From 5d3dcc8b1aabfc4768590b2a33584e061de80089 Mon Sep 17 00:00:00 2001 From: =?utf8?q?S=C3=A9bastien=20Lesaint?= Date: Fri, 21 Apr 2017 17:37:59 +0200 Subject: [PATCH] SONAR-9105 add GroupPermissionDao#selectGroupIdsWithPermissionOnProjectBut --- .../db/permission/GroupPermissionDao.java | 10 ++++ .../db/permission/GroupPermissionMapper.java | 8 +++ .../db/permission/GroupPermissionMapper.xml | 20 +++++++ .../db/permission/GroupPermissionDaoTest.java | 60 +++++++++++++++++++ 4 files changed, 98 insertions(+) diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java index cccf5a4d717..4b18d0b9e2a 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java @@ -22,6 +22,7 @@ package org.sonar.db.permission; import java.util.HashMap; import java.util.List; import java.util.Map; +import java.util.Set; import javax.annotation.Nullable; import org.apache.ibatis.session.ResultHandler; import org.apache.ibatis.session.RowBounds; @@ -103,6 +104,15 @@ public class GroupPermissionDao implements Dao { return mapper(session).selectProjectPermissionsOfGroup(organizationUuid, groupId, projectId); } + /** + * Lists id of groups with at least one permission on the specified root component but which do not have the specified + * permission, excluding group "AnyOne" (which implies the returned {@code Sett} can't contain + * {@code null}). + */ + public Set selectGroupIdsWithPermissionOnProjectBut(DbSession session, long projectId, String permission) { + return mapper(session).selectGroupIdsWithPermissionOnProjectBut(projectId, permission); + } + public void insert(DbSession dbSession, GroupPermissionDto dto) { ensureComponentPermissionConsistency(dbSession, dto); ensureGroupPermissionConsistency(dbSession, dto); diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java index 05439bd61e8..19153f7f845 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java @@ -21,6 +21,7 @@ package org.sonar.db.permission; import java.util.List; import java.util.Map; +import java.util.Set; import javax.annotation.Nullable; import org.apache.ibatis.annotations.Param; import org.apache.ibatis.session.ResultHandler; @@ -51,6 +52,13 @@ public interface GroupPermissionMapper { void selectAllPermissionsByGroupId(@Param("organizationUuid") String organizationUuid, @Param("groupId") Integer groupId, ResultHandler resultHandler); + /** + * Lists id of groups with at least one permission on the specified root component but which do not have the specified + * permission, excluding group "AnyOne" (which implies the returned {@code Set} can't contain + * {@code null}). + */ + Set selectGroupIdsWithPermissionOnProjectBut(@Param("projectId") long projectId, @Param("role") String permission); + void deleteByOrganization(@Param("organizationUuid") String organizationUuid); void deleteByRootComponentId(@Param("rootComponentId") long componentId); diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml index 735a7fb5617..74e031b602b 100644 --- a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml +++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml @@ -162,6 +162,26 @@ and gr.group_id = #{groupId,jdbcType=INTEGER} + + insert into group_roles ( organization_uuid, diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java index 1097e8190c5..d857b5dea5d 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java @@ -485,6 +485,66 @@ public class GroupPermissionDaoTest { tuple(project1.getId(), "perm3"), tuple(project1.getId(), "perm4"), tuple(project2.getId(), "perm5")); } + @Test + public void selectGroupIdsWithPermissionOnProjectBut_returns_empty_if_project_does_not_exist() { + OrganizationDto organization = db.organizations().insert(); + ComponentDto project = randomPublicOrPrivateProject(organization); + GroupDto group = db.users().insertGroup(organization); + db.users().insertProjectPermissionOnGroup(group, "foo", project); + + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, 1234, UserRole.USER)) + .isEmpty(); + } + + @Test + public void selectGroupIdsWithPermissionOnProjectBut_returns_only_groups_of_project_which_do_not_have_permission() { + OrganizationDto organization = db.organizations().insert(); + ComponentDto project = randomPublicOrPrivateProject(organization); + GroupDto group1 = db.users().insertGroup(organization); + GroupDto group2 = db.users().insertGroup(organization); + db.users().insertProjectPermissionOnGroup(group1, "p1", project); + db.users().insertProjectPermissionOnGroup(group2, "p2", project); + + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, project.getId(), "p2")) + .containsOnly(group1.getId()); + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, project.getId(), "p1")) + .containsOnly(group2.getId()); + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, project.getId(), "p3")) + .containsOnly(group1.getId(), group2.getId()); + } + + @Test + public void selectGroupIdsWithPermissionOnProjectBut_does_not_returns_group_AnyOne_of_project_when_it_does_not_have_permission() { + OrganizationDto organization = db.organizations().insert(); + ComponentDto project = db.components().insertPublicProject(organization); + GroupDto group1 = db.users().insertGroup(organization); + GroupDto group2 = db.users().insertGroup(organization); + db.users().insertProjectPermissionOnGroup(group1, "p1", project); + db.users().insertProjectPermissionOnGroup(group2, "p2", project); + db.users().insertProjectPermissionOnAnyone("p2", project); + + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, project.getId(), "p2")) + .containsOnly(group1.getId()); + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, project.getId(), "p1")) + .containsOnly(group2.getId()); + } + + @Test + public void selectGroupIdsWithPermissionOnProjectBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { + OrganizationDto organization = db.organizations().insert(); + ComponentDto project = randomPublicOrPrivateProject(organization); + GroupDto group1 = db.users().insertGroup(organization); + GroupDto group2 = db.users().insertGroup(organization); + GroupDto group3 = db.users().insertGroup(organization); + db.users().insertProjectPermissionOnGroup(group1, "p1", project); + db.users().insertProjectPermissionOnGroup(group2, "p2", project); + + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, project.getId(), "p2")) + .containsOnly(group1.getId()); + assertThat(underTest.selectGroupIdsWithPermissionOnProjectBut(dbSession, project.getId(), "p1")) + .containsOnly(group2.getId()); + } + @Test public void deleteByRootComponentId_on_private_project() { OrganizationDto org = db.organizations().insert(); -- 2.39.5