* SONAR-13936 Remove organization parameters from permissions WS * SONAR-13936 Remove organization_uuid column from user_roles table * SONAR-13936 Fix developer ITs * SONAR-13936 Remove organization_uuid column from group_roles table * SONAR-13936 Remove organization_uuid column from permission_templates tabletags/8.6.0.39681
@@ -80,9 +80,9 @@ public class UserPermissionDao implements Dao { | |||
} | |||
/** | |||
* Gets all the global permissions granted to user for the specified organization. | |||
* Gets all the global permissions granted to user | |||
* | |||
* @return the global permissions. An empty list is returned if user or organization do not exist. | |||
* @return the global permissions. An empty list is returned if user do not exist. | |||
*/ | |||
public List<String> selectGlobalPermissionsOfUser(DbSession dbSession, String userUuid) { | |||
return mapper(dbSession).selectGlobalPermissionsOfUser(userUuid); | |||
@@ -101,8 +101,8 @@ public class UserPermissionDao implements Dao { | |||
return mapper(session).selectUserUuidsWithPermissionOnProjectBut(projectUuid, permission); | |||
} | |||
public void insert(DbSession dbSession, UserPermissionDto dto, String defaultOrgUuid) { | |||
mapper(dbSession).insert(dto, defaultOrgUuid); | |||
public void insert(DbSession dbSession, UserPermissionDto dto) { | |||
mapper(dbSession).insert(dto); | |||
} | |||
/** |
@@ -31,7 +31,7 @@ public interface UserPermissionMapper { | |||
List<String> selectUserUuidsByQuery(@Param("query") PermissionQuery query); | |||
/** | |||
* Fetch user ids based on permission query and only in a specific scope (global permissions only, organization permissions only or project permissions only) | |||
* Fetch user ids based on permission query and only in a specific scope (global permissions only or project permissions only) | |||
*/ | |||
List<String> selectUserUuidsByQueryAndScope(@Param("query") PermissionQuery query); | |||
@@ -52,7 +52,7 @@ public interface UserPermissionMapper { | |||
*/ | |||
Set<String> selectUserUuidsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("permission") String permission); | |||
void insert(@Param("dto")UserPermissionDto dto, @Param("defaultOrgUuid") String defaultOrgUuid); | |||
void insert(@Param("dto")UserPermissionDto dto); | |||
void deleteGlobalPermission(@Param("userUuid") String userUuid, @Param("permission") String permission); | |||
@@ -24,7 +24,6 @@ import javax.annotation.CheckForNull; | |||
import javax.annotation.Nullable; | |||
public class PermissionTemplateDto { | |||
private String organizationUuid; | |||
private String name; | |||
private String uuid; | |||
private String description; | |||
@@ -41,11 +40,6 @@ public class PermissionTemplateDto { | |||
return this; | |||
} | |||
public PermissionTemplateDto setOrganizationUuid(String uuid) { | |||
this.organizationUuid = uuid; | |||
return this; | |||
} | |||
/** | |||
* @since 5.2 the kee column is a proper uuid. Before that it was build on the name + timestamp | |||
*/ |
@@ -148,18 +148,14 @@ | |||
select | |||
<include refid="selectColumns"/> | |||
from organizations org | |||
inner join user_roles ur on | |||
ur.organization_uuid = org.uuid | |||
and ur.user_uuid = #{userUuid,jdbcType=VARCHAR} | |||
inner join user_roles ur on ur.user_uuid = #{userUuid,jdbcType=VARCHAR} | |||
and ur.component_uuid is null | |||
and ur.role = #{permission,jdbcType=VARCHAR} | |||
union | |||
select | |||
<include refid="selectColumns"/> | |||
from organizations org | |||
inner join group_roles g on | |||
g.organization_uuid = org.uuid | |||
and g.component_uuid is null | |||
inner join group_roles g on g.component_uuid is null | |||
and g.role = #{permission,jdbcType=VARCHAR} | |||
inner join groups_users gu on | |||
gu.group_uuid = g.group_uuid |
@@ -190,13 +190,11 @@ | |||
<insert id="insert" parameterType="GroupPermission"> | |||
insert into group_roles ( | |||
organization_uuid, | |||
uuid, | |||
group_uuid, | |||
component_uuid, | |||
role | |||
) values ( | |||
'asd', | |||
#{uuid,jdbcType=VARCHAR}, | |||
#{groupUuid,jdbcType=VARCHAR}, | |||
#{componentUuid,jdbcType=BIGINT}, |
@@ -132,13 +132,11 @@ | |||
<insert id="insert" parameterType="org.sonar.db.permission.UserPermissionDto" useGeneratedKeys="false"> | |||
insert into user_roles ( | |||
organization_uuid, | |||
uuid, | |||
user_uuid, | |||
component_uuid, | |||
role | |||
) values ( | |||
#{defaultOrgUuid,jdbcType=VARCHAR}, | |||
#{dto.uuid,jdbcType=VARCHAR}, | |||
#{dto.userUuid,jdbcType=VARCHAR}, | |||
#{dto.componentUuid,jdbcType=VARCHAR}, |
@@ -4,9 +4,8 @@ | |||
<mapper namespace="org.sonar.db.permission.template.PermissionTemplateMapper"> | |||
<insert id="insert" parameterType="PermissionTemplate" useGeneratedKeys="false"> | |||
INSERT INTO permission_templates (organization_uuid, name, uuid, description, key_pattern, created_at, updated_at) | |||
INSERT INTO permission_templates (name, uuid, description, key_pattern, created_at, updated_at) | |||
VALUES ( | |||
#{organizationUuid,jdbcType=VARCHAR}, | |||
#{name,jdbcType=VARCHAR}, | |||
#{uuid,jdbcType=VARCHAR}, | |||
#{description,jdbcType=VARCHAR}, |
@@ -315,7 +315,6 @@ CREATE INDEX "FILE_SOURCES_PROJECT_UUID" ON "FILE_SOURCES"("PROJECT_UUID"); | |||
CREATE INDEX "FILE_SOURCES_UPDATED_AT" ON "FILE_SOURCES"("UPDATED_AT"); | |||
CREATE TABLE "GROUP_ROLES"( | |||
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL, | |||
"ROLE" VARCHAR(64) NOT NULL, | |||
"COMPONENT_UUID" VARCHAR(40), | |||
"UUID" VARCHAR(40) NOT NULL, | |||
@@ -323,7 +322,7 @@ CREATE TABLE "GROUP_ROLES"( | |||
); | |||
ALTER TABLE "GROUP_ROLES" ADD CONSTRAINT "PK_GROUP_ROLES" PRIMARY KEY("UUID"); | |||
CREATE INDEX "GROUP_ROLES_COMPONENT_UUID" ON "GROUP_ROLES"("COMPONENT_UUID"); | |||
CREATE UNIQUE INDEX "UNIQ_GROUP_ROLES" ON "GROUP_ROLES"("ORGANIZATION_UUID", "GROUP_UUID", "COMPONENT_UUID", "ROLE"); | |||
CREATE UNIQUE INDEX "UNIQ_GROUP_ROLES" ON "GROUP_ROLES"("GROUP_UUID", "COMPONENT_UUID", "ROLE"); | |||
CREATE TABLE "GROUPS"( | |||
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL, | |||
@@ -585,7 +584,6 @@ ALTER TABLE "PERM_TPL_CHARACTERISTICS" ADD CONSTRAINT "PK_PERM_TPL_CHARACTERISTI | |||
CREATE UNIQUE INDEX "UNIQ_PERM_TPL_CHARAC" ON "PERM_TPL_CHARACTERISTICS"("TEMPLATE_UUID", "PERMISSION_KEY"); | |||
CREATE TABLE "PERMISSION_TEMPLATES"( | |||
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL, | |||
"NAME" VARCHAR(100) NOT NULL, | |||
"DESCRIPTION" VARCHAR(4000), | |||
"CREATED_AT" TIMESTAMP, | |||
@@ -916,7 +914,6 @@ ALTER TABLE "USER_PROPERTIES" ADD CONSTRAINT "PK_USER_PROPERTIES" PRIMARY KEY("U | |||
CREATE UNIQUE INDEX "USER_PROPERTIES_USER_UUID_KEE" ON "USER_PROPERTIES"("USER_UUID", "KEE"); | |||
CREATE TABLE "USER_ROLES"( | |||
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL, | |||
"ROLE" VARCHAR(64) NOT NULL, | |||
"COMPONENT_UUID" VARCHAR(40), | |||
"UUID" VARCHAR(40) NOT NULL, |
@@ -35,7 +35,6 @@ import org.sonar.core.util.Uuids; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.UserDto; | |||
import static java.util.Arrays.asList; | |||
@@ -67,7 +66,6 @@ public class UserPermissionDaoTest { | |||
@Test | |||
public void select_global_permissions() { | |||
OrganizationDto org2 = db.organizations().insert(); | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); | |||
@@ -634,14 +632,14 @@ public class UserPermissionDaoTest { | |||
private UserPermissionDto addGlobalPermission(String permission, UserDto user) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); | |||
underTest.insert(dbSession, dto, db.getDefaultOrganization().getUuid()); | |||
underTest.insert(dbSession, dto); | |||
db.commit(); | |||
return dto; | |||
} | |||
private UserPermissionDto addProjectPermission(String permission, UserDto user, ComponentDto project) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); | |||
underTest.insert(dbSession, dto, db.getDefaultOrganization().getUuid()); | |||
underTest.insert(dbSession, dto); | |||
db.commit(); | |||
return dto; | |||
} |
@@ -74,7 +74,6 @@ public class PermissionTemplateDaoTest { | |||
@Test | |||
public void create_permission_template() { | |||
PermissionTemplateDto permissionTemplate = underTest.insert(db.getSession(), newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setUuid("ABCD") | |||
.setName("my template") | |||
.setDescription("my description") |
@@ -82,6 +82,10 @@ public class ComponentDbTester { | |||
return insertComponentAndBranchAndProject(componentDto, false); | |||
} | |||
public ComponentDto insertPrivateProject(String uuid) { | |||
return insertComponentAndBranchAndProject(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization(), uuid), true); | |||
} | |||
public final ComponentDto insertPrivateProject(Consumer<ComponentDto> dtoPopulator) { | |||
return insertComponentAndBranchAndProject(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()), true, defaults(), | |||
dtoPopulator); |
@@ -45,10 +45,8 @@ public class PermissionTemplateDbTester { | |||
} | |||
public PermissionTemplateDto insertTemplate(PermissionTemplateDto template) { | |||
template.setOrganizationUuid(db.getDefaultOrganization().getUuid()); | |||
PermissionTemplateDto templateInDb = dbClient.permissionTemplateDao().insert(dbSession, template); | |||
db.commit(); | |||
return templateInDb; | |||
} | |||
@@ -304,7 +304,7 @@ public class UserDbTester { | |||
@Deprecated | |||
public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); | |||
db.getDbClient().userPermissionDao().insert(db.getSession(), dto, db.getDefaultOrganization().getUuid()); | |||
db.getDbClient().userPermissionDao().insert(db.getSession(), dto); | |||
db.commit(); | |||
return dto; | |||
} | |||
@@ -327,7 +327,7 @@ public class UserDbTester { | |||
"%s can't be granted on a public project", permission); | |||
checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); | |||
db.getDbClient().userPermissionDao().insert(db.getSession(), dto, db.getDefaultOrganization().getUuid()); | |||
db.getDbClient().userPermissionDao().insert(db.getSession(), dto); | |||
db.commit(); | |||
return dto; | |||
} |
@@ -35,6 +35,9 @@ public class DbVersion86 implements DbVersion { | |||
.add(4105, "Drop 'organization_uuid' in 'rules_metadata'", DropOrganizationInRulesMetadata.class) | |||
.add(4106, "Update 'change_data' column of 'qprofile_changes' table to use ruleUuid", UpdateChangeDataOfQProfileChanges.class) | |||
.add(4107, "Drop 'organization_uuid' in 'users'", DropOrganizationInUsers.class) | |||
.add(4108, "Drop 'organization_uuid' in 'user_roles'", DropOrganizationInUserRoles.class) | |||
.add(4109, "Drop 'organization_uuid' in 'group_roles'", DropOrganizationInGroupRoles.class) | |||
.add(4110, "Drop 'organization_uuid' in 'permission_templates'", DropOrganizationInPermissionTemplates.class) | |||
; | |||
} | |||
} |
@@ -0,0 +1,54 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2020 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.platform.db.migration.version.v86; | |||
import java.sql.SQLException; | |||
import org.sonar.db.Database; | |||
import org.sonar.server.platform.db.migration.sql.CreateIndexBuilder; | |||
import org.sonar.server.platform.db.migration.sql.DropColumnsBuilder; | |||
import org.sonar.server.platform.db.migration.sql.DropIndexBuilder; | |||
import org.sonar.server.platform.db.migration.step.DdlChange; | |||
public class DropOrganizationInGroupRoles extends DdlChange { | |||
private static final String TABLE_NAME = "group_roles"; | |||
public DropOrganizationInGroupRoles(Database db) { | |||
super(db); | |||
} | |||
@Override | |||
public void execute(Context context) throws SQLException { | |||
context.execute( | |||
new DropIndexBuilder(getDialect()) | |||
.setTable(TABLE_NAME) | |||
.setName("uniq_group_roles") | |||
.build()); | |||
context.execute(new DropColumnsBuilder(getDialect(), TABLE_NAME, "organization_uuid").build()); | |||
context.execute(new CreateIndexBuilder() | |||
.setTable(TABLE_NAME) | |||
.setName("uniq_group_roles") | |||
.addColumn("group_uuid") | |||
.addColumn("component_uuid") | |||
.addColumn("role") | |||
.setUnique(true) | |||
.build()); | |||
} | |||
} |
@@ -0,0 +1,39 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2020 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.platform.db.migration.version.v86; | |||
import java.sql.SQLException; | |||
import org.sonar.db.Database; | |||
import org.sonar.server.platform.db.migration.sql.DropColumnsBuilder; | |||
import org.sonar.server.platform.db.migration.step.DdlChange; | |||
public class DropOrganizationInPermissionTemplates extends DdlChange { | |||
private static final String TABLE_NAME = "permission_templates"; | |||
public DropOrganizationInPermissionTemplates(Database db) { | |||
super(db); | |||
} | |||
@Override | |||
public void execute(Context context) throws SQLException { | |||
context.execute(new DropColumnsBuilder(getDialect(), TABLE_NAME, "organization_uuid").build()); | |||
} | |||
} |
@@ -0,0 +1,39 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2020 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.platform.db.migration.version.v86; | |||
import java.sql.SQLException; | |||
import org.sonar.db.Database; | |||
import org.sonar.server.platform.db.migration.sql.DropColumnsBuilder; | |||
import org.sonar.server.platform.db.migration.step.DdlChange; | |||
public class DropOrganizationInUserRoles extends DdlChange { | |||
private static final String TABLE_NAME = "user_roles"; | |||
public DropOrganizationInUserRoles(Database db) { | |||
super(db); | |||
} | |||
@Override | |||
public void execute(Context context) throws SQLException { | |||
context.execute(new DropColumnsBuilder(getDialect(), TABLE_NAME, "organization_uuid").build()); | |||
} | |||
} |
@@ -0,0 +1,42 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2020 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.platform.db.migration.version.v86; | |||
import java.sql.SQLException; | |||
import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.db.CoreDbTester; | |||
import org.sonar.server.platform.db.migration.step.MigrationStep; | |||
public class DropOrganizationInGroupRolesTest { | |||
@Rule | |||
public CoreDbTester dbTester = CoreDbTester.createForSchema(DropOrganizationInGroupRolesTest.class, "schema.sql"); | |||
private MigrationStep underTest = new DropOrganizationInGroupRoles(dbTester.database()); | |||
@Test | |||
public void column_has_been_dropped() throws SQLException { | |||
underTest.execute(); | |||
dbTester.assertColumnDoesNotExist("group_roles", "organization_uuid"); | |||
dbTester.assertUniqueIndex("group_roles", "uniq_group_roles", "group_uuid", "component_uuid", "role"); | |||
} | |||
} |
@@ -0,0 +1,41 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2020 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.platform.db.migration.version.v86; | |||
import java.sql.SQLException; | |||
import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.db.CoreDbTester; | |||
import org.sonar.server.platform.db.migration.step.MigrationStep; | |||
public class DropOrganizationInPermissionTemplatesTest { | |||
@Rule | |||
public CoreDbTester dbTester = CoreDbTester.createForSchema(DropOrganizationInPermissionTemplatesTest.class, "schema.sql"); | |||
private MigrationStep underTest = new DropOrganizationInPermissionTemplates(dbTester.database()); | |||
@Test | |||
public void column_has_been_dropped() throws SQLException { | |||
underTest.execute(); | |||
dbTester.assertColumnDoesNotExist("permission_templates", "organization_uuid"); | |||
} | |||
} |
@@ -0,0 +1,41 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2020 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.server.platform.db.migration.version.v86; | |||
import java.sql.SQLException; | |||
import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.db.CoreDbTester; | |||
import org.sonar.server.platform.db.migration.step.MigrationStep; | |||
public class DropOrganizationInUserRolesTest { | |||
@Rule | |||
public CoreDbTester dbTester = CoreDbTester.createForSchema(DropOrganizationInUserRolesTest.class, "schema.sql"); | |||
private MigrationStep underTest = new DropOrganizationInUserRoles(dbTester.database()); | |||
@Test | |||
public void column_has_been_dropped() throws SQLException { | |||
underTest.execute(); | |||
dbTester.assertColumnDoesNotExist("user_roles", "organization_uuid"); | |||
} | |||
} |
@@ -0,0 +1,10 @@ | |||
CREATE TABLE "GROUP_ROLES"( | |||
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL, | |||
"ROLE" VARCHAR(64) NOT NULL, | |||
"COMPONENT_UUID" VARCHAR(40), | |||
"UUID" VARCHAR(40) NOT NULL, | |||
"GROUP_UUID" VARCHAR(40) | |||
); | |||
ALTER TABLE "GROUP_ROLES" ADD CONSTRAINT "PK_GROUP_ROLES" PRIMARY KEY("UUID"); | |||
CREATE INDEX "GROUP_ROLES_COMPONENT_UUID" ON "GROUP_ROLES"("COMPONENT_UUID"); | |||
CREATE UNIQUE INDEX "UNIQ_GROUP_ROLES" ON "GROUP_ROLES"("ORGANIZATION_UUID", "GROUP_UUID", "COMPONENT_UUID", "ROLE"); |
@@ -0,0 +1,10 @@ | |||
CREATE TABLE "PERMISSION_TEMPLATES"( | |||
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL, | |||
"NAME" VARCHAR(100) NOT NULL, | |||
"DESCRIPTION" VARCHAR(4000), | |||
"CREATED_AT" TIMESTAMP, | |||
"UPDATED_AT" TIMESTAMP, | |||
"KEY_PATTERN" VARCHAR(500), | |||
"UUID" VARCHAR(40) NOT NULL | |||
); | |||
ALTER TABLE "PERMISSION_TEMPLATES" ADD CONSTRAINT "PK_PERMISSION_TEMPLATES" PRIMARY KEY("UUID"); |
@@ -0,0 +1,10 @@ | |||
CREATE TABLE "USER_ROLES"( | |||
"ORGANIZATION_UUID" VARCHAR(40) NOT NULL, | |||
"ROLE" VARCHAR(64) NOT NULL, | |||
"COMPONENT_UUID" VARCHAR(40), | |||
"UUID" VARCHAR(40) NOT NULL, | |||
"USER_UUID" VARCHAR(255) | |||
); | |||
ALTER TABLE "USER_ROLES" ADD CONSTRAINT "PK_USER_ROLES" PRIMARY KEY("UUID"); | |||
CREATE INDEX "USER_ROLES_COMPONENT_UUID" ON "USER_ROLES"("COMPONENT_UUID"); | |||
CREATE INDEX "USER_ROLES_USER" ON "USER_ROLES"("USER_UUID"); |
@@ -164,7 +164,6 @@ public class OrganizationUpdaterImpl implements OrganizationUpdater { | |||
new PermissionTemplateDto() | |||
.setUuid(uuidFactory.create()) | |||
.setName(PERM_TEMPLATE_NAME) | |||
.setOrganizationUuid(organizationDto.getUuid()) | |||
.setDescription(format(PERM_TEMPLATE_DESCRIPTION_PATTERN, organizationDto.getName())) | |||
.setCreatedAt(now) | |||
.setUpdatedAt(now)); | |||
@@ -221,7 +220,7 @@ public class OrganizationUpdaterImpl implements OrganizationUpdater { | |||
.setUuid(uuidFactory.create()) | |||
.setName(OWNERS_GROUP_NAME) | |||
.setDescription(OWNERS_GROUP_DESCRIPTION)); | |||
permissionService.getAllOrganizationPermissions().forEach(p -> addPermissionToGroup(dbSession, group, p)); | |||
permissionService.getGlobalPermissions().forEach(p -> addPermissionToGroup(dbSession, group, p)); | |||
return group; | |||
} | |||
@@ -24,7 +24,7 @@ import org.sonar.db.permission.OrganizationPermission; | |||
public interface PermissionService { | |||
List<OrganizationPermission> getAllOrganizationPermissions(); | |||
List<OrganizationPermission> getGlobalPermissions(); | |||
List<String> getAllProjectPermissions(); | |||
} |
@@ -55,7 +55,7 @@ public class PermissionServiceImpl implements PermissionService { | |||
* Return an immutable Set of all organization permissions | |||
*/ | |||
@Override | |||
public List<OrganizationPermission> getAllOrganizationPermissions() { | |||
public List<OrganizationPermission> getGlobalPermissions() { | |||
return globalPermissions; | |||
} | |||
@@ -32,7 +32,7 @@ public class PermissionServiceImplTest { | |||
@Test | |||
public void organizationPermissions_must_be_ordered() { | |||
assertThat(underTest.getAllOrganizationPermissions()) | |||
assertThat(underTest.getGlobalPermissions()) | |||
.extracting(OrganizationPermission::getKey) | |||
.containsExactly("admin", "gateadmin", "profileadmin", "provisioning", "scan", "applicationcreator", "portfoliocreator"); | |||
} |
@@ -79,7 +79,6 @@ public class RegisterPermissionTemplates implements Startable { | |||
} | |||
PermissionTemplateDto template = new PermissionTemplateDto() | |||
.setOrganizationUuid(defaultOrganizationProvider.get().getUuid()) | |||
.setName("Default template") | |||
.setUuid(DEFAULT_TEMPLATE_UUID) | |||
.setDescription("This permission template will be used as default when no other permission configuration is available") |
@@ -156,9 +156,7 @@ public class RegisterPermissionTemplatesTest { | |||
@Test | |||
public void do_not_create_default_template_if_already_exists_but_register_when_it_is_not() { | |||
db.permissionTemplates().insertTemplate(newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setUuid(DEFAULT_TEMPLATE_UUID)); | |||
db.permissionTemplates().insertTemplate(newPermissionTemplateDto().setUuid(DEFAULT_TEMPLATE_UUID)); | |||
underTest.start(); | |||
@@ -168,7 +166,6 @@ public class RegisterPermissionTemplatesTest { | |||
@Test | |||
public void do_not_fail_if_default_template_exists_and_is_registered() { | |||
PermissionTemplateDto projectTemplate = db.permissionTemplates().insertTemplate(newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setUuid(DEFAULT_TEMPLATE_UUID)); | |||
db.organizations().setDefaultTemplates(projectTemplate, null, null); | |||
@@ -189,7 +186,7 @@ public class RegisterPermissionTemplatesTest { | |||
String expectedGroupName) { | |||
assertThat( | |||
groupPermissions.stream().anyMatch(gp -> gp.getPermission().equals(expectedPermission) && Objects.equals(gp.getGroupName(), expectedGroupName))) | |||
.isTrue(); | |||
.isTrue(); | |||
} | |||
private void verifyDefaultTemplates() { |
@@ -44,9 +44,9 @@ public abstract class PermissionChange { | |||
this.projectUuid = projectUuid; | |||
this.permissionService = permissionService; | |||
if (projectUuid == null) { | |||
checkRequest(permissionService.getAllOrganizationPermissions().stream().anyMatch(p -> p.getKey().equals(permission)), | |||
checkRequest(permissionService.getGlobalPermissions().stream().anyMatch(p -> p.getKey().equals(permission)), | |||
"Invalid global permission '%s'. Valid values are %s", permission, | |||
permissionService.getAllOrganizationPermissions().stream().map(OrganizationPermission::getKey).collect(toList())); | |||
permissionService.getGlobalPermissions().stream().map(OrganizationPermission::getKey).collect(toList())); | |||
} else { | |||
checkRequest(permissionService.getAllProjectPermissions().contains(permission), "Invalid project permission '%s'. Valid values are %s", permission, | |||
permissionService.getAllProjectPermissions()); |
@@ -141,7 +141,7 @@ public class PermissionTemplateService { | |||
.filter(up -> permissionValidForProject(project, up.getPermission())) | |||
.forEach(up -> { | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), userDtoMap.get(up.getUserUuid()), project.uuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, defaultOrganizationProvider.get().getUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto); | |||
}); | |||
List<PermissionTemplateGroupDto> groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, template.getUuid()); | |||
@@ -172,7 +172,7 @@ public class PermissionTemplateService { | |||
.filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission())) | |||
.forEach(c -> { | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), project.uuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, defaultOrganizationProvider.get().getUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto); | |||
}); | |||
} | |||
} | |||
@@ -230,7 +230,7 @@ public class PermissionTemplateService { | |||
private static void checkAtMostOneMatchForComponentKey(String componentKey, List<PermissionTemplateDto> matchingTemplates) { | |||
if (matchingTemplates.size() > 1) { | |||
StringBuilder templatesNames = new StringBuilder(); | |||
for (Iterator<PermissionTemplateDto> it = matchingTemplates.iterator(); it.hasNext(); ) { | |||
for (Iterator<PermissionTemplateDto> it = matchingTemplates.iterator(); it.hasNext();) { | |||
templatesNames.append("\"").append(it.next().getName()).append("\""); | |||
if (it.hasNext()) { | |||
templatesNames.append(", "); |
@@ -24,7 +24,6 @@ import org.sonar.core.util.UuidFactory; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.permission.UserPermissionDto; | |||
import org.sonar.server.organization.DefaultOrganizationProvider; | |||
import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
@@ -39,12 +38,10 @@ public class UserPermissionChanger { | |||
private final DbClient dbClient; | |||
private final UuidFactory uuidFactory; | |||
private final DefaultOrganizationProvider defaultOrganizationProvider; | |||
public UserPermissionChanger(DbClient dbClient, UuidFactory uuidFactory, DefaultOrganizationProvider defaultOrganizationProvider) { | |||
public UserPermissionChanger(DbClient dbClient, UuidFactory uuidFactory) { | |||
this.dbClient = dbClient; | |||
this.uuidFactory = uuidFactory; | |||
this.defaultOrganizationProvider = defaultOrganizationProvider; | |||
} | |||
public boolean apply(DbSession dbSession, UserPermissionChange change) { | |||
@@ -98,7 +95,7 @@ public class UserPermissionChanger { | |||
} | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), change.getPermission(), change.getUserId().getUuid(), | |||
change.getProjectUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, defaultOrganizationProvider.get().getUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto); | |||
return true; | |||
} | |||
@@ -38,7 +38,6 @@ import org.sonar.server.user.UserSession; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createGroupIdParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createGroupNameParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -81,7 +80,6 @@ public class AddGroupAction implements PermissionsWsAction { | |||
.setHandler(this); | |||
wsParameters.createPermissionParameter(action, "The permission you would like to grant to the group."); | |||
createOrganizationParameter(action).setSince("6.2"); | |||
createGroupNameParameter(action); | |||
createGroupIdParameter(action); | |||
createProjectParameters(action); |
@@ -37,7 +37,6 @@ import org.sonar.server.user.UserSession; | |||
import static java.util.Collections.singletonList; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters; | |||
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -83,8 +82,6 @@ public class AddUserAction implements PermissionsWsAction { | |||
wsParameters.createPermissionParameter(action, "The permission you would like to grant to the user"); | |||
createUserLoginParameter(action); | |||
createProjectParameters(action); | |||
createOrganizationParameter(action) | |||
.setSince("6.2"); | |||
} | |||
@Override |
@@ -49,7 +49,6 @@ import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE; | |||
import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -91,7 +90,6 @@ public class GroupsAction implements PermissionsWsAction { | |||
.setDescription("Limit search to group names that contain the supplied string.") | |||
.setMinimumLength(SEARCH_QUERY_MIN_LENGTH); | |||
createOrganizationParameter(action).setSince("6.2"); | |||
wsParameters.createPermissionParameter(action).setRequired(false); | |||
createProjectParameters(action); | |||
} | |||
@@ -103,7 +101,6 @@ public class GroupsAction implements PermissionsWsAction { | |||
checkProjectAdmin(userSession, project); | |||
PermissionQuery query = buildPermissionQuery(request, project); | |||
// TODO validatePermission(groupsRequest.getPermission(), wsProjectRef); | |||
List<GroupDto> groups = findGroups(dbSession, query); | |||
int total = dbClient.groupPermissionDao().countGroupsByQuery(dbSession, query); | |||
List<GroupPermissionDto> groupsWithPermission = findGroupPermissions(dbSession, groups, project); |
@@ -24,7 +24,6 @@ import org.sonar.api.server.ws.Request; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.component.ComponentFinder; | |||
@@ -36,11 +35,9 @@ import org.sonar.server.usergroups.ws.GroupWsRef; | |||
import org.sonar.server.usergroups.ws.GroupWsSupport; | |||
import org.sonarqube.ws.client.permission.PermissionsWsParameters; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
public class PermissionWsSupport { | |||
@@ -75,9 +72,8 @@ public class PermissionWsSupport { | |||
public GroupUuidOrAnyone findGroup(DbSession dbSession, Request request) { | |||
String groupUuid = request.param(PARAM_GROUP_ID); | |||
String orgKey = request.param(PARAM_ORGANIZATION); | |||
String groupName = request.param(PARAM_GROUP_NAME); | |||
GroupWsRef groupRef = GroupWsRef.create(groupUuid, orgKey, groupName); | |||
GroupWsRef groupRef = GroupWsRef.create(groupUuid, null, groupName); | |||
return groupWsSupport.findGroupOrAnyone(dbSession, groupRef); | |||
} | |||
@@ -99,8 +95,4 @@ public class PermissionWsSupport { | |||
} | |||
} | |||
public void checkMembership(DbSession dbSession, OrganizationDto organization, UserId user) { | |||
checkArgument(dbClient.organizationMemberDao().select(dbSession, organization.getUuid(), user.getUuid()).isPresent(), | |||
"User '%s' is not member of organization '%s'", user.getLogin(), organization.getKey()); | |||
} | |||
} |
@@ -38,7 +38,6 @@ import static java.util.Arrays.asList; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createGroupIdParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createGroupNameParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -81,7 +80,6 @@ public class RemoveGroupAction implements PermissionsWsAction { | |||
.setHandler(this); | |||
wsParameters.createPermissionParameter(action, "The permission you would like to revoke from the group."); | |||
createOrganizationParameter(action).setSince("6.2"); | |||
createGroupNameParameter(action); | |||
createGroupIdParameter(action); | |||
createProjectParameters(action); |
@@ -35,7 +35,6 @@ import org.sonar.server.user.UserSession; | |||
import static java.util.Collections.singletonList; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters; | |||
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -79,7 +78,6 @@ public class RemoveUserAction implements PermissionsWsAction { | |||
wsParameters.createPermissionParameter(action, "The permission you would like to revoke from the user."); | |||
createUserLoginParameter(action); | |||
createProjectParameters(action); | |||
createOrganizationParameter(action).setSince("6.2"); | |||
} | |||
@Override |
@@ -64,8 +64,6 @@ public class SearchGlobalPermissionsAction implements PermissionsWsAction { | |||
.setSince("5.2") | |||
.setDeprecatedSince("6.5") | |||
.setHandler(this); | |||
WsParameters.createOrganizationParameter(action).setSince("6.2"); | |||
} | |||
@Override | |||
@@ -82,7 +80,7 @@ public class SearchGlobalPermissionsAction implements PermissionsWsAction { | |||
WsSearchGlobalPermissionsResponse.Builder response = WsSearchGlobalPermissionsResponse.newBuilder(); | |||
Permission.Builder permission = newBuilder(); | |||
permissionService.getAllOrganizationPermissions().stream() | |||
permissionService.getGlobalPermissions().stream() | |||
.map(OrganizationPermission::getKey) | |||
.forEach(permissionKey -> { | |||
PermissionQuery query = permissionQuery(permissionKey); |
@@ -51,7 +51,6 @@ import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE; | |||
import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkProjectAdmin; | |||
import static org.sonar.server.permission.RequestValidator.validateGlobalPermission; | |||
import static org.sonar.server.permission.ws.WsParameters.createOrganizationParameter; | |||
import static org.sonar.server.permission.ws.WsParameters.createProjectParameters; | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -99,7 +98,6 @@ public class UsersAction implements PermissionsWsAction { | |||
.setDescription("Limit search to user names that contain the supplied string. <br/>") | |||
.setExampleValue("eri"); | |||
createOrganizationParameter(action).setSince("6.2"); | |||
wsParameters.createPermissionParameter(action).setRequired(false); | |||
createProjectParameters(action); | |||
} |
@@ -30,7 +30,6 @@ import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_D | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
@@ -49,15 +48,15 @@ public class WsParameters { | |||
this.permissionService = permissionService; | |||
String allProjectsPermissionsOnOneLine = Joiner.on(", ").join(permissionService.getAllProjectPermissions()); | |||
permissionParamDescription = String.format("<ul>" + | |||
"<li>Possible values for global permissions: %s</li>" + | |||
"<li>Possible values for project permissions %s</li>" + | |||
"</ul>", | |||
"<li>Possible values for global permissions: %s</li>" + | |||
"<li>Possible values for project permissions %s</li>" + | |||
"</ul>", | |||
GlobalPermissions.ALL_ON_ONE_LINE, | |||
allProjectsPermissionsOnOneLine); | |||
projectPermissionParamDescription = String.format("Permission" + | |||
"<ul>" + | |||
"<li>Possible values for project permissions %s</li>" + | |||
"</ul>", | |||
"<ul>" + | |||
"<li>Possible values for project permissions %s</li>" + | |||
"</ul>", | |||
allProjectsPermissionsOnOneLine); | |||
} | |||
@@ -88,13 +87,6 @@ public class WsParameters { | |||
.setExampleValue("sonar-administrators"); | |||
} | |||
public static WebService.NewParam createOrganizationParameter(WebService.NewAction action) { | |||
return action.createParam(PARAM_ORGANIZATION) | |||
.setDescription("Key of organization, used when group name is set") | |||
.setExampleValue("my-org") | |||
.setInternal(true); | |||
} | |||
public static void createGroupIdParameter(WebService.NewAction action) { | |||
action.createParam(PARAM_GROUP_ID) | |||
.setDescription("Group id, use 'name' param instead") | |||
@@ -126,7 +118,6 @@ public class WsParameters { | |||
action.createParam(PARAM_TEMPLATE_ID) | |||
.setDescription("Template id") | |||
.setExampleValue(UUID_EXAMPLE_01); | |||
createOrganizationParameter(action); | |||
action.createParam(PARAM_TEMPLATE_NAME) | |||
.setDescription("Template name") | |||
.setExampleValue("Default Permission Template for Projects"); |
@@ -40,7 +40,6 @@ import org.sonar.server.user.UserSession; | |||
import static java.util.Objects.requireNonNull; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -67,7 +66,6 @@ public class AddProjectCreatorToTemplateAction implements PermissionsWsAction { | |||
AddProjectCreatorToTemplateRequest wsRequest = AddProjectCreatorToTemplateRequest.builder() | |||
.setPermission(request.mandatoryParam(PARAM_PERMISSION)) | |||
.setTemplateId(request.param(PARAM_TEMPLATE_ID)) | |||
.setOrganization(request.param(PARAM_ORGANIZATION)) | |||
.setTemplateName(request.param(PARAM_TEMPLATE_NAME)) | |||
.build(); | |||
requestValidator.validateProjectPermission(wsRequest.getPermission()); |
@@ -40,7 +40,6 @@ import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobal | |||
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters; | |||
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter; | |||
import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -64,7 +63,6 @@ public class AddUserToTemplateAction implements PermissionsWsAction { | |||
.setLogin(request.mandatoryParam(PARAM_USER_LOGIN)) | |||
.setPermission(request.mandatoryParam(PARAM_PERMISSION)) | |||
.setTemplateId(request.param(PARAM_TEMPLATE_ID)) | |||
.setOrganization(request.param(PARAM_ORGANIZATION)) | |||
.setTemplateName(request.param(PARAM_TEMPLATE_NAME)); | |||
} | |||
@@ -56,7 +56,6 @@ import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001; | |||
import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_002; | |||
import static org.sonar.server.ws.WsParameterBuilder.createRootQualifiersParameter; | |||
import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -120,7 +119,7 @@ public class BulkApplyTemplateAction implements PermissionsWsAction { | |||
action.createParam(PARAM_VISIBILITY) | |||
.setDescription("Filter the projects that should be visible to everyone (%s), or only specific user/groups (%s).<br/>" + | |||
"If no visibility is specified, the default project visibility of the organization will be used.", | |||
"If no visibility is specified, the default project visibility of the organization will be used.", | |||
Visibility.PUBLIC.getLabel(), Visibility.PRIVATE.getLabel()) | |||
.setRequired(false) | |||
.setInternal(true) | |||
@@ -161,7 +160,6 @@ public class BulkApplyTemplateAction implements PermissionsWsAction { | |||
private static BulkApplyTemplateRequest toBulkApplyTemplateWsRequest(Request request) { | |||
return new BulkApplyTemplateRequest() | |||
.setOrganization(request.param(PARAM_ORGANIZATION)) | |||
.setTemplateId(request.param(PARAM_TEMPLATE_ID)) | |||
.setTemplateName(request.param(PARAM_TEMPLATE_NAME)) | |||
.setQualifiers(request.mandatoryParamAsStrings(PARAM_QUALIFIERS)) |
@@ -47,7 +47,6 @@ import static org.sonar.server.permission.ws.template.PermissionTemplateDtoToPer | |||
import static org.sonar.server.ws.WsUtils.writeProtobuf; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY_PATTERN; | |||
public class CreateTemplateAction implements PermissionsWsAction { | |||
@@ -67,8 +66,7 @@ public class CreateTemplateAction implements PermissionsWsAction { | |||
return new CreateTemplateRequest() | |||
.setName(request.mandatoryParam(PARAM_NAME)) | |||
.setDescription(request.param(PARAM_DESCRIPTION)) | |||
.setProjectKeyPattern(request.param(PARAM_PROJECT_KEY_PATTERN)) | |||
.setOrganization(request.param(PARAM_ORGANIZATION)); | |||
.setProjectKeyPattern(request.param(PARAM_PROJECT_KEY_PATTERN)); | |||
} | |||
private static CreateTemplateWsResponse buildResponse(PermissionTemplateDto permissionTemplateDto) { | |||
@@ -93,7 +91,6 @@ public class CreateTemplateAction implements PermissionsWsAction { | |||
WsParameters.createTemplateProjectKeyPatternParameter(action); | |||
WsParameters.createTemplateDescriptionParameter(action); | |||
WsParameters.createOrganizationParameter(action).setSince("6.2"); | |||
} | |||
@Override | |||
@@ -124,7 +121,6 @@ public class CreateTemplateAction implements PermissionsWsAction { | |||
private PermissionTemplateDto insertTemplate(DbSession dbSession, CreateTemplateRequest request) { | |||
Date now = new Date(system.now()); | |||
PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, new PermissionTemplateDto() | |||
.setOrganizationUuid(defaultOrganizationProvider.get().getUuid()) | |||
.setUuid(Uuids.create()) | |||
.setName(request.getName()) | |||
.setDescription(request.getDescription()) |
@@ -39,7 +39,6 @@ import org.sonar.server.user.UserSession; | |||
import static java.util.Objects.requireNonNull; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -66,7 +65,6 @@ public class RemoveProjectCreatorFromTemplateAction implements PermissionsWsActi | |||
RemoveProjectCreatorFromTemplateRequest wsRequest = RemoveProjectCreatorFromTemplateRequest.builder() | |||
.setPermission(request.mandatoryParam(PARAM_PERMISSION)) | |||
.setTemplateId(request.param(PARAM_TEMPLATE_ID)) | |||
.setOrganization(request.param(PARAM_ORGANIZATION)) | |||
.setTemplateName(request.param(PARAM_TEMPLATE_NAME)) | |||
.build(); | |||
requestValidator.validateProjectPermission(wsRequest.getPermission()); |
@@ -38,7 +38,6 @@ import static java.util.Objects.requireNonNull; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createTemplateParameters; | |||
import static org.sonar.server.permission.ws.WsParameters.createUserLoginParameter; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -64,7 +63,6 @@ public class RemoveUserFromTemplateAction implements PermissionsWsAction { | |||
.setPermission(request.mandatoryParam(PARAM_PERMISSION)) | |||
.setLogin(request.mandatoryParam(PARAM_USER_LOGIN)) | |||
.setTemplateId(request.param(PARAM_TEMPLATE_ID)) | |||
.setOrganization(request.param(PARAM_ORGANIZATION)) | |||
.setTemplateName(request.param(PARAM_TEMPLATE_NAME)); | |||
} | |||
@@ -43,7 +43,6 @@ import org.sonar.server.permission.DefaultTemplatesResolver; | |||
import org.sonar.server.permission.DefaultTemplatesResolver.ResolvedDefaultTemplates; | |||
import org.sonar.server.permission.PermissionService; | |||
import org.sonar.server.permission.ws.PermissionsWsAction; | |||
import org.sonar.server.permission.ws.WsParameters; | |||
import org.sonar.server.user.UserSession; | |||
import org.sonarqube.ws.Permissions; | |||
import org.sonarqube.ws.Permissions.Permission; | |||
@@ -88,8 +87,6 @@ public class SearchTemplatesAction implements PermissionsWsAction { | |||
.setSince("5.2") | |||
.addSearchQuery("defau", "permission template names") | |||
.setHandler(this); | |||
WsParameters.createOrganizationParameter(action).setSince("6.2"); | |||
} | |||
@Override |
@@ -42,9 +42,8 @@ import org.sonar.server.user.UserSession; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFoundWithOptional; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; | |||
import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef; | |||
import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext; | |||
import static org.sonar.server.ws.WsParameterBuilder.createDefaultTemplateQualifierParameter; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -71,7 +70,6 @@ public class SetDefaultTemplateAction implements PermissionsWsAction { | |||
return new SetDefaultTemplateRequest() | |||
.setQualifier(request.param(PARAM_QUALIFIER)) | |||
.setTemplateId(request.param(PARAM_TEMPLATE_ID)) | |||
.setOrganization(request.param(PARAM_ORGANIZATION)) | |||
.setTemplateName(request.param(PARAM_TEMPLATE_NAME)); | |||
} | |||
@@ -39,7 +39,6 @@ import org.sonar.db.permission.UserPermissionDto; | |||
import org.sonar.server.component.ComponentFinder; | |||
import org.sonar.server.es.ProjectIndexer; | |||
import org.sonar.server.es.ProjectIndexers; | |||
import org.sonar.server.organization.DefaultOrganizationProvider; | |||
import org.sonar.server.project.Visibility; | |||
import org.sonar.server.user.UserSession; | |||
import org.sonarqube.ws.client.project.ProjectsWsParameters; | |||
@@ -61,17 +60,15 @@ public class UpdateVisibilityAction implements ProjectsWsAction { | |||
private final ProjectIndexers projectIndexers; | |||
private final ProjectsWsSupport projectsWsSupport; | |||
private final UuidFactory uuidFactory; | |||
private final DefaultOrganizationProvider defaultOrganizationProvider; | |||
public UpdateVisibilityAction(DbClient dbClient, ComponentFinder componentFinder, UserSession userSession, | |||
ProjectIndexers projectIndexers, ProjectsWsSupport projectsWsSupport, UuidFactory uuidFactory, DefaultOrganizationProvider defaultOrganizationProvider) { | |||
ProjectIndexers projectIndexers, ProjectsWsSupport projectsWsSupport, UuidFactory uuidFactory) { | |||
this.dbClient = dbClient; | |||
this.componentFinder = componentFinder; | |||
this.userSession = userSession; | |||
this.projectIndexers = projectIndexers; | |||
this.projectsWsSupport = projectsWsSupport; | |||
this.uuidFactory = uuidFactory; | |||
this.defaultOrganizationProvider = defaultOrganizationProvider; | |||
} | |||
public void define(WebService.NewController context) { | |||
@@ -155,7 +152,7 @@ public class UpdateVisibilityAction implements ProjectsWsAction { | |||
} | |||
private void insertProjectPermissionOnUser(DbSession dbSession, ComponentDto component, String permission, String userUuid) { | |||
dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(Uuids.create(), permission, userUuid, component.uuid()), defaultOrganizationProvider.get().getUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(Uuids.create(), permission, userUuid, component.uuid())); | |||
} | |||
private void insertProjectPermissionOnGroup(DbSession dbSession, ComponentDto component, String permission, String groupUuid) { |
@@ -133,7 +133,7 @@ public class CurrentAction implements UsersWsAction { | |||
private List<String> getGlobalPermissions() { | |||
String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid(); | |||
return permissionService.getAllOrganizationPermissions().stream() | |||
return permissionService.getGlobalPermissions().stream() | |||
.filter(permission -> userSession.hasPermission(permission)) | |||
.map(OrganizationPermission::getKey) | |||
.collect(toList()); |
@@ -20,9 +20,7 @@ | |||
package org.sonar.server.user.ws; | |||
import java.util.HashSet; | |||
import java.util.List; | |||
import java.util.Set; | |||
import java.util.stream.Collectors; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.Response; | |||
import org.sonar.api.server.ws.WebService; | |||
@@ -30,18 +28,14 @@ import org.sonar.api.server.ws.WebService.NewAction; | |||
import org.sonar.api.utils.text.JsonWriter; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.organization.OrganizationHelper; | |||
import org.sonar.db.property.PropertyQuery; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.organization.DefaultOrganizationProvider; | |||
import org.sonar.server.user.UserSession; | |||
import org.sonar.server.user.index.UserIndexer; | |||
import static java.lang.String.format; | |||
import static java.util.Collections.singletonList; | |||
import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.BadRequestException.checkRequest; | |||
import static org.sonar.server.exceptions.NotFoundException.checkFound; | |||
@@ -53,15 +47,12 @@ public class DeactivateAction implements UsersWsAction { | |||
private final UserIndexer userIndexer; | |||
private final UserSession userSession; | |||
private final UserJsonWriter userWriter; | |||
private final DefaultOrganizationProvider defaultOrganizationProvider; | |||
public DeactivateAction(DbClient dbClient, UserIndexer userIndexer, UserSession userSession, UserJsonWriter userWriter, | |||
DefaultOrganizationProvider defaultOrganizationProvider) { | |||
public DeactivateAction(DbClient dbClient, UserIndexer userIndexer, UserSession userSession, UserJsonWriter userWriter) { | |||
this.dbClient = dbClient; | |||
this.userIndexer = userIndexer; | |||
this.userSession = userSession; | |||
this.userWriter = userWriter; | |||
this.defaultOrganizationProvider = defaultOrganizationProvider; | |||
} | |||
@Override | |||
@@ -131,19 +122,8 @@ public class DeactivateAction implements UsersWsAction { | |||
} | |||
private void ensureNotLastAdministrator(DbSession dbSession, UserDto user) { | |||
//TODO can this be removed? | |||
List<OrganizationDto> problematicOrgs = new OrganizationHelper(dbClient).selectOrganizationsWithLastAdmin(dbSession, user.getUuid()); | |||
if (problematicOrgs.isEmpty()) { | |||
return; | |||
} | |||
checkRequest(problematicOrgs.size() != 1 || !defaultOrganizationProvider.get().getUuid().equals(problematicOrgs.get(0).getUuid()), | |||
"User is last administrator, and cannot be deactivated"); | |||
String keys = problematicOrgs | |||
.stream() | |||
.map(OrganizationDto::getKey) | |||
.sorted() | |||
.collect(Collectors.joining(", ")); | |||
throw BadRequestException.create(format("User '%s' is last administrator of organizations [%s], and cannot be deactivated", user.getLogin(), keys)); | |||
boolean isLastAdmin = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, ADMINISTER.getKey(), user.getUuid()) == 0; | |||
checkRequest(!isLastAdmin, "User is last administrator, and cannot be deactivated"); | |||
} | |||
} |
@@ -34,7 +34,6 @@ import org.sonar.core.util.Uuids; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -57,21 +56,19 @@ public class GroupPermissionChangerTest { | |||
private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
private PermissionService permissionService = new PermissionServiceImpl(resourceTypes); | |||
private GroupPermissionChanger underTest = new GroupPermissionChanger(db.getDbClient(), new SequenceUuidFactory()); | |||
private OrganizationDto org; | |||
private GroupDto group; | |||
private ComponentDto privateProject; | |||
private ComponentDto publicProject; | |||
@Before | |||
public void setUp() { | |||
org = db.organizations().insert(); | |||
group = db.users().insertGroup("a-group"); | |||
privateProject = db.components().insertPrivateProject(org); | |||
publicProject = db.components().insertPublicProject(org); | |||
privateProject = db.components().insertPrivateProject(); | |||
publicProject = db.components().insertPublicProject(); | |||
} | |||
@Test | |||
public void apply_adds_organization_permission_to_group() { | |||
public void apply_adds_global_permission_to_group() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); | |||
@@ -80,7 +77,7 @@ public class GroupPermissionChangerTest { | |||
} | |||
@Test | |||
public void apply_adds_organization_permission_to_group_AnyOne() { | |||
public void apply_adds_global_permission_to_group_AnyOne() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); | |||
@@ -318,7 +315,7 @@ public class GroupPermissionChangerTest { | |||
public void fail_to_add_global_permission_but_SCAN_and_ADMIN_on_private_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
permissionService.getAllOrganizationPermissions().stream() | |||
permissionService.getGlobalPermissions().stream() | |||
.map(OrganizationPermission::getKey) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) | |||
.forEach(perm -> { | |||
@@ -336,7 +333,7 @@ public class GroupPermissionChangerTest { | |||
public void fail_to_add_global_permission_but_SCAN_and_ADMIN_on_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
permissionService.getAllOrganizationPermissions().stream() | |||
permissionService.getGlobalPermissions().stream() | |||
.map(OrganizationPermission::getKey) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) | |||
.forEach(perm -> { |
@@ -35,7 +35,6 @@ import org.sonar.db.permission.OrganizationPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.organization.TestDefaultOrganizationProvider; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
@@ -60,7 +59,7 @@ public class UserPermissionChangerTest { | |||
private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
private PermissionService permissionService = new PermissionServiceImpl(resourceTypes); | |||
private UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory(), TestDefaultOrganizationProvider.from(db)); | |||
private UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory()); | |||
private UserDto user1; | |||
private UserDto user2; | |||
private ComponentDto privateProject; | |||
@@ -75,8 +74,8 @@ public class UserPermissionChangerTest { | |||
} | |||
@Test | |||
public void apply_adds_any_organization_permission_to_user() { | |||
permissionService.getAllOrganizationPermissions().stream() | |||
public void apply_adds_any_global_permission_to_user() { | |||
permissionService.getGlobalPermissions().stream() | |||
.forEach(perm -> { | |||
UserPermissionChange change = new UserPermissionChange(ADD, perm.getKey(), null, UserId.from(user1), permissionService); | |||
@@ -90,12 +89,12 @@ public class UserPermissionChangerTest { | |||
public void apply_removes_any_organization_permission_to_user() { | |||
// give ADMIN perm to user2 so that user1 is not the only one with this permission and it can be removed from user1 | |||
db.users().insertPermissionOnUser(user2, OrganizationPermission.ADMINISTER); | |||
permissionService.getAllOrganizationPermissions().stream() | |||
permissionService.getGlobalPermissions().stream() | |||
.forEach(perm -> db.users().insertPermissionOnUser(user1, perm)); | |||
assertThat(db.users().selectPermissionsOfUser(user1)) | |||
.containsOnly(permissionService.getAllOrganizationPermissions().toArray(new OrganizationPermission[0])); | |||
.containsOnly(permissionService.getGlobalPermissions().toArray(new OrganizationPermission[0])); | |||
permissionService.getAllOrganizationPermissions().stream() | |||
permissionService.getGlobalPermissions().stream() | |||
.forEach(perm -> { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, perm.getKey(), null, UserId.from(user1), permissionService); | |||
@@ -28,7 +28,6 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -51,7 +50,6 @@ import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubView; | |||
import static org.sonar.db.component.ComponentTesting.newView; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
@@ -98,7 +96,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
} | |||
@Test | |||
public void reference_group_by_its_name_in_organization() { | |||
public void reference_group_by_its_name() { | |||
GroupDto group = db.users().insertGroup("the-group"); | |||
loginAsAdmin(); | |||
@@ -156,20 +154,19 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
} | |||
@Test | |||
public void add_with_view_uuid() { | |||
OrganizationDto organizationDto = db.getDefaultOrganization(); | |||
public void add_with_portfolio_uuid() { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
ComponentDto view = db.components().insertComponent(newView(organizationDto, "view-uuid").setDbKey("view-key")); | |||
ComponentDto portfolio = db.components().insertPrivatePortfolio(); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, view.uuid()) | |||
.setParam(PARAM_PROJECT_ID, portfolio.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
assertThat(db.users().selectGroupPermissions(group, view)).containsOnly(SYSTEM_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(group, portfolio)).containsOnly(SYSTEM_ADMIN); | |||
} | |||
@Test | |||
@@ -187,28 +184,32 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void fail_when_component_is_a_module() { | |||
ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()))); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto module = db.components().insertComponent(newModuleDto(project)); | |||
failIfComponentIsNotAProjectOrView(module); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_directory() { | |||
ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_file() { | |||
ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_subview() { | |||
ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert()))); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newSubView(project)); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@@ -239,9 +240,8 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void adding_a_project_permission_fails_if_component_is_not_a_project() { | |||
OrganizationDto organizationDto = db.getDefaultOrganization(); | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, A_PROJECT_UUID).setDbKey(A_PROJECT_KEY)); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(ComponentTesting.newFileDto(project, null, "file-uuid")); | |||
loginAsAdmin(); | |||
@@ -292,7 +292,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
} | |||
@Test | |||
public void fail_if_not_administrator_of_organization() { | |||
public void fail_if_not_global_administrator() { | |||
GroupDto group = db.users().insertGroup(); | |||
loginAsAdmin(); | |||
@@ -306,7 +306,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void fail_when_project_uuid_and_project_key_are_provided() { | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert())); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
loginAsAdmin(); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -388,8 +388,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void no_effect_when_adding_USER_permission_to_group_AnyOne_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
@@ -403,8 +402,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void no_effect_when_adding_CODEVIEWER_permission_to_group_AnyOne_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
@@ -418,9 +416,8 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void no_effect_when_adding_USER_permission_to_group_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
@@ -434,9 +431,8 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void no_effect_when_adding_CODEVIEWER_permission_to_group_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
@@ -450,9 +446,8 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void fail_when_using_branch_db_key() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
@@ -468,9 +463,8 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void fail_when_using_branch_uuid() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
@@ -25,9 +25,7 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -45,11 +43,9 @@ import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubView; | |||
import static org.sonar.db.component.ComponentTesting.newView; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
@@ -65,7 +61,6 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
@Before | |||
public void setUp() { | |||
user = db.users().insertUser("ray.bradbury"); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
} | |||
@Override | |||
@@ -145,28 +140,32 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
@Test | |||
public void fail_when_component_is_a_module() { | |||
ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()))); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto module = db.components().insertComponent(newModuleDto(project)); | |||
failIfComponentIsNotAProjectOrView(module); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_directory() { | |||
ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_file() { | |||
ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_subview() { | |||
ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert()))); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newSubView(project)); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@@ -198,7 +197,8 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
@Test | |||
public void fail_when_component_is_not_a_project() { | |||
db.components().insertComponent(newFileDto(newPrivateProjectDto(db.organizations().insert(), "project-uuid"), null, "file-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.components().insertComponent(newFileDto(project, null, "file-uuid")); | |||
loginAsAdmin(); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -262,7 +262,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
} | |||
@Test | |||
public void adding_global_permission_fails_if_not_administrator_of_organization() { | |||
public void adding_global_permission_fails_if_not_system_administrator() { | |||
userSession.logIn(); | |||
expectedException.expect(ForbiddenException.class); | |||
@@ -351,8 +351,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
@Test | |||
public void fail_when_using_branch_uuid() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
@@ -360,7 +359,6 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid())); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) |
@@ -85,7 +85,7 @@ public abstract class BasePermissionWsTest<A extends PermissionsWsAction> { | |||
protected PermissionUpdater newPermissionUpdater() { | |||
return new PermissionUpdater( | |||
new ProjectIndexersImpl(new PermissionIndexer(db.getDbClient(), es.client())), | |||
new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory(), defaultOrganizationProvider), | |||
new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory()), | |||
new GroupPermissionChanger(db.getDbClient(), new SequenceUuidFactory())); | |||
} | |||
@@ -103,7 +103,6 @@ public abstract class BasePermissionWsTest<A extends PermissionsWsAction> { | |||
protected PermissionTemplateDto addTemplate() { | |||
PermissionTemplateDto dto = newPermissionTemplateDto(); | |||
dto.setOrganizationUuid(db.getDefaultOrganization().getUuid()); | |||
db.getDbClient().permissionTemplateDao().insert(db.getSession(), dto); | |||
db.commit(); | |||
return dto; |
@@ -27,9 +27,7 @@ import org.sonar.api.security.DefaultGroups; | |||
import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -178,12 +176,11 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
@Test | |||
public void search_groups_with_project_permissions() { | |||
OrganizationDto organizationDto = db.getDefaultOrganization(); | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
GroupDto group = db.users().insertGroup("project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
ComponentDto anotherProject = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(organizationDto)); | |||
ComponentDto anotherProject = db.components().insertPrivateProject(); | |||
GroupDto anotherGroup = db.users().insertGroup("another-project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(anotherGroup, ISSUE_ADMIN, anotherProject); | |||
@@ -192,7 +189,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, "project-uuid") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.execute() | |||
.getInput(); | |||
@@ -203,8 +200,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
@Test | |||
public void return_also_groups_without_permission_when_search_query() { | |||
OrganizationDto organizationDto = db.getDefaultOrganization(); | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
GroupDto group = db.users().insertGroup("group-with-permission"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
@@ -214,7 +210,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, "project-uuid") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(TEXT_QUERY, "group-with") | |||
.execute() | |||
.getInput(); | |||
@@ -245,8 +241,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
@Test | |||
public void return_anyone_group_when_search_query_and_no_param_permission() { | |||
OrganizationDto organizationDto = db.organizations().insert(); | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
GroupDto group = db.users().insertGroup("group-with-permission"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
@@ -301,15 +296,15 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
@Test | |||
public void fail_if_project_uuid_and_project_key_are_provided() { | |||
db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), "project-uuid").setDbKey("project-key")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
expectedException.expect(BadRequestException.class); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN_EXECUTION) | |||
.setParam(PARAM_PROJECT_ID, "project-uuid") | |||
.setParam(PARAM_PROJECT_KEY, "project-key") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
} | |||
@@ -28,9 +28,7 @@ import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.Uuids; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
@@ -56,7 +54,6 @@ import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
@@ -209,28 +206,32 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void fail_when_component_is_a_module() { | |||
ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()))); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto module = db.components().insertComponent(newModuleDto(project)); | |||
failIfComponentIsNotAProjectOrView(module); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_directory() { | |||
ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_file() { | |||
ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_subview() { | |||
ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert()))); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newSubView(project)); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@@ -308,16 +309,8 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
.execute(); | |||
} | |||
private void executeRequest(GroupDto groupDto, OrganizationDto organizationDto, String permission) { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, groupDto.getName()) | |||
.setParam(PARAM_PERMISSION, permission) | |||
.setParam(PARAM_ORGANIZATION, organizationDto.getKey()) | |||
.execute(); | |||
} | |||
@Test | |||
public void removing_global_permission_fails_if_not_administrator_of_organization() { | |||
public void removing_global_permission_fails_if_not_system_administrator() { | |||
userSession.logIn(); | |||
expectedException.expect(ForbiddenException.class); | |||
@@ -382,8 +375,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void fail_when_removing_USER_permission_from_group_AnyOne_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -398,8 +390,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void fail_when_removing_CODEVIEWER_permission_from_group_AnyOne_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -414,16 +405,14 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void fail_when_removing_USER_permission_from_group_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
expectedException.expect(BadRequestException.class); | |||
expectedException.expectMessage("Permission user can't be removed from a public component"); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, USER) | |||
@@ -432,16 +421,14 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void fail_when_removing_CODEVIEWER_permission_from_group_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
expectedException.expect(BadRequestException.class); | |||
expectedException.expectMessage("Permission codeviewer can't be removed from a public component"); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
@@ -450,9 +437,8 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void fail_when_using_branch_db_key() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
@@ -460,7 +446,6 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
expectedException.expectMessage(format("Project key '%s' not found", branch.getDbKey())); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, branch.getDbKey()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
@@ -469,9 +454,8 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void fail_when_using_branch_uuid() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
@@ -479,7 +463,6 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid())); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) |
@@ -25,9 +25,7 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -48,13 +46,10 @@ import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newModuleDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubView; | |||
import static org.sonar.db.component.ComponentTesting.newView; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
@@ -111,7 +106,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void remove_permission_from_project() { | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY)); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
@@ -127,7 +122,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void remove_with_project_key() { | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY)); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); | |||
loginAsAdmin(); | |||
@@ -143,7 +138,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void remove_with_view_uuid() { | |||
ComponentDto view = db.components().insertComponent(newView(db.organizations().insert(), "view-uuid").setDbKey("view-key")); | |||
ComponentDto view = db.components().insertView(); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnUser(user, ADMIN, view); | |||
loginAsAdmin(); | |||
@@ -184,28 +179,32 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void fail_when_component_is_a_module() { | |||
ComponentDto module = db.components().insertComponent(newModuleDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()))); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto module = db.components().insertComponent(newModuleDto(project)); | |||
failIfComponentIsNotAProjectOrView(module); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_directory() { | |||
ComponentDto file = db.components().insertComponent(newDirectory(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), "A/B")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newDirectory(project, "A/B")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_file() { | |||
ComponentDto file = db.components().insertComponent(newFileDto(ComponentTesting.newPrivateProjectDto(db.organizations().insert()), null, "file-uuid")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto file = db.components().insertComponent(newFileDto(project, null, "file-uuid")); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@Test | |||
public void fail_when_component_is_a_subview() { | |||
ComponentDto file = db.components().insertComponent(newSubView(ComponentTesting.newView(db.organizations().insert()))); | |||
ComponentDto portfolio = db.components().insertPrivatePortfolio(); | |||
ComponentDto file = db.components().insertComponent(newSubView(portfolio)); | |||
failIfComponentIsNotAProjectOrView(file); | |||
} | |||
@@ -260,7 +259,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void fail_when_project_uuid_and_project_key_are_provided() { | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY)); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
loginAsAdmin(); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -275,7 +274,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
} | |||
@Test | |||
public void removing_global_permission_fails_if_not_administrator_of_organization() { | |||
public void removing_global_permission_fails_if_not_system_administrator() { | |||
userSession.logIn(); | |||
expectedException.expect(ForbiddenException.class); | |||
@@ -321,8 +320,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void fail_when_removing_USER_permission_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -337,8 +335,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void fail_when_removing_CODEVIEWER_permission_on_a_public_project() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -353,8 +350,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void fail_when_using_branch_db_key() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
@@ -362,7 +358,6 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
expectedException.expectMessage(format("Project key '%s' not found", branch.getDbKey())); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, branch.getDbKey()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
@@ -371,8 +366,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void fail_when_using_branch_uuid() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
@@ -380,7 +374,6 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid())); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) |
@@ -19,6 +19,7 @@ | |||
*/ | |||
package org.sonar.server.permission.ws; | |||
import java.util.stream.IntStream; | |||
import org.junit.Before; | |||
import org.junit.Test; | |||
import org.sonar.api.resources.Qualifiers; | |||
@@ -28,7 +29,6 @@ import org.sonar.db.component.ComponentDbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -188,11 +188,7 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea | |||
@Test | |||
public void has_projects_ordered_by_name() { | |||
OrganizationDto organizationDto = db.organizations().insert(); | |||
for (int i = 9; i >= 1; i--) { | |||
db.components().insertComponent(ComponentTesting.newPrivateProjectDto(organizationDto) | |||
.setName("project-name-" + i)); | |||
} | |||
IntStream.rangeClosed(1, 9).forEach(i -> db.components().insertPrivateProject(p -> p.setName("project-name-" + i))); | |||
String result = newRequest() | |||
.setParam(PAGE, "1") | |||
@@ -206,8 +202,8 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea | |||
@Test | |||
public void search_by_query_on_name() { | |||
componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()).setName("project-name")); | |||
componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()).setName("another-name")); | |||
db.components().insertPrivateProject(p -> p.setName("project-name")); | |||
db.components().insertPrivateProject(p -> p.setName("another-name")); | |||
String result = newRequest() | |||
.setParam(TEXT_QUERY, "project") | |||
@@ -219,9 +215,8 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea | |||
@Test | |||
public void search_by_query_on_key_must_match_exactly() { | |||
OrganizationDto organizationDto = db.organizations().insert(); | |||
componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(organizationDto).setDbKey("project-key")); | |||
componentDb.insertProjectAndSnapshot(ComponentTesting.newPrivateProjectDto(organizationDto).setDbKey("another-key")); | |||
db.components().insertPrivateProject(p -> p.setDbKey("project-key")); | |||
db.components().insertPrivateProject(p -> p.setDbKey("another-key")); | |||
String result = newRequest() | |||
.setParam(TEXT_QUERY, "project-key") | |||
@@ -234,9 +229,9 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea | |||
@Test | |||
public void handle_more_than_1000_projects() { | |||
for (int i = 1; i <= 1001; i++) { | |||
componentDb.insertProjectAndSnapshot(newPrivateProjectDto(db.getDefaultOrganization(), "project-uuid-" + i)); | |||
} | |||
IntStream.rangeClosed(1, 1001).forEach(i -> { | |||
db.components().insertPrivateProject("project-uuid-" + i); | |||
}); | |||
String result = newRequest() | |||
.setParam(TEXT_QUERY, "project") | |||
@@ -249,9 +244,8 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea | |||
@Test | |||
public void filter_by_qualifier() { | |||
OrganizationDto organizationDto = db.organizations().insert(); | |||
db.components().insertComponent(newView(organizationDto, "view-uuid")); | |||
db.components().insertComponent(newPrivateProjectDto(organizationDto, "project-uuid")); | |||
ComponentDto portfolio = db.components().insertPrivatePortfolio(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
Permissions.SearchProjectPermissionsWsResponse result = newRequest() | |||
.setParam(PARAM_QUALIFIER, Qualifiers.PROJECT) | |||
@@ -259,8 +253,8 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea | |||
assertThat(result.getProjectsList()) | |||
.extracting("id") | |||
.contains("project-uuid") | |||
.doesNotContain("view-uuid"); | |||
.contains(project.uuid()) | |||
.doesNotContain(portfolio.uuid()); | |||
} | |||
@Test |
@@ -26,9 +26,7 @@ import org.sonar.api.server.ws.WebService.Param; | |||
import org.sonar.api.server.ws.WebService.SelectionMode; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -47,7 +45,6 @@ import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; | |||
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
@@ -55,7 +52,6 @@ import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.user.UserTesting.newUserDto; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
@@ -76,11 +72,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void search_for_users_with_response_example() { | |||
UserDto user1 = db.users().insertUser(newUserDto().setLogin("admin").setName("Administrator").setEmail("admin@admin.com")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user1); | |||
UserDto user2 = db.users().insertUser(newUserDto().setLogin("adam.west").setName("Adam West").setEmail("adamwest@adamwest.com")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user2); | |||
UserDto user3 = db.users().insertUser(newUserDto().setLogin("george.orwell").setName("George Orwell").setEmail("george.orwell@1984.net")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user3); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES); | |||
@@ -105,20 +98,17 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void search_for_users_with_permission_on_project() { | |||
// User has permission on project | |||
ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization())); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto()); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
// User has permission on another project | |||
ComponentDto anotherProject = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization())); | |||
ComponentDto anotherProject = db.components().insertPrivateProject(); | |||
UserDto userHavePermissionOnAnotherProject = db.users().insertUser(newUserDto()); | |||
db.organizations().addMember(db.getDefaultOrganization(), userHavePermissionOnAnotherProject); | |||
db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, ISSUE_ADMIN, anotherProject); | |||
// User has no permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto()); | |||
db.organizations().addMember(db.getDefaultOrganization(), withoutPermission); | |||
userSession.logIn().addProjectPermission(SYSTEM_ADMIN, project); | |||
String result = newRequest() | |||
@@ -135,16 +125,13 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void search_also_for_users_without_permission_when_filtering_name() { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert())); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
// User without permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); | |||
db.organizations().addMember(db.getDefaultOrganization(), withoutPermission); | |||
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user")); | |||
db.organizations().addMember(db.getDefaultOrganization(), anotherUser); | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
@@ -159,16 +146,13 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void search_also_for_users_without_permission_when_filtering_email() { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert())); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
// User without permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); | |||
db.organizations().addMember(db.getDefaultOrganization(), withoutPermission); | |||
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user")); | |||
db.organizations().addMember(db.getDefaultOrganization(), anotherUser); | |||
loginAsAdmin(); | |||
String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "email").execute().getInput(); | |||
@@ -179,16 +163,13 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void search_also_for_users_without_permission_when_filtering_login() { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertComponent(ComponentTesting.newPrivateProjectDto(db.organizations().insert())); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
// User without permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); | |||
db.organizations().addMember(db.getDefaultOrganization(), withoutPermission); | |||
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user")); | |||
db.organizations().addMember(db.getDefaultOrganization(), anotherUser); | |||
loginAsAdmin(); | |||
String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "login").execute().getInput(); | |||
@@ -228,7 +209,6 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
public void search_for_users_is_paginated() { | |||
for (int i = 9; i >= 0; i--) { | |||
UserDto user = db.users().insertUser(newUserDto().setName("user-" + i)); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
db.users().insertPermissionOnUser(user, ADMINISTER); | |||
db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES); | |||
} | |||
@@ -271,7 +251,6 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
loginAsAdmin(); | |||
for (int i = 0; i < 30; i++) { | |||
UserDto user = db.users().insertUser(newUserDto().setLogin("user-" + i)); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
db.users().insertPermissionOnUser(user, SCAN); | |||
db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); | |||
} | |||
@@ -320,7 +299,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void fail_if_project_uuid_and_project_key_are_provided() { | |||
db.components().insertComponent(newPrivateProjectDto(db.organizations().insert(), "project-uuid").setDbKey("project-key")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
loginAsAdmin(); | |||
expectedException.expect(BadRequestException.class); | |||
@@ -328,8 +307,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, "project-uuid") | |||
.setParam(PARAM_PROJECT_KEY, "project-key") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
} | |||
@@ -345,9 +324,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void fail_when_using_branch_db_key() throws Exception { | |||
OrganizationDto organization = db.organizations().insert(); | |||
UserDto user = db.users().insertUser(newUserDto()); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
@@ -356,7 +334,6 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
expectedException.expectMessage(format("Project key '%s' not found", branch.getDbKey())); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, branch.getDbKey()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
@@ -365,9 +342,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
@Test | |||
public void fail_when_using_branch_uuid() { | |||
OrganizationDto organization = db.organizations().insert(); | |||
UserDto user = db.users().insertUser(newUserDto()); | |||
ComponentDto project = db.components().insertPublicProject(organization); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
@@ -376,7 +352,6 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
expectedException.expectMessage(format("Project id '%s' not found", branch.uuid())); | |||
newRequest() | |||
.setParam(PARAM_ORGANIZATION, organization.getKey()) | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
@@ -385,11 +360,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
private void insertUsersHavingGlobalPermissions() { | |||
UserDto user1 = db.users().insertUser(newUserDto("login-1", "name-1", "email-1")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user1); | |||
UserDto user2 = db.users().insertUser(newUserDto("login-2", "name-2", "email-2")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user2); | |||
UserDto user3 = db.users().insertUser(newUserDto("login-3", "name-3", "email-3")); | |||
db.organizations().addMember(db.getDefaultOrganization(), user3); | |||
db.users().insertPermissionOnUser(user1, SCAN); | |||
db.users().insertPermissionOnUser(user2, SCAN); | |||
db.users().insertPermissionOnUser(user3, ADMINISTER); |
@@ -158,7 +158,7 @@ public class AddGroupToTemplateActionTest extends BasePermissionWsTest<AddGroupT | |||
} | |||
@Test | |||
public void fail_if_not_admin_of_default_organization() { | |||
public void fail_if_not_admin() { | |||
userSession.logIn(); | |||
expectedException.expect(ForbiddenException.class); |
@@ -129,7 +129,7 @@ public class AddProjectCreatorToTemplateActionTest extends BasePermissionWsTest< | |||
} | |||
@Test | |||
public void fail_if_not_admin_of_default_organization() { | |||
public void fail_if_not_admin() { | |||
userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES); | |||
expectedException.expect(ForbiddenException.class); |
@@ -27,7 +27,6 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -44,8 +43,8 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN; | |||
@@ -65,7 +64,6 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT | |||
@Before | |||
public void setUp() { | |||
user = db.users().insertUser("user-login"); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
permissionTemplate = db.permissionTemplates().insertTemplate(); | |||
} | |||
@@ -91,22 +89,6 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT | |||
assertThat(getLoginsInTemplateAndPermission(permissionTemplate, CODEVIEWER)).containsExactly(user.getLogin()); | |||
} | |||
@Test | |||
public void add_user_to_template_by_name_and_organization() { | |||
OrganizationDto organizationDto = db.organizations().insert(); | |||
PermissionTemplateDto permissionTemplate = db.permissionTemplates().insertTemplate(); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase()) | |||
.setParam(PARAM_ORGANIZATION, organizationDto.getKey()) | |||
.execute(); | |||
assertThat(getLoginsInTemplateAndPermission(permissionTemplate, CODEVIEWER)).containsExactly(user.getLogin()); | |||
} | |||
@Test | |||
public void does_not_add_a_user_twice() { | |||
loginAsAdmin(); | |||
@@ -127,7 +109,7 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT | |||
} | |||
@Test | |||
public void fail_if_not_admin_of_default_organization() { | |||
public void fail_if_not_admin() { | |||
userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES); | |||
expectedException.expect(ForbiddenException.class); | |||
@@ -188,7 +170,7 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT | |||
request.setParam(PARAM_USER_LOGIN, userLogin); | |||
} | |||
if (templateKey != null) { | |||
request.setParam(org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID, templateKey); | |||
request.setParam(PARAM_TEMPLATE_ID, templateKey); | |||
} | |||
if (permission != null) { | |||
request.setParam(PARAM_PERMISSION, permission); | |||
@@ -203,7 +185,4 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT | |||
.selectUserLoginsByQueryAndTemplate(db.getSession(), permissionQuery, template.getUuid()); | |||
} | |||
private void addUserAsMemberOfOrganization(OrganizationDto organization) { | |||
db.organizations().addMember(organization, user); | |||
} | |||
} |
@@ -35,7 +35,6 @@ import org.sonar.server.es.TestProjectIndexers; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.exceptions.NotFoundException; | |||
import org.sonar.server.organization.TestDefaultOrganizationProvider; | |||
import org.sonar.server.permission.DefaultTemplatesResolverRule; | |||
import org.sonar.server.permission.PermissionTemplateService; | |||
import org.sonar.server.permission.ws.BasePermissionWsTest; | |||
@@ -71,9 +70,7 @@ public class ApplyTemplateActionTest extends BasePermissionWsTest<ApplyTemplateA | |||
@Before | |||
public void setUp() { | |||
user1 = db.users().insertUser(); | |||
db.organizations().addMember(db.getDefaultOrganization(), user1); | |||
user2 = db.users().insertUser(); | |||
db.organizations().addMember(db.getDefaultOrganization(), user2); | |||
group1 = db.users().insertGroup(); | |||
group2 = db.users().insertGroup(); | |||
@@ -30,7 +30,6 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.organization.OrganizationDto; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -101,8 +100,7 @@ public class BulkApplyTemplateActionTest extends BasePermissionWsTest<BulkApplyT | |||
@Test | |||
public void bulk_apply_template_by_template_uuid() { | |||
// this project should not be applied the template | |||
OrganizationDto otherOrganization = db.organizations().insert(); | |||
db.components().insertPrivateProject(otherOrganization); | |||
db.components().insertPrivateProject(); | |||
ComponentDto privateProject = db.components().insertPrivateProject(); | |||
ComponentDto publicProject = db.components().insertPublicProject(); |
@@ -45,6 +45,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN; | |||
@@ -67,7 +68,6 @@ public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<Remov | |||
@Before | |||
public void setUp() { | |||
user = db.users().insertUser("user-login"); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
template = db.permissionTemplates().insertTemplate(); | |||
addUserToTemplate(user, template, DEFAULT_PERMISSION); | |||
} | |||
@@ -115,7 +115,6 @@ public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<Remov | |||
@Test | |||
public void keep_other_users_when_one_user_removed() { | |||
UserDto newUser = db.users().insertUser("new-login"); | |||
db.organizations().addMember(db.getDefaultOrganization(), newUser); | |||
addUserToTemplate(newUser, template, DEFAULT_PERMISSION); | |||
loginAsAdmin(); | |||
@@ -204,7 +203,7 @@ public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<Remov | |||
request.setParam(PARAM_USER_LOGIN, userLogin); | |||
} | |||
if (templateKey != null) { | |||
request.setParam(org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID, templateKey); | |||
request.setParam(PARAM_TEMPLATE_ID, templateKey); | |||
} | |||
if (permission != null) { | |||
request.setParam(PARAM_PERMISSION, permission); |
@@ -316,7 +316,6 @@ public class SearchTemplatesActionTest extends BasePermissionWsTest<SearchTempla | |||
private PermissionTemplateDto insertProjectTemplate(String uuid) { | |||
return insertTemplate(newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setUuid(uuid) | |||
.setName("Default template for Projects") | |||
.setDescription("Template for new projects") | |||
@@ -327,7 +326,6 @@ public class SearchTemplatesActionTest extends BasePermissionWsTest<SearchTempla | |||
private PermissionTemplateDto insertPortfoliosTemplate() { | |||
return insertTemplate(newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setUuid(UUID_EXAMPLE_02) | |||
.setName("Default template for Portfolios") | |||
.setDescription("Template for new portfolios") | |||
@@ -338,7 +336,6 @@ public class SearchTemplatesActionTest extends BasePermissionWsTest<SearchTempla | |||
private PermissionTemplateDto insertApplicationsTemplate() { | |||
return insertTemplate(newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setUuid(UUID_EXAMPLE_10) | |||
.setName("Default template for Applications") | |||
.setDescription("Template for new applications") |
@@ -189,7 +189,6 @@ public class SetDefaultTemplateActionTest extends BasePermissionWsTest<SetDefaul | |||
private PermissionTemplateDto insertTemplate() { | |||
PermissionTemplateDto res = dbClient.permissionTemplateDao().insert(db.getSession(), PermissionTemplateTesting.newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setUuid("permission-template-uuid")); | |||
db.commit(); | |||
return res; |
@@ -224,7 +224,6 @@ public class TemplateUsersActionTest extends BasePermissionWsTest<TemplateUsersA | |||
PermissionTemplateDto otherTemplate = db.permissionTemplates().insertTemplate(); | |||
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
UserDto user = db.users().insertUser("User-" + i); | |||
db.organizations().addMember(db.getDefaultOrganization(), user); | |||
db.permissionTemplates().addUserToTemplate(otherTemplate, user, UserRole.USER); | |||
}); | |||
String lastLogin = "User-" + (DEFAULT_PAGE_SIZE + 1); | |||
@@ -306,7 +305,6 @@ public class TemplateUsersActionTest extends BasePermissionWsTest<TemplateUsersA | |||
private UserDto insertUser(UserDto userDto) { | |||
db.users().insertUser(userDto); | |||
db.organizations().addMember(db.getDefaultOrganization(), userDto); | |||
return userDto; | |||
} | |||
@@ -35,8 +35,8 @@ import org.sonar.server.ws.TestRequest; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.mockito.Mockito.spy; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; | |||
import static org.sonar.db.permission.OrganizationPermission.SCAN; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ID; | |||
@@ -57,7 +57,6 @@ public class UpdateTemplateActionTest extends BasePermissionWsTest<UpdateTemplat | |||
public void setUp() { | |||
when(system.now()).thenReturn(1_440_512_328_743L); | |||
template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto() | |||
.setOrganizationUuid(db.getDefaultOrganization().getUuid()) | |||
.setName("Permission Template Name") | |||
.setDescription("Permission Template Description") | |||
.setKeyPattern(".*\\.pattern\\..*") |
@@ -109,7 +109,7 @@ public class UpdateVisibilityActionTest { | |||
private ProjectsWsSupport wsSupport = new ProjectsWsSupport(dbClient, TestDefaultOrganizationProvider.from(dbTester), billingValidations); | |||
private UpdateVisibilityAction underTest = new UpdateVisibilityAction(dbClient, TestComponentFinder.from(dbTester), | |||
userSessionRule, projectIndexers, wsSupport, new SequenceUuidFactory(), TestDefaultOrganizationProvider.from(dbTester)); | |||
userSessionRule, projectIndexers, wsSupport, new SequenceUuidFactory()); | |||
private WsActionTester ws = new WsActionTester(underTest); | |||
private final Random random = new Random(); | |||
@@ -677,7 +677,7 @@ public class UpdateVisibilityActionTest { | |||
private void unsafeInsertProjectPermissionOnUser(ComponentDto component, UserDto user, String permission) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), component.uuid()); | |||
dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto, dbTester.getDefaultOrganization().getUuid()); | |||
dbTester.getDbClient().userPermissionDao().insert(dbTester.getSession(), dto); | |||
dbTester.commit(); | |||
} | |||
@@ -48,8 +48,6 @@ import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.exceptions.NotFoundException; | |||
import org.sonar.server.exceptions.UnauthorizedException; | |||
import org.sonar.server.organization.DefaultOrganizationProvider; | |||
import org.sonar.server.organization.TestDefaultOrganizationProvider; | |||
import org.sonar.server.tester.UserSessionRule; | |||
import org.sonar.server.user.index.UserIndexDefinition; | |||
import org.sonar.server.user.index.UserIndexer; | |||
@@ -77,25 +75,21 @@ public class DeactivateActionTest { | |||
@Rule | |||
public ExpectedException expectedException = ExpectedException.none(); | |||
@Rule | |||
public DbTester db = DbTester.create(system2); | |||
@Rule | |||
public EsTester es = EsTester.create(); | |||
@Rule | |||
public UserSessionRule userSession = UserSessionRule.standalone(); | |||
private final DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db); | |||
private final DbClient dbClient = db.getDbClient(); | |||
private final UserIndexer userIndexer = new UserIndexer(dbClient, es.client()); | |||
private final DbSession dbSession = db.getSession(); | |||
private final WsActionTester ws = new WsActionTester(new DeactivateAction(dbClient, userIndexer, userSession, | |||
new UserJsonWriter(userSession), defaultOrganizationProvider)); | |||
private final WsActionTester ws = new WsActionTester(new DeactivateAction(dbClient, userIndexer, userSession, new UserJsonWriter(userSession))); | |||
@Test | |||
public void deactivate_user_and_delete_his_related_data() { | |||
createAdminUser(); | |||
UserDto user = db.users().insertUser(u -> u | |||
.setLogin("ada.lovelace") | |||
.setEmail("ada.lovelace@noteg.com") | |||
@@ -115,6 +109,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_group_membership() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
GroupDto group1 = db.users().insertGroup(); | |||
@@ -128,6 +123,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_tokens() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertToken(user); | |||
@@ -141,6 +137,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_properties() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
@@ -156,6 +153,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_permissions() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
@@ -172,6 +170,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_permission_templates() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
PermissionTemplateDto template = db.permissionTemplates().insertTemplate(); | |||
@@ -189,6 +188,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_qprofiles_permissions() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
QProfileDto profile = db.qualityProfiles().insert(); | |||
@@ -201,6 +201,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_default_assignee_settings() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
@@ -217,6 +218,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_organization_membership() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
OrganizationDto organization = db.organizations().insert(); | |||
@@ -232,6 +234,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_user_settings() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertUserSetting(user); | |||
@@ -247,10 +250,9 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_alm_pat() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
AlmSettingDto almSettingDto = db.almSettings().insertBitbucketAlmSetting(); | |||
UserDto user = db.users().insertUser(); | |||
db.almPats().insert(p -> p.setUserUuid(user.getUuid()), p -> p.setAlmSettingUuid(almSettingDto.getUuid())); | |||
UserDto anotherUser = db.users().insertUser(); | |||
@@ -264,6 +266,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_session_tokens() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
SessionTokenDto sessionToken1 = db.users().insertSessionToken(user); | |||
@@ -280,6 +283,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivate_user_deletes_his_dismissed_messages() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
ProjectDto project1 = db.components().insertPrivateProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProjectDto(); | |||
@@ -301,6 +305,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void user_cannot_deactivate_itself_on_sonarqube() { | |||
createAdminUser(); | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user.getLogin()).setSystemAdministrator(); | |||
@@ -314,6 +319,8 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivation_requires_to_be_logged_in() { | |||
createAdminUser(); | |||
expectedException.expect(UnauthorizedException.class); | |||
expectedException.expectMessage("Authentication is required"); | |||
@@ -322,6 +329,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void deactivation_requires_administrator_permission_on_sonarqube() { | |||
createAdminUser(); | |||
userSession.logIn(); | |||
expectedException.expect(ForbiddenException.class); | |||
@@ -332,6 +340,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void fail_if_user_does_not_exist() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
expectedException.expect(NotFoundException.class); | |||
@@ -342,6 +351,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void fail_if_login_is_blank() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
expectedException.expect(IllegalArgumentException.class); | |||
@@ -352,6 +362,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void fail_if_login_is_missing() { | |||
createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
expectedException.expect(IllegalArgumentException.class); | |||
@@ -374,11 +385,8 @@ public class DeactivateActionTest { | |||
@Test | |||
public void administrators_can_be_deactivated_if_there_are_still_other_administrators() { | |||
UserDto admin = db.users().insertUser(); | |||
UserDto anotherAdmin = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(admin, ADMINISTER); | |||
db.users().insertPermissionOnUser(anotherAdmin, ADMINISTER); | |||
db.commit(); | |||
UserDto admin = createAdminUser();; | |||
UserDto anotherAdmin = createAdminUser(); | |||
logInAsSystemAdministrator(); | |||
deactivate(admin.getLogin()); | |||
@@ -396,6 +404,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void test_example() { | |||
createAdminUser(); | |||
UserDto user = db.users().insertUser(u -> u | |||
.setLogin("ada.lovelace") | |||
.setEmail("ada.lovelace@noteg.com") | |||
@@ -436,4 +445,11 @@ public class DeactivateActionTest { | |||
assertThat(user.get().getScmAccountsAsList()).isEmpty(); | |||
} | |||
private UserDto createAdminUser() { | |||
UserDto admin = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(admin, ADMINISTER); | |||
db.commit(); | |||
return admin; | |||
} | |||
} |
@@ -154,7 +154,7 @@ public class DeleteActionTest { | |||
insertDefaultGroup(); | |||
GroupDto group = db.users().insertGroup(); | |||
PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), | |||
PermissionTemplateTesting.newPermissionTemplateDto().setOrganizationUuid(db.getDefaultOrganization().getUuid())); | |||
PermissionTemplateTesting.newPermissionTemplateDto()); | |||
db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), template.getUuid(), group.getUuid(), "perm"); | |||
db.commit(); | |||
loginAsAdmin(); |
@@ -23,7 +23,6 @@ public class PermissionsWsParameters { | |||
public static final String CONTROLLER = "api/permissions"; | |||
public static final String PARAM_PERMISSION = "permission"; | |||
public static final String PARAM_ORGANIZATION = "organization"; | |||
public static final String PARAM_GROUP_NAME = "groupName"; | |||
public static final String PARAM_GROUP_ID = "groupId"; | |||
public static final String PARAM_PROJECT_ID = "projectId"; |