From cc54a4b5b1a1fd497b36455722927aee43dc58ae Mon Sep 17 00:00:00 2001 From: Zipeng WU Date: Fri, 13 Aug 2021 09:17:26 +0200 Subject: [PATCH] SONAR-15271 Add/remove permission from a group should have group name --- .../db/audit/model/PermissionNewValue.java | 21 ++++++--- .../db/permission/GroupPermissionDao.java | 27 ++++++----- .../db/permission/GroupPermissionDto.java | 24 +++++++++- .../db/permission/UserPermissionDao.java | 10 ++--- .../db/permission/GroupPermissionDaoTest.java | 32 ++++++------- .../GroupPermissionDaoWithPersisterTest.java | 45 ++++++++++--------- .../java/org/sonar/db/user/UserDbTester.java | 19 ++++---- .../index/PermissionIndexerDaoTest.java | 6 ++- .../permission/GroupPermissionChanger.java | 24 ++++++++-- .../server/permission/PermissionChange.java | 5 +++ .../permission/PermissionTemplateService.java | 10 +++-- .../project/ws/UpdateVisibilityAction.java | 16 ++++--- .../server/issue/ws/SearchActionTest.java | 4 +- .../GroupPermissionChangerTest.java | 5 ++- .../permission/ws/RemoveGroupActionTest.java | 5 ++- .../ws/UpdateVisibilityActionTest.java | 11 +++-- 16 files changed, 173 insertions(+), 91 deletions(-) diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java index 61e071ec2d8..51af099cbd8 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/audit/model/PermissionNewValue.java @@ -31,6 +31,9 @@ public class PermissionNewValue implements NewValue { @Nullable private String groupUuid; + @Nullable + private String groupName; + @Nullable private String userUuid; @@ -43,12 +46,13 @@ public class PermissionNewValue implements NewValue { @Nullable private String role; - public PermissionNewValue(GroupPermissionDto groupPermissionDto, String projectName) { + public PermissionNewValue(GroupPermissionDto groupPermissionDto) { this.permissionUuid = groupPermissionDto.getUuid(); + this.role = groupPermissionDto.getRole(); this.groupUuid = groupPermissionDto.getGroupUuid(); + this.groupName = groupPermissionDto.getGroupName(); this.projectUuid = groupPermissionDto.getComponentUuid(); - this.role = groupPermissionDto.getRole(); - this.projectName = projectName; + this.projectName = groupPermissionDto.getComponentName(); } public PermissionNewValue(UserPermissionDto permissionDto, @Nullable String projectName) { @@ -59,10 +63,11 @@ public class PermissionNewValue implements NewValue { this.projectName = projectName; } - public PermissionNewValue(@Nullable String role, @Nullable String groupUuid, @Nullable String rootComponentUuid, + public PermissionNewValue(@Nullable String role, @Nullable String groupUuid, @Nullable String groupName, @Nullable String rootComponentUuid, @Nullable String projectName, @Nullable String userUuid) { this.role = role; this.groupUuid = groupUuid; + this.groupName = groupName; this.projectUuid = rootComponentUuid; this.projectName = projectName; this.userUuid = userUuid; @@ -78,6 +83,11 @@ public class PermissionNewValue implements NewValue { return this.groupUuid; } + @CheckForNull + public String getGroupName() { + return this.groupName; + } + @CheckForNull public String getProjectUuid() { return this.projectUuid; @@ -102,9 +112,10 @@ public class PermissionNewValue implements NewValue { public String toString() { StringBuilder sb = new StringBuilder("{"); addField(sb, "\"permissionUuid\": ", this.permissionUuid, true); + addField(sb, "\"role\": ", this.role, true); addField(sb, "\"groupUuid\": ", this.groupUuid, true); + addField(sb, "\"groupName\": ", this.groupName, true); addField(sb, "\"projectUuid\": ", this.projectUuid, true); - addField(sb, "\"role\": ", this.role, true); addField(sb, "\"projectName\": ", this.projectName, true); addField(sb, "\"userUuid\": ", this.userUuid, true); endString(sb); diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java index 3e1da592e15..77260c4c31e 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java @@ -122,12 +122,11 @@ public class GroupPermissionDao implements Dao { return mapper(session).selectGroupUuidsWithPermissionOnProjectBut(projectUuid, permission); } - public void insert(DbSession dbSession, GroupPermissionDto dto, @Nullable ComponentDto componentDto) { - mapper(dbSession).insert(dto); + public void insert(DbSession dbSession, GroupPermissionDto groupPermissionDto) { + mapper(dbSession).insert(groupPermissionDto); if (auditPersister != null) { - String projectName = (componentDto != null) ? componentDto.name() : null; - auditPersister.addGroupPermission(dbSession, new PermissionNewValue(dto, projectName)); + auditPersister.addGroupPermission(dbSession, new PermissionNewValue(groupPermissionDto)); } } @@ -138,7 +137,7 @@ public class GroupPermissionDao implements Dao { mapper(dbSession).deleteByRootComponentUuid(rootComponentUuid); if (auditPersister != null) { - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(null, null, rootComponentUuid, projectName, null)); + auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(null, null, null, rootComponentUuid, projectName, null)); } } @@ -146,11 +145,15 @@ public class GroupPermissionDao implements Dao { * Delete all permissions of the specified group (group "AnyOne" if {@code groupUuid} is {@code null}) for the specified * component. */ - public int deleteByRootComponentUuidAndGroupUuid(DbSession dbSession, String rootComponentUuid, @Nullable String groupUuid, String projectName) { - int deletedRecords = mapper(dbSession).deleteByRootComponentUuidAndGroupUuid(rootComponentUuid, groupUuid); + public int deleteByRootComponentUuidAndGroupUuid(DbSession dbSession, String rootComponentUuid, @Nullable String groupUuid) { + return mapper(dbSession).deleteByRootComponentUuidAndGroupUuid(rootComponentUuid, groupUuid); + } + + public int deleteByRootComponentUuidForAnyOne(DbSession dbSession, String rootComponentUuid, String projectName) { + int deletedRecords = mapper(dbSession).deleteByRootComponentUuidAndGroupUuid(rootComponentUuid, null); if (auditPersister != null) { - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(null, groupUuid, rootComponentUuid, projectName, null)); + auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(null, null, null, rootComponentUuid, projectName, null)); } return deletedRecords; @@ -163,7 +166,7 @@ public class GroupPermissionDao implements Dao { int deletedRecords = mapper(dbSession).deleteByRootComponentUuidAndPermission(rootComponentUuid, permission); if (auditPersister != null) { - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(permission, null, rootComponentUuid, projectName, null)); + auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(permission, null, null, rootComponentUuid, projectName, null)); } return deletedRecords; @@ -182,12 +185,14 @@ public class GroupPermissionDao implements Dao { * @param groupUuid if null, then anyone, else uuid of group * @param rootComponentUuid if null, then global permission, otherwise the uuid of root component (project) */ - public void delete(DbSession dbSession, String permission, @Nullable String groupUuid, @Nullable String rootComponentUuid, @Nullable ComponentDto componentDto) { + public void delete(DbSession dbSession, String permission, + @Nullable String groupUuid, @Nullable String groupName, @Nullable String rootComponentUuid, @Nullable ComponentDto componentDto) { + mapper(dbSession).delete(permission, groupUuid, rootComponentUuid); if (auditPersister != null) { String projectName = (componentDto != null) ? componentDto.name() : null; - auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(permission, groupUuid, rootComponentUuid, projectName, null)); + auditPersister.deleteGroupPermission(dbSession, new PermissionNewValue(permission, groupUuid, groupName, rootComponentUuid, projectName, null)); } } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDto.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDto.java index 87151d0ae4b..5574df940cc 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDto.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDto.java @@ -23,9 +23,11 @@ import javax.annotation.Nullable; public class GroupPermissionDto { private String uuid; + private String role; private String groupUuid; + private String groupName; private String componentUuid; - private String role; + private String componentName; public String getUuid() { return uuid; @@ -66,4 +68,24 @@ public class GroupPermissionDto { this.role = role; return this; } + + @Nullable + public String getGroupName() { + return groupName; + } + + public GroupPermissionDto setGroupName(@Nullable String groupName) { + this.groupName = groupName; + return this; + } + + @Nullable + public String getComponentName() { + return componentName; + } + + public GroupPermissionDto setComponentName(@Nullable String componentName) { + this.componentName = componentName; + return this; + } } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java index 2c66213ac87..47d90d2d5a7 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java @@ -129,7 +129,7 @@ public class UserPermissionDao implements Dao { mapper(dbSession).deleteGlobalPermission(userUuid, permission); if (auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, null, + auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, null, null, null, userUuid)); } } @@ -141,7 +141,7 @@ public class UserPermissionDao implements Dao { mapper(dbSession).deleteProjectPermission(userUuid, permission, projectUuid); if (auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, projectUuid, projectName, userUuid)); + auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, null, projectUuid, projectName, userUuid)); } } @@ -152,7 +152,7 @@ public class UserPermissionDao implements Dao { mapper(dbSession).deleteProjectPermissions(projectUuid); if (auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(null, null, projectUuid, projectName, null)); + auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(null, null, null, projectUuid, projectName, null)); } } @@ -163,7 +163,7 @@ public class UserPermissionDao implements Dao { int deletedRows = mapper(dbSession).deleteProjectPermissionOfAnyUser(projectUuid, permission); if (auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, projectUuid, projectName, null)); + auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(permission, null, null, projectUuid, projectName, null)); } return deletedRows; @@ -173,7 +173,7 @@ public class UserPermissionDao implements Dao { mapper(dbSession).deleteByUserUuid(userUuid); if (auditPersister != null) { - auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(null, null, null, null, userUuid)); + auditPersister.deleteUserPermission(dbSession, new PermissionNewValue(null, null, null, null, null, userUuid)); } } diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java index 9a4c0ef632e..6714fcdb93e 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java @@ -596,7 +596,7 @@ public class GroupPermissionDaoTest { db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); - underTest.delete(dbSession, "perm2", group1.getUuid(), null, project1); + underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null, project1); dbSession.commit(); assertThatNoPermission("perm2"); @@ -611,7 +611,7 @@ public class GroupPermissionDaoTest { db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); - underTest.delete(dbSession, "perm2", group1.getUuid(), null, project1); + underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null, project1); dbSession.commit(); assertThatNoPermission("perm2"); @@ -627,7 +627,7 @@ public class GroupPermissionDaoTest { db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); - underTest.delete(dbSession, "perm1", null, null, project1); + underTest.delete(dbSession, "perm1", null, null, null, project1); dbSession.commit(); assertThatNoPermission("perm1"); @@ -642,7 +642,7 @@ public class GroupPermissionDaoTest { db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); - underTest.delete(dbSession, "perm3", group1.getUuid(), project1.uuid(), project1); + underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1.uuid(), project1); dbSession.commit(); assertThatNoPermission("perm3"); @@ -658,7 +658,7 @@ public class GroupPermissionDaoTest { db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); - underTest.delete(dbSession, "perm3", group1.getUuid(), project1.uuid(), project1); + underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1.uuid(), project1); dbSession.commit(); assertThatNoPermission("perm3"); @@ -674,7 +674,7 @@ public class GroupPermissionDaoTest { db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); - underTest.delete(dbSession, "perm4", null, project1.uuid(), project1); + underTest.delete(dbSession, "perm4", null, null, project1.uuid(), project1); dbSession.commit(); assertThatNoPermission("perm4"); @@ -698,7 +698,7 @@ public class GroupPermissionDaoTest { assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group.getUuid())) .containsOnly("p4"); - int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null, project.name()); + int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null); assertThat(deletedCount).isEqualTo(1); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) @@ -736,7 +736,7 @@ public class GroupPermissionDaoTest { assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid())) .containsOnly("p7"); - int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group1.getUuid(), project.name()); + int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group1.getUuid()); assertThat(deletedCount).isEqualTo(1); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) @@ -750,7 +750,7 @@ public class GroupPermissionDaoTest { assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid())) .containsOnly("p7"); - deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group2.getUuid(), project.name()); + deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group2.getUuid()); assertThat(deletedCount).isEqualTo(2); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) @@ -769,8 +769,8 @@ public class GroupPermissionDaoTest { public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_does_not_exist() { GroupDto group = db.users().insertGroup(); - assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "1234", null, "")).isZero(); - assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "1234", group.getUuid(), "")).isZero(); + assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "1234", null)).isZero(); + assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "1234", group.getUuid())).isZero(); } @Test @@ -778,15 +778,15 @@ public class GroupPermissionDaoTest { ComponentDto project = randomPublicOrPrivateProject(); GroupDto group = db.users().insertGroup(); - assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null, project.name())).isZero(); - assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group.getUuid(), project.name())).isZero(); + assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null)).isZero(); + assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group.getUuid())).isZero(); } @Test public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_group_does_not_exist() { ComponentDto project = randomPublicOrPrivateProject(); - assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), "5678", project.name())).isZero(); + assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), "5678")).isZero(); } @Test @@ -801,7 +801,7 @@ public class GroupPermissionDaoTest { db.users().insertPermissionOnAnyone("p2"); db.users().insertPermissionOnGroup(group1, "p3"); - int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null, project.name()); + int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null); assertThat(deletedCount).isZero(); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) @@ -823,7 +823,7 @@ public class GroupPermissionDaoTest { db.users().insertPermissionOnAnyone("p2"); db.users().insertPermissionOnGroup(group1, "p3"); - int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group2.getUuid(), project.name()); + int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group2.getUuid()); assertThat(deletedCount).isZero(); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java index a46e9c91e9c..d15ca54dd36 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterTest.java @@ -53,25 +53,26 @@ public class GroupPermissionDaoWithPersisterTest { GroupPermissionDto dto = new GroupPermissionDto() .setUuid(Uuids.createFast()) .setGroupUuid(group.getUuid()) + .setGroupName(group.getName()) .setRole(ADMIN); - underTest.insert(dbSession, dto, null); + underTest.insert(dbSession, dto); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); PermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getProjectUuid, + .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getGroupName, PermissionNewValue::getProjectUuid, PermissionNewValue::getRole, PermissionNewValue::getProjectName) - .containsExactly(dto.getUuid(), group.getUuid(), null, dto.getRole(), null); + .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), null, dto.getRole(), null); assertThat(newValue.toString()).doesNotContain("projectUuid"); - underTest.delete(dbSession, ADMIN, group.getUuid(), null, null); + underTest.delete(dbSession, ADMIN, group.getUuid(), group.getName(), null, null); verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getProjectUuid, + .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getGroupName, PermissionNewValue::getProjectUuid, PermissionNewValue::getRole, PermissionNewValue::getProjectName) - .containsExactly(null, group.getUuid(), null, ADMIN, null); + .containsExactly(null, group.getUuid(), group.getName(), null, ADMIN, null); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } @@ -80,14 +81,14 @@ public class GroupPermissionDaoWithPersisterTest { GroupDto group = db.users().insertGroup(); ComponentDto project = db.components().insertPrivateProject(); GroupPermissionDto dto = getGroupPermission(group, project); - underTest.insert(dbSession, dto, project); + underTest.insert(dbSession, dto); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); PermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getProjectUuid, + .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getGroupName, PermissionNewValue::getProjectUuid, PermissionNewValue::getRole, PermissionNewValue::getProjectName) - .containsExactly(dto.getUuid(), group.getUuid(), project.uuid(), dto.getRole(), project.name()); + .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name()); assertThat(newValue.toString()).contains("projectUuid"); underTest.deleteByRootComponentUuid(dbSession, project.uuid(), project.name()); @@ -95,9 +96,9 @@ public class GroupPermissionDaoWithPersisterTest { verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getProjectUuid, + .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getGroupName, PermissionNewValue::getProjectUuid, PermissionNewValue::getRole, PermissionNewValue::getProjectName) - .containsExactly(null, null, project.uuid(), null, project.name()); + .containsExactly(null, null, null, project.uuid(), null, project.name()); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } @@ -106,24 +107,24 @@ public class GroupPermissionDaoWithPersisterTest { GroupDto group = db.users().insertGroup(); ComponentDto project = db.components().insertPrivateProject(); GroupPermissionDto dto = getGroupPermission(group, project); - underTest.insert(dbSession, dto, project); + underTest.insert(dbSession, dto); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); PermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getProjectUuid, + .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getGroupName, PermissionNewValue::getProjectUuid, PermissionNewValue::getRole, PermissionNewValue::getProjectName) - .containsExactly(dto.getUuid(), group.getUuid(), project.uuid(), dto.getRole(), project.name()); + .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name()); assertThat(newValue.toString()).contains("projectUuid"); - underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group.getUuid(), project.name()); + underTest.deleteByRootComponentUuidForAnyOne(dbSession, project.uuid(), project.name()); verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getProjectUuid, + .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getProjectUuid, PermissionNewValue::getRole, PermissionNewValue::getProjectName) - .containsExactly(null, group.getUuid(), project.uuid(), null, project.name()); + .containsExactly(null, project.uuid(), null, project.name()); assertThat(newValue.toString()).doesNotContain("permissionUuid"); } @@ -132,14 +133,14 @@ public class GroupPermissionDaoWithPersisterTest { GroupDto group = db.users().insertGroup(); ComponentDto project = db.components().insertPrivateProject(); GroupPermissionDto dto = getGroupPermission(group, project); - underTest.insert(dbSession, dto, project); + underTest.insert(dbSession, dto); verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); PermissionNewValue newValue = newValueCaptor.getValue(); assertThat(newValue) - .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getProjectUuid, + .extracting(PermissionNewValue::getPermissionUuid, PermissionNewValue::getGroupUuid, PermissionNewValue::getGroupName, PermissionNewValue::getProjectUuid, PermissionNewValue::getRole, PermissionNewValue::getProjectName) - .containsExactly(dto.getUuid(), group.getUuid(), project.uuid(), dto.getRole(), project.name()); + .containsExactly(dto.getUuid(), group.getUuid(), group.getName(), project.uuid(), dto.getRole(), project.name()); assertThat(newValue.toString()).contains("projectUuid"); underTest.deleteByRootComponentUuidAndPermission(dbSession, project.uuid(), dto.getRole(), project.name()); @@ -157,7 +158,9 @@ public class GroupPermissionDaoWithPersisterTest { return new GroupPermissionDto() .setUuid(Uuids.createFast()) .setGroupUuid(group.getUuid()) + .setGroupName(group.getName()) .setRole(ADMIN) - .setComponentUuid(project.uuid()); + .setComponentUuid(project.uuid()) + .setComponentName(project.name()); } } diff --git a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java index f32d86c5189..feefd300e54 100644 --- a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java +++ b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java @@ -200,7 +200,7 @@ public class UserDbTester { .setUuid(Uuids.createFast()) .setGroupUuid(null) .setRole(permission); - db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, null); + db.getDbClient().groupPermissionDao().insert(db.getSession(), dto); db.commit(); return dto; } @@ -214,7 +214,7 @@ public class UserDbTester { .setUuid(Uuids.createFast()) .setGroupUuid(group.getUuid()) .setRole(permission); - db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, null); + db.getDbClient().groupPermissionDao().insert(db.getSession(), dto); db.commit(); return dto; } @@ -224,7 +224,7 @@ public class UserDbTester { } public void deletePermissionFromGroup(GroupDto group, String permission) { - db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getUuid(), null, null); + db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getUuid(), group.getName(), null, null); db.commit(); } @@ -237,14 +237,15 @@ public class UserDbTester { .setUuid(Uuids.createFast()) .setGroupUuid(null) .setRole(permission) - .setComponentUuid(project.uuid()); - db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, project); + .setComponentUuid(project.uuid()) + .setComponentName(project.name()); + db.getDbClient().groupPermissionDao().insert(db.getSession(), dto); db.commit(); return dto; } public void deleteProjectPermissionFromAnyone(ComponentDto project, String permission) { - db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, null, project.uuid(), project); + db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, null, null, project.uuid(), project); db.commit(); } @@ -255,9 +256,11 @@ public class UserDbTester { GroupPermissionDto dto = new GroupPermissionDto() .setUuid(Uuids.createFast()) .setGroupUuid(group.getUuid()) + .setGroupName(group.getName()) .setRole(permission) - .setComponentUuid(project.uuid()); - db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, project); + .setComponentUuid(project.uuid()) + .setComponentName(project.name()); + db.getDbClient().groupPermissionDao().insert(db.getSession(), dto); db.commit(); return dto; } diff --git a/server/sonar-webserver-es/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java b/server/sonar-webserver-es/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java index e49760e9ec7..36d56d951bd 100644 --- a/server/sonar-webserver-es/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java +++ b/server/sonar-webserver-es/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java @@ -169,9 +169,11 @@ public class PermissionIndexerDaoTest { GroupPermissionDto dto = new GroupPermissionDto() .setUuid(Uuids.createFast()) .setGroupUuid(group.getUuid()) + .setGroupName(group.getName()) .setRole(USER) - .setComponentUuid(project.uuid()); - dbClient.groupPermissionDao().insert(dbSession, dto, project); + .setComponentUuid(project.uuid()) + .setComponentName(project.name()); + dbClient.groupPermissionDao().insert(dbSession, dto); } dbSession.commit(); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java index b094b9e1a00..283042c2e2f 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java @@ -20,12 +20,14 @@ package org.sonar.server.permission; import java.util.List; +import java.util.Optional; import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.util.UuidFactory; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.component.ComponentDto; import org.sonar.db.permission.GroupPermissionDto; +import org.sonar.db.user.GroupDto; import static com.google.common.base.Preconditions.checkNotNull; import static java.lang.String.format; @@ -115,12 +117,21 @@ public class GroupPermissionChanger { } validateNotAnyoneAndAdminPermission(change.getPermission(), change.getGroupUuidOrAnyone()); + + String groupUuid = change.getGroupUuidOrAnyone().getUuid(); GroupPermissionDto addedDto = new GroupPermissionDto() .setUuid(uuidFactory.create()) .setRole(change.getPermission()) - .setGroupUuid(change.getGroupUuidOrAnyone().getUuid()) + .setGroupUuid(groupUuid) + .setComponentName(change.getProjectName()) .setComponentUuid(change.getProjectUuid()); - dbClient.groupPermissionDao().insert(dbSession, addedDto, change.getProject()); + + Optional.ofNullable(groupUuid) + .map(uuid -> dbClient.groupDao().selectByUuid(dbSession, groupUuid)) + .map(GroupDto::getName) + .ifPresent(addedDto::setGroupName); + + dbClient.groupPermissionDao().insert(dbSession, addedDto); return true; } @@ -134,9 +145,16 @@ public class GroupPermissionChanger { return false; } checkIfRemainingGlobalAdministrators(dbSession, change); + String groupUuid = change.getGroupUuidOrAnyone().getUuid(); + String groupName = Optional.ofNullable(groupUuid) + .map(uuid -> dbClient.groupDao().selectByUuid(dbSession, uuid)) + .map(GroupDto::getName) + .orElse(null); + dbClient.groupPermissionDao().delete(dbSession, change.getPermission(), - change.getGroupUuidOrAnyone().getUuid(), + groupUuid, + groupName, change.getProjectUuid(), change.getProject()); return true; diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java index b793ef0a84f..afe30d74bed 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java @@ -67,6 +67,11 @@ public abstract class PermissionChange { return project; } + @CheckForNull + public String getProjectName() { + return project == null ? null : project.name(); + } + @CheckForNull public String getProjectUuid() { return project == null ? null : project.uuid(); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java index 6b4f5fdcd80..1c5a3256dc4 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java @@ -146,12 +146,16 @@ public class PermissionTemplateService { .filter(gp -> groupNameValidForProject(project, gp.getGroupName())) .filter(gp -> permissionValidForProject(project, gp.getPermission())) .forEach(gp -> { + String groupUuid = isAnyone(gp.getGroupName()) ? null : gp.getGroupUuid(); + String groupName = groupUuid == null ? null : dbClient.groupDao().selectByUuid(dbSession, groupUuid).getName(); GroupPermissionDto dto = new GroupPermissionDto() .setUuid(uuidFactory.create()) - .setGroupUuid(isAnyone(gp.getGroupName()) ? null : gp.getGroupUuid()) + .setGroupUuid(groupUuid) + .setGroupName(groupName) .setRole(gp.getPermission()) - .setComponentUuid(project.uuid()); - dbClient.groupPermissionDao().insert(dbSession, dto, project); + .setComponentUuid(project.uuid()) + .setComponentName(project.name()); + dbClient.groupPermissionDao().insert(dbSession, dto); }); List characteristics = dbClient.permissionTemplateCharacteristicDao().selectByTemplateUuids(dbSession, singletonList(template.getUuid())); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java index 75dd564f402..bbb646ef2a7 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java @@ -35,6 +35,7 @@ import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ComponentMapper; import org.sonar.db.permission.GroupPermissionDto; import org.sonar.db.permission.UserPermissionDto; +import org.sonar.db.user.GroupDto; import org.sonar.server.component.ComponentFinder; import org.sonar.server.es.ProjectIndexer; import org.sonar.server.es.ProjectIndexers; @@ -43,6 +44,7 @@ import org.sonar.server.user.UserSession; import org.sonarqube.ws.client.project.ProjectsWsParameters; import static java.util.Collections.singletonList; +import static java.util.Optional.ofNullable; import static org.sonar.api.CoreProperties.CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_DEFAULT_VALUE; import static org.sonar.api.CoreProperties.CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_PROPERTY; import static org.sonar.api.web.UserRole.ADMIN; @@ -149,7 +151,7 @@ public class UpdateVisibilityAction implements ProjectsWsAction { private void updatePermissionsToPrivate(DbSession dbSession, ComponentDto component) { // delete project permissions for group AnyOne - dbClient.groupPermissionDao().deleteByRootComponentUuidAndGroupUuid(dbSession, component.uuid(), null, component.name()); + dbClient.groupPermissionDao().deleteByRootComponentUuidForAnyOne(dbSession, component.uuid(), component.name()); // grant UserRole.CODEVIEWER and UserRole.USER to any group or user with at least one permission on project PUBLIC_PERMISSIONS.forEach(permission -> { dbClient.groupPermissionDao().selectGroupUuidsWithPermissionOnProjectBut(dbSession, component.uuid(), permission) @@ -165,12 +167,14 @@ public class UpdateVisibilityAction implements ProjectsWsAction { } private void insertProjectPermissionOnGroup(DbSession dbSession, ComponentDto component, String permission, String groupUuid) { + String groupName = ofNullable(dbClient.groupDao().selectByUuid(dbSession, groupUuid)).map(GroupDto::getName).orElse(null); dbClient.groupPermissionDao().insert(dbSession, new GroupPermissionDto() - .setUuid(uuidFactory.create()) - .setComponentUuid(component.uuid()) - .setGroupUuid(groupUuid) - .setRole(permission), - component); + .setUuid(uuidFactory.create()) + .setComponentUuid(component.uuid()) + .setGroupUuid(groupUuid) + .setGroupName(groupName) + .setRole(permission) + .setComponentName(component.name())); } private void updatePermissionsToPublic(DbSession dbSession, ComponentDto component) { diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java index fae48ace40d..1ddb8a22a83 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SearchActionTest.java @@ -1398,8 +1398,8 @@ public class SearchActionTest { .setUuid(Uuids.createFast()) .setGroupUuid(null) .setComponentUuid(project.uuid()) - .setRole(permission), - project); + .setComponentName(project.name()) + .setRole(permission)); session.commit(); userSession.logIn().addProjectPermission(permission, project); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java index e60064e7d8b..d0ea8c710c2 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java @@ -432,8 +432,9 @@ public class GroupPermissionChangerTest { .setUuid(Uuids.createFast()) .setGroupUuid(null) .setRole(perm) - .setComponentUuid(privateProject.uuid()); - db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, privateProject); + .setComponentUuid(privateProject.uuid()) + .setComponentName(privateProject.name()); + db.getDbClient().groupPermissionDao().insert(db.getSession(), dto); db.commit(); } } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java index a0ffa9dca3b..d1b3b62f515 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java @@ -474,8 +474,9 @@ public class RemoveGroupActionTest extends BasePermissionWsTest