From 5c0bed5b1d043e2a085817351a4e22505c14d133 Mon Sep 17 00:00:00 2001 From: Julien Lancelot Date: Tue, 17 Feb 2015 15:55:00 +0100 Subject: [PATCH] SONAR-6009 Each time the batch call the project referentials WS, a E/S query is executed for each rule --- .../server/batch/ProjectRepositoryLoader.java | 30 +++++++++---- .../org/sonar/server/user/UserSession.java | 6 +-- .../ProjectRepositoryLoaderMediumTest.java | 44 +++++++++---------- 3 files changed, 44 insertions(+), 36 deletions(-) diff --git a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java index 5c265dfc5e7..9ca79de76c3 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java +++ b/server/sonar-server/src/main/java/org/sonar/server/batch/ProjectRepositoryLoader.java @@ -20,6 +20,7 @@ package org.sonar.server.batch; +import com.google.common.base.Function; import com.google.common.collect.ArrayListMultimap; import com.google.common.collect.Maps; import com.google.common.collect.Multimap; @@ -67,7 +68,7 @@ public class ProjectRepositoryLoader implements ServerComponent { private final Languages languages; public ProjectRepositoryLoader(DbClient dbClient, QProfileFactory qProfileFactory, QProfileLoader qProfileLoader, RuleService ruleService, - Languages languages) { + Languages languages) { this.dbClient = dbClient; this.qProfileFactory = qProfileFactory; this.qProfileLoader = qProfileLoader; @@ -88,8 +89,9 @@ public class ProjectRepositoryLoader implements ServerComponent { if (module != null) { if (query.isPreview()) { // Scan permission is enough to analyze all projects but preview permission is limited to projects user can access - UserSession.get().checkComponentPermission(UserRole.USER, query.getModuleKey(), - "You're not authorized to access to project '" + module.name() + "', please contact your SonarQube administrator."); + if (!UserSession.get().hasProjectPermissionByUuid(UserRole.USER, module.projectUuid())) { + throw new ForbiddenException("You're not authorized to access to project '" + module.name() + "', please contact your SonarQube administrator."); + } } ComponentDto project = getProject(module, session); @@ -156,7 +158,7 @@ public class ProjectRepositoryLoader implements ServerComponent { } private void addSettingsToChildrenModules(ProjectRepositories ref, String moduleKey, Map parentProperties, TreeModuleSettings treeModuleSettings, - boolean hasScanPerm, DbSession session) { + boolean hasScanPerm, DbSession session) { Map currentParentProperties = newHashMap(); currentParentProperties.putAll(parentProperties); currentParentProperties.putAll(getPropertiesMap(treeModuleSettings.findModuleSettings(moduleKey), hasScanPerm)); @@ -224,12 +226,13 @@ public class ProjectRepositoryLoader implements ServerComponent { private void addActiveRules(ProjectRepositories ref) { for (org.sonar.batch.protocol.input.QProfile qProfile : ref.qProfiles()) { - for (ActiveRule activeRule : qProfileLoader.findActiveRulesByProfile(qProfile.key())) { - Rule rule = ruleService.getNonNullByKey(activeRule.key().ruleKey()); + Map activeRules = activeRuleByRuleKey(qProfileLoader.findActiveRulesByProfile(qProfile.key())); + for (Rule rule : ruleService.search(new RuleQuery().setQProfileKey(qProfile.key()).setActivation(true), new QueryContext()).getHits()) { RuleKey templateKey = rule.templateKey(); + ActiveRule activeRule = activeRules.get(rule.key()); org.sonar.batch.protocol.input.ActiveRule inputActiveRule = new org.sonar.batch.protocol.input.ActiveRule( - activeRule.key().ruleKey().repository(), - activeRule.key().ruleKey().rule(), + rule.key().repository(), + rule.key().rule(), templateKey != null ? templateKey.rule() : null, rule.name(), activeRule.severity(), @@ -243,6 +246,15 @@ public class ProjectRepositoryLoader implements ServerComponent { } } + private Map activeRuleByRuleKey(List activeRules) { + return Maps.uniqueIndex(activeRules, new Function() { + @Override + public RuleKey apply(@Nullable ActiveRule input) { + return input != null ? input.key().ruleKey() : null; + } + }); + } + private void addManualRules(ProjectRepositories ref) { Result ruleSearchResult = ruleService.search(new RuleQuery().setRepositories(newArrayList(RuleKey.MANUAL_REPOSITORY_KEY)), new QueryContext().setScroll(true) .setFieldsToReturn(newArrayList(RuleNormalizer.RuleField.KEY.field(), RuleNormalizer.RuleField.NAME.field()))); @@ -309,7 +321,7 @@ public class ProjectRepositoryLoader implements ServerComponent { private Multimap moduleChildrenByModuleUuid; private TreeModuleSettings(Map moduleUuidsByKey, Map moduleIdsByKey, List moduleChildren, - List moduleChildrenSettings, ComponentDto module) { + List moduleChildrenSettings, ComponentDto module) { this.moduleIdsByKey = moduleIdsByKey; this.moduleUuidsByKey = moduleUuidsByKey; propertiesByModuleId = ArrayListMultimap.create(); diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java index 06d92231bd4..68fced94686 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java +++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java @@ -221,12 +221,8 @@ public class UserSession { * Ensures that user implies the specified project permission on a component. If not a {@link org.sonar.server.exceptions.ForbiddenException} is thrown. */ public UserSession checkComponentPermission(String projectPermission, String componentKey) { - return checkComponentPermission(projectPermission, componentKey, INSUFFICIENT_PRIVILEGES_MESSAGE); - } - - public UserSession checkComponentPermission(String projectPermission, String componentKey, @Nullable String errorMessage) { if (!hasComponentPermission(projectPermission, componentKey)) { - throw new ForbiddenException(errorMessage); + throw new ForbiddenException(INSUFFICIENT_PRIVILEGES_MESSAGE); } return this; } diff --git a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectRepositoryLoaderMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectRepositoryLoaderMediumTest.java index 1a1f7a62003..f470692f6dc 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectRepositoryLoaderMediumTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/batch/ProjectRepositoryLoaderMediumTest.java @@ -86,7 +86,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_project_settings() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -110,7 +110,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void not_returned_secured_settings_with_only_preview_permission() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.PREVIEW_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.PREVIEW_EXECUTION).addProjectUuidPermissions(UserRole.USER, project.uuid()); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -133,7 +133,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_project_with_module_settings() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -169,7 +169,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_project_with_module_settings_inherited_from_project() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -200,7 +200,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_project_with_module_with_sub_module() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -248,7 +248,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_project_with_two_modules() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -293,7 +293,7 @@ public class ProjectRepositoryLoaderMediumTest { public void return_provisioned_project_settings() throws Exception { // No snapshot attached on the project -> provisioned project ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -323,7 +323,7 @@ public class ProjectRepositoryLoaderMediumTest { // No module properties ComponentDto subModule = ComponentTesting.newModuleDto(module); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), subModule.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, subModule); // Sub module properties @@ -359,7 +359,7 @@ public class ProjectRepositoryLoaderMediumTest { tester.get(DbClient.class).propertiesDao().setProperty(new PropertyDto().setKey("sonar.jira.login.secured").setValue("john").setResourceId(module.getId()), dbSession); ComponentDto subModule = ComponentTesting.newModuleDto(module); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), subModule.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, subModule); // Sub module properties @@ -393,7 +393,7 @@ public class ProjectRepositoryLoaderMediumTest { // No module property ComponentDto subModule = ComponentTesting.newModuleDto(module); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), subModule.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, subModule); // No sub module property @@ -426,7 +426,7 @@ public class ProjectRepositoryLoaderMediumTest { tester.get(DbClient.class).propertiesDao().setProperty(new PropertyDto().setKey("sonar.jira.project.key").setValue("SONAR-SERVER").setResourceId(module.getId()), dbSession); ComponentDto subModule = ComponentTesting.newModuleDto(module); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), subModule.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, subModule); // No sub module property @@ -447,7 +447,7 @@ public class ProjectRepositoryLoaderMediumTest { Date ruleUpdatedAt = DateUtils.parseDateTime("2014-01-14T13:00:00+0100"); ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); QualityProfileDto profileDto = QProfileTesting.newDto(QProfileName.createFor(ServerTester.Xoo.KEY, "SonarQube way"), "abcd").setRulesUpdatedAt( @@ -471,7 +471,7 @@ public class ProjectRepositoryLoaderMediumTest { Date ruleUpdatedAt = DateUtils.parseDateTime("2014-01-14T13:00:00+0100"); ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); QualityProfileDto profileDto = QProfileTesting.newDto(QProfileName.createFor(ServerTester.Xoo.KEY, "SonarQube way"), "abcd").setRulesUpdatedAt( @@ -495,7 +495,7 @@ public class ProjectRepositoryLoaderMediumTest { Date ruleUpdatedAt = DateUtils.parseDateTime("2014-01-14T13:00:00+0100"); ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); QualityProfileDto profileDto = QProfileTesting.newDto(QProfileName.createFor(ServerTester.Xoo.KEY, "SonarQube way"), "abcd").setRulesUpdatedAt( @@ -541,7 +541,7 @@ public class ProjectRepositoryLoaderMediumTest { // No snapshot attached on the project -> provisioned project ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); QualityProfileDto profileDto = QProfileTesting.newDto(QProfileName.createFor(ServerTester.Xoo.KEY, "SonarQube way"), "abcd").setRulesUpdatedAt( @@ -563,7 +563,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void fail_when_no_quality_profile_for_a_language() throws Exception { ComponentDto project = ComponentTesting.newProjectDto().setKey("org.codehaus.sonar:sonar"); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); dbSession.commit(); @@ -580,7 +580,7 @@ public class ProjectRepositoryLoaderMediumTest { Date ruleUpdatedAt = DateUtils.parseDateTime("2014-01-14T13:00:00+0100"); ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); QualityProfileDto profileDto = QProfileTesting.newDto(QProfileName.createFor(ServerTester.Xoo.KEY, "SonarQube way"), "abcd").setRulesUpdatedAt( @@ -618,7 +618,7 @@ public class ProjectRepositoryLoaderMediumTest { Date ruleUpdatedAt = DateUtils.parseDateTime("2014-01-14T13:00:00+0100"); ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentUuidPermission(UserRole.USER, project.uuid(), project.uuid()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); QualityProfileDto profileDto = QProfileTesting.newDto(QProfileName.createFor(ServerTester.Xoo.KEY, "SonarQube way"), "abcd").setRulesUpdatedAt( @@ -649,7 +649,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_manual_rules() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -704,7 +704,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_file_data_from_single_project() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -723,7 +723,7 @@ public class ProjectRepositoryLoaderMediumTest { @Test public void return_file_data_from_multi_modules() throws Exception { ComponentDto project = ComponentTesting.newProjectDto(); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), project.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, project); addDefaultProfile(); @@ -759,7 +759,7 @@ public class ProjectRepositoryLoaderMediumTest { tester.get(FileSourceDao.class).insert(newFileSourceDto(projectFile).setSrcHash("123456")); ComponentDto module = ComponentTesting.newModuleDto(project); - MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION).addComponentPermission(UserRole.USER, project.getKey(), module.getKey()); + MockUserSession.set().setLogin("john").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION); tester.get(DbClient.class).componentDao().insert(dbSession, module); // File on module -- 2.39.5