From cff28853c62f2bddc848dc5672fd8ce93faabc64 Mon Sep 17 00:00:00 2001 From: Simon Brandhof Date: Fri, 27 Jan 2017 16:21:44 +0100 Subject: [PATCH] SONAR-8704 create and populate field authorization/groupIds Using groupIds removes conflicts between organizations when two groups have the same name. --- .../index/AuthorizationTypeSupport.java | 2 + .../permission/index/PermissionIndexer.java | 3 +- .../index/PermissionIndexerDao.java | 50 +++++++++++-------- .../sonar/server/batch/IssuesActionTest.java | 2 +- .../issue/index/IssueIndexDebtTest.java | 2 +- .../server/issue/index/IssueIndexTest.java | 2 +- .../index/ProjectMeasuresIndexTest.java | 2 +- .../index/PermissionIndexerDaoTest.java | 16 +++--- .../index/PermissionIndexerTester.java | 4 +- 9 files changed, 47 insertions(+), 36 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/index/AuthorizationTypeSupport.java b/server/sonar-server/src/main/java/org/sonar/server/permission/index/AuthorizationTypeSupport.java index a33262a47a4..fd94265c986 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/index/AuthorizationTypeSupport.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/index/AuthorizationTypeSupport.java @@ -38,6 +38,7 @@ import static org.elasticsearch.index.query.QueryBuilders.termQuery; public class AuthorizationTypeSupport { public static final String TYPE_AUTHORIZATION = "authorization"; + public static final String FIELD_GROUP_IDS = "groupIds"; public static final String FIELD_GROUP_NAMES = "groupNames"; public static final String FIELD_USER_LOGINS = "users"; public static final String FIELD_UPDATED_AT = "updatedAt"; @@ -73,6 +74,7 @@ public class AuthorizationTypeSupport { NewIndex.NewIndexType authType = type.getIndex().createType(TYPE_AUTHORIZATION); authType.setAttribute("_routing", ImmutableMap.of("required", true)); authType.createDateTimeField(FIELD_UPDATED_AT); + authType.createLongField(FIELD_GROUP_IDS); authType.stringFieldBuilder(FIELD_GROUP_NAMES).disableNorms().build(); authType.stringFieldBuilder(FIELD_USER_LOGINS).disableNorms().build(); authType.createBooleanField(FIELD_ALLOW_ANYONE); diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexer.java b/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexer.java index 51461d5584c..493adc21f15 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexer.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexer.java @@ -181,7 +181,8 @@ public class PermissionIndexer implements ProjectIndexer, Startable { // no need to feed users and groups } else { doc.put(AuthorizationTypeSupport.FIELD_ALLOW_ANYONE, false); - doc.put(AuthorizationTypeSupport.FIELD_GROUP_NAMES, dto.getGroups()); + doc.put(AuthorizationTypeSupport.FIELD_GROUP_IDS, dto.getGroupIds()); + doc.put(AuthorizationTypeSupport.FIELD_GROUP_NAMES, dto.getGroupNames()); doc.put(AuthorizationTypeSupport.FIELD_USER_LOGINS, dto.getUsers()); } return new IndexRequest(indexName, TYPE_AUTHORIZATION, dto.getProjectUuid()) diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexerDao.java b/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexerDao.java index 37029337337..f6c41816fa2 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexerDao.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexerDao.java @@ -19,7 +19,6 @@ */ package org.sonar.server.permission.index; -import com.google.common.collect.Lists; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; @@ -45,8 +44,9 @@ public class PermissionIndexerDao { private final String projectUuid; private final long updatedAt; private final String qualifier; - private final List users = Lists.newArrayList(); - private final List groups = Lists.newArrayList(); + private final List users = new ArrayList<>(); + private final List groupNames = new ArrayList<>(); + private final List groupIds = new ArrayList<>(); private boolean allowAnyone = false; public Dto(String projectUuid, long updatedAt, String qualifier) { @@ -76,13 +76,22 @@ public class PermissionIndexerDao { return this; } - public Dto addGroup(String s) { - groups.add(s); + public Dto addGroupName(String s) { + groupNames.add(s); return this; } - public List getGroups() { - return groups; + public List getGroupNames() { + return groupNames; + } + + public Dto addGroupId(long id) { + groupIds.add(id); + return this; + } + + public List getGroupIds() { + return groupIds; } public void allowAnyone() { @@ -107,7 +116,8 @@ public class PermissionIndexerDao { " project_authorization.kind as kind, " + " project_authorization.project as project, " + " project_authorization.user_id as user_id, " + - " project_authorization.permission_group as permission_group, " + + " project_authorization.group_name as group_name, " + + " project_authorization.group_id as group_id, " + " project_authorization.updated_at as updated_at, " + " project_authorization.qualifier as qualifier " + "FROM ( " + @@ -119,7 +129,8 @@ public class PermissionIndexerDao { " projects.authorization_updated_at AS updated_at, " + " projects.qualifier AS qualifier, " + " user_roles.user_id AS user_id, " + - " NULL AS permission_group " + + " NULL AS group_name, " + + " NULL AS group_id " + " FROM projects " + " INNER JOIN user_roles ON user_roles.resource_id = projects.id AND user_roles.role = 'user' " + " WHERE " + @@ -135,7 +146,8 @@ public class PermissionIndexerDao { " projects.authorization_updated_at AS updated_at, " + " projects.qualifier AS qualifier, " + " NULL AS user_id, " + - " groups.name AS permission_group " + + " groups.name AS group_name, " + + " groups.id AS group_id " + " FROM projects " + " INNER JOIN group_roles ON group_roles.resource_id = projects.id AND group_roles.role = 'user' " + " INNER JOIN groups ON groups.id = group_roles.group_id " + @@ -153,7 +165,8 @@ public class PermissionIndexerDao { " projects.authorization_updated_at AS updated_at, " + " projects.qualifier AS qualifier, " + " NULL AS user_id, " + - " NULL AS permission_group " + + " NULL AS group_name, " + + " NULL AS group_id " + " FROM projects " + " INNER JOIN group_roles ON group_roles.resource_id = projects.id AND group_roles.role='user' " + " WHERE " + @@ -216,23 +229,18 @@ public class PermissionIndexerDao { Dto dto = dtosByProjectUuid.get(projectUuid); if (dto == null) { - long updatedAt = rs.getLong(5); - String qualifier = rs.getString(6); + long updatedAt = rs.getLong(6); + String qualifier = rs.getString(7); dto = new Dto(projectUuid, updatedAt, qualifier); dtosByProjectUuid.put(projectUuid, dto); } switch (rowKind) { case USER: - Long userId = rs.getLong(3); - if (!rs.wasNull()) { - dto.addUser(userId); - } + dto.addUser(rs.getLong(3)); break; case GROUP: - String group = rs.getString(4); - if (!rs.wasNull()) { - dto.addGroup(group); - } + dto.addGroupName(rs.getString(4)); + dto.addGroupId(rs.getLong(5)); break; case ANYONE: dto.allowAnyone(); diff --git a/server/sonar-server/src/test/java/org/sonar/server/batch/IssuesActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/batch/IssuesActionTest.java index 8de59281628..96b0bbe08f8 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/batch/IssuesActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/batch/IssuesActionTest.java @@ -328,7 +328,7 @@ public class IssuesActionTest { private void addIssueAuthorization(String projectUuid, @Nullable String group, @Nullable Long user) { PermissionIndexerDao.Dto access = new PermissionIndexerDao.Dto(projectUuid, system2.now(), Qualifiers.PROJECT); if (group != null) { - access.addGroup(group); + access.addGroupName(group); } if (user != null) { access.addUser(user); diff --git a/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexDebtTest.java b/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexDebtTest.java index cec3bb4fe19..e841d468293 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexDebtTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexDebtTest.java @@ -290,7 +290,7 @@ public class IssueIndexDebtTest { private void addIssueAuthorization(String projectUuid, @Nullable String group, @Nullable Long user) { PermissionIndexerDao.Dto access = new PermissionIndexerDao.Dto(projectUuid, system2.now(), Qualifiers.PROJECT); if (group != null) { - access.addGroup(group); + access.addGroupName(group); } if (user != null) { access.addUser(user); diff --git a/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexTest.java b/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexTest.java index cdef73a9eab..70880468c10 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexTest.java @@ -1319,7 +1319,7 @@ public class IssueIndexTest { private void indexIssues(IssueDoc... issues) { issueIndexer.index(Arrays.asList(issues).iterator()); for (IssueDoc issue : issues) { - authorizationIndexerTester.allow(new PermissionIndexerDao.Dto(issue.projectUuid(), system2.now(), "TRK").addGroup("Anyone")); + authorizationIndexerTester.allow(new PermissionIndexerDao.Dto(issue.projectUuid(), system2.now(), "TRK").addGroupName("Anyone")); } } diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/index/ProjectMeasuresIndexTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/index/ProjectMeasuresIndexTest.java index 208c8d09042..8b08a6eec93 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/measure/index/ProjectMeasuresIndexTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/measure/index/ProjectMeasuresIndexTest.java @@ -877,7 +877,7 @@ public class ProjectMeasuresIndexTest { for (ProjectMeasuresDoc doc : docs) { PermissionIndexerDao.Dto access = new PermissionIndexerDao.Dto(doc.getId(), System.currentTimeMillis(), Qualifiers.PROJECT); if (authorizedGroup != null) { - access.addGroup(authorizedGroup); + access.addGroupName(authorizedGroup); } if (authorizeUser != null) { access.addUser(authorizeUser); diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java index ec2f9955097..2a73cb62fcd 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java @@ -87,28 +87,28 @@ public class PermissionIndexerDaoTest { assertThat(dtos).hasSize(4); PermissionIndexerDao.Dto project1Authorization = getByProjectUuid(project1.uuid(), dtos); - assertThat(project1Authorization.getGroups()).containsOnly(group.getName()); + assertThat(project1Authorization.getGroupNames()).containsOnly(group.getName()); assertThat(project1Authorization.isAllowAnyone()).isTrue(); assertThat(project1Authorization.getUsers()).containsOnly(user1.getId()); assertThat(project1Authorization.getUpdatedAt()).isNotNull(); assertThat(project1Authorization.getQualifier()).isEqualTo(PROJECT); PermissionIndexerDao.Dto view1Authorization = getByProjectUuid(view1.uuid(), dtos); - assertThat(view1Authorization.getGroups()).containsOnly(group.getName()); + assertThat(view1Authorization.getGroupNames()).containsOnly(group.getName()); assertThat(view1Authorization.isAllowAnyone()).isTrue(); assertThat(view1Authorization.getUsers()).containsOnly(user1.getId()); assertThat(view1Authorization.getUpdatedAt()).isNotNull(); assertThat(view1Authorization.getQualifier()).isEqualTo(VIEW); PermissionIndexerDao.Dto project2Authorization = getByProjectUuid(project2.uuid(), dtos); - assertThat(project2Authorization.getGroups()).isEmpty(); + assertThat(project2Authorization.getGroupNames()).isEmpty(); assertThat(project2Authorization.isAllowAnyone()).isTrue(); assertThat(project2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId()); assertThat(project2Authorization.getUpdatedAt()).isNotNull(); assertThat(project2Authorization.getQualifier()).isEqualTo(PROJECT); PermissionIndexerDao.Dto view2Authorization = getByProjectUuid(view2.uuid(), dtos); - assertThat(view2Authorization.getGroups()).isEmpty(); + assertThat(view2Authorization.getGroupNames()).isEmpty(); assertThat(view2Authorization.isAllowAnyone()).isTrue(); assertThat(view2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId()); assertThat(view2Authorization.getUpdatedAt()).isNotNull(); @@ -125,28 +125,28 @@ public class PermissionIndexerDaoTest { assertThat(dtos).hasSize(4); PermissionIndexerDao.Dto project1Authorization = dtos.get(project1.uuid()); - assertThat(project1Authorization.getGroups()).containsOnly(group.getName()); + assertThat(project1Authorization.getGroupNames()).containsOnly(group.getName()); assertThat(project1Authorization.isAllowAnyone()).isTrue(); assertThat(project1Authorization.getUsers()).containsOnly(user1.getId()); assertThat(project1Authorization.getUpdatedAt()).isNotNull(); assertThat(project1Authorization.getQualifier()).isEqualTo(PROJECT); PermissionIndexerDao.Dto view1Authorization = dtos.get(view1.uuid()); - assertThat(view1Authorization.getGroups()).containsOnly(group.getName()); + assertThat(view1Authorization.getGroupNames()).containsOnly(group.getName()); assertThat(view1Authorization.isAllowAnyone()).isTrue(); assertThat(view1Authorization.getUsers()).containsOnly(user1.getId()); assertThat(view1Authorization.getUpdatedAt()).isNotNull(); assertThat(view1Authorization.getQualifier()).isEqualTo(VIEW); PermissionIndexerDao.Dto project2Authorization = dtos.get(project2.uuid()); - assertThat(project2Authorization.getGroups()).isEmpty(); + assertThat(project2Authorization.getGroupNames()).isEmpty(); assertThat(project2Authorization.isAllowAnyone()).isTrue(); assertThat(project2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId()); assertThat(project2Authorization.getUpdatedAt()).isNotNull(); assertThat(project2Authorization.getQualifier()).isEqualTo(PROJECT); PermissionIndexerDao.Dto view2Authorization = dtos.get(view2.uuid()); - assertThat(view2Authorization.getGroups()).isEmpty(); + assertThat(view2Authorization.getGroupNames()).isEmpty(); assertThat(view2Authorization.isAllowAnyone()).isTrue(); assertThat(view2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId()); assertThat(view2Authorization.getUpdatedAt()).isNotNull(); diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerTester.java b/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerTester.java index 1762f5132ae..29dfa966ab8 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerTester.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerTester.java @@ -38,7 +38,7 @@ public class PermissionIndexerTester { public PermissionIndexerTester allowOnlyAnyone(ComponentDto project) { PermissionIndexerDao.Dto dto = new PermissionIndexerDao.Dto(project.uuid(), System.currentTimeMillis(), project.qualifier()) - .addGroup("Anyone"); + .addGroupName("Anyone"); permissionIndexer.index(asList(dto)); return this; } @@ -52,7 +52,7 @@ public class PermissionIndexerTester { public PermissionIndexerTester allowOnlyGroup(ComponentDto project, String groupName) { PermissionIndexerDao.Dto dto = new PermissionIndexerDao.Dto(project.uuid(), System.currentTimeMillis(), project.qualifier()) - .addGroup(groupName); + .addGroupName(groupName); permissionIndexer.index(asList(dto)); return this; } -- 2.39.5