From 884231b56a62223f15a52e98eb9ad1fcc0dcaefe Mon Sep 17 00:00:00 2001
From: Julien Lancelot <julien.lancelot@sonarsource.com>
Date: Fri, 20 Feb 2015 14:13:10 +0100
Subject: [PATCH] Add some unit tests

---
 .../org/sonar/core/user/AuthorizationDao.java | 25 ++++++++-----------
 .../sonar/core/user/AuthorizationDaoTest.java | 15 +++++++++++
 ...ed_component_key_for_global_permission.xml | 15 +++++++++++
 3 files changed, 40 insertions(+), 15 deletions(-)
 create mode 100644 sonar-core/src/test/resources/org/sonar/core/user/AuthorizationDaoTest/is_authorized_component_key_for_global_permission.xml

diff --git a/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java b/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java
index 31b778a4a5c..e12b3b27d02 100644
--- a/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/AuthorizationDao.java
@@ -30,7 +30,10 @@ import org.sonar.core.persistence.MyBatis;
 
 import javax.annotation.Nullable;
 
-import java.util.*;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
 
 import static com.google.common.collect.Maps.newHashMap;
 
@@ -65,26 +68,18 @@ public class AuthorizationDao implements ServerComponent, DaoComponent {
   public boolean isAuthorizedComponentKey(String componentKey, @Nullable Integer userId, String role) {
     DbSession session = mybatis.openSession(false);
     try {
-      return keepAuthorizedComponentKeys(session, Sets.newHashSet(componentKey), userId, role).size() == 1;
+      return keepAuthorizedComponentKeys(session, componentKey, userId, role).size() == 1;
     } finally {
       MyBatis.closeQuietly(session);
     }
   }
 
-  private Set<String> keepAuthorizedComponentKeys(final DbSession session, final Set<String> componentKeys, @Nullable final Integer userId, final String role) {
-    if (componentKeys.isEmpty()) {
-      return Collections.emptySet();
+  private List<String> keepAuthorizedComponentKeys(final DbSession session, final String componentKey, @Nullable final Integer userId, final String role) {
+    if (userId == null) {
+      return session.getMapper(AuthorizationMapper.class).keepAuthorizedComponentKeysForAnonymous(role, Sets.newHashSet(componentKey));
+    } else {
+      return session.getMapper(AuthorizationMapper.class).keepAuthorizedComponentKeysForUser(userId, role, Sets.newHashSet(componentKey));
     }
-    return Sets.newHashSet(DaoUtils.executeLargeInputs(componentKeys, new Function<List<String>, List<String>>() {
-      @Override
-      public List<String> apply(List<String> partition) {
-        if (userId == null) {
-          return session.getMapper(AuthorizationMapper.class).keepAuthorizedComponentKeysForAnonymous(role, componentKeys);
-        } else {
-          return session.getMapper(AuthorizationMapper.class).keepAuthorizedComponentKeysForUser(userId, role, componentKeys);
-        }
-      }
-    }));
   }
 
   public Collection<String> selectAuthorizedRootProjectsKeys(@Nullable Integer userId, String role) {
diff --git a/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java b/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java
index 521d0af66a3..605cfc756e2 100644
--- a/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java
+++ b/sonar-core/src/test/java/org/sonar/core/user/AuthorizationDaoTest.java
@@ -27,6 +27,7 @@ import org.sonar.core.persistence.AbstractDaoTestCase;
 import org.sonar.core.persistence.DbSession;
 
 import java.util.Collection;
+import java.util.Collections;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -65,6 +66,10 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase {
       Sets.newHashSet(PROJECT_ID),
       USER, "admin");
     assertThat(componentIds).isEmpty();
+
+    assertThat(authorization.keepAuthorizedProjectIds(session,
+      Collections.<Long>emptySet(),
+      USER, "admin")).isEmpty();
   }
 
   @Test
@@ -80,6 +85,16 @@ public class AuthorizationDaoTest extends AbstractDaoTestCase {
     assertThat(authorization.isAuthorizedComponentKey(PROJECT, USER, "admin")).isFalse();
   }
 
+  @Test
+  public void is_authorized_component_key_for_anonymous() {
+    setupData("anonymous_should_be_authorized");
+
+    AuthorizationDao authorization = new AuthorizationDao(getMyBatis());
+
+    assertThat(authorization.isAuthorizedComponentKey(PROJECT, null, "user")).isTrue();
+    assertThat(authorization.isAuthorizedComponentKey(PROJECT, null, "admin")).isFalse();
+  }
+
   @Test
   public void group_should_be_authorized() {
     // user is in an authorized group
diff --git a/sonar-core/src/test/resources/org/sonar/core/user/AuthorizationDaoTest/is_authorized_component_key_for_global_permission.xml b/sonar-core/src/test/resources/org/sonar/core/user/AuthorizationDaoTest/is_authorized_component_key_for_global_permission.xml
new file mode 100644
index 00000000000..c5cd325ea5e
--- /dev/null
+++ b/sonar-core/src/test/resources/org/sonar/core/user/AuthorizationDaoTest/is_authorized_component_key_for_global_permission.xml
@@ -0,0 +1,15 @@
+<dataset>
+
+  <!-- user 100 has no direct grant access, but is in the group 200 that has the role "user"
+  on the all the projects  -->
+  <user_roles id="1" user_id="100" resource_id="999" role="user"/>
+  <groups_users user_id="100" group_id="200"/>
+  <group_roles id="1" group_id="200" resource_id="[null]" role="user"/>
+
+  <projects id="301" kee="pj-w-snapshot:package" root_id="300" uuid="ABCD" module_uuid="DEFG"/>
+  <projects id="302" kee="pj-w-snapshot:file" root_id="300" uuid="BCDE" module_uuid="DEFG"/>
+  <projects id="303" kee="pj-w-snapshot:other" root_id="300" uuid="CDEF" module_uuid="DEFG"/>
+  <projects id="300" kee="pj-w-snapshot" uuid="DEFG" module_uuid="[null]"/>
+  <projects id="400" kee="pj-wo-snapshot" uuid="EFGH" module_uuid="[null]"/>
+
+</dataset>
-- 
2.39.5