuids, user.getUuid(), UserRole.USER)) + .containsAll(randomPublicEntityUuids); } @Test - public void keepAuthorizedProjectUuids_returns_any_public_project_for_group_AnyOne_without_any_permission_in_DB_and_permission_CODEVIEWER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPublicProjectUuids, null, UserRole.CODEVIEWER)) - .containsAll(randomPublicProjectUuids); + public void keepAuthorizedEntityUuids_returns_any_public_project_for_group_AnyOne_without_any_permission_in_DB_and_permission_CODEVIEWER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPublicEntityUuids, null, UserRole.CODEVIEWER)) + .containsAll(randomPublicEntityUuids); } @Test - public void keepAuthorizedProjectUuids_returns_any_public_project_for_user_without_any_permission_in_DB_and_permission_CODEVIEWER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPublicProjectUuids, user.getUuid(), UserRole.CODEVIEWER)) - .containsAll(randomPublicProjectUuids); + public void keepAuthorizedEntityUuids_returns_any_public_project_for_user_without_any_permission_in_DB_and_permission_CODEVIEWER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPublicEntityUuids, user.getUuid(), UserRole.CODEVIEWER)) + .containsAll(randomPublicEntityUuids); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_other_permission_for_group_AnyOne_on_public_project_without_any_permission_in_DB() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPublicProjectUuids, null, randomPermission)) + public void keepAuthorizedEntityUuids_returns_empty_for_other_permission_for_group_AnyOne_on_public_project_without_any_permission_in_DB() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPublicEntityUuids, null, randomPermission)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_any_permission_for_user_on_public_project_without_any_permission_in_DB() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPublicProjectUuids, user.getUuid(), randomPermission)) + public void keepAuthorizedEntityUuids_returns_empty_for_any_permission_for_user_on_public_project_without_any_permission_in_DB() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPublicEntityUuids, user.getUuid(), randomPermission)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_public_project_if_user_is_granted_project_permission_directly() { + public void keepAuthorizedEntityUuids_returns_public_project_if_user_is_granted_project_permission_directly() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); UserDto otherUser = db.users().insertUser(); db.users().insertProjectPermissionOnUser(user, randomPermission, project); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), otherUser.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), otherUser.getUuid(), randomPermission)) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(otherProject.getUuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(otherProject.getUuid()), user.getUuid(), randomPermission)) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), user.getUuid(), randomPermission)) .containsOnly(project.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), user.getUuid(), "another perm")) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), user.getUuid(), "another perm")) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_public_project_if_user_is_granted_project_permission_by_group() { + public void keepAuthorizedEntityUuids_returns_public_project_if_user_is_granted_project_permission_by_group() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); ComponentDto otherProject = db.components().insertPublicProject().getMainBranchComponent(); UserDto otherUser = db.users().insertUser(); db.users().insertMember(group1, user); db.users().insertProjectPermissionOnGroup(group1, randomPermission, project); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), user.getUuid(), randomPermission)) .containsOnly(project.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(otherProject.uuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(otherProject.uuid()), user.getUuid(), randomPermission)) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), otherUser.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), otherUser.getUuid(), randomPermission)) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), user.getUuid(), "another perm")) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), user.getUuid(), "another perm")) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_public_project_if_group_AnyOne_is_granted_project_permission_directly() { + public void keepAuthorizedEntityUuids_returns_public_project_if_group_AnyOne_is_granted_project_permission_directly() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); db.users().insertProjectPermissionOnAnyone(randomPermission, project); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), null, randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), null, randomPermission)) .containsOnly(project.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), null, "another perm")) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), null, "another perm")) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(otherProject.getUuid()), null, randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(otherProject.getUuid()), null, randomPermission)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_user_on_private_project_without_any_permission_in_DB_and_permission_USER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, user.getUuid(), UserRole.USER)) + public void keepAuthorizedEntityUuids_returns_empty_for_user_on_private_project_without_any_permission_in_DB_and_permission_USER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, user.getUuid(), UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_group_AnyOne_on_private_project_without_any_permission_in_DB_and_permission_USER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, null, UserRole.USER)) + public void keepAuthorizedEntityUuids_returns_empty_for_group_AnyOne_on_private_project_without_any_permission_in_DB_and_permission_USER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, null, UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_user_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, user.getUuid(), UserRole.CODEVIEWER)) + public void keepAuthorizedEntityUuids_returns_empty_for_user_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, user.getUuid(), UserRole.CODEVIEWER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_group_AnyOne_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, null, UserRole.CODEVIEWER)) + public void keepAuthorizedEntityUuids_returns_empty_for_group_AnyOne_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, null, UserRole.CODEVIEWER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_user_and_any_permission_on_private_project_without_any_permission_in_DB() { + public void keepAuthorizedEntityUuids_returns_empty_for_user_and_any_permission_on_private_project_without_any_permission_in_DB() { PermissionsTestHelper.ALL_PERMISSIONS .forEach(perm -> { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, user.getUuid(), perm)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, user.getUuid(), perm)) .isEmpty(); }); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, user.getUuid(), randomPermission)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_for_group_AnyOne_and_any_permission_on_private_project_without_any_permission_in_DB() { + public void keepAuthorizedEntityUuids_returns_empty_for_group_AnyOne_and_any_permission_on_private_project_without_any_permission_in_DB() { PermissionsTestHelper.ALL_PERMISSIONS .forEach(perm -> { - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, null, perm)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, null, perm)) .isEmpty(); }); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, randomPrivateProjectUuids, null, randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, randomPrivateEntityUuids, null, randomPermission)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_private_project_if_user_is_granted_project_permission_directly() { + public void keepAuthorizedEntityUuids_returns_private_project_if_user_is_granted_project_permission_directly() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); ProjectDto otherProject = db.components().insertPrivateProject().getProjectDto(); UserDto otherUser = db.users().insertUser(); db.users().insertProjectPermissionOnUser(user, randomPermission, project); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), user.getUuid(), randomPermission)) .containsOnly(project.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), user.getUuid(), "another perm")) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), user.getUuid(), "another perm")) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(otherProject.getUuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(otherProject.getUuid()), user.getUuid(), randomPermission)) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.getUuid()), otherUser.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.getUuid()), otherUser.getUuid(), randomPermission)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_private_project_if_user_is_granted_project_permission_by_group() { + public void keepAuthorizedEntityUuids_returns_private_project_if_user_is_granted_project_permission_by_group() { ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); ComponentDto otherProject = db.components().insertPrivateProject().getMainBranchComponent(); UserDto otherUser = db.users().insertUser(); db.users().insertMember(group1, user); db.users().insertProjectPermissionOnGroup(group1, randomPermission, project); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.uuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.uuid()), user.getUuid(), randomPermission)) .containsOnly(project.uuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.uuid()), user.getUuid(), "another perm")) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.uuid()), user.getUuid(), "another perm")) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(otherProject.uuid()), user.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(otherProject.uuid()), user.getUuid(), randomPermission)) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.uuid()), otherUser.getUuid(), randomPermission)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, singleton(project.uuid()), otherUser.getUuid(), randomPermission)) .isEmpty(); } @@ -426,14 +426,14 @@ public class AuthorizationDaoIT { db.users().insertMember(group, user); db.users().insertProjectPermissionOnGroup(group, UserRole.USER, project1); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(project2.getUuid(), project3.getUuid()), user.getUuid(), UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(project2.getUuid(), project3.getUuid()), user.getUuid(), UserRole.USER)) .containsOnly(project2.getUuid(), project3.getUuid()); // user does not have the role "admin" - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(project2.getUuid()), user.getUuid(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(project2.getUuid()), user.getUuid(), UserRole.ADMIN)) .isEmpty(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, Collections.emptySet(), user.getUuid(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, Collections.emptySet(), user.getUuid(), UserRole.ADMIN)) .isEmpty(); } @@ -449,11 +449,11 @@ public class AuthorizationDaoIT { db.users().insertProjectPermissionOnGroup(group, UserRole.USER, project2); db.users().insertProjectPermissionOnGroup(group, UserRole.USER, project3); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(project2.getUuid(), project3.getUuid()), user1.getUuid(), UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(project2.getUuid(), project3.getUuid()), user1.getUuid(), UserRole.USER)) .containsOnly(project2.getUuid(), project3.getUuid()); // group does not have the role "admin" - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(project2.getUuid(), project3.getUuid()), user1.getUuid(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(project2.getUuid(), project3.getUuid()), user1.getUuid(), UserRole.ADMIN)) .isEmpty(); } @@ -465,179 +465,179 @@ public class AuthorizationDaoIT { GroupDto group = db.users().insertGroup(); db.users().insertMembers(group, user1); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(project1.getUuid(), project2.getUuid()), null, UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(project1.getUuid(), project2.getUuid()), null, UserRole.USER)) .containsOnly(project1.getUuid(), project2.getUuid()); // group does not have the role "admin" - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(project1.getUuid()), null, "admin")) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(project1.getUuid()), null, "admin")) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_should_be_able_to_handle_lots_of_projects() { + public void keepAuthorizedEntityUuids_should_be_able_to_handle_lots_of_projects() { List projects = IntStream.range(0, 2000).mapToObj(i -> db.components().insertPublicProject().getProjectDto()).toList(); Collection uuids = projects.stream().map(ProjectDto::getUuid).collect(Collectors.toSet()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, uuids, null, UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, uuids, null, UserRole.USER)) .containsOnly(uuids.toArray(new String[0])); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_empty_if_user_set_is_empty_on_public_project() { + public void keepAuthorizedUsersForRoleAndEntity_returns_empty_if_user_set_is_empty_on_public_project() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.emptySet(), UserRole.USER, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, Collections.emptySet(), UserRole.USER, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_non_existent_users() { + public void keepAuthorizedUsersForRoleAndEntity_returns_empty_for_non_existent_users() { ProjectDto project = random.nextBoolean() ? db.components().insertPublicProject().getProjectDto() : db.components().insertPrivateProject().getProjectDto(); Set randomNonExistingUserUuidsSet = IntStream.range(0, 1 + Math.abs(random.nextInt(5))) .mapToObj(i -> Uuids.createFast()) .collect(MoreCollectors.toSet()); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomNonExistingUserUuidsSet, UserRole.USER, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomNonExistingUserUuidsSet, UserRole.USER, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_any_users_for_public_project_without_any_permission_in_DB_and_permission_USER() { + public void keepAuthorizedUsersForRoleAndEntity_returns_any_users_for_public_project_without_any_permission_in_DB_and_permission_USER() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.USER, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomExistingUserUuids, UserRole.USER, project.getUuid())) .containsAll(randomExistingUserUuids); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_any_users_for_public_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { + public void keepAuthorizedUsersForRoleAndEntity_returns_any_users_for_public_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.CODEVIEWER, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomExistingUserUuids, UserRole.CODEVIEWER, project.getUuid())) .containsAll(randomExistingUserUuids); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_users_on_public_project_without_any_permission_in_DB() { + public void keepAuthorizedUsersForRoleAndEntity_returns_empty_for_any_users_on_public_project_without_any_permission_in_DB() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomExistingUserUuids, randomPermission, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_directly_on_public_project() { + public void keepAuthorizedUsersForRoleAndEntity_returns_user_if_granted_project_permission_directly_on_public_project() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); UserDto otherUser = db.users().insertUser(); db.users().insertProjectPermissionOnUser(user, randomPermission, project); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) .containsOnly(user.getUuid()); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_by_group_on_public_project() { + public void keepAuthorizedUsersForRoleAndEntity_returns_user_if_granted_project_permission_by_group_on_public_project() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); UserDto otherUser = db.users().insertUser(); db.users().insertMember(group1, user); db.users().insertProjectPermissionOnGroup(group1, randomPermission, project); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) .containsOnly(user.getUuid()); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_does_not_return_user_if_granted_project_permission_by_AnyOne_on_public_project() { + public void keepAuthorizedUsersForRoleAndEntity_does_not_return_user_if_granted_project_permission_by_AnyOne_on_public_project() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); UserDto otherUser = db.users().insertUser(); db.users().insertProjectPermissionOnAnyone(randomPermission, project); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_user_on_private_project_without_any_permission_in_DB_and_permission_USER() { + public void keepAuthorizedUsersForRoleAndEntity_returns_empty_for_any_user_on_private_project_without_any_permission_in_DB_and_permission_USER() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.USER, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomExistingUserUuids, UserRole.USER, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_user_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { + public void keepAuthorizedUsersForRoleAndEntity_returns_empty_for_any_user_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.CODEVIEWER, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomExistingUserUuids, UserRole.CODEVIEWER, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_users_and_any_permission_on_private_project_without_any_permission_in_DB() { + public void keepAuthorizedUsersForRoleAndEntity_returns_empty_for_any_users_and_any_permission_on_private_project_without_any_permission_in_DB() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); PermissionsTestHelper.ALL_PERMISSIONS .forEach(perm -> { - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, perm, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomExistingUserUuids, perm, project.getUuid())) .isEmpty(); }); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, randomExistingUserUuids, randomPermission, project.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_directly_on_private_project() { + public void keepAuthorizedUsersForRoleAndEntity_returns_user_if_granted_project_permission_directly_on_private_project() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); UserDto otherUser = db.users().insertUser(); db.users().insertProjectPermissionOnUser(user, randomPermission, project); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) .containsOnly(user.getUuid()); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) .isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_by_group_on_private_project() { + public void keepAuthorizedUsersForRoleAndEntity_returns_user_if_granted_project_permission_by_group_on_private_project() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); UserDto otherUser = db.users().insertUser(); db.users().insertMember(group1, user); db.users().insertProjectPermissionOnGroup(group1, randomPermission, project); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, project.getUuid())) .containsOnly(user.getUuid()); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), "another perm", project.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(user.getUuid()), randomPermission, otherProject.getUuid())) .isEmpty(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, singleton(otherUser.getUuid()), randomPermission, project.getUuid())) .isEmpty(); } @@ -658,16 +658,16 @@ public class AuthorizationDaoIT { db.users().insertProjectPermissionOnUser(user3, UserRole.USER, project1); db.users().insertProjectPermissionOnGroup(group2, UserRole.USER, project3); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, // Only 100 and 101 has 'user' role on project newHashSet(user1.getUuid(), user2.getUuid(), user3.getUuid()), "user", PROJECT_UUID)).isEmpty(); } @Test - public void keepAuthorizedUsersForRoleAndProject_should_be_able_to_handle_lots_of_users() { + public void keepAuthorizedUsersForRoleAndEntity_should_be_able_to_handle_lots_of_users() { List users = IntStream.range(0, 2000).mapToObj(i -> db.users().insertUser()).toList(); - assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, + assertThat(underTest.keepAuthorizedUsersForRoleAndEntity(dbSession, users.stream().map(UserDto::getUuid).collect(Collectors.toSet()), "user", PROJECT_UUID)).isEmpty(); } @@ -723,91 +723,91 @@ public class AuthorizationDaoIT { } @Test - public void selectProjectPermissionsOfAnonymous_returns_permissions_of_anonymous_user_on_specified_public_project() { + public void selectEntityPermissionsOfAnonymous_returns_permissions_of_anonymous_user_on_specified_public_project() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); db.users().insertProjectPermissionOnAnyone("p1", project); db.users().insertProjectPermissionOnUser(db.users().insertUser(), "p2", project); ProjectDto otherProject = db.components().insertPublicProject().getProjectDto(); db.users().insertProjectPermissionOnAnyone("p3", otherProject); - assertThat(underTest.selectProjectPermissionsOfAnonymous(dbSession, project.getUuid())).containsOnly("p1"); + assertThat(underTest.selectEntityPermissionsOfAnonymous(dbSession, project.getUuid())).containsOnly("p1"); } @Test - public void selectProjectPermissionsOfAnonymous_returns_empty_set_when_project_does_not_exist() { - assertThat(underTest.selectProjectPermissionsOfAnonymous(dbSession, "does_not_exist")).isEmpty(); + public void selectEntityPermissionsOfAnonymous_returns_empty_set_when_project_does_not_exist() { + assertThat(underTest.selectEntityPermissionsOfAnonymous(dbSession, "does_not_exist")).isEmpty(); } @Test - public void selectProjectPermissions_returns_empty_set_when_logged_in_user_and_project_does_not_exist() { - assertThat(underTest.selectProjectPermissions(dbSession, "does_not_exist", user.getUuid())).isEmpty(); + public void selectEntityPermissions_returns_empty_set_when_logged_in_user_and_project_does_not_exist() { + assertThat(underTest.selectEntityPermissions(dbSession, "does_not_exist", user.getUuid())).isEmpty(); } @Test - public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_public_project_through_anonymous_permissions() { + public void selectEntityPermissions_returns_permissions_of_logged_in_user_on_specified_public_project_through_anonymous_permissions() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); db.users().insertProjectPermissionOnAnyone("p1", project); db.users().insertProjectPermissionOnAnyone("p2", project); - assertThat(underTest.selectProjectPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly("p1", "p2"); + assertThat(underTest.selectEntityPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly("p1", "p2"); } @Test - public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_project() { + public void selectEntityPermissions_returns_permissions_of_logged_in_user_on_specified_project() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); db.users().insertProjectPermissionOnUser(db.users().insertUser(), UserRole.ISSUE_ADMIN, project); - assertThat(underTest.selectProjectPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly(UserRole.CODEVIEWER); + assertThat(underTest.selectEntityPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly(UserRole.CODEVIEWER); } @Test - public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_project_through_group_membership() { + public void selectEntityPermissions_returns_permissions_of_logged_in_user_on_specified_project_through_group_membership() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); db.users().insertProjectPermissionOnGroup(group1, UserRole.CODEVIEWER, project); db.users().insertProjectPermissionOnGroup(group2, UserRole.ISSUE_ADMIN, project); db.users().insertMember(group1, user); - assertThat(underTest.selectProjectPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly(UserRole.CODEVIEWER); + assertThat(underTest.selectEntityPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly(UserRole.CODEVIEWER); } @Test - public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_private_project_through_all_possible_configurations() { + public void selectEntityPermissions_returns_permissions_of_logged_in_user_on_specified_private_project_through_all_possible_configurations() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project); db.users().insertMember(group1, user); - assertThat(underTest.selectProjectPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly(UserRole.CODEVIEWER, UserRole.USER); + assertThat(underTest.selectEntityPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly(UserRole.CODEVIEWER, UserRole.USER); } @Test - public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_public_project_through_all_possible_configurations() { + public void selectEntityPermissions_returns_permissions_of_logged_in_user_on_specified_public_project_through_all_possible_configurations() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); db.users().insertProjectPermissionOnUser(user, "p1", project); db.users().insertProjectPermissionOnAnyone("p2", project); db.users().insertProjectPermissionOnGroup(group1, "p3", project); db.users().insertMember(group1, user); - assertThat(underTest.selectProjectPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly("p1", "p2", "p3"); + assertThat(underTest.selectEntityPermissions(dbSession, project.getUuid(), user.getUuid())).containsOnly("p1", "p2", "p3"); } @Test - public void keepAuthorizedProjectUuids_filters_projects_authorized_to_logged_in_user_by_direct_permission() { + public void keepAuthorizedEntityUuids_filters_projects_authorized_to_logged_in_user_by_direct_permission() { ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); UserDto user = db.users().insertUser(); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, privateProject); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ADMIN)) .containsOnly(privateProject.getUuid()); // user does not have the permission "issueadmin" - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ISSUE_ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ISSUE_ADMIN)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_filters_projects_authorized_to_logged_in_user_by_group_permission() { + public void keepAuthorizedEntityUuids_filters_projects_authorized_to_logged_in_user_by_group_permission() { ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); UserDto user = db.users().insertUser(); @@ -815,54 +815,54 @@ public class AuthorizationDaoIT { db.users().insertMember(group, user); db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, privateProject); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ADMIN)) .containsOnly(privateProject.getUuid()); // user does not have the permission "issueadmin" - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ISSUE_ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(privateProject.getUuid(), publicProject.getUuid()), user.getUuid(), UserRole.ISSUE_ADMIN)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_list_if_input_is_empty() { + public void keepAuthorizedEntityUuids_returns_empty_list_if_input_is_empty() { ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); UserDto user = db.users().insertUser(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, Collections.emptySet(), user.getUuid(), UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, Collections.emptySet(), user.getUuid(), UserRole.USER)) .isEmpty(); // projects do not exist - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet("does_not_exist"), user.getUuid(), UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet("does_not_exist"), user.getUuid(), UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_empty_list_if_input_does_not_reference_existing_projects() { + public void keepAuthorizedEntityUuids_returns_empty_list_if_input_does_not_reference_existing_projects() { ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); UserDto user = db.users().insertUser(); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet("does_not_exist"), user.getUuid(), UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet("does_not_exist"), user.getUuid(), UserRole.USER)) .isEmpty(); } @Test - public void keepAuthorizedProjectUuids_returns_public_projects_if_permission_USER_or_CODEVIEWER() { + public void keepAuthorizedEntityUuids_returns_public_projects_if_permission_USER_or_CODEVIEWER() { ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); UserDto user = db.users().insertUser(); // logged-in user - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(publicProject.getUuid()), user.getUuid(), UserRole.CODEVIEWER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(publicProject.getUuid()), user.getUuid(), UserRole.CODEVIEWER)) .containsOnly(publicProject.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(publicProject.getUuid()), user.getUuid(), UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(publicProject.getUuid()), user.getUuid(), UserRole.USER)) .containsOnly(publicProject.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(publicProject.getUuid()), user.getUuid(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(publicProject.getUuid()), user.getUuid(), UserRole.ADMIN)) .isEmpty(); // anonymous - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(publicProject.getUuid()), null, UserRole.CODEVIEWER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(publicProject.getUuid()), null, UserRole.CODEVIEWER)) .containsOnly(publicProject.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(publicProject.getUuid()), null, UserRole.USER)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(publicProject.getUuid()), null, UserRole.USER)) .containsOnly(publicProject.getUuid()); - assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(publicProject.getUuid()), null, UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedEntityUuids(dbSession, newHashSet(publicProject.getUuid()), null, UserRole.ADMIN)) .isEmpty(); } @@ -1016,7 +1016,7 @@ public class AuthorizationDaoIT { } @Test - public void keepAuthorizedLoginsOnProject_return_correct_users_on_public_project() { + public void keepAuthorizedLoginsOnEntity_return_correct_users_on_public_project() { ProjectDto project = db.components().insertPublicProject().getProjectDto(); UserDto user1 = db.users().insertUser(); @@ -1031,16 +1031,16 @@ public class AuthorizationDaoIT { db.users().insertMember(adminGroup, admin2); db.users().insertProjectPermissionOnGroup(adminGroup, UserRole.ADMIN, project); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, newHashSet(user1.getLogin()), project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, newHashSet(user1.getLogin()), project.getKey(), UserRole.USER)) .containsOnly(user1.getLogin()); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, newHashSet(user1.getLogin(), admin1.getLogin(), admin2.getLogin()), project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, newHashSet(user1.getLogin(), admin1.getLogin(), admin2.getLogin()), project.getKey(), UserRole.USER)) .containsOnly(user1.getLogin(), admin1.getLogin(), admin2.getLogin()); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, newHashSet(user1.getLogin(), admin1.getLogin(), admin2.getLogin()), project.getKey(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, newHashSet(user1.getLogin(), admin1.getLogin(), admin2.getLogin()), project.getKey(), UserRole.ADMIN)) .containsOnly(admin1.getLogin(), admin2.getLogin()); } @Test - public void keepAuthorizedLoginsOnProject_return_correct_users_on_private_project() { + public void keepAuthorizedLoginsOnEntity_return_correct_users_on_private_project() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); GroupDto userGroup = db.users().insertGroup("USERS"); @@ -1067,22 +1067,22 @@ public class AuthorizationDaoIT { // user without role UserDto userWithNoRole = db.users().insertUser(); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, newHashSet(userWithNoRole.getLogin()), project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, newHashSet(userWithNoRole.getLogin()), project.getKey(), UserRole.USER)) .isEmpty(); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, newHashSet(user1.getLogin()), project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, newHashSet(user1.getLogin()), project.getKey(), UserRole.USER)) .containsOnly(user1.getLogin()); Set allLogins = newHashSet(admin1.getLogin(), admin2.getLogin(), user1.getLogin(), user2.getLogin(), userWithNoRole.getLogin()); // Admin does not have the USER permission set - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, allLogins, project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, allLogins, project.getKey(), UserRole.USER)) .containsOnly(user1.getLogin(), user2.getLogin()); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, allLogins, project.getKey(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, allLogins, project.getKey(), UserRole.ADMIN)) .containsOnly(admin1.getLogin(), admin2.getLogin()); } @Test - public void keepAuthorizedLoginsOnProject_whenHasBranch_shouldReturnExpectedUsers() { + public void keepAuthorizedLoginsOnEntity_whenHasBranch_shouldReturnExpectedUsers() { ProjectDto project = db.components().insertPrivateProject().getProjectDto(); BranchDto branch = db.components().insertProjectBranch(project, c -> c.setBranchType(BranchType.BRANCH)); @@ -1110,17 +1110,17 @@ public class AuthorizationDaoIT { // user without role UserDto userWithNoRole = db.users().insertUser(); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, newHashSet(userWithNoRole.getLogin()), project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, newHashSet(userWithNoRole.getLogin()), project.getKey(), UserRole.USER)) .isEmpty(); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, newHashSet(user1.getLogin()), project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, newHashSet(user1.getLogin()), project.getKey(), UserRole.USER)) .containsOnly(user1.getLogin()); Set allLogins = newHashSet(admin1.getLogin(), admin2.getLogin(), user1.getLogin(), user2.getLogin(), userWithNoRole.getLogin()); // Admin does not have the USER permission set - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, allLogins, project.getKey(), UserRole.USER)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, allLogins, project.getKey(), UserRole.USER)) .containsOnly(user1.getLogin(), user2.getLogin()); - assertThat(underTest.keepAuthorizedLoginsOnProject(dbSession, allLogins, project.getKey(), UserRole.ADMIN)) + assertThat(underTest.keepAuthorizedLoginsOnEntity(dbSession, allLogins, project.getKey(), UserRole.ADMIN)) .containsOnly(admin1.getLogin(), admin2.getLogin()); } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationDao.java index 9c40944e109..82462fc0fef 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationDao.java @@ -56,25 +56,25 @@ public class AuthorizationDao implements Dao { } /** - * Loads all the permissions granted to logged-in user for the specified project stored in *_ROLES + * Loads all the permissions granted to logged-in user for the specified entity stored in *_ROLES * tables. - * An empty Set is returned if user has no permissions on the project. + * An empty Set is returned if user has no permissions on the entity. * * This method does not support public components */ - public Set selectProjectPermissions(DbSession dbSession, String projectUuid, String userUuid) { - return mapper(dbSession).selectProjectPermissions(projectUuid, userUuid); + public Set selectEntityPermissions(DbSession dbSession, String entityUuid, String userUuid) { + return mapper(dbSession).selectEntityPermissions(entityUuid, userUuid); } /** - * Loads all the permissions granted to anonymous for the specified project stored in *_ROLES + * Loads all the permissions granted to anonymous for the specified entity stored in *_ROLES * tables. - * An empty Set is returned if anonymous user has no permissions on the project. + * An empty Set is returned if anonymous user has no permissions on the entity. * * This method does not support public components */ - public Set selectProjectPermissionsOfAnonymous(DbSession dbSession, String projectUuid) { - return mapper(dbSession).selectProjectPermissionsOfAnonymous(projectUuid); + public Set selectEntityPermissionsOfAnonymous(DbSession dbSession, String entityUuid) { + return mapper(dbSession).selectEntityPermissionsOfAnonymous(entityUuid); } /** @@ -121,26 +121,26 @@ public class AuthorizationDao implements Dao { return mapper(dbSession).countUsersWithGlobalPermissionExcludingUserPermission(permission, userUuid); } - public Set keepAuthorizedProjectUuids(DbSession dbSession, Collection projectUuids, @Nullable String userUuid, String permission) { + public Set keepAuthorizedEntityUuids(DbSession dbSession, Collection entityUuids, @Nullable String userUuid, String permission) { return executeLargeInputsIntoSet( - projectUuids, + entityUuids, partition -> { if (userUuid == null) { - return mapper(dbSession).keepAuthorizedProjectUuidsForAnonymous(permission, partition); + return mapper(dbSession).keepAuthorizedEntityUuidsForAnonymous(permission, partition); } - return mapper(dbSession).keepAuthorizedProjectUuidsForUser(userUuid, permission, partition); + return mapper(dbSession).keepAuthorizedEntityUuidsForUser(userUuid, permission, partition); }, partitionSize -> partitionSize / 2); } /** - * Keep only authorized user that have the given permission on a given project. + * Keep only authorized user that have the given permission on a given entity. * Please Note that if the permission is 'Anyone' is NOT taking into account by this method. */ - public Collection keepAuthorizedUsersForRoleAndProject(DbSession dbSession, Collection userUuids, String role, String projectUuid) { + public Collection keepAuthorizedUsersForRoleAndEntity(DbSession dbSession, Collection userUuids, String role, String entityUuid) { return executeLargeInputs( userUuids, - partitionOfIds -> mapper(dbSession).keepAuthorizedUsersForRoleAndProject(role, projectUuid, partitionOfIds), + partitionOfIds -> mapper(dbSession).keepAuthorizedUsersForRoleAndEntity(role, entityUuid, partitionOfIds), partitionSize -> partitionSize / 3); } @@ -152,10 +152,10 @@ public class AuthorizationDao implements Dao { return mapper(dbSession).selectEmailSubscribersWithGlobalPermission(ADMINISTER.getKey()); } - public Set keepAuthorizedLoginsOnProject(DbSession dbSession, Set logins, String projectKey, String permission) { + public Set keepAuthorizedLoginsOnEntity(DbSession dbSession, Set logins, String entityKey, String permission) { return executeLargeInputsIntoSet( logins, - partitionOfLogins -> mapper(dbSession).keepAuthorizedLoginsOnProject(partitionOfLogins, projectKey, permission), + partitionOfLogins -> mapper(dbSession).keepAuthorizedLoginsOnEntity(partitionOfLogins, entityKey, permission), partitionSize -> partitionSize / 3); } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationMapper.java index 8e00e319744..3a0308b91f5 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationMapper.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationMapper.java @@ -45,17 +45,17 @@ public interface AuthorizationMapper { int countUsersWithGlobalPermissionExcludingUserPermission(@Param("permission") String permission, @Param("userUuid") String userUuid); - List keepAuthorizedUsersForRoleAndProject(@Param("role") String role, @Param("componentUuid") String componentUuid, @Param("userUuids") List userUuids); + List keepAuthorizedUsersForRoleAndEntity(@Param("role") String role, @Param("entityUuid") String entityUuid, @Param("userUuids") List userUuids); - Set keepAuthorizedProjectUuidsForUser(@Param("userUuid") String userUuid, @Param("role") String role, @Param("projectUuids") Collection projectUuids); + Set keepAuthorizedEntityUuidsForUser(@Param("userUuid") String userUuid, @Param("role") String role, @Param("entityUuids") Collection entityUuids); - Set keepAuthorizedProjectUuidsForAnonymous(@Param("role") String role, @Param("projectUuids") Collection projectUuids); + Set keepAuthorizedEntityUuidsForAnonymous(@Param("role") String role, @Param("entityUuids") Collection entityUuids); - Set selectProjectPermissions(@Param("projectUuid") String projectUuid, @Param("userUuid") String userUuid); + Set selectEntityPermissions(@Param("entityUuid") String entityUuid, @Param("userUuid") String userUuid); - Set selectProjectPermissionsOfAnonymous(@Param("projectUuid") String projectUuid); + Set selectEntityPermissionsOfAnonymous(@Param("entityUuid") String entityUuid); - Set keepAuthorizedLoginsOnProject(@Param("logins") List logins, @Param("projectKey") String projectKey, @Param("permission") String permission); + Set keepAuthorizedLoginsOnEntity(@Param("logins") List logins, @Param("entityKey") String projectKey, @Param("permission") String permission); Set selectEmailSubscribersWithGlobalPermission(@Param("permission") String permission); } diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml index 951590cbbf9..dfed7b50a7f 100644 --- a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml +++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml @@ -143,7 +143,7 @@ ) remaining - select gr.component_uuid from @@ -162,7 +162,7 @@ and gr.group_uuid = gu.group_uuid ) ) - and + and gr.component_uuid=#{element, jdbcType=VARCHAR} @@ -177,29 +177,29 @@ where ur.role=#{role, jdbcType=VARCHAR} and ur.user_uuid=#{userUuid, jdbcType=INTEGER} - and + and entity.uuid=#{element, jdbcType=VARCHAR} union - + - + select entity.uuid from () entity where - + entity.uuid=#{element ,jdbcType=VARCHAR} and entity.isPrivate = ${_false} and #{role, jdbcType=VARCHAR} in ('user','codeviewer') - select gr.component_uuid from @@ -207,16 +207,16 @@ where gr.role=#{role, jdbcType=VARCHAR} and gr.group_uuid is null - and + and gr.component_uuid=#{element, jdbcType=VARCHAR} union - + - select gu.user_uuid from @@ -224,7 +224,7 @@ inner join group_roles gr on gr.group_uuid=gu.group_uuid where - gr.component_uuid=#{componentUuid, jdbcType=VARCHAR} + gr.component_uuid=#{entityUuid, jdbcType=VARCHAR} and gr.role=#{role, jdbcType=VARCHAR} and gu.user_uuid in @@ -238,7 +238,7 @@ from user_roles ur where - ur.component_uuid=#{componentUuid, jdbcType=VARCHAR} + ur.component_uuid=#{entityUuid, jdbcType=VARCHAR} and ur.role=#{role, jdbcType=VARCHAR} and ur.user_uuid IN @@ -262,18 +262,18 @@ from () entity where - entity.uuid =#{componentUuid, jdbcType=VARCHAR} + entity.uuid =#{entityUuid, jdbcType=VARCHAR} and entity.isPrivate = ${_false} and #{role, jdbcType=VARCHAR} in ('user','codeviewer') ) - select ur.role from user_roles ur inner join () entity on entity.uuid = ur.component_uuid where - entity.uuid = #{projectUuid, jdbcType=VARCHAR} and + entity.uuid = #{entityUuid, jdbcType=VARCHAR} and ur.user_uuid = #{userUuid, jdbcType=VARCHAR} union @@ -283,19 +283,19 @@ inner join groups_users gu on gr.group_uuid = gu.group_uuid inner join () entity on entity.uuid = gr.component_uuid where - entity.uuid = #{projectUuid, jdbcType=VARCHAR} and + entity.uuid = #{entityUuid, jdbcType=VARCHAR} and gu.user_uuid = #{userUuid, jdbcType=VARCHAR} union - + - + - + select gr.role from @@ -303,7 +303,7 @@ inner join () entity on entity.uuid = gr.component_uuid where - entity.uuid = #{projectUuid, jdbcType=VARCHAR} + entity.uuid = #{entityUuid, jdbcType=VARCHAR} and gr.group_uuid is null @@ -339,7 +339,7 @@ - select u.login from users u where @@ -350,7 +350,7 @@ from user_roles ur inner join () entity on entity.uuid = ur.component_uuid where - entity.kee = #{projectKey, jdbcType=VARCHAR} + entity.kee = #{entityKey, jdbcType=VARCHAR} and ur.role = #{permission, jdbcType=VARCHAR} and ur.user_uuid = u.uuid ) or exists ( @@ -359,7 +359,7 @@ inner join group_roles gr on gr.component_uuid = entity.uuid inner join groups_users gu on gu.group_uuid = gr.group_uuid where - entity.kee = #{projectKey, jdbcType=VARCHAR} + entity.kee = #{entityKey, jdbcType=VARCHAR} and gu.user_uuid = u.uuid and gr.role = #{permission, jdbcType=VARCHAR} ) @@ -368,7 +368,7 @@ select 1 from () entity where - entity.kee = #{projectKey, jdbcType=VARCHAR} + entity.kee = #{entityKey, jdbcType=VARCHAR} and entity.isPrivate = ${_false} ) diff --git a/server/sonar-server-common/src/main/java/org/sonar/server/notification/DefaultNotificationManager.java b/server/sonar-server-common/src/main/java/org/sonar/server/notification/DefaultNotificationManager.java index 65135dc393e..61737bb72bf 100644 --- a/server/sonar-server-common/src/main/java/org/sonar/server/notification/DefaultNotificationManager.java +++ b/server/sonar-server-common/src/main/java/org/sonar/server/notification/DefaultNotificationManager.java @@ -174,7 +174,7 @@ public class DefaultNotificationManager implements NotificationManager { Set logins = subscribers.stream() .map(EmailSubscriberDto::getLogin) .collect(Collectors.toSet()); - Set authorizedLogins = dbClient.authorizationDao().keepAuthorizedLoginsOnProject(dbSession, logins, projectKey, permission); + Set authorizedLogins = dbClient.authorizationDao().keepAuthorizedLoginsOnEntity(dbSession, logins, projectKey, permission); return subscribers.stream() .filter(s -> authorizedLogins.contains(s.getLogin())); } diff --git a/server/sonar-server-common/src/test/java/org/sonar/server/notification/DefaultNotificationManagerTest.java b/server/sonar-server-common/src/test/java/org/sonar/server/notification/DefaultNotificationManagerTest.java index 310615af703..b22f4290854 100644 --- a/server/sonar-server-common/src/test/java/org/sonar/server/notification/DefaultNotificationManagerTest.java +++ b/server/sonar-server-common/src/test/java/org/sonar/server/notification/DefaultNotificationManagerTest.java @@ -20,13 +20,10 @@ package org.sonar.server.notification; import com.google.common.collect.ImmutableSet; -import com.google.common.collect.Multimap; import java.io.InvalidClassException; import java.util.Arrays; -import java.util.Collection; import java.util.Collections; import java.util.List; -import java.util.Map; import java.util.Random; import java.util.Set; import java.util.stream.Collectors; @@ -37,7 +34,6 @@ import org.mockito.InOrder; import org.sonar.api.notifications.Notification; import org.sonar.api.notifications.NotificationChannel; import org.sonar.api.utils.System2; -import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.EmailSubscriberDto; @@ -45,7 +41,6 @@ import org.sonar.db.notification.NotificationQueueDao; import org.sonar.db.notification.NotificationQueueDto; import org.sonar.db.permission.AuthorizationDao; import org.sonar.db.property.PropertiesDao; -import org.sonar.db.property.Subscriber; import org.sonar.server.notification.NotificationManager.EmailRecipient; import org.sonar.server.notification.NotificationManager.SubscriberPermissionsOnProject; @@ -193,7 +188,7 @@ public class DefaultNotificationManagerTest { new SubscriberPermissionsOnProject(globalPermission, projectPermission)); assertThat(emailRecipients).isEmpty(); - verify(authorizationDao, times(0)).keepAuthorizedLoginsOnProject(any(DbSession.class), anySet(), anyString(), anyString()); + verify(authorizationDao, times(0)).keepAuthorizedLoginsOnEntity(any(DbSession.class), anySet(), anyString(), anyString()); } @Test @@ -212,7 +207,7 @@ public class DefaultNotificationManagerTest { new SubscriberPermissionsOnProject(globalPermission, projectPermission)); assertThat(emailRecipients).isEmpty(); - verify(authorizationDao, times(0)).keepAuthorizedLoginsOnProject(any(DbSession.class), anySet(), anyString(), anyString()); + verify(authorizationDao, times(0)).keepAuthorizedLoginsOnEntity(any(DbSession.class), anySet(), anyString(), anyString()); } @Test @@ -225,9 +220,9 @@ public class DefaultNotificationManagerTest { .thenReturn( newHashSet(EmailSubscriberDto.create("user1", false, "user1@foo"), EmailSubscriberDto.create("user3", false, "user3@foo"), EmailSubscriberDto.create("user3", true, "user3@foo"))); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, newHashSet("user3", "user4"), projectKey, globalPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, newHashSet("user3", "user4"), projectKey, globalPermission)) .thenReturn(newHashSet("user3")); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, newHashSet("user1", "user3"), projectKey, projectPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, newHashSet("user1", "user3"), projectKey, projectPermission)) .thenReturn(newHashSet("user1", "user3")); Set emailRecipients = underTest.findSubscribedEmailRecipients(dispatcherKey, projectKey, @@ -236,8 +231,8 @@ public class DefaultNotificationManagerTest { .isEqualTo(ImmutableSet.of(new EmailRecipient("user1", "user1@foo"), new EmailRecipient("user3", "user3@foo"))); // code is optimized to perform only 2 SQL requests for all channels - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(globalPermission)); - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(projectPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(globalPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(projectPermission)); } @Test @@ -251,9 +246,9 @@ public class DefaultNotificationManagerTest { .thenReturn( newHashSet(EmailSubscriberDto.create("user1", false, "user1@foo"), EmailSubscriberDto.create("user3", false, "user3@foo"), EmailSubscriberDto.create("user3", true, "user3@foo"))); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, newHashSet("user3", "user4"), projectKey, globalPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, newHashSet("user3", "user4"), projectKey, globalPermission)) .thenReturn(newHashSet("user3")); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, newHashSet("user1", "user3"), projectKey, projectPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, newHashSet("user1", "user3"), projectKey, projectPermission)) .thenReturn(newHashSet("user1", "user3")); Set emailRecipients = underTest.findSubscribedEmailRecipients(dispatcherKey, projectKey, logins, @@ -262,8 +257,8 @@ public class DefaultNotificationManagerTest { .isEqualTo(ImmutableSet.of(new EmailRecipient("user1", "user1@foo"), new EmailRecipient("user3", "user3@foo"))); // code is optimized to perform only 2 SQL requests for all channels - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(globalPermission)); - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(projectPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(globalPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(projectPermission)); } @Test @@ -278,7 +273,7 @@ public class DefaultNotificationManagerTest { Set logins = subscribers.stream().map(EmailSubscriberDto::getLogin).collect(Collectors.toSet()); when(propertiesDao.findEmailSubscribersForNotification(dbSession, dispatcherKey, "EmailNotificationChannel", projectKey)) .thenReturn(subscribers); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, logins, projectKey, globalPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, logins, projectKey, globalPermission)) .thenReturn(logins); Set emailRecipients = underTest.findSubscribedEmailRecipients(dispatcherKey, projectKey, @@ -287,8 +282,8 @@ public class DefaultNotificationManagerTest { assertThat(emailRecipients) .isEqualTo(expected); - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(globalPermission)); - verify(authorizationDao, times(0)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(projectPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(globalPermission)); + verify(authorizationDao, times(0)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(projectPermission)); } @Test @@ -303,7 +298,7 @@ public class DefaultNotificationManagerTest { Set logins = subscribers.stream().map(EmailSubscriberDto::getLogin).collect(Collectors.toSet()); when(propertiesDao.findEmailSubscribersForNotification(dbSession, dispatcherKey, "EmailNotificationChannel", projectKey, logins)) .thenReturn(subscribers); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, logins, projectKey, globalPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, logins, projectKey, globalPermission)) .thenReturn(logins); Set emailRecipients = underTest.findSubscribedEmailRecipients(dispatcherKey, projectKey, logins, @@ -312,8 +307,8 @@ public class DefaultNotificationManagerTest { assertThat(emailRecipients) .isEqualTo(expected); - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(globalPermission)); - verify(authorizationDao, times(0)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(projectPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(globalPermission)); + verify(authorizationDao, times(0)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(projectPermission)); } @Test @@ -328,7 +323,7 @@ public class DefaultNotificationManagerTest { Set logins = subscribers.stream().map(EmailSubscriberDto::getLogin).collect(Collectors.toSet()); when(propertiesDao.findEmailSubscribersForNotification(dbSession, dispatcherKey, "EmailNotificationChannel", projectKey)) .thenReturn(subscribers); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, logins, projectKey, projectPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, logins, projectKey, projectPermission)) .thenReturn(logins); Set emailRecipients = underTest.findSubscribedEmailRecipients(dispatcherKey, projectKey, @@ -337,8 +332,8 @@ public class DefaultNotificationManagerTest { assertThat(emailRecipients) .isEqualTo(expected); - verify(authorizationDao, times(0)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(globalPermission)); - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(projectPermission)); + verify(authorizationDao, times(0)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(globalPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(projectPermission)); } @Test @@ -353,7 +348,7 @@ public class DefaultNotificationManagerTest { Set logins = subscribers.stream().map(EmailSubscriberDto::getLogin).collect(Collectors.toSet()); when(propertiesDao.findEmailSubscribersForNotification(dbSession, dispatcherKey, "EmailNotificationChannel", projectKey, logins)) .thenReturn(subscribers); - when(authorizationDao.keepAuthorizedLoginsOnProject(dbSession, logins, projectKey, projectPermission)) + when(authorizationDao.keepAuthorizedLoginsOnEntity(dbSession, logins, projectKey, projectPermission)) .thenReturn(logins); Set emailRecipients = underTest.findSubscribedEmailRecipients(dispatcherKey, projectKey, logins, @@ -362,7 +357,7 @@ public class DefaultNotificationManagerTest { assertThat(emailRecipients) .isEqualTo(expected); - verify(authorizationDao, times(0)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(globalPermission)); - verify(authorizationDao, times(1)).keepAuthorizedLoginsOnProject(eq(dbSession), anySet(), anyString(), eq(projectPermission)); + verify(authorizationDao, times(0)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(globalPermission)); + verify(authorizationDao, times(1)).keepAuthorizedLoginsOnEntity(eq(dbSession), anySet(), anyString(), eq(projectPermission)); } } diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java index 3c01fb2923e..b8539307fe7 100644 --- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java +++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java @@ -199,7 +199,7 @@ public class ServerUserSession extends AbstractUserSession { private Set keepEntitiesUuidsByPermission(String permission, Collection entityUuids) { try (DbSession dbSession = dbClient.openSession(false)) { String userUuid = userDto == null ? null : userDto.getUuid(); - return dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, entityUuids, userUuid, permission); + return dbClient.authorizationDao().keepAuthorizedEntityUuids(dbSession, entityUuids, userUuid, permission); } } @@ -343,11 +343,11 @@ public class ServerUserSession extends AbstractUserSession { .collect(MoreCollectors.toSet(permissionKeys.size())); } - private Set loadDbPermissions(DbSession dbSession, String projectUuid) { + private Set loadDbPermissions(DbSession dbSession, String entityUuid) { if (userDto != null && userDto.getUuid() != null) { - return dbClient.authorizationDao().selectProjectPermissions(dbSession, projectUuid, userDto.getUuid()); + return dbClient.authorizationDao().selectEntityPermissions(dbSession, entityUuid, userDto.getUuid()); } - return dbClient.authorizationDao().selectProjectPermissionsOfAnonymous(dbSession, projectUuid); + return dbClient.authorizationDao().selectEntityPermissionsOfAnonymous(dbSession, entityUuid); } @Override @@ -363,7 +363,7 @@ public class ServerUserSession extends AbstractUserSession { Set allProjectUuids = new HashSet<>(projectUuids); allProjectUuids.addAll(originalComponentsProjectUuids); - Set authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, allProjectUuids, getUuid(), permission); + Set authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedEntityUuids(dbSession, allProjectUuids, getUuid(), permission); return components.stream() .filter(c -> { diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/hotspot/ws/AssignAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/hotspot/ws/AssignAction.java index 2095b04e6e5..7c7438b8b19 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/hotspot/ws/AssignAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/hotspot/ws/AssignAction.java @@ -157,7 +157,7 @@ public class AssignAction implements HotspotsWsAction { } private boolean hasProjectPermission(DbSession dbSession, String userUuid, String projectUuid) { - return dbClient.authorizationDao().selectProjectPermissions(dbSession, projectUuid, userUuid).contains(UserRole.USER); + return dbClient.authorizationDao().selectEntityPermissions(dbSession, projectUuid, userUuid).contains(UserRole.USER); } private static HotspotChangedEvent buildEventData(DefaultIssue defaultIssue, @Nullable UserDto assignee, String filePath) { diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/notification/ws/ListAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/notification/ws/ListAction.java index 6f4fcdd95de..983e91e7b7f 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/notification/ws/ListAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/notification/ws/ListAction.java @@ -159,7 +159,7 @@ public class ListAction implements NotificationsWsAction { .map(PropertyDto::getEntityUuid) .filter(Objects::nonNull) .collect(MoreCollectors.toSet(properties.size())); - Set authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, componentUuids, userSession.getUuid(), UserRole.USER); + Set authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedEntityUuids(dbSession, componentUuids, userSession.getUuid(), UserRole.USER); return dbClient.componentDao().selectByUuids(dbSession, componentUuids) .stream() .filter(c -> authorizedProjectUuids.contains(c.uuid())) diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualitygate/ws/SearchAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualitygate/ws/SearchAction.java index e89d0b6c2c5..423604add19 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualitygate/ws/SearchAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualitygate/ws/SearchAction.java @@ -148,7 +148,7 @@ public class SearchAction implements QualityGatesWsAction { private List keepAuthorizedProjects(DbSession dbSession, List projects) { List projectUuids = projects.stream().map(ProjectQgateAssociationDto::getUuid).collect(MoreCollectors.toList()); - Collection authorizedProjectIds = dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, projectUuids, userSession.getUuid(), UserRole.USER); + Collection authorizedProjectIds = dbClient.authorizationDao().keepAuthorizedEntityUuids(dbSession, projectUuids, userSession.getUuid(), UserRole.USER); return projects.stream().filter(project -> authorizedProjectIds.contains(project.getUuid())).collect(MoreCollectors.toList()); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ProjectsAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ProjectsAction.java index cf970503bf2..e115138c304 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ProjectsAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/qualityprofile/ws/ProjectsAction.java @@ -107,7 +107,7 @@ public class ProjectsAction implements QProfileWsAction { .map(ProjectQprofileAssociationDto::getProjectUuid) .collect(MoreCollectors.toSet()); - Set authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedProjectUuids(session, projectUuids, userSession.getUuid(), UserRole.USER); + Set authorizedProjectUuids = dbClient.authorizationDao().keepAuthorizedEntityUuids(session, projectUuids, userSession.getUuid(), UserRole.USER); Paging paging = forPageIndex(page).withPageSize(pageSize).andTotal(authorizedProjectUuids.size()); List authorizedProjects = projects.stream() -- 2.39.5