@@ -55,19 +55,19 @@ public class GroupPermissionDaoIT { | |||
private static final String MISSING_UUID = "-1"; | |||
@Rule | |||
public DbTester db = DbTester.create(System2.INSTANCE); | |||
public DbTester db = DbTester.create(System2.INSTANCE, true); | |||
private final DbSession dbSession = db.getSession(); | |||
private final GroupPermissionDao underTest = new GroupPermissionDao(new NoOpAuditPersister()); | |||
@Test | |||
public void group_count_by_permission_and_component_id_on_private_projects() { | |||
public void group_count_by_permission_and_entity_id_on_private_projects() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
GroupDto group3 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project3 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project3 = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.ISSUE_ADMIN, project1); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project2); | |||
@@ -76,24 +76,24 @@ public class GroupPermissionDaoIT { | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project2); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project3); | |||
final List<CountPerProjectPermission> result = new ArrayList<>(); | |||
underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"), | |||
final List<CountPerEntityPermission> result = new ArrayList<>(); | |||
underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.getUuid(), project3.getUuid(), "789"), | |||
context -> result.add(context.getResultObject())); | |||
assertThat(result).hasSize(3); | |||
assertThat(result).extracting("permission").containsOnly(UserRole.ADMIN, UserRole.USER); | |||
assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid()); | |||
assertThat(result).extracting("entityUuid").containsOnly(project2.getUuid(), project3.getUuid()); | |||
assertThat(result).extracting("count").containsOnly(3, 1); | |||
} | |||
@Test | |||
public void group_count_by_permission_and_component_id_on_public_projects() { | |||
public void group_count_by_permission_and_entity_id_on_public_projects() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
GroupDto group3 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto project3 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPublicProject().getProjectDto(); | |||
ProjectDto project3 = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project1); | |||
db.users().insertProjectPermissionOnGroup(group1, "p2", project2); | |||
@@ -104,13 +104,13 @@ public class GroupPermissionDaoIT { | |||
db.users().insertProjectPermissionOnGroup(group1, "p3", project2); | |||
db.users().insertProjectPermissionOnGroup(group1, "p3", project3); | |||
final List<CountPerProjectPermission> result = new ArrayList<>(); | |||
underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"), | |||
final List<CountPerEntityPermission> result = new ArrayList<>(); | |||
underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.getUuid(), project3.getUuid(), "789"), | |||
context -> result.add(context.getResultObject())); | |||
assertThat(result).hasSize(3); | |||
assertThat(result).extracting("permission").containsOnly("p2", "p3"); | |||
assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid()); | |||
assertThat(result).extracting("entityUuid").containsOnly(project2.getUuid(), project3.getUuid()); | |||
assertThat(result).extracting("count").containsOnly(4, 1); | |||
} | |||
@@ -128,7 +128,7 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void selectGroupNamesByQuery_is_ordered_by_permissions_then_by_group_when_many_groups_for_global_permissions() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
GroupDto group = db.users().insertGroup("Group-" + i); | |||
// Add permission on project to be sure projects are excluded | |||
@@ -143,18 +143,18 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void selectGroupNamesByQuery_is_ordered_by_global_permissions_then_by_group_when_many_groups_for_project_permissions() { | |||
public void selectGroupNamesByQuery_is_ordered_by_global_permissions_then_by_group_when_many_groups_for_entity_permissions() { | |||
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
GroupDto group = db.users().insertGroup("Group-" + i); | |||
// Add global permission to be sure they are excluded | |||
db.users().insertPermissionOnGroup(group, GlobalPermission.SCAN.getKey()); | |||
}); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1); | |||
db.users().insertProjectPermissionOnGroup(db.users().selectGroup(lastGroupName).orElseGet(() -> fail("group not found")), GlobalPermission.SCAN.getKey(), project); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery() | |||
.setComponent(project) | |||
.setEntity(project) | |||
.build())) | |||
.hasSize(DEFAULT_PAGE_SIZE) | |||
.startsWith(ANYONE, lastGroupName, "Group-1"); | |||
@@ -186,7 +186,7 @@ public class GroupPermissionDaoIT { | |||
GroupDto group2 = db.users().insertGroup("Group-2"); | |||
GroupDto group3 = db.users().insertGroup("Group-3"); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); | |||
@@ -210,8 +210,8 @@ public class GroupPermissionDaoIT { | |||
GroupDto group2 = db.users().insertGroup(); | |||
GroupDto group3 = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto anotherProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
ProjectDto anotherProject = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
db.users().insertProjectPermissionOnGroup(group1, "p2", project); | |||
@@ -223,7 +223,7 @@ public class GroupPermissionDaoIT { | |||
db.users().insertPermissionOnGroup(group2, "p5"); | |||
PermissionQuery.Builder builderOnComponent = newQuery() | |||
.setComponent(project); | |||
.setEntity(project); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName()); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
@@ -238,8 +238,8 @@ public class GroupPermissionDaoIT { | |||
GroupDto group2 = db.users().insertGroup(); | |||
GroupDto group3 = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto anotherProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto anotherProject = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS.getKey(), project); | |||
@@ -249,7 +249,7 @@ public class GroupPermissionDaoIT { | |||
db.users().insertPermissionOnGroup(group2, GlobalPermission.SCAN); | |||
PermissionQuery.Builder builderOnComponent = newQuery() | |||
.setComponent(project); | |||
.setEntity(project); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName()); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
@@ -413,7 +413,7 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void selectProjectPermissionsOfGroup_on_public_project() { | |||
public void selectEntityPermissionsOfGroup_on_public_project() { | |||
GroupDto group1 = db.users().insertGroup("group1"); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
@@ -425,13 +425,13 @@ public class GroupPermissionDaoIT { | |||
db.users().insertProjectPermissionOnGroup(group1, "perm5", project2); | |||
db.users().insertProjectPermissionOnAnyone("perm6", project1); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
.containsOnly("perm3", "perm4"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
.containsOnly("perm5"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
.containsOnly("perm6"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
.isEmpty(); | |||
} | |||
@@ -447,9 +447,9 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void selectProjectKeysWithAnyonePermissions_on_public_project_ordered_by_kee() { | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto project3 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPublicProject().getProjectDto(); | |||
ProjectDto project3 = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnAnyone("perm1", project1); | |||
db.users().insertProjectPermissionOnAnyone("perm1", project2); | |||
db.users().insertProjectPermissionOnAnyone("perm1", project3); | |||
@@ -460,7 +460,7 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void selectProjectKeysWithAnyonePermissions_on_public_project_ordered_by_kee_max_5() { | |||
IntStream.rangeClosed(1, 9).forEach(i -> { | |||
ComponentDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getProjectDto(); | |||
db.users().insertProjectPermissionOnAnyone("perm-" + i, project); | |||
}); | |||
@@ -474,7 +474,7 @@ public class GroupPermissionDaoIT { | |||
db.users().insertPermissionOnAnyone("perm-anyone"); | |||
IntStream.rangeClosed(1, 9).forEach(i -> { | |||
ComponentDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getProjectDto(); | |||
db.users().insertProjectPermissionOnAnyone("perm-" + i, project); | |||
}); | |||
@@ -483,7 +483,7 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void countProjectsWithAnyonePermissions() { | |||
public void countEntitiesWithAnyonePermissions() { | |||
GroupDto group = db.users().insertGroup(); | |||
IntStream.rangeClosed(1, 5).forEach(i -> { | |||
ComponentDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getMainBranchComponent(); | |||
@@ -491,11 +491,11 @@ public class GroupPermissionDaoIT { | |||
db.users().insertProjectPermissionOnGroup(group, "perm-", project); | |||
}); | |||
assertThat(underTest.countProjectsWithAnyonePermissions(dbSession)).isEqualTo(5); | |||
assertThat(underTest.countEntitiesWithAnyonePermissions(dbSession)).isEqualTo(5); | |||
} | |||
@Test | |||
public void selectProjectPermissionsOfGroup_on_private_project() { | |||
public void selectEntityPermissionsOfGroup_on_private_project() { | |||
GroupDto group1 = db.users().insertGroup("group1"); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
@@ -506,13 +506,13 @@ public class GroupPermissionDaoIT { | |||
db.users().insertProjectPermissionOnGroup(group1, "perm4", project1); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm5", project2); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
.containsOnly("perm3", "perm4"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
.containsOnly("perm5"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
.isEmpty(); | |||
} | |||
@@ -554,33 +554,33 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void selectGroupUuidsWithPermissionOnProjectBut_returns_empty_if_project_does_not_exist() { | |||
public void selectGroupUuidsWithPermissionOnEntityBut_returns_empty_if_project_does_not_exist() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
GroupDto group = db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnGroup(group, "foo", project.getMainBranchComponent()); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER)) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, "1234", UserRole.USER)) | |||
.isEmpty(); | |||
} | |||
@Test | |||
public void selectGroupUuidsWithPermissionOnProjectBut_returns_only_groups_of_project_which_do_not_have_permission() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
public void selectGroupUuidsWithPermissionOnEntityBut_returns_only_groups_of_project_which_do_not_have_permission() { | |||
ProjectDto project = randomPublicOrPrivateProject().getProjectDto(); | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group2, "p2", project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
db.users().insertProjectPermissionOnGroup(group2, "p2", project); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p2")) | |||
.containsOnly(group1.getUuid()); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p1")) | |||
.containsOnly(group2.getUuid()); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p3")) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p3")) | |||
.containsOnly(group1.getUuid(), group2.getUuid()); | |||
} | |||
@Test | |||
public void selectGroupUuidsWithPermissionOnProjectBut_does_not_returns_group_AnyOne_of_project_when_it_does_not_have_permission() { | |||
public void selectGroupUuidsWithPermissionOnEntityBut_does_not_returns_group_AnyOne_of_project_when_it_does_not_have_permission() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
@@ -588,73 +588,73 @@ public class GroupPermissionDaoIT { | |||
db.users().insertProjectPermissionOnGroup(group2, "p2", project); | |||
db.users().insertProjectPermissionOnAnyone("p2", project); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2")) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.uuid(), "p2")) | |||
.containsOnly(group1.getUuid()); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1")) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.uuid(), "p1")) | |||
.containsOnly(group2.getUuid()); | |||
} | |||
@Test | |||
public void selectGroupUuidsWithPermissionOnProjectBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
public void selectGroupUuidsWithPermissionOnEntityBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group2, "p2", project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project.getProjectDto()); | |||
db.users().insertProjectPermissionOnGroup(group2, "p2", project.getProjectDto()); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p2")) | |||
.containsOnly(group1.getUuid()); | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p1")) | |||
.containsOnly(group2.getUuid()); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuid_on_private_project() { | |||
public void deleteByRootEntityUuid_on_private_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertPermissionOnGroup(group1, "perm1"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm2", project1); | |||
db.users().insertProjectPermissionOnGroup(group2, "perm3", project2); | |||
underTest.deleteByRootComponentUuid(dbSession, project1); | |||
underTest.deleteByEntityUuid(dbSession, project1); | |||
dbSession.commit(); | |||
assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.uuid() + "'")).isZero(); | |||
assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.getUuid() + "'")).isZero(); | |||
assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuid_on_public_project() { | |||
public void deleteByRootEntityUuid_on_public_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertPermissionOnGroup(group1, "perm1"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm2", project1); | |||
db.users().insertProjectPermissionOnGroup(group2, "perm3", project2); | |||
db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
db.users().insertProjectPermissionOnAnyone("perm5", project2); | |||
underTest.deleteByRootComponentUuid(dbSession, project1); | |||
underTest.deleteByEntityUuid(dbSession, project1); | |||
dbSession.commit(); | |||
assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.uuid() + "'")).isZero(); | |||
assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.getUuid() + "'")).isZero(); | |||
assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3); | |||
} | |||
@Test | |||
public void delete_global_permission_from_group_on_public_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone("perm1"); | |||
db.users().insertPermissionOnGroup(group1, "perm2"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null, project1); | |||
underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null); | |||
dbSession.commit(); | |||
assertThatNoPermission("perm2"); | |||
@@ -664,12 +664,12 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void delete_global_permission_from_group_on_private_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone("perm1"); | |||
db.users().insertPermissionOnGroup(group1, "perm2"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null, project1); | |||
underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null); | |||
dbSession.commit(); | |||
assertThatNoPermission("perm2"); | |||
@@ -679,13 +679,13 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void delete_global_permission_from_anyone_on_public_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone("perm1"); | |||
db.users().insertPermissionOnGroup(group1, "perm2"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
underTest.delete(dbSession, "perm1", null, null, null, project1); | |||
underTest.delete(dbSession, "perm1", null, null, null); | |||
dbSession.commit(); | |||
assertThatNoPermission("perm1"); | |||
@@ -695,12 +695,12 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void delete_project_permission_from_group_on_private_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone("perm1"); | |||
db.users().insertPermissionOnGroup(group1, "perm2"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1.uuid(), project1); | |||
underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1); | |||
dbSession.commit(); | |||
assertThatNoPermission("perm3"); | |||
@@ -710,13 +710,13 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void delete_project_permission_from_group_on_public_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone("perm1"); | |||
db.users().insertPermissionOnGroup(group1, "perm2"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1.uuid(), project1); | |||
underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1); | |||
dbSession.commit(); | |||
assertThatNoPermission("perm3"); | |||
@@ -726,13 +726,13 @@ public class GroupPermissionDaoIT { | |||
@Test | |||
public void delete_project_permission_from_anybody_on_private_project() { | |||
GroupDto group1 = db.users().insertGroup(); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone("perm1"); | |||
db.users().insertPermissionOnGroup(group1, "perm2"); | |||
db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
underTest.delete(dbSession, "perm4", null, null, project1.uuid(), project1); | |||
underTest.delete(dbSession, "perm4", null, null, project1); | |||
dbSession.commit(); | |||
assertThatNoPermission("perm4"); | |||
@@ -740,28 +740,28 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndGroupUuid_deletes_all_permissions_of_group_AnyOne_of_specified_component_if_groupUuid_is_null() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
public void deleteByRootEntityAndGroupUuid_deletes_all_permissions_of_group_AnyOne_of_specified_component_if_groupUuid_is_null() { | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
GroupDto group = db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnAnyone("p1", project); | |||
db.users().insertProjectPermissionOnGroup(group, "p2", project); | |||
db.users().insertPermissionOnAnyone("p3"); | |||
db.users().insertPermissionOnGroup(group, "p4"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
.containsOnly("p1"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group.getUuid(), project.getUuid())) | |||
.containsOnly("p2"); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
.containsOnly("p3"); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group.getUuid())) | |||
.containsOnly("p4"); | |||
int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, project); | |||
int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, null, project); | |||
assertThat(deletedCount).isOne(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group.getUuid(), project.getUuid())) | |||
.containsOnly("p2"); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
.containsOnly("p3"); | |||
@@ -770,8 +770,8 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndGroupUuid_deletes_all_permissions_of_specified_group_of_specified_component_if_groupUuid_is_non_null() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
public void deleteByRootEntityAndGroupUuid_deletes_all_permissions_of_specified_group_of_specified_component_if_groupUuid_is_non_null() { | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnAnyone("p1", project); | |||
@@ -781,11 +781,11 @@ public class GroupPermissionDaoIT { | |||
db.users().insertPermissionOnAnyone("p5"); | |||
db.users().insertPermissionOnGroup(group1, "p6"); | |||
db.users().insertPermissionOnGroup(group2, "p7"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
.containsOnly("p1"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
.containsOnly("p2"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
.containsOnly("p3", "p4"); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
.containsOnly("p5"); | |||
@@ -794,28 +794,28 @@ public class GroupPermissionDaoIT { | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid())) | |||
.containsOnly("p7"); | |||
int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group1.getUuid(), project); | |||
int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, group1.getUuid(), project); | |||
assertThat(deletedCount).isOne(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
.containsOnly("p1"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
.containsOnly("p3", "p4"); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid())) | |||
.containsOnly("p6"); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid())) | |||
.containsOnly("p7"); | |||
deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group2.getUuid(), project); | |||
deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, group2.getUuid(), project); | |||
assertThat(deletedCount).isEqualTo(2); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
.containsOnly("p1"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid())) | |||
.containsOnly("p6"); | |||
@@ -824,48 +824,48 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_does_not_exist() { | |||
public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_does_not_exist() { | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto component = new ComponentDto().setUuid("1234"); | |||
ProjectDto projectDto = new ProjectDto().setUuid("1234"); | |||
assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, component)).isZero(); | |||
assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group.getUuid(), component)).isZero(); | |||
assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, null, projectDto)).isZero(); | |||
assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, group.getUuid(), projectDto)).isZero(); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
GroupDto group = db.users().insertGroup(); | |||
assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, project.getMainBranchComponent())).isZero(); | |||
assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group.getUuid(), project.getMainBranchComponent())).isZero(); | |||
assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, null, project.getProjectDto())).isZero(); | |||
assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, group.getUuid(), project.getProjectDto())).isZero(); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_group_does_not_exist() { | |||
public void deleteByRootEntityAndGroupUuid_has_no_effect_if_group_does_not_exist() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "5678", project.getMainBranchComponent())).isZero(); | |||
assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, "5678", project.getProjectDto())).isZero(); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_group_AnyOne() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_group_AnyOne() { | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
GroupDto group1 = db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
.containsOnly("p1"); | |||
db.users().insertPermissionOnAnyone("p2"); | |||
db.users().insertPermissionOnGroup(group1, "p3"); | |||
int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, project); | |||
int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, null, project); | |||
assertThat(deletedCount).isZero(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
.containsOnly("p1"); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
.containsOnly("p2"); | |||
@@ -874,20 +874,20 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_specified_group() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_specified_group() { | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
GroupDto group1 = db.users().insertGroup(); | |||
GroupDto group2 = db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
db.users().insertPermissionOnAnyone("p2"); | |||
db.users().insertPermissionOnGroup(group1, "p3"); | |||
int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group2.getUuid(), project); | |||
int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, group2.getUuid(), project); | |||
assertThat(deletedCount).isZero(); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
.containsOnly("p1"); | |||
assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
.isEmpty(); | |||
assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
.containsOnly("p2"); | |||
@@ -896,55 +896,55 @@ public class GroupPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndPermission_deletes_all_rows_for_specified_role_of_specified_component() { | |||
ProjectData project = db.components().insertPublicProject(); | |||
public void deleteByEntityAndPermission_deletes_all_rows_for_specified_role_of_specified_component() { | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
GroupDto group = db.users().insertGroup(); | |||
Stream.of("p1", "p2").forEach(permission -> { | |||
db.users().insertPermissionOnAnyone(permission); | |||
db.users().insertPermissionOnGroup(group, permission); | |||
db.users().insertProjectPermissionOnGroup(group, permission, project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnAnyone(permission, project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group, permission, project); | |||
db.users().insertProjectPermissionOnAnyone(permission, project); | |||
}); | |||
assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2"); | |||
assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); | |||
assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).containsOnly("p1", "p2"); | |||
assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).containsOnly("p1", "p2"); | |||
assertThat(getProjectPermissionsForAnyOne(project.getUuid())).containsOnly("p1", "p2"); | |||
assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).containsOnly("p1", "p2"); | |||
int deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p1", project.getProjectDto()); | |||
int deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p1", project); | |||
assertThat(deletedRows).isEqualTo(2); | |||
assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2"); | |||
assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); | |||
assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).containsOnly("p2"); | |||
assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).containsOnly("p2"); | |||
assertThat(getProjectPermissionsForAnyOne(project.getUuid())).containsOnly("p2"); | |||
assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).containsOnly("p2"); | |||
deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p2", project.getProjectDto()); | |||
deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p2", project); | |||
assertThat(deletedRows).isEqualTo(2); | |||
assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2"); | |||
assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); | |||
assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).isEmpty(); | |||
assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).isEmpty(); | |||
assertThat(getProjectPermissionsForAnyOne(project.getUuid())).isEmpty(); | |||
assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).isEmpty(); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
public void deleteByEntityAndPermission_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
GroupDto group = db.users().insertGroup(); | |||
ProjectData project = db.components().insertPrivateProject(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertPermissionOnAnyone("p1"); | |||
db.users().insertPermissionOnGroup(group, "p1"); | |||
assertThat(underTest.deleteByEntityAndPermission(dbSession, "p1", project.getProjectDto())).isZero(); | |||
assertThat(underTest.deleteByEntityAndPermission(dbSession, "p1", project)).isZero(); | |||
assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1"); | |||
assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1"); | |||
assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).isEmpty(); | |||
assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).isEmpty(); | |||
assertThat(getProjectPermissionsForAnyOne(project.getUuid())).isEmpty(); | |||
assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).isEmpty(); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_does_not_exist() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
public void deleteByEntityAndPermission_has_no_effect_if_component_does_not_exist() { | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
GroupDto group = db.users().insertGroup(); | |||
db.users().insertPermissionOnAnyone("p1"); | |||
db.users().insertPermissionOnGroup(group, "p1"); | |||
@@ -957,12 +957,12 @@ public class GroupPermissionDaoIT { | |||
assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1"); | |||
assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1"); | |||
assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1"); | |||
assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1"); | |||
assertThat(getProjectPermissionsForAnyOne(project.getUuid())).containsOnly("p1"); | |||
assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).containsOnly("p1"); | |||
} | |||
@Test | |||
public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_does_not_have_specified_permission() { | |||
public void deleteByEntityAndPermission_has_no_effect_if_component_does_not_have_specified_permission() { | |||
GroupDto group = db.users().insertGroup(); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
db.users().insertPermissionOnAnyone("p1"); | |||
@@ -996,12 +996,12 @@ public class GroupPermissionDaoIT { | |||
return getPermissions("group_uuid = '" + groupDto.getUuid() + "' and component_uuid is null"); | |||
} | |||
private Collection<String> getProjectPermissionsForAnyOne(ComponentDto project) { | |||
return getPermissions("group_uuid is null and component_uuid = '" + project.uuid() + "'"); | |||
private Collection<String> getProjectPermissionsForAnyOne(String projectUuid) { | |||
return getPermissions("group_uuid is null and component_uuid = '" + projectUuid + "'"); | |||
} | |||
private Collection<String> getProjectPermissionsForGroup(ComponentDto project, GroupDto group) { | |||
return getPermissions("group_uuid = '" + group.getUuid() + "' and component_uuid = '" + project.uuid() + "'"); | |||
private Collection<String> getProjectPermissionsForGroup(String projectUuid, GroupDto group) { | |||
return getPermissions("group_uuid = '" + group.getUuid() + "' and component_uuid = '" + projectUuid + "'"); | |||
} | |||
private Collection<String> getPermissions(String whereClauses) { |
@@ -29,10 +29,8 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.audit.AuditPersister; | |||
import org.sonar.db.audit.model.GroupPermissionNewValue; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ProjectData; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.user.GroupDto; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
@@ -46,7 +44,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
private final AuditPersister auditPersister = mock(AuditPersister.class); | |||
@Rule | |||
public DbTester db = DbTester.create(System2.INSTANCE); | |||
public DbTester db = DbTester.create(System2.INSTANCE, true); | |||
private final SequenceUuidFactory uuidFactory = new SequenceUuidFactory(); | |||
private final ArgumentCaptor<GroupPermissionNewValue> newValueCaptor = ArgumentCaptor.forClass(GroupPermissionNewValue.class); | |||
@@ -66,7 +64,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), null, dto.getRole(), null, null, null); | |||
assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\" }"); | |||
underTest.delete(dbSession, ADMIN, group.getUuid(), group.getName(), null, (EntityDto) null); | |||
underTest.delete(dbSession, ADMIN, group.getUuid(), group.getName(), null); | |||
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
newValue = newValueCaptor.getValue(); | |||
@@ -76,7 +74,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
@Test | |||
public void groupGlobalPermissionDeleteWithoutAffectedRowsIsNotPersisted() { | |||
underTest.delete(dbSession, ADMIN, "group-uuid", "group-name", null, (EntityDto) null); | |||
underTest.delete(dbSession, ADMIN, "group-uuid", "group-name", null); | |||
verifyNoInteractions(auditPersister); | |||
} | |||
@@ -87,24 +85,26 @@ public class GroupPermissionDaoWithPersisterIT { | |||
verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
GroupPermissionNewValue newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), project.projectUuid(), dto.getRole(), project.projectKey(), | |||
project.getProjectDto().getName(), "TRK"); | |||
assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\"," + | |||
" \"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
" \"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
underTest.deleteByRootComponentUuid(dbSession, project.getMainBranchComponent()); | |||
underTest.deleteByEntityUuid(dbSession, project.getProjectDto()); | |||
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, null, null, null, project.projectUuid(), null, project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
assertThat(newValue).hasToString("{\"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
assertThat(newValue).hasToString("{\"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
} | |||
@Test | |||
public void groupProjectPermissionDeleteByComponentWithoutAffectedRowsIsNotPersisted() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
underTest.deleteByRootComponentUuid(dbSession, project); | |||
underTest.deleteByEntityUuid(dbSession, project); | |||
verifyNoInteractions(auditPersister); | |||
} | |||
@@ -115,16 +115,18 @@ public class GroupPermissionDaoWithPersisterIT { | |||
verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
GroupPermissionNewValue newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, dto.getUuid(), null, null, project.projectUuid(), dto.getRole(), project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"componentUuid\": \"cuuid\", " | |||
assertNewValue(newValue, dto.getUuid(), null, null, project.projectUuid(), dto.getRole(), project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"componentUuid\": \"projectUuid\", " | |||
+ "\"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
underTest.deleteByEntityUuidForAnyOne(dbSession, project.getProjectDto()); | |||
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, null, null, null, project.projectUuid(), null, project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
assertThat(newValue).hasToString("{\"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", " + | |||
assertThat(newValue).hasToString("{\"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", " + | |||
"\"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
} | |||
@@ -145,14 +147,14 @@ public class GroupPermissionDaoWithPersisterIT { | |||
GroupPermissionNewValue newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), project.projectUuid(), dto.getRole(), project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\", " | |||
+ "\"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
+ "\"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
underTest.deleteByEntityAndPermission(dbSession, dto.getRole(), project.getProjectDto()); | |||
verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, null, null, null, project.projectUuid(), ADMIN, project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
assertThat(newValue).hasToString("{\"permission\": \"admin\", \"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\"," + | |||
assertThat(newValue).hasToString("{\"permission\": \"admin\", \"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\"," + | |||
" \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
} | |||
@@ -160,7 +162,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
public void groupProjectPermissionDeleteByComponentAndPermissionWithoutAffectedRowsIsNotPersisted() { | |||
GroupDto group = db.users().insertGroup(); | |||
ProjectData project = db.components().insertPrivateProject(); | |||
GroupPermissionDto dto = getGroupPermission(group, project.getMainBranchComponent()); | |||
GroupPermissionDto dto = getGroupPermission(group, project.getProjectDto()); | |||
underTest.deleteByEntityAndPermission(dbSession, dto.getRole(), project.getProjectDto()); | |||
@@ -176,38 +178,38 @@ public class GroupPermissionDaoWithPersisterIT { | |||
private void addGroupPermission() { | |||
group = db.users().insertGroup(g -> g.setUuid("guuid").setName("gname")); | |||
project = db.components().insertPrivateProject(c -> c.setUuid("cuuid").setName("cname").setKey("cKey")); | |||
dto = getGroupPermission(group, project.getMainBranchComponent()); | |||
project = db.components().insertPrivateProject(c -> c.setName("cname").setKey("cKey"), p -> p.setUuid("projectUuid")); | |||
dto = getGroupPermission(group, project.getProjectDto()); | |||
underTest.insert(dbSession, dto, project.getProjectDto(), null); | |||
} | |||
private void addGroupPermissionWithoutGroup() { | |||
project = db.components().insertPrivateProject(c -> c.setUuid("cuuid").setName("cname").setKey("cKey")); | |||
dto = getGroupPermission(project.getMainBranchComponent()); | |||
project = db.components().insertPrivateProject(c -> c.setName("cname").setKey("cKey"), p -> p.setUuid("projectUuid")); | |||
dto = getGroupPermission(project.getProjectDto()); | |||
underTest.insert(dbSession, dto, project.getProjectDto(), null); | |||
} | |||
private void addGroupPermissionWithoutComponent() { | |||
group = db.users().insertGroup(g -> g.setUuid("guuid").setName("gname")); | |||
dto = getGroupPermission(group); | |||
underTest.insert(dbSession, dto, (EntityDto) null, null); | |||
underTest.insert(dbSession, dto, null, null); | |||
} | |||
private GroupPermissionDto getGroupPermission(@Nullable GroupDto group, @Nullable ComponentDto project) { | |||
private GroupPermissionDto getGroupPermission(@Nullable GroupDto group, @Nullable ProjectDto project) { | |||
return new GroupPermissionDto() | |||
.setUuid(uuidFactory.create()) | |||
.setGroupUuid(group != null ? group.getUuid() : null) | |||
.setGroupName(group != null ? group.getName() : null) | |||
.setRole(ADMIN) | |||
.setComponentUuid(project != null ? project.uuid() : null) | |||
.setComponentName(project != null ? project.name(): null); | |||
.setComponentUuid(project != null ? project.getUuid() : null) | |||
.setComponentName(project != null ? project.getName(): null); | |||
} | |||
private GroupPermissionDto getGroupPermission(GroupDto group) { | |||
return getGroupPermission(group, null); | |||
} | |||
private GroupPermissionDto getGroupPermission(ComponentDto project) { | |||
private GroupPermissionDto getGroupPermission(ProjectDto project) { | |||
return getGroupPermission(null, project); | |||
} | |||
} |
@@ -54,17 +54,17 @@ import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
public class UserPermissionDaoIT { | |||
@Rule | |||
public DbTester db = DbTester.create(System2.INSTANCE); | |||
public DbTester db = DbTester.create(System2.INSTANCE, true); | |||
private DbSession dbSession = db.getSession(); | |||
private UserPermissionDao underTest = new UserPermissionDao(new NoOpAuditPersister()); | |||
private final DbSession dbSession = db.getSession(); | |||
private final UserPermissionDao underTest = new UserPermissionDao(new NoOpAuditPersister()); | |||
@Test | |||
public void select_global_permissions() { | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
UserPermissionDto global1 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
UserPermissionDto global2 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user2); | |||
UserPermissionDto global3 = addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user2); | |||
@@ -115,35 +115,35 @@ public class UserPermissionDaoIT { | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
UserPermissionDto perm1 = addProjectPermission(UserRole.USER, user1, project1); | |||
UserPermissionDto perm2 = addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); | |||
UserPermissionDto perm3 = addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user3, project2); | |||
// project permissions of users who has at least one permission on this project | |||
PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponent(project1).build(); | |||
PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setEntity(project1).build(); | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1); | |||
// empty if nobody has the specified global permission | |||
query = PermissionQuery.builder().setPermission("missing").setComponent(project1).build(); | |||
query = PermissionQuery.builder().setPermission("missing").setEntity(project1).build(); | |||
expectPermissions(query, emptyList()); | |||
// search by user name (matches 2 users), users with at least one permission | |||
query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setComponent(project1).build(); | |||
query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setEntity(project1).build(); | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1); | |||
// search by user name (matches 2 users) and project permission | |||
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(UserRole.ISSUE_ADMIN).setComponent(project1).build(); | |||
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(UserRole.ISSUE_ADMIN).setEntity(project1).build(); | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2); | |||
// search by user name (no match) | |||
query = PermissionQuery.builder().setSearchQuery("Unknown").setComponent(project1).build(); | |||
query = PermissionQuery.builder().setSearchQuery("Unknown").setEntity(project1).build(); | |||
expectPermissions(query, emptyList()); | |||
// permissions of unknown project | |||
query = PermissionQuery.builder().setComponent(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
query = PermissionQuery.builder().setEntity(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
expectPermissions(query, emptyList()); | |||
} | |||
@@ -190,11 +190,11 @@ public class UserPermissionDaoIT { | |||
}); | |||
String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1); | |||
UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnUser(lastUser, GlobalPermission.SCAN.getKey(), project); | |||
PermissionQuery query = PermissionQuery.builder() | |||
.setComponent(project) | |||
.setEntity(project) | |||
.build(); | |||
assertThat(underTest.selectUserUuidsByQueryAndScope(dbSession, query)) | |||
@@ -207,7 +207,7 @@ public class UserPermissionDaoIT { | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com")); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
addProjectPermission(UserRole.USER, user2, project1); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addProjectPermission(UserRole.ADMIN, user1, project1); | |||
@@ -220,11 +220,11 @@ public class UserPermissionDaoIT { | |||
} | |||
@Test | |||
public void countUsersByProjectPermission() { | |||
public void countUsersByEntityPermission() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); | |||
@@ -232,38 +232,38 @@ public class UserPermissionDaoIT { | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
// no projects -> return empty list | |||
assertThat(underTest.countUsersByProjectPermission(dbSession, emptyList())).isEmpty(); | |||
assertThat(underTest.countUsersByEntityPermission(dbSession, emptyList())).isEmpty(); | |||
// one project | |||
expectCount(singletonList(project1.uuid()), | |||
new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), | |||
new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2)); | |||
expectCount(singletonList(project1.getUuid()), | |||
new CountPerEntityPermission(project1.getUuid(), UserRole.USER, 1), | |||
new CountPerEntityPermission(project1.getUuid(), UserRole.ISSUE_ADMIN, 2)); | |||
// multiple projects | |||
expectCount(asList(project1.uuid(), project2.uuid(), "invalid"), | |||
new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), | |||
new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2), | |||
new CountPerProjectPermission(project2.uuid(), UserRole.ISSUE_ADMIN, 1)); | |||
expectCount(asList(project1.getUuid(), project2.getUuid(), "invalid"), | |||
new CountPerEntityPermission(project1.getUuid(), UserRole.USER, 1), | |||
new CountPerEntityPermission(project1.getUuid(), UserRole.ISSUE_ADMIN, 2), | |||
new CountPerEntityPermission(project2.getUuid(), UserRole.ISSUE_ADMIN, 1)); | |||
} | |||
@Test | |||
public void selectUserUuidsByQuery() { | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addProjectPermission(UserRole.USER, user2, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); | |||
// logins are ordered by user name: user2 ("Marie") then user1 ("Marius") | |||
PermissionQuery query = PermissionQuery.builder().setComponent(project1).withAtLeastOnePermission().build(); | |||
PermissionQuery query = PermissionQuery.builder().setEntity(project1).withAtLeastOnePermission().build(); | |||
assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user2.getUuid(), user1.getUuid()); | |||
query = PermissionQuery.builder().setComponent(project2).withAtLeastOnePermission().build(); | |||
query = PermissionQuery.builder().setEntity(project2).withAtLeastOnePermission().build(); | |||
assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).isEmpty(); | |||
// on a project without permissions | |||
query = PermissionQuery.builder().setComponent(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
query = PermissionQuery.builder().setEntity(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).isEmpty(); | |||
// search all users whose name matches "mar", whatever the permissions | |||
@@ -275,7 +275,7 @@ public class UserPermissionDaoIT { | |||
assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user1.getUuid()); | |||
// search all users whose name matches "mariu", whatever the permissions | |||
query = PermissionQuery.builder().setSearchQuery("mariu").setComponent(project1).build(); | |||
query = PermissionQuery.builder().setSearchQuery("mariu").setEntity(project1).build(); | |||
assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user1.getUuid()); | |||
} | |||
@@ -283,8 +283,8 @@ public class UserPermissionDaoIT { | |||
public void selectUserUuidsByQueryAndScope_with_global_scope() { | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
@@ -300,13 +300,13 @@ public class UserPermissionDaoIT { | |||
public void selectUserUuidsByQueryAndScope_with_project_scope() { | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
PermissionQuery query = PermissionQuery.builder() | |||
.setComponent(project1) | |||
.setEntity(project1) | |||
.build(); | |||
List<String> result = underTest.selectUserUuidsByQueryAndScope(dbSession, query); | |||
@@ -354,8 +354,8 @@ public class UserPermissionDaoIT { | |||
public void deleteGlobalPermission() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
addGlobalPermission("perm1", user1); | |||
addGlobalPermission("perm2", user1); | |||
addProjectPermission("perm1", user1, project1); | |||
@@ -382,39 +382,39 @@ public class UserPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteProjectPermission() { | |||
public void deleteEntityPermission() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
addGlobalPermission("perm", user1); | |||
addProjectPermission("perm", user1, project1); | |||
addProjectPermission("perm", user1, project2); | |||
addProjectPermission("perm", user2, project1); | |||
// no such provision -> ignore | |||
underTest.deleteProjectPermission(dbSession, user1, "anotherPerm", project1); | |||
underTest.deleteEntityPermission(dbSession, user1, "anotherPerm", project1); | |||
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4); | |||
underTest.deleteProjectPermission(dbSession, user1, "perm", project1); | |||
assertThatProjectPermissionDoesNotExist(user1, "perm", project1); | |||
underTest.deleteEntityPermission(dbSession, user1, "perm", project1); | |||
assertThatProjectPermissionDoesNotExist(user1, "perm", project1.getUuid()); | |||
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(3); | |||
} | |||
@Test | |||
public void deleteProjectPermissions() { | |||
public void deleteEntityPermissions() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
addGlobalPermission("perm", user1); | |||
addProjectPermission("perm", user1, project1); | |||
addProjectPermission("perm", user2, project1); | |||
addProjectPermission("perm", user1, project2); | |||
underTest.deleteProjectPermissions(dbSession, project1); | |||
underTest.deleteEntityPermissions(dbSession, project1); | |||
assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(2); | |||
assertThatProjectHasNoPermissions(project1); | |||
assertThatProjectHasNoPermissions(project1.getUuid()); | |||
} | |||
@Test | |||
@@ -422,7 +422,7 @@ public class UserPermissionDaoIT { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
UserDto user3 = insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
addGlobalPermission("perm1", user1); | |||
addGlobalPermission("perm2", user2); | |||
addGlobalPermission("perm3", user1); | |||
@@ -436,64 +436,64 @@ public class UserPermissionDaoIT { | |||
} | |||
@Test | |||
public void selectProjectPermissionsOfUser() { | |||
public void selectEntityPermissionsOfUser() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project3 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project3 = db.components().insertPrivateProject().getProjectDto(); | |||
addGlobalPermission("perm1", user1); | |||
addProjectPermission("perm2", user1, project1); | |||
addProjectPermission("perm3", user1, project1); | |||
addProjectPermission("perm4", user1, project2); | |||
addProjectPermission("perm5", user2, project1); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).containsOnly("perm2", "perm3"); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly("perm4"); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project3.uuid())).isEmpty(); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project1.getUuid())).containsOnly("perm2", "perm3"); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project2.getUuid())).containsOnly("perm4"); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project3.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void selectGroupUuidsWithPermissionOnProjectBut_returns_empty_if_project_does_not_exist() { | |||
public void selectUserIdsWithPermissionOnEntityBut_returns_empty_if_project_does_not_exist() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
UserDto user = insertUser(); | |||
db.users().insertProjectPermissionOnUser(user, "foo", project.getMainBranchComponent()); | |||
assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER)) | |||
assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, "1234", UserRole.USER)) | |||
.isEmpty(); | |||
} | |||
@Test | |||
public void selectGroupUuidsWithPermissionOnProjectBut_returns_only_users_of_projects_which_do_not_have_permission() { | |||
public void selectUserIdsWithPermissionOnEntityBut_returns_only_users_of_projects_which_do_not_have_permission() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
db.users().insertProjectPermissionOnUser(user1, "p1", project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnUser(user2, "p2", project.getMainBranchComponent()); | |||
assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p2")) | |||
.extracting("uuid", "login") | |||
.containsOnly(tuple(user1.getUuid(), user1.getLogin())); | |||
assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p1")) | |||
.extracting("uuid", "login") | |||
.containsOnly(tuple(user2.getUuid(), user2.getLogin())); | |||
assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p3")) | |||
assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p3")) | |||
.extracting("uuid", "login") | |||
.containsOnly(tuple(user1.getUuid(), user1.getLogin()), tuple(user2.getUuid(), user2.getLogin())); | |||
} | |||
@Test | |||
public void selectGroupUuidsWithPermissionOnProjectBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
public void selectUserIdsWithPermissionOnEntityBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
ProjectDto project = randomPublicOrPrivateProject().getProjectDto(); | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
db.users().insertProjectPermissionOnUser(user1, "p1", project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnUser(user2, "p2", project.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnUser(user1, "p1", project); | |||
db.users().insertProjectPermissionOnUser(user2, "p2", project); | |||
assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p2")) | |||
.extracting("uuid", "login") | |||
.containsOnly(tuple(user1.getUuid(), user1.getLogin())); | |||
assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p1")) | |||
.extracting("uuid", "login") | |||
.containsOnly(tuple(user2.getUuid(), user2.getLogin())); | |||
} | |||
@@ -502,7 +502,7 @@ public class UserPermissionDaoIT { | |||
public void deleteByUserId() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), project); | |||
@@ -512,13 +512,13 @@ public class UserPermissionDaoIT { | |||
underTest.deleteByUserUuid(dbSession, user1); | |||
dbSession.commit(); | |||
assertThat(db.select("select user_uuid as \"userUuid\", component_uuid as \"projectUuid\", role as \"permission\" from user_roles")) | |||
.extracting((row) -> row.get("userUuid"), (row) -> row.get("projectUuid"), (row) -> row.get("permission")) | |||
.containsOnly(tuple(user2.getUuid(), null, GlobalPermission.SCAN.getKey()), tuple(user2.getUuid(), project.uuid(), GlobalPermission.ADMINISTER_QUALITY_GATES.getKey())); | |||
assertThat(db.select("select user_uuid as \"userUuid\", component_uuid as \"entityUuid\", role as \"permission\" from user_roles")) | |||
.extracting((row) -> row.get("userUuid"), (row) -> row.get("entityUuid"), (row) -> row.get("permission")) | |||
.containsOnly(tuple(user2.getUuid(), null, GlobalPermission.SCAN.getKey()), tuple(user2.getUuid(), project.getUuid(), GlobalPermission.ADMINISTER_QUALITY_GATES.getKey())); | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_entity_does_not_exist() { | |||
public void deleteEntityPermissionOfAnyUser_has_no_effect_if_specified_entity_does_not_exist() { | |||
UserDto user = insertUser(); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
@@ -531,7 +531,7 @@ public class UserPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_has_no_permission_at_all() { | |||
public void deleteEntityPermissionOfAnyUser_has_no_effect_if_specified_component_has_no_permission_at_all() { | |||
UserDto user = insertUser(); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
@@ -543,7 +543,7 @@ public class UserPermissionDaoIT { | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() { | |||
public void deleteEntityPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() { | |||
UserDto user = insertUser(); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
@@ -553,11 +553,11 @@ public class UserPermissionDaoIT { | |||
assertThat(deletedCount).isZero(); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user.getUuid(), project.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_deletes_specified_permission_for_any_user_on_the_specified_component() { | |||
public void deleteEntityPermissionOfAnyUser_deletes_specified_permission_for_any_user_on_the_specified_component() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
@@ -575,20 +575,20 @@ public class UserPermissionDaoIT { | |||
assertThat(deletedCount).isEqualTo(2); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
deletedCount = underTest.deleteEntityPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project2.getProjectDto()); | |||
assertThat(deletedCount).isEqualTo(2); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(); | |||
assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
private ProjectData randomPublicOrPrivateProject() { | |||
@@ -603,14 +603,14 @@ public class UserPermissionDaoIT { | |||
return db.users().insertUser(); | |||
} | |||
private void expectCount(List<String> projectUuids, CountPerProjectPermission... expected) { | |||
List<CountPerProjectPermission> got = underTest.countUsersByProjectPermission(dbSession, projectUuids); | |||
private void expectCount(List<String> entityUuids, CountPerEntityPermission... expected) { | |||
List<CountPerEntityPermission> got = underTest.countUsersByEntityPermission(dbSession, entityUuids); | |||
assertThat(got).hasSize(expected.length); | |||
for (CountPerProjectPermission expect : expected) { | |||
for (CountPerEntityPermission expect : expected) { | |||
boolean found = got.stream().anyMatch(b -> b.getPermission().equals(expect.getPermission()) && | |||
b.getCount() == expect.getCount() && | |||
b.getComponentUuid().equals(expect.getComponentUuid())); | |||
b.getEntityUuid().equals(expect.getEntityUuid())); | |||
assertThat(found).isTrue(); | |||
} | |||
} | |||
@@ -626,32 +626,31 @@ public class UserPermissionDaoIT { | |||
.extracting(UserPermissionDto::getUserUuid, UserPermissionDto::getPermission, UserPermissionDto::getComponentUuid) | |||
.containsOnly(expectedPermissionsAsTuple); | |||
// test method "countUsers()" | |||
long distinctUsers = stream(expectedPermissions).map(UserPermissionDto::getUserUuid).distinct().count(); | |||
assertThat((long) underTest.countUsersByQuery(dbSession, query)).isEqualTo(distinctUsers); | |||
} | |||
private UserPermissionDto addGlobalPermission(String permission, UserDto user) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); | |||
underTest.insert(dbSession, dto, (EntityDto) null, user, null); | |||
underTest.insert(dbSession, dto, null, user, null); | |||
db.commit(); | |||
return dto; | |||
} | |||
private UserPermissionDto addProjectPermission(String permission, UserDto user, ComponentDto project) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); | |||
private UserPermissionDto addProjectPermission(String permission, UserDto user, EntityDto project) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.getUuid()); | |||
underTest.insert(dbSession, dto, project, user, null); | |||
db.commit(); | |||
return dto; | |||
} | |||
private void assertThatProjectPermissionDoesNotExist(UserDto user, String permission, ComponentDto project) { | |||
private void assertThatProjectPermissionDoesNotExist(UserDto user, String permission, String projectUuid) { | |||
assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where role='" + permission + "' and user_uuid='" + user.getUuid() | |||
+ "' and component_uuid='" + project.uuid() + "'")) | |||
+ "' and component_uuid='" + projectUuid + "'")) | |||
.isZero(); | |||
} | |||
private void assertThatProjectHasNoPermissions(ComponentDto project) { | |||
assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where component_uuid='" + project.uuid() + "'")).isZero(); | |||
private void assertThatProjectHasNoPermissions(String projectUuid) { | |||
assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where component_uuid='" + projectUuid + "'")).isZero(); | |||
} | |||
} |
@@ -29,9 +29,9 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.audit.AuditPersister; | |||
import org.sonar.db.audit.model.UserPermissionNewValue; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -49,7 +49,7 @@ public class UserPermissionDaoWithPersisterIT { | |||
private final AuditPersister auditPersister = mock(AuditPersister.class); | |||
@Rule | |||
public final DbTester db = DbTester.create(System2.INSTANCE, auditPersister); | |||
public final DbTester db = DbTester.create(System2.INSTANCE, auditPersister, true); | |||
private final ArgumentCaptor<UserPermissionNewValue> newValueCaptor = ArgumentCaptor.forClass(UserPermissionNewValue.class); | |||
private final DbSession dbSession = db.getSession(); | |||
@@ -59,7 +59,7 @@ public class UserPermissionDaoWithPersisterIT { | |||
public void userGlobalPermissionInsertAndDeleteArePersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); | |||
underTest.insert(dbSession, dto, (EntityDto) null, user, null); | |||
underTest.insert(dbSession, dto, null, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
@@ -80,7 +80,7 @@ public class UserPermissionDaoWithPersisterIT { | |||
db.getDbClient().permissionTemplateDao().insert(db.getSession(), templateDto); | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); | |||
underTest.insert(dbSession, dto, (EntityDto) null, user, templateDto); | |||
underTest.insert(dbSession, dto, null, user, templateDto); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
@@ -97,31 +97,31 @@ public class UserPermissionDaoWithPersisterIT { | |||
@Test | |||
public void userProjectPermissionInsertAndDeleteArePersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.getUuid()); | |||
underTest.insert(dbSession, dto, project, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), project.uuid(), dto.getPermission(), | |||
project.getKey(), project.name(), "TRK"); | |||
assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), project.getUuid(), dto.getPermission(), | |||
project.getKey(), project.getName(), "TRK"); | |||
assertThat(newValue.toString()).contains("componentUuid"); | |||
underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
underTest.deleteEntityPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, null, user.getUuid(), user.getLogin(), project.uuid(), dto.getPermission(), | |||
project.getKey(), project.name(), "TRK"); | |||
assertNewValue(newValue, null, user.getUuid(), user.getLogin(), project.getUuid(), dto.getPermission(), | |||
project.getKey(), project.getName(), "TRK"); | |||
assertThat(newValue.toString()).doesNotContain("permissionUuid"); | |||
} | |||
@Test | |||
public void userProjectPermissionDeleteWithoutAffectedRowsIsNotPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
underTest.deleteEntityPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
verify(auditPersister).addUser(any(), any()); | |||
verify(auditPersister).addComponent(any(), any()); | |||
@@ -131,28 +131,28 @@ public class UserPermissionDaoWithPersisterIT { | |||
@Test | |||
public void userPortfolioPermissionIsPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto portfolio = db.components().insertPublicPortfolio(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), portfolio.uuid()); | |||
PortfolioDto portfolio = db.components().insertPublicPortfolioDto(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), portfolio.getUuid()); | |||
underTest.insert(dbSession, dto, portfolio, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), portfolio.uuid(), dto.getPermission(), | |||
portfolio.getKey(), portfolio.name(), "VW"); | |||
assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), portfolio.getUuid(), dto.getPermission(), | |||
portfolio.getKey(), portfolio.getName(), "VW"); | |||
assertThat(newValue.toString()).contains("componentUuid"); | |||
} | |||
@Test | |||
public void userApplicationPermissionIsPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto application = db.components().insertPublicApplication().getMainBranchComponent(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), application.uuid()); | |||
ProjectDto application = db.components().insertPublicApplication().getProjectDto(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), application.getUuid()); | |||
underTest.insert(dbSession, dto, application, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), application.uuid(), dto.getPermission(), | |||
application.getKey(), application.name(), "APP"); | |||
assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), application.getUuid(), dto.getPermission(), | |||
application.getKey(), application.getName(), "APP"); | |||
assertThat(newValue.toString()).contains("componentUuid"); | |||
} | |||
@@ -184,8 +184,8 @@ public class UserPermissionDaoWithPersisterIT { | |||
@Test | |||
public void deleteUserPermissionByUserUuidIsPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); | |||
EntityDto project = db.components().insertPrivateProject().getProjectDto(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.getUuid()); | |||
underTest.insert(dbSession, dto, project, user, null); | |||
underTest.deleteByUserUuid(dbSession, user); | |||
@@ -126,11 +126,11 @@ public class RoleDaoIT { | |||
db.getSession().commit(); | |||
assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group1.getUuid())).isEmpty(); | |||
assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group1.getUuid(), project.uuid())) | |||
assertThat(db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), group1.getUuid(), project.uuid())) | |||
.isEmpty(); | |||
assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group2.getUuid())) | |||
.containsOnly("gateadmin"); | |||
assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group2.getUuid(), project.uuid())) | |||
assertThat(db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), group2.getUuid(), project.uuid())) | |||
.containsOnly("admin"); | |||
assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), null)).containsOnly("scan", | |||
"provisioning"); |
@@ -24,24 +24,24 @@ import com.google.common.annotations.VisibleForTesting; | |||
/** | |||
* Count the number of users or groups for a given project and permission | |||
*/ | |||
public class CountPerProjectPermission { | |||
private String componentUuid; | |||
public class CountPerEntityPermission { | |||
private String entityUuid; | |||
private String permission; | |||
private int count; | |||
public CountPerProjectPermission() { | |||
public CountPerEntityPermission() { | |||
// used by MyBatis | |||
} | |||
@VisibleForTesting | |||
CountPerProjectPermission(String componentUuid, String permission, int count) { | |||
this.componentUuid = componentUuid; | |||
CountPerEntityPermission(String entityUuid, String permission, int count) { | |||
this.entityUuid = entityUuid; | |||
this.permission = permission; | |||
this.count = count; | |||
} | |||
public String getComponentUuid() { | |||
return componentUuid; | |||
public String getEntityUuid() { | |||
return entityUuid; | |||
} | |||
public String getPermission() { |
@@ -31,7 +31,6 @@ import org.sonar.db.Dao; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.audit.AuditPersister; | |||
import org.sonar.db.audit.model.GroupPermissionNewValue; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
@@ -67,19 +66,19 @@ public class GroupPermissionDao implements Dao { | |||
} | |||
/** | |||
* Select global or project permission of given groups. Anyone virtual group is supported | |||
* Select global or entity permission of given groups. Anyone virtual group is supported | |||
* through the value "zero" (0L) in {@code groupUuids}. | |||
*/ | |||
public List<GroupPermissionDto> selectByGroupUuids(DbSession dbSession, List<String> groupUuids, @Nullable String projectUuid) { | |||
return executeLargeInputs(groupUuids, groups -> mapper(dbSession).selectByGroupUuids(groups, projectUuid)); | |||
public List<GroupPermissionDto> selectByGroupUuids(DbSession dbSession, List<String> groupUuids, @Nullable String entityUuid) { | |||
return executeLargeInputs(groupUuids, groups -> mapper(dbSession).selectByGroupUuids(groups, entityUuid)); | |||
} | |||
public List<String> selectProjectKeysWithAnyonePermissions(DbSession dbSession, int max) { | |||
return mapper(dbSession).selectProjectKeysWithAnyonePermissions(max); | |||
} | |||
public int countProjectsWithAnyonePermissions(DbSession dbSession) { | |||
return mapper(dbSession).countProjectsWithAnyonePermissions(); | |||
public int countEntitiesWithAnyonePermissions(DbSession dbSession) { | |||
return mapper(dbSession).countEntitiesWithAnyonePermissions(); | |||
} | |||
/** | |||
@@ -91,17 +90,17 @@ public class GroupPermissionDao implements Dao { | |||
} | |||
/** | |||
* Each row returns a {@link CountPerProjectPermission} | |||
* Each row returns a {@link CountPerEntityPermission} | |||
*/ | |||
public void groupsCountByComponentUuidAndPermission(DbSession dbSession, List<String> componentUuids, ResultHandler<CountPerProjectPermission> resultHandler) { | |||
public void groupsCountByComponentUuidAndPermission(DbSession dbSession, List<String> entityUuids, ResultHandler<CountPerEntityPermission> resultHandler) { | |||
Map<String, Object> parameters = new HashMap<>(2); | |||
parameters.put(ANYONE_GROUP_PARAMETER, DefaultGroups.ANYONE); | |||
executeLargeInputsWithoutOutput( | |||
componentUuids, | |||
entityUuids, | |||
partitionedComponentUuids -> { | |||
parameters.put("componentUuids", partitionedComponentUuids); | |||
mapper(dbSession).groupsCountByProjectUuidAndPermission(parameters, resultHandler); | |||
parameters.put("entityUuids", partitionedComponentUuids); | |||
mapper(dbSession).groupsCountByEntityUuidAndPermission(parameters, resultHandler); | |||
}); | |||
} | |||
@@ -114,20 +113,20 @@ public class GroupPermissionDao implements Dao { | |||
} | |||
/** | |||
* Selects the permissions granted to group and project. An empty list is returned if the | |||
* group or project do not exist. | |||
* Selects the permissions granted to group and entity. An empty list is returned if the | |||
* group or entity do not exist. | |||
*/ | |||
public List<String> selectProjectPermissionsOfGroup(DbSession session, @Nullable String groupUuid, String projectUuid) { | |||
return mapper(session).selectProjectPermissionsOfGroup(groupUuid, projectUuid); | |||
public List<String> selectEntityPermissionsOfGroup(DbSession session, @Nullable String groupUuid, String entityUuid) { | |||
return mapper(session).selectEntityPermissionsOfGroup(groupUuid, entityUuid); | |||
} | |||
/** | |||
* Lists uuid of groups with at least one permission on the specified root component but which do not have the specified | |||
* Lists uuid of groups with at least one permission on the specified entity but which do not have the specified | |||
* permission, <strong>excluding group "AnyOne"</strong> (which implies the returned {@code Sett} can't contain | |||
* {@code null}). | |||
*/ | |||
public Set<String> selectGroupUuidsWithPermissionOnProjectBut(DbSession session, String projectUuid, String permission) { | |||
return mapper(session).selectGroupUuidsWithPermissionOnProjectBut(projectUuid, permission); | |||
public Set<String> selectGroupUuidsWithPermissionOnEntityBut(DbSession session, String entityUuid, String permission) { | |||
return mapper(session).selectGroupUuidsWithPermissionOnEntityBut(entityUuid, permission); | |||
} | |||
/** | |||
@@ -146,27 +145,27 @@ public class GroupPermissionDao implements Dao { | |||
} | |||
/** | |||
* Delete all the permissions associated to a root component (project) | |||
* Delete all the permissions associated to a entity | |||
*/ | |||
public void deleteByRootComponentUuid(DbSession dbSession, ComponentDto component) { | |||
int deletedRecords = mapper(dbSession).deleteByRootComponentUuid(component.uuid()); | |||
public void deleteByEntityUuid(DbSession dbSession, EntityDto entityDto) { | |||
int deletedRecords = mapper(dbSession).deleteByEntityUuid(entityDto.getUuid()); | |||
if (deletedRecords > 0) { | |||
auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), | |||
component.getKey(), component.name(), null, null, null, component.qualifier())); | |||
auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(entityDto.getUuid(), | |||
entityDto.getKey(), entityDto.getName(), null, null, null, entityDto.getQualifier())); | |||
} | |||
} | |||
/** | |||
* Delete all permissions of the specified group (group "AnyOne" if {@code groupUuid} is {@code null}) for the specified | |||
* component. | |||
* entity. | |||
*/ | |||
public int deleteByRootComponentUuidAndGroupUuid(DbSession dbSession, @Nullable String groupUuid, ComponentDto component) { | |||
int deletedRecords = mapper(dbSession).deleteByEntityUuidAndGroupUuid(component.uuid(), groupUuid); | |||
public int deleteByEntityAndGroupUuid(DbSession dbSession, @Nullable String groupUuid, EntityDto entityDto) { | |||
int deletedRecords = mapper(dbSession).deleteByEntityUuidAndGroupUuid(entityDto.getUuid(), groupUuid); | |||
if (deletedRecords > 0) { | |||
auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), | |||
component.getKey(), component.name(), null, groupUuid, "", component.qualifier())); | |||
auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(entityDto.getUuid(), | |||
entityDto.getKey(), entityDto.getName(), null, groupUuid, "", entityDto.getQualifier())); | |||
} | |||
return deletedRecords; | |||
} | |||
@@ -201,39 +200,26 @@ public class GroupPermissionDao implements Dao { | |||
* <ul> | |||
* <li>a global permission granted to a group</li> | |||
* <li>a global permission granted to anyone</li> | |||
* <li>a permission granted to a group for a project</li> | |||
* <li>a permission granted to anyone for a project</li> | |||
* <li>a permission granted to a group for a entity</li> | |||
* <li>a permission granted to anyone for a entity</li> | |||
* </ul> | |||
* | |||
* @param dbSession | |||
* @param permission the kind of permission | |||
* @param groupUuid if null, then anyone, else uuid of group | |||
* @param rootComponentUuid if null, then global permission, otherwise the uuid of root component (project) | |||
* @param entityDto if null, then global permission, otherwise the uuid of entity | |||
*/ | |||
public void delete(DbSession dbSession, String permission, @Nullable String groupUuid, | |||
@Nullable String groupName, @Nullable String rootComponentUuid, @Nullable ComponentDto componentDto) { | |||
@Nullable String groupName, @Nullable EntityDto entityDto) { | |||
int deletedRecords = mapper(dbSession).delete(permission, groupUuid, rootComponentUuid); | |||
if (deletedRecords > 0) { | |||
String qualifier = (componentDto != null) ? componentDto.qualifier() : null; | |||
String componentKey = (componentDto != null) ? componentDto.getKey() : null; | |||
String componentName = (componentDto != null) ? componentDto.name() : null; | |||
auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(rootComponentUuid, | |||
componentKey, componentName, permission, groupUuid, groupName, qualifier)); | |||
} | |||
} | |||
public void delete(DbSession dbSession, String permission, @Nullable String groupUuid, | |||
@Nullable String groupName, @Nullable String rootComponentUuid, @Nullable EntityDto entityDto) { | |||
int deletedRecords = mapper(dbSession).delete(permission, groupUuid, rootComponentUuid); | |||
int deletedRecords = mapper(dbSession).delete(permission, groupUuid, entityDto != null ? entityDto.getUuid() : null); | |||
if (deletedRecords > 0) { | |||
String entityUuid = (entityDto != null) ? entityDto.getUuid() : null; | |||
String qualifier = (entityDto != null) ? entityDto.getQualifier() : null; | |||
String componentKey = (entityDto != null) ? entityDto.getKey() : null; | |||
String componentName = (entityDto != null) ? entityDto.getName() : null; | |||
auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(rootComponentUuid, | |||
auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(entityUuid, | |||
componentKey, componentName, permission, groupUuid, groupName, qualifier)); | |||
} | |||
} |
@@ -33,34 +33,34 @@ public interface GroupPermissionMapper { | |||
int countGroupsByQuery(@Param("query") PermissionQuery query); | |||
List<GroupPermissionDto> selectByGroupUuids(@Param("groupUuids") List<String> groupUuids, @Nullable @Param("projectUuid") String projectUuid); | |||
List<GroupPermissionDto> selectByGroupUuids(@Param("groupUuids") List<String> groupUuids, @Nullable @Param("entityUuid") String entityUuid); | |||
void groupsCountByProjectUuidAndPermission(Map<String, Object> parameters, ResultHandler<CountPerProjectPermission> resultHandler); | |||
void groupsCountByEntityUuidAndPermission(Map<String, Object> parameters, ResultHandler<CountPerEntityPermission> resultHandler); | |||
List<String> selectProjectKeysWithAnyonePermissions(int max); | |||
int countProjectsWithAnyonePermissions(); | |||
int countEntitiesWithAnyonePermissions(); | |||
void insert(GroupPermissionDto dto); | |||
int delete(@Param("permission") String permission, @Nullable @Param("groupUuid") String groupUuid, @Nullable @Param("rootComponentUuid") String rootComponentUuid); | |||
int delete(@Param("permission") String permission, @Nullable @Param("groupUuid") String groupUuid, @Nullable @Param("entityUuid") String entityUuid); | |||
List<String> selectGlobalPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid); | |||
List<String> selectProjectPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid, @Param("projectUuid") String projectUuid); | |||
List<String> selectEntityPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid, @Param("entityUuid") String entityUuid); | |||
void selectAllPermissionsByGroupUuid(@Param("groupUuid") String groupUuid, ResultHandler<GroupPermissionDto> resultHandler); | |||
/** | |||
* Lists uuid of groups with at least one permission on the specified root component but which do not have the specified | |||
* Lists uuid of groups with at least one permission on the specified entity but which do not have the specified | |||
* permission, <strong>excluding group "AnyOne"</strong> (which implies the returned {@code Set} can't contain | |||
* {@code null}). | |||
*/ | |||
Set<String> selectGroupUuidsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("role") String permission); | |||
Set<String> selectGroupUuidsWithPermissionOnEntityBut(@Param("entityUuid") String entityUuid, @Param("role") String permission); | |||
Set<String> selectGroupUuidsWithPermissionOnProject(@Param("projectUuid") String projectUuid, @Param("role") String permission); | |||
int deleteByRootComponentUuid(@Param("rootComponentUuid") String rootComponentUuid); | |||
int deleteByEntityUuid(@Param("entityUuid") String entityUuid); | |||
int deleteByEntityUuidAndGroupUuid(@Param("entityUuid") String entityUuid, @Nullable @Param("groupUuid") String groupUuid); | |||
@@ -25,6 +25,7 @@ import javax.annotation.Nullable; | |||
import javax.annotation.concurrent.Immutable; | |||
import org.sonar.db.WildcardPosition; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import static com.google.common.base.MoreObjects.firstNonNull; | |||
import static com.google.common.base.Preconditions.checkArgument; | |||
@@ -45,7 +46,7 @@ public class PermissionQuery { | |||
// filter: return only the users or groups who have this permission | |||
private final String permission; | |||
// filter on project, else filter org permissions | |||
private final String componentUuid; | |||
private final String entityUuid; | |||
// filter on login, email or name of users or groups | |||
private final String searchQuery; | |||
@@ -62,7 +63,7 @@ public class PermissionQuery { | |||
private PermissionQuery(Builder builder) { | |||
this.permission = builder.permission; | |||
this.withAtLeastOnePermission = builder.withAtLeastOnePermission; | |||
this.componentUuid = builder.componentUuid; | |||
this.entityUuid = builder.entityUuid; | |||
this.searchQuery = builder.searchQuery; | |||
this.searchQueryToSql = builder.searchQuery == null ? null : buildLikeValue(builder.searchQuery, WildcardPosition.BEFORE_AND_AFTER); | |||
this.searchQueryToSqlLowercase = searchQueryToSql == null ? null : searchQueryToSql.toLowerCase(Locale.ENGLISH); | |||
@@ -80,8 +81,8 @@ public class PermissionQuery { | |||
} | |||
@CheckForNull | |||
public String getComponentUuid() { | |||
return componentUuid; | |||
public String getEntityUuid() { | |||
return entityUuid; | |||
} | |||
@CheckForNull | |||
@@ -113,7 +114,7 @@ public class PermissionQuery { | |||
public static class Builder { | |||
private String permission; | |||
private String componentUuid; | |||
private String entityUuid; | |||
private String searchQuery; | |||
private boolean withAtLeastOnePermission; | |||
@@ -130,12 +131,16 @@ public class PermissionQuery { | |||
return this; | |||
} | |||
public Builder setComponent(ComponentDto component) { | |||
return setComponent(component.uuid()); | |||
public Builder setEntity(ComponentDto component) { | |||
return setEntityUuid(component.uuid()); | |||
} | |||
public Builder setComponent(String componentUuid) { | |||
this.componentUuid = componentUuid; | |||
public Builder setEntity(EntityDto entity) { | |||
return setEntityUuid(entity.getUuid()); | |||
} | |||
public Builder setEntityUuid(String entityUuid) { | |||
this.entityUuid = entityUuid; | |||
return this; | |||
} | |||
@@ -19,6 +19,7 @@ | |||
*/ | |||
package org.sonar.db.permission; | |||
import com.google.common.annotations.VisibleForTesting; | |||
import java.util.Collection; | |||
import java.util.List; | |||
import java.util.Set; | |||
@@ -29,7 +30,6 @@ import org.sonar.db.DatabaseUtils; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.audit.AuditPersister; | |||
import org.sonar.db.audit.model.UserPermissionNewValue; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.user.UserId; | |||
@@ -84,12 +84,13 @@ public class UserPermissionDao implements Dao { | |||
} | |||
/** | |||
* Count the number of users per permission for a given list of projects | |||
* Count the number of users per permission for a given list of entities | |||
* | |||
* @param projectUuids a non-null list of project uuids to filter on. If empty then an empty list is returned. | |||
* @param entityUuids a non-null list of entity uuids to filter on. If empty then an empty list is returned. | |||
*/ | |||
public List<CountPerProjectPermission> countUsersByProjectPermission(DbSession dbSession, Collection<String> projectUuids) { | |||
return executeLargeInputs(projectUuids, mapper(dbSession)::countUsersByProjectPermission); | |||
@VisibleForTesting | |||
List<CountPerEntityPermission> countUsersByEntityPermission(DbSession dbSession, Collection<String> entityUuids) { | |||
return executeLargeInputs(entityUuids, mapper(dbSession)::countUsersByEntityPermission); | |||
} | |||
/** | |||
@@ -102,38 +103,26 @@ public class UserPermissionDao implements Dao { | |||
} | |||
/** | |||
* Gets all the project permissions granted to user for the specified project. | |||
* Gets all the entity permissions granted to user for the specified entity. | |||
* | |||
* @return the project permissions. An empty list is returned if project or user do not exist. | |||
* @return the entity permissions. An empty list is returned if entity or user do not exist. | |||
*/ | |||
public List<String> selectProjectPermissionsOfUser(DbSession dbSession, String userUuid, String projectUuid) { | |||
return mapper(dbSession).selectProjectPermissionsOfUser(userUuid, projectUuid); | |||
public List<String> selectEntityPermissionsOfUser(DbSession dbSession, String userUuid, String entityUuid) { | |||
return mapper(dbSession).selectEntityPermissionsOfUser(userUuid, entityUuid); | |||
} | |||
public Set<UserIdDto> selectUserIdsWithPermissionOnProjectBut(DbSession session, String projectUuid, String permission) { | |||
return mapper(session).selectUserIdsWithPermissionOnProjectBut(projectUuid, permission); | |||
} | |||
//TODO, will be removed later | |||
public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable ComponentDto componentDto, | |||
@Nullable UserId userId, @Nullable PermissionTemplateDto templateDto) { | |||
mapper(dbSession).insert(dto); | |||
String componentName = (componentDto != null) ? componentDto.name() : null; | |||
String componentKey = (componentDto != null) ? componentDto.getKey() : null; | |||
String qualifier = (componentDto != null) ? componentDto.qualifier() : null; | |||
auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, componentKey, componentName, userId, qualifier, | |||
templateDto)); | |||
public Set<UserIdDto> selectUserIdsWithPermissionOnEntityBut(DbSession session, String entityUuid, String permission) { | |||
return mapper(session).selectUserIdsWithPermissionOnEntityBut(entityUuid, permission); | |||
} | |||
public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable EntityDto entityDto, | |||
@Nullable UserId userId, @Nullable PermissionTemplateDto templateDto) { | |||
mapper(dbSession).insert(dto); | |||
String componentName = (entityDto != null) ? entityDto.getName() : null; | |||
String componentKey = (entityDto != null) ? entityDto.getKey() : null; | |||
String qualifier = (entityDto != null) ? entityDto.getQualifier() : null; | |||
auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, componentKey, componentName, userId, qualifier, | |||
String entityName = (entityDto != null) ? entityDto.getName() : null; | |||
String entityKey = (entityDto != null) ? entityDto.getKey() : null; | |||
String entityQualifier = (entityDto != null) ? entityDto.getQualifier() : null; | |||
auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, entityKey, entityName, userId, entityQualifier, | |||
templateDto)); | |||
} | |||
@@ -149,21 +138,10 @@ public class UserPermissionDao implements Dao { | |||
} | |||
/** | |||
* Removes a single project permission from user | |||
*/ | |||
public void deleteProjectPermission(DbSession dbSession, UserId user, String permission, ComponentDto component) { | |||
int deletedRows = mapper(dbSession).deleteProjectPermission(user.getUuid(), permission, component.uuid()); | |||
if (deletedRows > 0) { | |||
auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, component.uuid(), component.getKey(), component.name(), user, component.qualifier())); | |||
} | |||
} | |||
/** | |||
* Removes a single project permission from user | |||
* Removes a single entity permission from user | |||
*/ | |||
public void deleteProjectPermission(DbSession dbSession, UserId user, String permission, EntityDto entity) { | |||
int deletedRows = mapper(dbSession).deleteProjectPermission(user.getUuid(), permission, entity.getUuid()); | |||
public void deleteEntityPermission(DbSession dbSession, UserId user, String permission, EntityDto entity) { | |||
int deletedRows = mapper(dbSession).deleteEntityPermission(user.getUuid(), permission, entity.getUuid()); | |||
if (deletedRows > 0) { | |||
auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, entity.getUuid(), entity.getKey(), entity.getName(), user, entity.getQualifier())); | |||
@@ -171,26 +149,26 @@ public class UserPermissionDao implements Dao { | |||
} | |||
/** | |||
* Deletes all the permissions defined on a project | |||
* Deletes all the permissions defined on an entity | |||
*/ | |||
public void deleteProjectPermissions(DbSession dbSession, ComponentDto component) { | |||
int deletedRows = mapper(dbSession).deleteProjectPermissions(component.uuid()); | |||
public void deleteEntityPermissions(DbSession dbSession, EntityDto entity) { | |||
int deletedRows = mapper(dbSession).deleteEntityPermissions(entity.getUuid()); | |||
if (deletedRows > 0) { | |||
auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(null, component.uuid(), component.getKey(), | |||
component.name(), null, component.qualifier())); | |||
auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(null, entity.getUuid(), entity.getKey(), | |||
entity.getName(), null, entity.getQualifier())); | |||
} | |||
} | |||
/** | |||
* Deletes the specified permission on the specified entity for any user. | |||
*/ | |||
public int deleteEntityPermissionOfAnyUser(DbSession dbSession, String permission, EntityDto entityDto) { | |||
int deletedRows = mapper(dbSession).deleteEntityPermissionOfAnyUser(entityDto.getUuid(), permission); | |||
public int deleteEntityPermissionOfAnyUser(DbSession dbSession, String permission, EntityDto entity) { | |||
int deletedRows = mapper(dbSession).deleteEntityPermissionOfAnyUser(entity.getUuid(), permission); | |||
if (deletedRows > 0) { | |||
auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, entityDto.getUuid(), entityDto.getKey(), | |||
entityDto.getName(), null, entityDto.getQualifier())); | |||
auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, entity.getUuid(), entity.getKey(), | |||
entity.getName(), null, entity.getQualifier())); | |||
} | |||
return deletedRows; |
@@ -32,7 +32,7 @@ public interface UserPermissionMapper { | |||
List<String> selectUserUuidsByQuery(@Param("query") PermissionQuery query); | |||
/** | |||
* Fetch user ids based on permission query and only in a specific scope (global permissions only or project permissions only) | |||
* Fetch user ids based on permission query and only in a specific scope (global permissions only or entity permissions only) | |||
*/ | |||
List<String> selectUserUuidsByQueryAndScope(@Param("query") PermissionQuery query); | |||
@@ -43,30 +43,30 @@ public interface UserPermissionMapper { | |||
int countUsersByQuery(@Param("query") PermissionQuery query); | |||
/** | |||
* Count the number of users per permission for a given list of projects. | |||
* @param projectUuids a non-null and non-empty list of project ids | |||
* Count the number of users per permission for a given list of entities. | |||
* @param entityUuids a non-null and non-empty list of entities uuids | |||
*/ | |||
List<CountPerProjectPermission> countUsersByProjectPermission(@Param("projectUuids") List<String> projectUuids); | |||
List<CountPerEntityPermission> countUsersByEntityPermission(@Param("entityUuids") List<String> entityUuids); | |||
/** | |||
* select id of users with at least one permission on the specified project but which do not have the specified permission. | |||
* select id of users with at least one permission on the specified entity but which do not have the specified permission. | |||
*/ | |||
Set<UserIdDto> selectUserIdsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("permission") String permission); | |||
Set<UserIdDto> selectUserIdsWithPermissionOnEntityBut(@Param("entityUuid") String entityUuid, @Param("permission") String permission); | |||
void insert(@Param("dto")UserPermissionDto dto); | |||
int deleteGlobalPermission(@Param("userUuid") String userUuid, @Param("permission") String permission); | |||
int deleteProjectPermission(@Param("userUuid") String userUuid, @Param("permission") String permission, | |||
@Param("projectUuid") String projectUuid); | |||
int deleteEntityPermission(@Param("userUuid") String userUuid, @Param("permission") String permission, | |||
@Param("entityUuid") String entityUuid); | |||
int deleteProjectPermissions(@Param("projectUuid") String projectUuid); | |||
int deleteEntityPermissions(@Param("entityUuid") String entityUuid); | |||
int deleteEntityPermissionOfAnyUser(@Param("entityUuid") String entityUuid, @Param("permission") String permission); | |||
List<String> selectGlobalPermissionsOfUser(@Param("userUuid") String userUuid); | |||
List<String> selectProjectPermissionsOfUser(@Param("userUuid") String userUuid, @Param("projectUuid") String projectUuid); | |||
List<String> selectEntityPermissionsOfUser(@Param("userUuid") String userUuid, @Param("entityUuid") String entityUuid); | |||
int deleteByUserUuid(@Param("userUuid") String userUuid); | |||
} |
@@ -35,7 +35,7 @@ import org.sonar.db.Dao; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.audit.AuditPersister; | |||
import org.sonar.db.audit.model.PermissionTemplateNewValue; | |||
import org.sonar.db.permission.CountPerProjectPermission; | |||
import org.sonar.db.permission.CountPerEntityPermission; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import static java.lang.String.format; | |||
@@ -125,7 +125,7 @@ public class PermissionTemplateDao implements Dao { | |||
} | |||
/** | |||
* Each row returns a #{@link CountPerProjectPermission} | |||
* Each row returns a #{@link CountPerEntityPermission} | |||
*/ | |||
public void usersCountByTemplateUuidAndPermission(DbSession dbSession, List<String> templateUuids, ResultHandler<CountByTemplateAndPermissionDto> resultHandler) { | |||
Map<String, Object> parameters = new HashMap<>(1); | |||
@@ -139,7 +139,7 @@ public class PermissionTemplateDao implements Dao { | |||
} | |||
/** | |||
* Each row returns a #{@link CountPerProjectPermission} | |||
* Each row returns a #{@link CountPerEntityPermission} | |||
*/ | |||
public void groupsCountByTemplateUuidAndPermission(DbSession dbSession, List<String> templateUuids, ResultHandler<CountByTemplateAndPermissionDto> resultHandler) { | |||
Map<String, Object> parameters = new HashMap<>(2); |
@@ -26,7 +26,7 @@ | |||
from projects p) | |||
UNION | |||
(select <include refid="org.sonar.db.entity.EntityMapper.entityPortfolioColumns"/> | |||
from portfolios p) | |||
from portfolios p where p.parent_uuid is null) | |||
</sql> | |||
<select id="selectByUuids" resultType="Entity"> |
@@ -3,17 +3,17 @@ | |||
<mapper namespace="org.sonar.db.permission.GroupPermissionMapper"> | |||
<select id="groupsCountByProjectUuidAndPermission" parameterType="map" | |||
resultType="org.sonar.db.permission.CountPerProjectPermission"> | |||
<select id="groupsCountByEntityUuidAndPermission" parameterType="map" | |||
resultType="org.sonar.db.permission.CountPerEntityPermission"> | |||
SELECT | |||
count(1) as count, | |||
permission, | |||
componentUuid | |||
entityUuid | |||
FROM ( | |||
SELECT | |||
g.name as name, | |||
group_role.role as permission, | |||
group_role.component_uuid as componentUuid | |||
group_role.component_uuid as entityUuid | |||
FROM | |||
groups g | |||
INNER JOIN group_roles group_role ON | |||
@@ -23,20 +23,20 @@ | |||
SELECT | |||
#{anyoneGroup} as name, | |||
group_role.role as permission, | |||
group_role.component_uuid as componentUuid | |||
group_role.component_uuid as entityUuid | |||
FROM | |||
group_roles group_role | |||
where | |||
group_role.group_uuid IS NULL | |||
) groups | |||
where | |||
groups.componentUuid in | |||
<foreach collection="componentUuids" open="(" close=")" item="id" separator=","> | |||
groups.entityUuid in | |||
<foreach collection="entityUuids" open="(" close=")" item="id" separator=","> | |||
#{id,jdbcType=VARCHAR} | |||
</foreach> | |||
GROUP BY | |||
groups.permission, | |||
groups.componentUuid | |||
groups.entityUuid | |||
</select> | |||
<select id="selectProjectKeysWithAnyonePermissions" parameterType="int" resultType="string"> | |||
@@ -65,7 +65,7 @@ | |||
ORDER BY kee ASC | |||
</select> | |||
<select id="countProjectsWithAnyonePermissions" resultType="int"> | |||
<select id="countEntitiesWithAnyonePermissions" resultType="int"> | |||
select count(distinct(gr.component_uuid)) | |||
from group_roles gr where gr.group_uuid is null and gr.component_uuid is not null | |||
</select> | |||
@@ -89,11 +89,11 @@ | |||
select g.uuid as groupUuid, g.name as name, gr.role as permission, gr.component_uuid as componentUuid, gr.uuid as uuid | |||
from groups g | |||
left join group_roles gr on g.uuid = gr.group_uuid | |||
<if test="query.componentUuid == null"> | |||
<if test="query.entityUuid == null"> | |||
and gr.component_uuid is null | |||
</if> | |||
<if test="query.componentUuid != null"> | |||
and gr.component_uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
<if test="query.entityUuid != null"> | |||
and gr.component_uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
</if> | |||
union all | |||
@@ -101,11 +101,11 @@ | |||
select 'Anyone' as groupUuid, 'Anyone' as name, gr.role as permission, gr.component_uuid as componentUuid, gr.uuid as uuid | |||
from group_roles gr | |||
<where> | |||
<if test="query.componentUuid == null"> | |||
<if test="query.entityUuid == null"> | |||
and gr.component_uuid is null | |||
</if> | |||
<if test="query.componentUuid != null"> | |||
and gr.component_uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
<if test="query.entityUuid != null"> | |||
and gr.component_uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
</if> | |||
<if test="query.withAtLeastOnePermission()"> | |||
and gr.group_uuid is null | |||
@@ -113,7 +113,7 @@ | |||
</where> | |||
) sub | |||
left join components p on sub.componentUuid = p.uuid | |||
left join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on sub.componentUuid = entity.uuid | |||
<where> | |||
<if test="query.searchQueryToSql != null"> | |||
and lower(sub.name) like #{query.searchQueryToSqlLowercase,jdbcType=VARCHAR} ESCAPE '/' | |||
@@ -121,11 +121,11 @@ | |||
<!-- filter rows with group permissions --> | |||
<if test="query.withAtLeastOnePermission()"> | |||
and sub.permission is not null | |||
<if test="query.componentUuid==null"> | |||
<if test="query.entityUuid==null"> | |||
and sub.componentUuid is null | |||
</if> | |||
<if test="query.componentUuid!=null"> | |||
and p.uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
<if test="query.entityUuid!=null"> | |||
and entity.uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
</if> | |||
<if test="query.permission!=null"> | |||
and sub.permission = #{query.permission,jdbcType=VARCHAR} | |||
@@ -155,10 +155,10 @@ | |||
<foreach collection="groupUuids" open="(" close=")" item="groupUuid" separator=","> | |||
#{groupUuid,jdbcType=VARCHAR} | |||
</foreach> | |||
<if test="projectUuid != null"> | |||
and sub.componentUuid=#{projectUuid,jdbcType=VARCHAR} | |||
<if test="entityUuid != null"> | |||
and sub.componentUuid=#{entityUuid,jdbcType=VARCHAR} | |||
</if> | |||
<if test="projectUuid==null"> | |||
<if test="entityUuid==null"> | |||
and sub.componentUuid is null | |||
</if> | |||
</select> | |||
@@ -178,11 +178,11 @@ | |||
</choose> | |||
</select> | |||
<select id="selectProjectPermissionsOfGroup" parameterType="map" resultType="String"> | |||
<select id="selectEntityPermissionsOfGroup" parameterType="map" resultType="String"> | |||
select gr.role | |||
from group_roles gr | |||
where | |||
gr.component_uuid = #{projectUuid,jdbcType=VARCHAR} and | |||
gr.component_uuid = #{entityUuid,jdbcType=VARCHAR} and | |||
<choose> | |||
<when test="groupUuid != null"> | |||
gr.group_uuid = #{groupUuid,jdbcType=VARCHAR} | |||
@@ -199,13 +199,13 @@ | |||
where gr.group_uuid = #{groupUuid,jdbcType=VARCHAR} | |||
</select> | |||
<select id="selectGroupUuidsWithPermissionOnProjectBut" resultType="string"> | |||
<select id="selectGroupUuidsWithPermissionOnEntityBut" resultType="string"> | |||
select | |||
distinct gr1.group_uuid | |||
from | |||
group_roles gr1 | |||
where | |||
gr1.component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
gr1.component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
and gr1.group_uuid is not null | |||
and not exists ( | |||
select | |||
@@ -244,9 +244,9 @@ | |||
) | |||
</insert> | |||
<delete id="deleteByRootComponentUuid" parameterType="String"> | |||
<delete id="deleteByEntityUuid" parameterType="String"> | |||
delete from group_roles | |||
where component_uuid=#{rootComponentUuid,jdbcType=VARCHAR} | |||
where component_uuid=#{entityUuid,jdbcType=VARCHAR} | |||
</delete> | |||
<delete id="deleteByEntityUuidAndGroupUuid"> | |||
@@ -277,8 +277,8 @@ | |||
where | |||
role=#{permission,jdbcType=VARCHAR} and | |||
<choose> | |||
<when test="rootComponentUuid != null"> | |||
component_uuid=#{rootComponentUuid,jdbcType=BIGINT} | |||
<when test="entityUuid != null"> | |||
component_uuid=#{entityUuid,jdbcType=BIGINT} | |||
</when> | |||
<otherwise> | |||
component_uuid is null |
@@ -32,14 +32,14 @@ | |||
from users u | |||
left join user_roles ur on ur.user_uuid = u.uuid | |||
<choose> | |||
<when test="query.componentUuid == null"> | |||
<when test="query.entityUuid == null"> | |||
and ur.component_uuid is null | |||
</when> | |||
<otherwise> | |||
and ur.component_uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
and ur.component_uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
</otherwise> | |||
</choose> | |||
left join components p on ur.component_uuid = p.uuid | |||
left join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on ur.component_uuid = entity.uuid | |||
<where> | |||
<include refid="sqlQueryFilters"/> | |||
</where> | |||
@@ -58,7 +58,7 @@ | |||
<sql id="sqlQueryJoins"> | |||
from users u | |||
left join user_roles ur on ur.user_uuid = u.uuid | |||
left join components p on ur.component_uuid = p.uuid | |||
left join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on ur.component_uuid = entity.uuid | |||
</sql> | |||
<sql id="sqlQueryFilters"> | |||
@@ -72,11 +72,11 @@ | |||
<!-- filter rows with user permissions --> | |||
<if test="query.withAtLeastOnePermission()"> | |||
and ur.role is not null | |||
<if test="query.componentUuid==null"> | |||
<if test="query.entityUuid == null"> | |||
and ur.component_uuid is null | |||
</if> | |||
<if test="query.componentUuid!=null"> | |||
and p.uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
<if test="query.entityUuid != null"> | |||
and entity.uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
</if> | |||
<if test="query.permission!=null"> | |||
and ur.role = #{query.permission,jdbcType=VARCHAR} | |||
@@ -92,31 +92,31 @@ | |||
ur.component_uuid is null | |||
</select> | |||
<select id="selectProjectPermissionsOfUser" parameterType="map" resultType="string"> | |||
<select id="selectEntityPermissionsOfUser" parameterType="map" resultType="string"> | |||
select ur.role | |||
from user_roles ur | |||
where | |||
ur.user_uuid = #{userUuid,jdbcType=VARCHAR} and | |||
ur.component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
ur.component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
</select> | |||
<select id="countUsersByProjectPermission" resultType="org.sonar.db.permission.CountPerProjectPermission"> | |||
select ur.component_uuid as componentUuid, ur.role as permission, count(u.login) as count | |||
<select id="countUsersByEntityPermission" resultType="org.sonar.db.permission.CountPerEntityPermission"> | |||
select ur.component_uuid as entityUuid, ur.role as permission, count(u.login) as count | |||
from users u | |||
inner join user_roles ur on ur.user_uuid = u.uuid | |||
inner join components p on p.uuid = ur.component_uuid | |||
inner join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on ur.component_uuid = entity.uuid | |||
where u.active = ${_true} | |||
and p.uuid in <foreach collection="projectUuids" open="(" close=")" item="projectUuid" separator=",">#{projectUuid}</foreach> | |||
and entity.uuid in <foreach collection="entityUuids" open="(" close=")" item="entityUuid" separator=",">#{entityUuid}</foreach> | |||
group by ur.component_uuid, ur.role | |||
</select> | |||
<select id="selectUserIdsWithPermissionOnProjectBut" resultType="org.sonar.db.user.UserIdDto"> | |||
<select id="selectUserIdsWithPermissionOnEntityBut" resultType="org.sonar.db.user.UserIdDto"> | |||
select | |||
distinct ur1.user_uuid, u.login | |||
from | |||
user_roles ur1 inner join users u on ur1.user_uuid = u.uuid | |||
where | |||
ur1.component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
ur1.component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
and role <> #{permission,jdbcType=VARCHAR} | |||
and not exists ( | |||
select | |||
@@ -152,18 +152,18 @@ | |||
component_uuid is null | |||
</delete> | |||
<delete id="deleteProjectPermission" parameterType="map"> | |||
<delete id="deleteEntityPermission" parameterType="map"> | |||
delete from user_roles | |||
where | |||
role = #{permission,jdbcType=VARCHAR} and | |||
user_uuid = #{userUuid,jdbcType=VARCHAR} and | |||
component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
</delete> | |||
<delete id="deleteProjectPermissions" parameterType="map"> | |||
<delete id="deleteEntityPermissions" parameterType="map"> | |||
delete from user_roles | |||
where | |||
component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
</delete> | |||
<delete id="deleteEntityPermissionOfAnyUser" parameterType="map"> |
@@ -33,12 +33,12 @@ public class PermissionQueryTest { | |||
public void create_query() { | |||
ComponentDto project = newPublicProjectDto(); | |||
PermissionQuery query = PermissionQuery.builder() | |||
.setComponent(project) | |||
.setEntity(project) | |||
.setPermission("user") | |||
.setSearchQuery("sonar") | |||
.build(); | |||
assertThat(query.getComponentUuid()).isEqualTo(project.uuid()); | |||
assertThat(query.getEntityUuid()).isEqualTo(project.uuid()); | |||
assertThat(query.getPermission()).isEqualTo("user"); | |||
assertThat(query.getSearchQuery()).isEqualTo("sonar"); | |||
} |
@@ -136,6 +136,10 @@ public class DbTester extends AbstractDbTester<TestDbImpl> { | |||
return new DbTester(system2, false, null, auditPersister); | |||
} | |||
public static DbTester create(System2 system2, AuditPersister auditPersister, boolean useDifferentProjectUuids) { | |||
return new DbTester(system2, useDifferentProjectUuids, null, auditPersister); | |||
} | |||
public static DbTester create(System2 system2) { | |||
return new DbTester(system2, false, null, new NoOpAuditPersister()); | |||
} |
@@ -61,6 +61,12 @@ public class ComponentDbTester { | |||
return insertSnapshot(component); | |||
} | |||
public ProjectData insertProjectDataAndSnapshot(ComponentDto component) { | |||
ProjectData projectData = insertComponentAndBranchAndProject(component, null, defaults(), defaults(), defaults()); | |||
insertSnapshot(component); | |||
return projectData; | |||
} | |||
public SnapshotDto insertPortfolioAndSnapshot(ComponentDto component) { | |||
dbClient.componentDao().insert(dbSession, component, true); | |||
return insertSnapshot(component); | |||
@@ -217,6 +223,12 @@ public class ComponentDbTester { | |||
return getPortfolioDto(component); | |||
} | |||
public final PortfolioData insertPrivatePortfolioData() { | |||
ComponentDto component = insertComponentAndPortfolio(ComponentTesting.newPortfolio().setPrivate(true), true, defaults(), defaults()); | |||
PortfolioDto portfolioDto = getPortfolioDto(component); | |||
return new PortfolioData(portfolioDto, component); | |||
} | |||
public final PortfolioDto insertPrivatePortfolioDto(Consumer<ComponentDto> dtoPopulator) { | |||
ComponentDto component = insertComponentAndPortfolio(ComponentTesting.newPortfolio().setPrivate(true), true, dtoPopulator, defaults()); | |||
return getPortfolioDto(component); |
@@ -0,0 +1,42 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2023 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.db.component; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
public class PortfolioData { | |||
private final ComponentDto rootComponent; | |||
private final PortfolioDto portfolioDto; | |||
public PortfolioData(PortfolioDto projectDto, ComponentDto rootComponent) { | |||
this.rootComponent = rootComponent; | |||
this.portfolioDto = projectDto; | |||
} | |||
public ComponentDto getRootComponent() { | |||
return rootComponent; | |||
} | |||
public PortfolioDto getPortfolioDto() { | |||
return portfolioDto; | |||
} | |||
} |
@@ -233,7 +233,7 @@ public class UserDbTester { | |||
.setUuid(Uuids.createFast()) | |||
.setGroupUuid(null) | |||
.setRole(permission); | |||
db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, (EntityDto) null, null); | |||
db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, null, null); | |||
db.commit(); | |||
return dto; | |||
} | |||
@@ -256,11 +256,6 @@ public class UserDbTester { | |||
return insertPermissionOnGroup(group, permission.getKey()); | |||
} | |||
public void deletePermissionFromGroup(GroupDto group, String permission) { | |||
db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getUuid(), group.getName(), null, (ComponentDto) null); | |||
db.commit(); | |||
} | |||
public GroupPermissionDto insertProjectPermissionOnAnyone(String permission, ComponentDto project) { | |||
checkArgument(!project.isPrivate(), "No permission to group AnyOne can be granted on a private project"); | |||
checkArgument(!PUBLIC_PERMISSIONS.contains(permission), | |||
@@ -300,8 +295,8 @@ public class UserDbTester { | |||
return dto; | |||
} | |||
public void deleteProjectPermissionFromAnyone(EntityDto project, String permission) { | |||
db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, null, null, project.getUuid(), project); | |||
public void deleteProjectPermissionFromAnyone(EntityDto entity, String permission) { | |||
db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, null, null, entity); | |||
db.commit(); | |||
} | |||
@@ -328,36 +323,33 @@ public class UserDbTester { | |||
return dto; | |||
} | |||
public GroupPermissionDto insertProjectPermissionOnGroup(GroupDto group, String permission, ProjectDto project) { | |||
checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), | |||
public GroupPermissionDto insertProjectPermissionOnGroup(GroupDto group, String permission, EntityDto entity) { | |||
checkArgument(entity.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), | |||
"%s can't be granted on a public project", permission); | |||
Optional<BranchDto> branchDto = db.getDbClient().branchDao().selectByUuid(db.getSession(), project.getUuid()); | |||
// I don't know if this check is worth it | |||
branchDto.ifPresent(dto -> checkArgument(dto.isMain(), PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES)); | |||
GroupPermissionDto dto = new GroupPermissionDto() | |||
.setUuid(Uuids.createFast()) | |||
.setGroupUuid(group.getUuid()) | |||
.setGroupName(group.getName()) | |||
.setRole(permission) | |||
.setComponentUuid(project.getUuid()) | |||
.setComponentName(project.getUuid()); | |||
db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, project, null); | |||
.setComponentUuid(entity.getUuid()) | |||
.setComponentName(entity.getName()); | |||
db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, entity, null); | |||
db.commit(); | |||
return dto; | |||
} | |||
public List<String> selectGroupPermissions(GroupDto group, @Nullable ComponentDto project) { | |||
if (project == null) { | |||
public List<String> selectGroupPermissions(GroupDto group, @Nullable EntityDto entity) { | |||
if (entity == null) { | |||
return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group.getUuid()); | |||
} | |||
return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group.getUuid(), project.uuid()); | |||
return db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), group.getUuid(), entity.getUuid()); | |||
} | |||
public List<String> selectAnyonePermissions(@Nullable ComponentDto project) { | |||
if (project == null) { | |||
public List<String> selectAnyonePermissions(@Nullable String entityUuid) { | |||
if (entityUuid == null) { | |||
return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), null); | |||
} | |||
return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), null, project.uuid()); | |||
return db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), null, entityUuid); | |||
} | |||
// USER PERMISSIONS | |||
@@ -385,7 +377,7 @@ public class UserDbTester { | |||
} | |||
public void deletePermissionFromUser(EntityDto project, UserDto user, String permission) { | |||
db.getDbClient().userPermissionDao().deleteProjectPermission(db.getSession(), user, permission, project); | |||
db.getDbClient().userPermissionDao().deleteEntityPermission(db.getSession(), user, permission, project); | |||
db.commit(); | |||
} | |||
@@ -429,10 +421,11 @@ public class UserDbTester { | |||
.selectGlobalPermissionsOfUser(db.getSession(), user.getUuid())); | |||
} | |||
public List<String> selectProjectPermissionsOfUser(UserDto user, ComponentDto project) { | |||
return db.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(db.getSession(), user.getUuid(), project.uuid()); | |||
public List<String> selectEntityPermissionOfUser(UserDto user, String entityUuid) { | |||
return db.getDbClient().userPermissionDao().selectEntityPermissionsOfUser(db.getSession(), user.getUuid(), entityUuid); | |||
} | |||
private static List<GlobalPermission> toListOfGlobalPermissions(List<String> keys) { | |||
return keys | |||
.stream() |
@@ -62,7 +62,7 @@ public class CheckAnyonePermissionsAtStartup implements Startable { | |||
"instance to security risks. Unauthenticated visitors may unintentionally have permissions on projects."); | |||
} | |||
int total = dbClient.groupPermissionDao().countProjectsWithAnyonePermissions(dbSession); | |||
int total = dbClient.groupPermissionDao().countEntitiesWithAnyonePermissions(dbSession); | |||
if (total > 0) { | |||
List<String> list = dbClient.groupPermissionDao().selectProjectKeysWithAnyonePermissions(dbSession, 3); | |||
LOG.warn("Authentication is not enforced, and project permissions assigned to the 'Anyone' group expose {} " + |
@@ -161,7 +161,7 @@ public class ReportSubmitterIT { | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}", UTF_8)); | |||
@@ -181,7 +181,7 @@ public class ReportSubmitterIT { | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}", UTF_8)); | |||
@@ -197,7 +197,7 @@ public class ReportSubmitterIT { | |||
.addPermission(PROVISION_PROJECTS); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))) | |||
.thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(false); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(false); | |||
mockSuccessfulPrepareSubmitCall(); | |||
underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}")); | |||
@@ -216,7 +216,7 @@ public class ReportSubmitterIT { | |||
.addPermission(PROVISION_PROJECTS); | |||
mockSuccessfulPrepareSubmitCall(); | |||
when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}", UTF_8)); | |||
@@ -43,6 +43,7 @@ import org.sonar.server.favorite.FavoriteUpdater; | |||
import org.sonar.server.l18n.I18nRule; | |||
import org.sonar.server.permission.PermissionTemplateService; | |||
import org.sonar.server.project.DefaultBranchNameResolver; | |||
import org.sonar.server.project.Project; | |||
import static java.util.stream.IntStream.rangeClosed; | |||
import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic; | |||
@@ -222,7 +223,7 @@ public class ComponentUpdaterIT { | |||
.setKey(DEFAULT_PROJECT_KEY) | |||
.setName(DEFAULT_PROJECT_NAME) | |||
.build(); | |||
ComponentDto dto = underTest.create(db.getSession(), project, userUuid, "user-login").mainBranchComponent(); | |||
ProjectDto dto = underTest.create(db.getSession(), project, userUuid, "user-login").projectDto(); | |||
verify(permissionTemplateService).applyDefaultToNewComponent(db.getSession(), dto, userUuid); | |||
} | |||
@@ -234,7 +235,7 @@ public class ComponentUpdaterIT { | |||
.setKey(DEFAULT_PROJECT_KEY) | |||
.setName(DEFAULT_PROJECT_NAME) | |||
.build(); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))) | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))) | |||
.thenReturn(true); | |||
ProjectDto dto = underTest.create(db.getSession(), project, userDto.getUuid(), userDto.getLogin()).projectDto(); | |||
@@ -250,7 +251,7 @@ public class ComponentUpdaterIT { | |||
.setKey(DEFAULT_PROJECT_KEY) | |||
.setName(DEFAULT_PROJECT_NAME) | |||
.build(); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(eq(db.getSession()), any(ComponentDto.class))) | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(eq(db.getSession()), any(ProjectDto.class))) | |||
.thenReturn(true); | |||
ProjectDto dto = underTest.create(db.getSession(), |
@@ -35,6 +35,7 @@ import org.sonar.db.component.ProjectData; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
@@ -57,15 +58,14 @@ public class GroupPermissionChangerIT { | |||
private final GroupPermissionChanger underTest = new GroupPermissionChanger(db.getDbClient(), new SequenceUuidFactory()); | |||
private GroupDto group; | |||
//TODO we should only be using ProjectDto here | |||
private ProjectData privateProject; | |||
private ProjectData publicProject; | |||
private ProjectDto privateProject; | |||
private ProjectDto publicProject; | |||
@Before | |||
public void setUp() { | |||
group = db.users().insertGroup("a-group"); | |||
privateProject = db.components().insertPrivateProject(); | |||
publicProject = db.components().insertPublicProject(); | |||
privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
publicProject = db.components().insertPublicProject().getProjectDto(); | |||
} | |||
@Test | |||
@@ -91,7 +91,7 @@ public class GroupPermissionChangerIT { | |||
GroupUuidOrAnyone anyOneGroup = GroupUuidOrAnyone.forAnyone(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> { | |||
GroupPermissionChange change = new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject.getMainBranchComponent(), anyOneGroup, permissionService); | |||
GroupPermissionChange change = new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject, anyOneGroup, permissionService); | |||
try { | |||
apply(change); | |||
fail("a BadRequestException should have been thrown"); | |||
@@ -109,9 +109,9 @@ public class GroupPermissionChangerIT { | |||
GroupUuidOrAnyone anyOneGroup = GroupUuidOrAnyone.forAnyone(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> { | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, perm, privateProject.getMainBranchComponent(), anyOneGroup, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, perm, privateProject, anyOneGroup, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(privateProject.getMainBranchComponent())).contains(perm); | |||
assertThat(db.users().selectAnyonePermissions(privateProject.getUuid())).contains(perm); | |||
}); | |||
} | |||
@@ -143,10 +143,10 @@ public class GroupPermissionChangerIT { | |||
private void applyAddsPermissionToGroupOnPrivateProject(String permission) { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).containsOnly(permission); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(permission); | |||
} | |||
@Test | |||
@@ -176,36 +176,36 @@ public class GroupPermissionChangerIT { | |||
private void applyRemovesPermissionFromGroupOnPrivateProject(String permission) { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
db.users().insertProjectPermissionOnGroup(group, permission, privateProject.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group, permission, privateProject); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).containsOnly(permission); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(permission); | |||
} | |||
@Test | |||
public void apply_has_no_effect_when_adding_USER_permission_to_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, publicProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void apply_has_no_effect_when_adding_CODEVIEWER_permission_to_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.CODEVIEWER, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.CODEVIEWER, publicProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void apply_fails_with_BadRequestException_when_adding_permission_ADMIN_to_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ADMIN, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ADMIN, publicProject, groupUuid, permissionService))) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("It is not possible to add the 'admin' permission to group 'Anyone'."); | |||
} | |||
@@ -214,25 +214,25 @@ public class GroupPermissionChangerIT { | |||
public void apply_adds_permission_ISSUE_ADMIN_to_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ISSUE_ADMIN, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ISSUE_ADMIN, publicProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void apply_adds_permission_SCAN_EXECUTION_to_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermission.SCAN.getKey(), publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermission.SCAN.getKey(), publicProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void apply_fails_with_BadRequestException_when_removing_USER_permission_from_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject, groupUuid, permissionService))) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Permission user can't be removed from a public component"); | |||
} | |||
@@ -241,7 +241,7 @@ public class GroupPermissionChangerIT { | |||
public void apply_fails_with_BadRequestException_when_removing_CODEVIEWER_permission_from_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject, groupUuid, permissionService))) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Permission codeviewer can't be removed from a public component"); | |||
} | |||
@@ -263,18 +263,18 @@ public class GroupPermissionChangerIT { | |||
private void applyRemovesPermissionFromGroupAnyOneOnAPublicProject(String permission) { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
db.users().insertProjectPermissionOnAnyone(permission, publicProject.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnAnyone(permission, publicProject); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, permission, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, permission, publicProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void apply_fails_with_BadRequestException_when_removing_USER_permission_from_a_group_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject, groupUuid, permissionService))) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Permission user can't be removed from a public component"); | |||
} | |||
@@ -283,7 +283,7 @@ public class GroupPermissionChangerIT { | |||
public void apply_fails_with_BadRequestException_when_removing_CODEVIEWER_permission_from_a_group_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject, groupUuid, permissionService))) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Permission codeviewer can't be removed from a public component"); | |||
} | |||
@@ -317,7 +317,7 @@ public class GroupPermissionChangerIT { | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) | |||
.forEach(perm -> { | |||
try { | |||
new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject.getMainBranchComponent(), groupUuid, permissionService); | |||
new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject, groupUuid, permissionService); | |||
fail("a BadRequestException should have been thrown for permission " + perm); | |||
} catch (BadRequestException e) { | |||
assertThat(e).hasMessage("Invalid project permission '" + perm + | |||
@@ -335,7 +335,7 @@ public class GroupPermissionChangerIT { | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) | |||
.forEach(perm -> { | |||
try { | |||
new GroupPermissionChange(PermissionChange.Operation.ADD, perm, publicProject.getMainBranchComponent(), groupUuid, permissionService); | |||
new GroupPermissionChange(PermissionChange.Operation.ADD, perm, publicProject, groupUuid, permissionService); | |||
fail("a BadRequestException should have been thrown for permission " + perm); | |||
} catch (BadRequestException e) { | |||
assertThat(e).hasMessage("Invalid project permission '" + perm + | |||
@@ -376,23 +376,23 @@ public class GroupPermissionChangerIT { | |||
public void remove_project_permission_from_group() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
db.users().insertPermissionOnGroup(group, ADMINISTER_QUALITY_GATES); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, privateProject.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, privateProject.getMainBranchComponent()); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, privateProject); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, privateProject); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(ADMINISTER_QUALITY_GATES.getKey()); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).containsOnly(UserRole.CODEVIEWER); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
public void do_not_fail_if_removing_a_permission_that_does_not_exist() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).isEmpty(); | |||
assertThat(db.users().selectGroupPermissions(group, privateProject)).isEmpty(); | |||
} | |||
@Test | |||
@@ -427,9 +427,9 @@ public class GroupPermissionChangerIT { | |||
.setUuid(Uuids.createFast()) | |||
.setGroupUuid(null) | |||
.setRole(perm) | |||
.setComponentUuid(privateProject.projectUuid()) | |||
.setComponentName(privateProject.getProjectDto().getName()); | |||
db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, privateProject.getProjectDto(), null); | |||
.setComponentUuid(privateProject.getUuid()) | |||
.setComponentName(privateProject.getName()); | |||
db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, privateProject, null); | |||
db.commit(); | |||
} | |||
} |
@@ -29,11 +29,12 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.template.PermissionTemplateDbTester; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.es.ProjectIndexers; | |||
@@ -62,22 +63,21 @@ public class PermissionTemplateServiceIT { | |||
private final ProjectIndexers projectIndexers = new TestProjectIndexers(); | |||
private final PermissionTemplateService underTest = new PermissionTemplateService(dbTester.getDbClient(), projectIndexers, userSession, defaultTemplatesResolver, | |||
new SequenceUuidFactory()); | |||
private ComponentDto privateProject; | |||
@Test | |||
public void apply_does_not_insert_permission_to_group_AnyOne_when_applying_template_on_private_project() { | |||
ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1"); | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
assertThat(selectProjectPermissionsOfGroup(null, privateProject)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(null, privateProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void apply_default_does_not_insert_permission_to_group_AnyOne_when_applying_template_on_private_project() { | |||
ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
UserDto creator = dbTester.users().insertUser(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1"); | |||
@@ -85,12 +85,12 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, privateProject, creator.getUuid()); | |||
assertThat(selectProjectPermissionsOfGroup(null, privateProject)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(null, privateProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void apply_inserts_permissions_to_group_AnyOne_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, perm)); | |||
@@ -98,13 +98,13 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
assertThat(selectProjectPermissionsOfGroup(null, publicProject)) | |||
assertThat(selectProjectPermissionsOfGroup(null, publicProject.getUuid())) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void applyDefault_inserts_permissions_to_group_AnyOne_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, perm)); | |||
@@ -113,13 +113,13 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
assertThat(selectProjectPermissionsOfGroup(null, publicProject)) | |||
assertThat(selectProjectPermissionsOfGroup(null, publicProject.getUuid())) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void apply_inserts_any_permissions_to_group_when_applying_template_on_private_project() { | |||
ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
permissionService.getAllProjectPermissions() | |||
@@ -128,14 +128,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
assertThat(selectProjectPermissionsOfGroup(group, privateProject)) | |||
assertThat(selectProjectPermissionsOfGroup(group, privateProject.getUuid())) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void applyDefault_inserts_any_permissions_to_group_when_applying_template_on_private_project() { | |||
GroupDto group = dbTester.users().insertGroup(); | |||
ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm)); | |||
@@ -144,14 +144,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, privateProject, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, privateProject)) | |||
assertThat(selectProjectPermissionsOfGroup(group, privateProject.getUuid())) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void apply_inserts_permissions_to_group_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm)); | |||
@@ -159,14 +159,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
assertThat(selectProjectPermissionsOfGroup(group, publicProject)) | |||
assertThat(selectProjectPermissionsOfGroup(group, publicProject.getUuid())) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void applyDefault_inserts_permissions_to_group_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm)); | |||
@@ -175,14 +175,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, publicProject)) | |||
assertThat(selectProjectPermissionsOfGroup(group, publicProject.getUuid())) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void apply_inserts_permissions_to_user_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
UserDto user = dbTester.users().insertUser(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
@@ -190,14 +190,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject.getUuid())) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void applyDefault_inserts_permissions_to_user_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
UserDto user = dbTester.users().insertUser(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
@@ -206,14 +206,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject.getUuid())) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void apply_inserts_any_permissions_to_user_when_applying_template_on_private_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
UserDto user = dbTester.users().insertUser(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
@@ -221,14 +221,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject.getUuid())) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void applyDefault_inserts_any_permissions_to_user_when_applying_template_on_private_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
UserDto user = dbTester.users().insertUser(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
@@ -237,14 +237,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, privateProject, null); | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject.getUuid())) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void applyDefault_inserts_permissions_to_ProjectCreator_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
UserDto user = dbTester.users().insertUser(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, perm)); | |||
@@ -253,14 +253,14 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, publicProject, user.getUuid()); | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject.getUuid())) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void applyDefault_inserts_any_permissions_to_ProjectCreator_when_applying_template_on_private_project() { | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
UserDto user = dbTester.users().insertUser(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, perm)); | |||
@@ -269,13 +269,13 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, privateProject, user.getUuid()); | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject.getUuid())) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void apply_template_on_view() { | |||
ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); | |||
PortfolioDto portfolio = dbTester.components().insertPrivatePortfolioDto(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
@@ -284,13 +284,13 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, portfolio, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, portfolio)) | |||
assertThat(selectProjectPermissionsOfGroup(group, portfolio.getUuid())) | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
public void apply_default_template_on_application() { | |||
ComponentDto view = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
@@ -298,15 +298,15 @@ public class PermissionTemplateServiceIT { | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, null); | |||
underTest.applyDefaultToNewComponent(session, view, null); | |||
underTest.applyDefaultToNewComponent(session, application, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, view)) | |||
assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())) | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
public void apply_default_template_on_portfolio() { | |||
ComponentDto view = dbTester.components().insertPublicPortfolio(); | |||
PortfolioDto portfolio = dbTester.components().insertPublicPortfolioDto(); | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
@@ -314,28 +314,28 @@ public class PermissionTemplateServiceIT { | |||
dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, portPermissionTemplate); | |||
underTest.applyDefaultToNewComponent(session, view, null); | |||
underTest.applyDefaultToNewComponent(session, portfolio, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, view)) | |||
assertThat(selectProjectPermissionsOfGroup(group, portfolio.getUuid())) | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
public void apply_project_default_template_on_view_when_no_view_default_template() { | |||
ComponentDto view = dbTester.components().insertPrivatePortfolio(); | |||
PortfolioDto portfolio = dbTester.components().insertPrivatePortfolioDto(); | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null); | |||
underTest.applyDefaultToNewComponent(session, view, null); | |||
underTest.applyDefaultToNewComponent(session, portfolio, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, view)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
assertThat(selectProjectPermissionsOfGroup(group, portfolio.getUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
public void apply_template_on_applications() { | |||
ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
@@ -344,13 +344,13 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, application, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, application)) | |||
assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())) | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
public void apply_default_view_template_on_application() { | |||
ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
@@ -361,13 +361,13 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, application, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, application)) | |||
assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())) | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
public void apply_project_default_template_on_application_when_no_application_default_template() { | |||
ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
@@ -375,13 +375,13 @@ public class PermissionTemplateServiceIT { | |||
underTest.applyDefaultToNewComponent(session, application, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, application)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
public void apply_permission_template() { | |||
UserDto user = dbTester.users().insertUser(); | |||
ComponentDto project = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = dbTester.components().insertPrivateProject().getProjectDto(); | |||
GroupDto adminGroup = dbTester.users().insertGroup(); | |||
GroupDto userGroup = dbTester.users().insertGroup(); | |||
dbTester.users().insertPermissionOnGroup(adminGroup, GlobalPermission.ADMINISTER.getKey()); | |||
@@ -396,26 +396,25 @@ public class PermissionTemplateServiceIT { | |||
dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, UserRole.CODEVIEWER); | |||
dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(userGroup, project)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfUser(user, project)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(adminGroup, project.getUuid())).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(userGroup, project.getUuid())).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(null, project.getUuid())).isEmpty(); | |||
assertThat(selectProjectPermissionsOfUser(user, project.getUuid())).isEmpty(); | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(project)); | |||
assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).containsOnly(GlobalPermission.ADMINISTER.getKey(), UserRole.ISSUE_ADMIN); | |||
assertThat(selectProjectPermissionsOfGroup(userGroup, project)).containsOnly(UserRole.USER, UserRole.CODEVIEWER); | |||
assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(selectProjectPermissionsOfGroup(adminGroup, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey(), UserRole.ISSUE_ADMIN); | |||
assertThat(selectProjectPermissionsOfGroup(userGroup, project.getUuid())).containsOnly(UserRole.USER, UserRole.CODEVIEWER); | |||
assertThat(selectProjectPermissionsOfGroup(null, project.getUuid())).isEmpty(); | |||
assertThat(selectProjectPermissionsOfUser(user, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
private List<String> selectProjectPermissionsOfGroup(@Nullable GroupDto groupDto, ComponentDto project) { | |||
return dbTester.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(session, groupDto != null ? groupDto.getUuid() : null, project.uuid()); | |||
private List<String> selectProjectPermissionsOfGroup(@Nullable GroupDto groupDto, String projectUuid) { | |||
return dbTester.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(session, groupDto != null ? groupDto.getUuid() : null, projectUuid); | |||
} | |||
private List<String> selectProjectPermissionsOfUser(UserDto userDto, ComponentDto project) { | |||
return dbTester.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(session, | |||
userDto.getUuid(), project.uuid()); | |||
private List<String> selectProjectPermissionsOfUser(UserDto userDto, String projectUuid) { | |||
return dbTester.getDbClient().userPermissionDao().selectEntityPermissionsOfUser(session, userDto.getUuid(), projectUuid); | |||
} | |||
@Test | |||
@@ -468,7 +467,7 @@ public class PermissionTemplateServiceIT { | |||
.map(x -> String.format("\"%s\"", x)) | |||
.collect(Collectors.joining(", ")); | |||
ComponentDto project = dbTester.components().insertPrivateProject(p -> p.setKey(key)).getMainBranchComponent(); | |||
ProjectDto project = dbTester.components().insertPrivateProject(p -> p.setKey(key)).getProjectDto(); | |||
assertThatThrownBy(() -> underTest.applyDefaultToNewComponent(session, project, null)) | |||
.isInstanceOf(TemplateMatchingKeyException.class) |
@@ -31,6 +31,7 @@ import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -52,15 +53,15 @@ public class UserPermissionChangerIT { | |||
private final UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory()); | |||
private UserDto user1; | |||
private UserDto user2; | |||
private ComponentDto privateProject; | |||
private ComponentDto publicProject; | |||
private EntityDto privateProject; | |||
private EntityDto publicProject; | |||
@Before | |||
public void setUp() { | |||
user1 = db.users().insertUser(); | |||
user2 = db.users().insertUser(); | |||
privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
publicProject = db.components().insertPublicProject().getProjectDto(); | |||
} | |||
@Test | |||
@@ -100,7 +101,7 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.USER); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).doesNotContain(UserRole.USER); | |||
} | |||
@Test | |||
@@ -109,7 +110,7 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.CODEVIEWER); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).doesNotContain(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
@@ -132,7 +133,7 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).containsOnly(permission); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).containsOnly(permission); | |||
} | |||
@Test | |||
@@ -174,7 +175,7 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).isEmpty(); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
@@ -185,7 +186,7 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(permission); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).contains(permission); | |||
}); | |||
} | |||
@@ -200,7 +201,7 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).doesNotContain(permission); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).doesNotContain(permission); | |||
}); | |||
} | |||
@@ -211,9 +212,9 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).isEmpty(); | |||
assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); | |||
assertThat(db.users().selectEntityPermissionOfUser(user2, privateProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
@@ -222,9 +223,9 @@ public class UserPermissionChangerIT { | |||
apply(change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).contains(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); | |||
assertThat(db.users().selectEntityPermissionOfUser(user2, privateProject.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
@@ -269,12 +270,12 @@ public class UserPermissionChangerIT { | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); | |||
assertThat(db.users().selectPermissionsOfUser(user2)).containsOnly(GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void remove_project_permission_from_user() { | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
EntityDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, privateProject); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.USER, privateProject); | |||
@@ -284,9 +285,9 @@ public class UserPermissionChangerIT { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.USER); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, project2)).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).containsOnly(UserRole.USER); | |||
assertThat(db.users().selectEntityPermissionOfUser(user2, privateProject.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, project2.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
@@ -302,7 +303,7 @@ public class UserPermissionChangerIT { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); | |||
assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).isEmpty(); | |||
} | |||
@Test |
@@ -27,8 +27,12 @@ import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ProjectData; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -37,14 +41,12 @@ import org.sonar.server.exceptions.ServerException; | |||
import org.sonar.server.permission.PermissionService; | |||
import org.sonar.server.permission.PermissionServiceImpl; | |||
import static java.lang.String.format; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.Assertions.fail; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubPortfolio; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -107,12 +109,12 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
@Test | |||
public void add_permission_to_project_referenced_by_its_id() { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto(A_PROJECT_UUID).setKey(A_PROJECT_KEY)); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, A_PROJECT_UUID) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
@@ -123,7 +125,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
@Test | |||
public void add_permission_to_project_referenced_by_its_key() { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
ComponentDto project = db.components().insertPrivateProject(A_PROJECT_UUID, c -> c.setKey(A_PROJECT_KEY)).getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject(A_PROJECT_UUID, c -> c.setKey(A_PROJECT_KEY)).getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -139,12 +141,12 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
@Test | |||
public void add_with_portfolio_uuid() { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
ComponentDto portfolio = db.components().insertPrivatePortfolio(); | |||
PortfolioDto portfolio = db.components().insertPrivatePortfolioDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, portfolio.uuid()) | |||
.setParam(PARAM_PROJECT_ID, portfolio.getUuid()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
@@ -157,13 +159,11 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, "not-found") | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
assertThatThrownBy(() -> newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, "not-found") | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute()) | |||
.isInstanceOf(NotFoundException.class); | |||
} | |||
@@ -195,15 +195,13 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
assertThatThrownBy(() -> newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute()) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test | |||
@@ -231,7 +229,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class); | |||
.isInstanceOf(NotFoundException.class); | |||
} | |||
@Test | |||
@@ -341,12 +339,12 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
@Test | |||
public void adding_project_permission_is_allowed_to_project_administrators() { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
@@ -355,7 +353,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
@Test | |||
public void fails_when_adding_any_permission_to_group_AnyOne_on_a_private_project() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
permissionService.getAllProjectPermissions() | |||
@@ -363,7 +361,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
try { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, permission) | |||
.execute(); | |||
fail("a BadRequestException should have been raised for " + permission); | |||
@@ -375,60 +373,60 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
@Test | |||
public void no_effect_when_adding_USER_permission_to_group_AnyOne_on_a_public_project() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void no_effect_when_adding_CODEVIEWER_permission_to_group_AnyOne_on_a_public_project() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void no_effect_when_adding_USER_permission_to_group_on_a_public_project() { | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void no_effect_when_adding_CODEVIEWER_permission_to_group_on_a_public_project() { | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
@@ -438,15 +436,13 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
}) | |||
assertThatThrownBy(() -> newRequest() | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute()) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
.hasMessage("Entity not found"); | |||
} | |||
private void executeRequest(GroupDto groupDto, String permission) { |
@@ -26,9 +26,11 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.PortfolioData; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -82,22 +84,22 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
@Test | |||
public void add_permission_to_project_referenced_by_its_id() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
public void add_permission_to_project_referenced_by_its_key() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -107,22 +109,22 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
public void add_permission_to_view() { | |||
ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); | |||
PortfolioDto portfolioDto = db.components().insertPrivatePortfolioDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, view.uuid()) | |||
.setParam(PARAM_PROJECT_ID, portfolioDto.getUuid()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, portfolioDto.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
@@ -173,8 +175,8 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test | |||
@@ -203,7 +205,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class); | |||
.isInstanceOf(NotFoundException.class); | |||
} | |||
@Test | |||
@@ -284,7 +286,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
assertThatThrownBy(request::execute) | |||
.isInstanceOf(ForbiddenException.class); | |||
} | |||
@@ -297,7 +299,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.setParam(PARAM_USER_LOGIN, "unknown") | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
assertThatThrownBy(request::execute) | |||
.isInstanceOf(ForbiddenException.class); | |||
} | |||
@@ -310,7 +312,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
assertThatThrownBy(request::execute) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
} | |||
@@ -319,7 +321,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
*/ | |||
@Test | |||
public void adding_project_permission_is_allowed_to_project_administrators() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
@@ -329,35 +331,35 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void no_effect_when_adding_USER_permission_on_a_public_project() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
public void no_effect_when_adding_CODEVIEWER_permission_on_a_public_project() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
} | |||
@Test | |||
@@ -371,8 +373,8 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
assertThatThrownBy(request::execute) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
.hasMessage("Entity not found"); | |||
} | |||
} |
@@ -50,7 +50,7 @@ import static org.sonar.db.permission.template.PermissionTemplateTesting.newPerm | |||
public abstract class BasePermissionWsIT<A extends PermissionsWsAction> { | |||
@Rule | |||
public DbTester db = DbTester.create(new AlwaysIncreasingSystem2()); | |||
public DbTester db = DbTester.create(new AlwaysIncreasingSystem2(), true); | |||
@Rule | |||
public EsTester es = EsTester.createCustom(new FooIndexDefinition()); |
@@ -29,9 +29,10 @@ import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -41,7 +42,6 @@ import org.sonar.server.management.ManagedInstanceService; | |||
import org.sonar.server.permission.PermissionService; | |||
import org.sonar.server.permission.PermissionServiceImpl; | |||
import static java.lang.String.format; | |||
import static java.util.function.Function.identity; | |||
import static java.util.stream.Collectors.toMap; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
@@ -54,7 +54,6 @@ import static org.sonar.api.server.ws.WebService.Param.PAGE; | |||
import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; | |||
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
@@ -185,11 +184,11 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
@Test | |||
public void search_groups_with_project_permissions() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
GroupDto group = db.users().insertGroup("project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
ComponentDto anotherProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto anotherProject = db.components().insertPrivateProject().getProjectDto(); | |||
GroupDto anotherGroup = db.users().insertGroup("another-project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(anotherGroup, ISSUE_ADMIN, anotherProject); | |||
@@ -198,7 +197,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.execute() | |||
.getInput(); | |||
@@ -209,7 +208,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
@Test | |||
public void return_also_groups_without_permission_when_search_query() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
GroupDto group = db.users().insertGroup("group-with-permission"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
@@ -219,7 +218,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(TEXT_QUERY, "group-with") | |||
.execute() | |||
.getInput(); | |||
@@ -231,7 +230,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
@Test | |||
public void return_only_groups_with_permission_when_no_search_query() { | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto("project-uuid")); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
GroupDto group = db.users().insertGroup("project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
@@ -240,23 +239,22 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.execute() | |||
.getInput(); | |||
assertThat(result).contains(group.getName()) | |||
.doesNotContain(groupWithoutPermission.getName()); | |||
assertThat(result).contains(group.getName()).doesNotContain(groupWithoutPermission.getName()); | |||
} | |||
@Test | |||
public void return_anyone_group_when_search_query_and_no_param_permission() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
GroupDto group = db.users().insertGroup("group-with-permission"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(TEXT_QUERY, "nyo") | |||
.execute() | |||
.getInput(); | |||
@@ -266,9 +264,9 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
@Test | |||
public void search_groups_on_views() { | |||
ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); | |||
PortfolioDto portfolio = db.components().insertPrivatePortfolioDto("view-uuid"); | |||
GroupDto group = db.users().insertGroup("project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, portfolio); | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
@@ -285,11 +283,11 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
@Test | |||
public void return_isManaged() { | |||
ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); | |||
PortfolioDto portfolio = db.components().insertPrivatePortfolioDto("view-uuid"); | |||
GroupDto managedGroup = db.users().insertGroup("managed-group"); | |||
GroupDto localGroup = db.users().insertGroup("local-group"); | |||
db.users().insertProjectPermissionOnGroup(managedGroup, ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(localGroup, ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(managedGroup, ISSUE_ADMIN, portfolio); | |||
db.users().insertProjectPermissionOnGroup(localGroup, ISSUE_ADMIN, portfolio); | |||
mockGroupsAsManaged(managedGroup.getUuid()); | |||
loginAsAdmin(); | |||
@@ -373,7 +371,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
.hasMessage("Entity not found"); | |||
} | |||
private void mockGroupsAsManaged(String... groupUuids) { |
@@ -30,8 +30,8 @@ import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.Uuids; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ProjectData; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.project.ProjectDto; | |||
@@ -44,7 +44,6 @@ import org.sonar.server.permission.PermissionService; | |||
import org.sonar.server.permission.PermissionServiceImpl; | |||
import org.sonar.server.ws.TestRequest; | |||
import static java.lang.String.format; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
@@ -102,7 +101,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
@Test | |||
public void wsAction_shouldRemoveProjectPermission() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
@@ -110,7 +109,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
.execute(); | |||
@@ -120,25 +119,25 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
@Test | |||
public void wsAction_whenUsingViewUuid_shouldRemovePermission() { | |||
ComponentDto view = db.components().insertPrivatePortfolio(); | |||
EntityDto portfolio = db.components().insertPrivatePortfolioDto(); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, portfolio); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, portfolio); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, view.uuid()) | |||
.setParam(PARAM_PROJECT_ID, portfolio.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, view)).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(aGroup, portfolio)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void wsAction_whenUsingProjectKey_shouldRemovePermission() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
@@ -177,7 +176,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
assertThatThrownBy(testRequest::execute) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Project id 'unknown-project-uuid' not found"); | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test | |||
@@ -215,15 +214,13 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
private void failIfComponentIsNotAProjectOrView(ComponentDto file) { | |||
loginAsAdmin(); | |||
TestRequest testRequest = newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
assertThatThrownBy(testRequest::execute) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test | |||
@@ -299,14 +296,14 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
@Test | |||
public void wsAction_whenRemovingProjectPermissionAsProjectAdminButNotSystemAdmin_shouldRemovePermission() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
@@ -315,32 +312,31 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
@Test | |||
public void wsAction_whenRemovingAnyPermissionFromGroupAnyoneOnPrivateProject_shouldHaveNoEffect() { | |||
//TODO use projectDto | |||
ProjectData project = db.components().insertPrivateProject(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(perm -> unsafeInsertProjectPermissionOnAnyone(perm, project.getProjectDto())); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
.forEach(perm -> unsafeInsertProjectPermissionOnAnyone(perm, project)); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(permission -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.projectUuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, permission) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project.getMainBranchComponent())).contains(permission); | |||
assertThat(db.users().selectAnyonePermissions(project.getUuid())).contains(permission); | |||
}); | |||
} | |||
@Test | |||
public void wsAction_whenRemovingBrowsePermissionFromGroupAnyoneOnPublicProject_shouldFail() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest testRequest = newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.USER); | |||
assertThatThrownBy(testRequest::execute) | |||
@@ -350,12 +346,12 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
@Test | |||
public void wsAction_whenRemovingCodeviewerPermissionFromGroupAnyoneOnPublicProject_shouldFail() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest testRequest = newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER); | |||
assertThatThrownBy(testRequest::execute) | |||
@@ -366,12 +362,12 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
@Test | |||
public void wsAction_whenRemovingBrowsePermissionFromGroupOnPublicProject_shouldFail() { | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest testRequest = newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.USER); | |||
assertThatThrownBy(testRequest::execute) | |||
@@ -382,12 +378,12 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
@Test | |||
public void wsAction_whenRemovingCodeviewerPermissionFromGroupOnPublicProject() { | |||
GroupDto group = db.users().insertGroup(); | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest testRequest = newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER); | |||
assertThatThrownBy(testRequest::execute) | |||
@@ -409,7 +405,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
assertThatThrownBy(testRequest::execute) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test |
@@ -27,6 +27,7 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -147,23 +148,23 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
@Test | |||
public void wsAction_whenProject_shouldRemovePermission() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void wsAction_whenUsingProjectKey_shouldRemovePermission() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
loginAsAdmin(); | |||
@@ -174,7 +175,7 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
@@ -190,7 +191,7 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(UserRole.ADMIN); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, view.uuid())).containsOnly(UserRole.ADMIN); | |||
} | |||
@Test | |||
@@ -251,8 +252,8 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
assertThatThrownBy(testRequest::execute) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test | |||
@@ -335,28 +336,28 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
*/ | |||
@Test | |||
public void wsAction_whenProjectPermissionAndProjectAdmin_shouldRemovePermission() { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); | |||
assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
public void wsAction_whenBrowsePermissionAndPublicProject_shouldFail() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest testRequest = newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.USER); | |||
assertThatThrownBy(testRequest::execute) | |||
@@ -367,12 +368,12 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
@Test | |||
public void wsAction_whenCodeviewerPermissionAndPublicProject_shouldFail() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest testRequest = newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER); | |||
assertThatThrownBy(testRequest::execute) | |||
@@ -393,7 +394,7 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
assertThatThrownBy(testRequest::execute) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
.hasMessage("Entity not found"); | |||
} | |||
} |
@@ -29,6 +29,7 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -61,11 +62,11 @@ import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_U | |||
public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
private PermissionService permissionService = new PermissionServiceImpl(resourceTypes); | |||
private WsParameters wsParameters = new WsParameters(permissionService); | |||
private RequestValidator requestValidator = new RequestValidator(permissionService); | |||
private ManagedInstanceService managedInstanceService = mock(ManagedInstanceService.class); | |||
private final ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
private final PermissionService permissionService = new PermissionServiceImpl(resourceTypes); | |||
private final WsParameters wsParameters = new WsParameters(permissionService); | |||
private final RequestValidator requestValidator = new RequestValidator(permissionService); | |||
private final ManagedInstanceService managedInstanceService = mock(ManagedInstanceService.class); | |||
@Override | |||
protected UsersAction buildWsAction() { | |||
@@ -102,12 +103,12 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
@Test | |||
public void search_for_users_with_permission_on_project() { | |||
// User has permission on project | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
UserDto user = db.users().insertUser(newUserDto()); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
// User has permission on another project | |||
ComponentDto anotherProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto anotherProject = db.components().insertPrivateProject().getProjectDto(); | |||
UserDto userHavePermissionOnAnotherProject = db.users().insertUser(newUserDto()); | |||
db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, UserRole.ISSUE_ADMIN, anotherProject); | |||
@@ -117,7 +118,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
userSession.logIn().addProjectPermission(GlobalPermission.ADMINISTER.getKey(), project); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.execute() | |||
.getInput(); | |||
@@ -129,7 +130,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
@Test | |||
public void search_also_for_users_without_permission_when_filtering_name() { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
@@ -139,7 +140,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.setParam(TEXT_QUERY, "with") | |||
.execute() | |||
.getInput(); | |||
@@ -150,7 +151,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
@Test | |||
public void search_also_for_users_without_permission_when_filtering_email() { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
@@ -159,7 +160,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user")); | |||
loginAsAdmin(); | |||
String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "email").execute().getInput(); | |||
String result = newRequest().setParam(PARAM_PROJECT_ID, project.getUuid()).setParam(TEXT_QUERY, "email").execute().getInput(); | |||
assertThat(result).contains(user.getLogin(), withoutPermission.getLogin()).doesNotContain(anotherUser.getLogin()); | |||
} | |||
@@ -167,7 +168,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
@Test | |||
public void search_also_for_users_without_permission_when_filtering_login() { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
@@ -176,7 +177,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user")); | |||
loginAsAdmin(); | |||
String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "login").execute().getInput(); | |||
String result = newRequest().setParam(PARAM_PROJECT_ID, project.getUuid()).setParam(TEXT_QUERY, "login").execute().getInput(); | |||
assertThat(result).contains(user.getLogin(), withoutPermission.getLogin()).doesNotContain(anotherUser.getLogin()); | |||
} | |||
@@ -309,13 +310,11 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
}) | |||
assertThatThrownBy(() -> newRequest() | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute()) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Project id or project key can be provided, not both."); | |||
} | |||
@@ -345,7 +344,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
.hasMessage("Entity not found"); | |||
} | |||
private void insertUsersHavingGlobalPermissions() { |
@@ -29,8 +29,10 @@ import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.es.TestProjectIndexers; | |||
@@ -63,13 +65,12 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
private UserDto user2; | |||
private GroupDto group1; | |||
private GroupDto group2; | |||
private ComponentDto project; | |||
private ProjectDto project; | |||
private PermissionTemplateDto template1; | |||
private PermissionTemplateDto template2; | |||
private ResourceTypesRule resourceTypesRule = new ResourceTypesRule().setRootQualifiers(PROJECT, VIEW, APP); | |||
private DefaultTemplatesResolver defaultTemplatesResolver = new DefaultTemplatesResolverImpl(dbTester.getDbClient(), resourceTypesRule); | |||
private PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(), | |||
private final ResourceTypesRule resourceTypesRule = new ResourceTypesRule().setRootQualifiers(PROJECT, VIEW, APP); | |||
private final DefaultTemplatesResolver defaultTemplatesResolver = new DefaultTemplatesResolverImpl(dbTester.getDbClient(), resourceTypesRule); | |||
private final PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(), | |||
new TestProjectIndexers(), userSession, defaultTemplatesResolver, new SequenceUuidFactory()); | |||
@Override | |||
@@ -91,13 +92,13 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
addGroupToTemplate(group1, template1, UserRole.ADMIN); | |||
addGroupToTemplate(group2, template1, UserRole.USER); | |||
// template 2 | |||
template2 = db.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto template2 = db.permissionTemplates().insertTemplate(); | |||
addUserToTemplate(user1, template2, UserRole.USER); | |||
addUserToTemplate(user2, template2, UserRole.USER); | |||
addGroupToTemplate(group1, template2, UserRole.USER); | |||
addGroupToTemplate(group2, template2, UserRole.USER); | |||
project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
project = db.components().insertPrivateProject().getProjectDto(); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project); | |||
@@ -108,7 +109,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
public void apply_template_with_project_uuid() { | |||
loginAsAdmin(); | |||
newRequest(template1.getUuid(), project.uuid(), null); | |||
newRequest(template1.getUuid(), project.getUuid(), null); | |||
assertTemplate1AppliedToProject(); | |||
} | |||
@@ -119,7 +120,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
newRequest() | |||
.setParam(PARAM_TEMPLATE_NAME, template1.getName().toUpperCase()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
.execute(); | |||
assertTemplate1AppliedToProject(); | |||
@@ -139,7 +140,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest("unknown-template-uuid", project.uuid(), null); | |||
newRequest("unknown-template-uuid", project.getUuid(), null); | |||
}) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Permission template with id 'unknown-template-uuid' is not found"); | |||
@@ -153,7 +154,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
newRequest(template1.getUuid(), "unknown-project-uuid", null); | |||
}) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Project id 'unknown-project-uuid' not found"); | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test | |||
@@ -164,16 +165,14 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
newRequest(template1.getUuid(), null, "unknown-project-key"); | |||
}) | |||
.isInstanceOf(NotFoundException.class) | |||
.hasMessage("Project key 'unknown-project-key' not found"); | |||
.hasMessage("Entity not found"); | |||
} | |||
@Test | |||
public void fail_when_template_is_not_provided() { | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest(null, project.uuid(), null); | |||
}) | |||
assertThatThrownBy(() -> newRequest(null, project.getUuid(), null)) | |||
.isInstanceOf(BadRequestException.class); | |||
} | |||
@@ -192,9 +191,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
public void fail_when_not_admin() { | |||
userSession.logIn().addPermission(SCAN); | |||
assertThatThrownBy(() -> { | |||
newRequest(template1.getUuid(), project.uuid(), null); | |||
}) | |||
assertThatThrownBy(() -> newRequest(template1.getUuid(), project.getUuid(), null)) | |||
.isInstanceOf(ForbiddenException.class); | |||
} | |||
@@ -232,13 +229,13 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
db.commit(); | |||
} | |||
private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
private List<String> selectProjectPermissionGroups(EntityDto entity, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(entity).build(); | |||
return db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(db.getSession(), query); | |||
} | |||
private List<String> selectProjectPermissionUsers(ComponentDto project, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
private List<String> selectProjectPermissionUsers(EntityDto entity, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(entity).build(); | |||
return db.getDbClient().userPermissionDao().selectUserUuidsByQuery(db.getSession(), query); | |||
} | |||
} |
@@ -30,9 +30,13 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ProjectData; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.es.ProjectIndexers; | |||
@@ -51,7 +55,6 @@ import static org.sonar.api.resources.Qualifiers.APP; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.resources.Qualifiers.VIEW; | |||
import static org.sonar.api.utils.DateUtils.parseDate; | |||
import static org.sonar.db.component.ComponentTesting.newPortfolio; | |||
import static org.sonar.db.component.SnapshotTesting.newAnalysis; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -103,10 +106,10 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
@Test | |||
public void bulk_apply_template_by_template_uuid() { | |||
// this project should not be applied the template | |||
db.components().insertPrivateProject().getMainBranchComponent(); | |||
db.components().insertPrivateProject().getProjectDto(); | |||
ComponentDto privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -144,8 +147,8 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
@Test | |||
public void bulk_apply_template_by_template_name() { | |||
ComponentDto privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -158,10 +161,10 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
@Test | |||
public void apply_template_by_qualifiers() { | |||
ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
ComponentDto privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto view = db.components().insertPrivatePortfolio(); | |||
ComponentDto application = db.components().insertPublicApplication().getMainBranchComponent(); | |||
ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
PortfolioDto portfolio = db.components().insertPrivatePortfolioDto(); | |||
ProjectDto application = db.components().insertPublicApplication().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -172,17 +175,17 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
assertTemplate1AppliedToPrivateProject(privateProject); | |||
assertTemplate1AppliedToPublicProject(publicProject); | |||
assertTemplate1AppliedToPublicProject(application); | |||
assertNoPermissionOnProject(view); | |||
assertNoPermissionOnEntity(portfolio); | |||
} | |||
@Test | |||
public void apply_template_by_query_on_name_and_key_public_project() { | |||
ComponentDto publicProjectFoundByKey = ComponentTesting.newPublicProjectDto().setKey("sonar"); | |||
db.components().insertProjectAndSnapshot(publicProjectFoundByKey); | |||
ProjectDto publicProjectDtoFoundByKey = db.components().insertProjectDataAndSnapshot(publicProjectFoundByKey).getProjectDto(); | |||
ComponentDto publicProjectFoundByName = ComponentTesting.newPublicProjectDto().setName("name-sonar-name"); | |||
db.components().insertProjectAndSnapshot(publicProjectFoundByName); | |||
ProjectDto publicProjectDtoFoundByName = db.components().insertProjectDataAndSnapshot(publicProjectFoundByName).getProjectDto(); | |||
ComponentDto projectUntouched = ComponentTesting.newPublicProjectDto().setKey("new-sona").setName("project-name"); | |||
db.components().insertProjectAndSnapshot(projectUntouched); | |||
ProjectDto projectDtoUntouched = db.components().insertProjectDataAndSnapshot(projectUntouched).getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -190,20 +193,20 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
.setParam(Param.TEXT_QUERY, "SONAR") | |||
.execute(); | |||
assertTemplate1AppliedToPublicProject(publicProjectFoundByKey); | |||
assertTemplate1AppliedToPublicProject(publicProjectFoundByName); | |||
assertNoPermissionOnProject(projectUntouched); | |||
assertTemplate1AppliedToPublicProject(publicProjectDtoFoundByKey); | |||
assertTemplate1AppliedToPublicProject(publicProjectDtoFoundByName); | |||
assertNoPermissionOnEntity(projectDtoUntouched); | |||
} | |||
@Test | |||
public void apply_template_by_query_on_name_and_key() { | |||
// partial match on key | |||
ComponentDto privateProjectFoundByKey = ComponentTesting.newPrivateProjectDto().setKey("sonarqube"); | |||
db.components().insertProjectAndSnapshot(privateProjectFoundByKey); | |||
ProjectDto privateProjectDtoFoundByKey = db.components().insertProjectDataAndSnapshot(privateProjectFoundByKey).getProjectDto(); | |||
ComponentDto privateProjectFoundByName = ComponentTesting.newPrivateProjectDto().setName("name-sonar-name"); | |||
db.components().insertProjectAndSnapshot(privateProjectFoundByName); | |||
ProjectDto privateProjectDtoFoundByName = db.components().insertProjectDataAndSnapshot(privateProjectFoundByName).getProjectDto(); | |||
ComponentDto projectUntouched = ComponentTesting.newPublicProjectDto().setKey("new-sona").setName("project-name"); | |||
db.components().insertProjectAndSnapshot(projectUntouched); | |||
ProjectDto projectDtoUntouched = db.components().insertProjectDataAndSnapshot(projectUntouched).getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -211,16 +214,16 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
.setParam(Param.TEXT_QUERY, "SONAR") | |||
.execute(); | |||
assertTemplate1AppliedToPrivateProject(privateProjectFoundByKey); | |||
assertTemplate1AppliedToPrivateProject(privateProjectFoundByName); | |||
assertNoPermissionOnProject(projectUntouched); | |||
assertTemplate1AppliedToPrivateProject(privateProjectDtoFoundByKey); | |||
assertTemplate1AppliedToPrivateProject(privateProjectDtoFoundByName); | |||
assertNoPermissionOnEntity(projectDtoUntouched); | |||
} | |||
@Test | |||
public void apply_template_by_project_keys() { | |||
ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto untouchedProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto untouchedProject = db.components().insertPrivateProject().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -230,15 +233,15 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
assertTemplate1AppliedToPrivateProject(project1); | |||
assertTemplate1AppliedToPrivateProject(project2); | |||
assertNoPermissionOnProject(untouchedProject); | |||
assertNoPermissionOnEntity(untouchedProject); | |||
} | |||
@Test | |||
public void apply_template_by_provisioned_only() { | |||
ComponentDto provisionedProject1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto provisionedProject2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto analyzedProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
db.components().insertSnapshot(newAnalysis(analyzedProject)); | |||
ProjectDto provisionedProject1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto provisionedProject2 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectData analyzedProject = db.components().insertPrivateProject(); | |||
db.components().insertSnapshot(newAnalysis(analyzedProject.getMainBranchDto().getUuid())); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -248,17 +251,17 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
assertTemplate1AppliedToPrivateProject(provisionedProject1); | |||
assertTemplate1AppliedToPrivateProject(provisionedProject2); | |||
assertNoPermissionOnProject(analyzedProject); | |||
assertNoPermissionOnEntity(analyzedProject.getProjectDto()); | |||
} | |||
@Test | |||
public void apply_template_by_analyzed_before() { | |||
ComponentDto oldProject1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto oldProject2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto recentProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
db.components().insertSnapshot(oldProject1, a -> a.setCreatedAt(parseDate("2015-02-03").getTime())); | |||
db.components().insertSnapshot(oldProject2, a -> a.setCreatedAt(parseDate("2016-12-11").getTime())); | |||
db.components().insertSnapshot(recentProject, a -> a.setCreatedAt(System.currentTimeMillis())); | |||
ProjectData oldProject1 = db.components().insertPrivateProject(); | |||
ProjectData oldProject2 = db.components().insertPrivateProject(); | |||
ProjectData recentProject = db.components().insertPrivateProject(); | |||
db.components().insertSnapshot(oldProject1.getMainBranchComponent(), a -> a.setCreatedAt(parseDate("2015-02-03").getTime())); | |||
db.components().insertSnapshot(oldProject2.getMainBranchComponent(), a -> a.setCreatedAt(parseDate("2016-12-11").getTime())); | |||
db.components().insertSnapshot(recentProject.getMainBranchComponent(), a -> a.setCreatedAt(System.currentTimeMillis())); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -266,16 +269,16 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
.setParam(PARAM_ANALYZED_BEFORE, "2017-09-07") | |||
.execute(); | |||
assertTemplate1AppliedToPrivateProject(oldProject1); | |||
assertTemplate1AppliedToPrivateProject(oldProject2); | |||
assertNoPermissionOnProject(recentProject); | |||
assertTemplate1AppliedToPrivateProject(oldProject1.getProjectDto()); | |||
assertTemplate1AppliedToPrivateProject(oldProject2.getProjectDto()); | |||
assertNoPermissionOnEntity(recentProject.getProjectDto()); | |||
} | |||
@Test | |||
public void apply_template_by_visibility() { | |||
ComponentDto privateProject1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto privateProject2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto privateProject1 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto privateProject2 = db.components().insertPrivateProject().getProjectDto(); | |||
ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
loginAsAdmin(); | |||
newRequest() | |||
@@ -285,7 +288,7 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
assertTemplate1AppliedToPrivateProject(privateProject1); | |||
assertTemplate1AppliedToPrivateProject(privateProject2); | |||
assertNoPermissionOnProject(publicProject); | |||
assertNoPermissionOnEntity(publicProject); | |||
} | |||
@Test | |||
@@ -306,7 +309,7 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
.hasMessage("Permission template with id 'unknown-template-uuid' is not found"); | |||
} | |||
private void assertTemplate1AppliedToPublicProject(ComponentDto project) { | |||
private void assertTemplate1AppliedToPublicProject(ProjectDto project) { | |||
assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName()); | |||
assertThat(selectProjectPermissionGroups(project, UserRole.USER)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty(); | |||
@@ -314,7 +317,7 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getUuid()); | |||
} | |||
private void assertTemplate1AppliedToPrivateProject(ComponentDto project) { | |||
private void assertTemplate1AppliedToPrivateProject(ProjectDto project) { | |||
assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName()); | |||
assertThat(selectProjectPermissionGroups(project, UserRole.USER)).containsExactly(group2.getName()); | |||
assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty(); | |||
@@ -322,15 +325,15 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getUuid()); | |||
} | |||
private void assertNoPermissionOnProject(ComponentDto project) { | |||
assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionGroups(project, UserRole.CODEVIEWER)).isEmpty(); | |||
assertThat(selectProjectPermissionGroups(project, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionGroups(project, UserRole.USER)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(project, UserRole.CODEVIEWER)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(project, UserRole.USER)).isEmpty(); | |||
private void assertNoPermissionOnEntity(EntityDto entity) { | |||
assertThat(selectProjectPermissionGroups(entity, UserRole.ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionGroups(entity, UserRole.CODEVIEWER)).isEmpty(); | |||
assertThat(selectProjectPermissionGroups(entity, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionGroups(entity, UserRole.USER)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(entity, UserRole.ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(entity, UserRole.CODEVIEWER)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(entity, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
assertThat(selectProjectPermissionUsers(entity, UserRole.USER)).isEmpty(); | |||
} | |||
private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) { | |||
@@ -345,13 +348,13 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
db.commit(); | |||
} | |||
private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
private List<String> selectProjectPermissionGroups(EntityDto project, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(project).build(); | |||
return db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(db.getSession(), query); | |||
} | |||
private List<String> selectProjectPermissionUsers(ComponentDto project, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
private List<String> selectProjectPermissionUsers(EntityDto project, String permission) { | |||
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(project).build(); | |||
return db.getDbClient().userPermissionDao().selectUserUuidsByQuery(db.getSession(), query); | |||
} | |||
} |
@@ -207,7 +207,7 @@ public class CreateActionIT { | |||
@Test | |||
public void add_project_to_user_favorites_if_project_creator_is_defined_in_permission_template() { | |||
UserDto user = db.users().insertUser(); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
userSession.logIn(user).addPermission(PROVISION_PROJECTS); | |||
ws.newRequest() | |||
@@ -222,9 +222,8 @@ public class CreateActionIT { | |||
@Test | |||
public void do_not_add_project_to_user_favorites_if_project_creator_is_defined_in_permission_template_and_already_100_favorites() { | |||
UserDto user = db.users().insertUser(); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
rangeClosed(1, 100).forEach(i -> db.favorites().add(db.components().insertPrivateProject().getProjectDto(), user.getUuid(), | |||
user.getLogin())); | |||
when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
rangeClosed(1, 100).forEach(i -> db.favorites().add(db.components().insertPrivateProject().getProjectDto(), user.getUuid(), user.getLogin())); | |||
userSession.logIn(user).addPermission(PROVISION_PROJECTS); | |||
ws.newRequest() |
@@ -40,12 +40,16 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.ce.CeQueueDto; | |||
import org.sonar.db.component.BranchDto; | |||
import org.sonar.db.component.BranchType; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.PortfolioData; | |||
import org.sonar.db.component.ProjectData; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.permission.UserPermissionDto; | |||
import org.sonar.db.portfolio.PortfolioDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -55,7 +59,6 @@ import org.sonar.server.es.ProjectIndexer; | |||
import org.sonar.server.es.TestProjectIndexers; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.exceptions.NotFoundException; | |||
import org.sonar.server.exceptions.UnauthorizedException; | |||
import org.sonar.server.permission.PermissionService; | |||
import org.sonar.server.permission.PermissionServiceImpl; | |||
@@ -84,9 +87,8 @@ public class UpdateVisibilityActionIT { | |||
private static final Set<String> GLOBAL_PERMISSIONS_NAME_SET = stream(GlobalPermission.values()).map(GlobalPermission::getKey) | |||
.collect(MoreCollectors.toSet(GlobalPermission.values().length)); | |||
//TODO, use different uuids | |||
@Rule | |||
public final DbTester dbTester = DbTester.create(System2.INSTANCE); | |||
public final DbTester dbTester = DbTester.create(System2.INSTANCE, true); | |||
@Rule | |||
public final EsTester es = EsTester.createCustom(new FooIndexDefinition()); | |||
@Rule | |||
@@ -190,18 +192,19 @@ public class UpdateVisibilityActionIT { | |||
@Test | |||
public void execute_fails_with_BadRequestException_if_specified_component_is_neither_a_project_a_portfolio_nor_an_application() { | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
ComponentDto dir = ComponentTesting.newDirectory(project, "path"); | |||
ComponentDto file = ComponentTesting.newFileDto(project); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
ComponentDto dir = ComponentTesting.newDirectory(project.getMainBranchComponent(), "path"); | |||
ComponentDto file = ComponentTesting.newFileDto(project.getMainBranchComponent()); | |||
dbTester.components().insertComponents(dir, file); | |||
ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); | |||
ComponentDto subView = ComponentTesting.newSubPortfolio(portfolio); | |||
ComponentDto projectCopy = newProjectCopy("foo", project, subView); | |||
ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
PortfolioData portfolio = dbTester.components().insertPrivatePortfolioData(); | |||
ComponentDto subView = ComponentTesting.newSubPortfolio(portfolio.getRootComponent()); | |||
ComponentDto projectCopy = newProjectCopy("foo", project.getMainBranchComponent(), subView); | |||
dbTester.components().insertComponents(subView, projectCopy); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project, portfolio, application); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto(), application); | |||
userSessionRule.addPortfolioPermission(UserRole.ADMIN, portfolio.getPortfolioDto()); | |||
Stream.of(project, portfolio, application).forEach(c -> request | |||
Stream.of(project.getProjectDto(), portfolio.getPortfolioDto(), application).forEach(c -> request | |||
.setParam(PARAM_PROJECT, c.getKey()) | |||
.setParam(PARAM_VISIBILITY, randomVisibility) | |||
.execute()); | |||
@@ -261,24 +264,24 @@ public class UpdateVisibilityActionIT { | |||
@Test | |||
public void execute_throws_ForbiddenException_if_user_has_global_ADMIN_permission_even_if_sonar_allowPermissionManagementForProjectAdmins_is_set_to_false() { | |||
when(configuration.getBoolean(CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_PROPERTY)).thenReturn(of(false)); | |||
ComponentDto project = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = dbTester.components().insertPublicProject().getProjectDto(); | |||
userSessionRule.setSystemAdministrator().addProjectPermission(UserRole.ADMIN, project); | |||
request.setParam(PARAM_PROJECT, project.getKey()) | |||
.setParam(PARAM_VISIBILITY, "private"); | |||
request.execute(); | |||
assertThat(isPrivateInDb(project)).isTrue(); | |||
assertThat(dbClient.projectDao().selectProjectByKey(dbSession, project.getKey()).get().isPrivate()).isTrue(); | |||
} | |||
@Test | |||
public void execute_throws_BadRequestException_if_specified_component_has_pending_tasks() { | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
IntStream.range(0, 1 + Math.abs(random.nextInt(5))) | |||
.forEach(i -> insertPendingTask(project)); | |||
request.setParam(PARAM_PROJECT, project.getKey()) | |||
.forEach(i -> insertPendingTask(project.getMainBranchComponent().uuid())); | |||
request.setParam(PARAM_PROJECT, project.projectKey()) | |||
.setParam(PARAM_VISIBILITY, randomVisibility); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
assertThatThrownBy(request::execute) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -287,12 +290,12 @@ public class UpdateVisibilityActionIT { | |||
@Test | |||
public void execute_throws_BadRequestException_if_main_component_of_specified_component_has_in_progress_tasks() { | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
IntStream.range(0, 1 + Math.abs(random.nextInt(5))) | |||
.forEach(i -> insertInProgressTask(project)); | |||
request.setParam(PARAM_PROJECT, project.getKey()) | |||
.forEach(i -> insertInProgressTask(project.getMainBranchComponent().uuid())); | |||
request.setParam(PARAM_PROJECT, project.projectKey()) | |||
.setParam(PARAM_VISIBILITY, randomVisibility); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
assertThatThrownBy(request::execute) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -301,24 +304,24 @@ public class UpdateVisibilityActionIT { | |||
@Test | |||
public void execute_changes_private_flag_of_specified_project_and_all_children_to_specified_new_visibility() { | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.isPrivate(); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
BranchDto branchDto = ComponentTesting.newBranchDto(project); | |||
BranchDto branchDto = ComponentTesting.newBranchDto(project.projectUuid(), BranchType.BRANCH); | |||
dbClient.branchDao().insert(dbSession, branchDto); | |||
ComponentDto branch = ComponentTesting.newBranchComponent(project, branchDto); | |||
ComponentDto dir = ComponentTesting.newDirectory(project, "path"); | |||
ComponentDto file = ComponentTesting.newFileDto(project); | |||
ComponentDto branch = ComponentTesting.newBranchComponent(project.getProjectDto(), branchDto); | |||
ComponentDto dir = ComponentTesting.newDirectory(project.getMainBranchComponent(), "path"); | |||
ComponentDto file = ComponentTesting.newFileDto(project.getMainBranchComponent()); | |||
dbTester.components().insertComponents(branch, dir, file); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
request.setParam(PARAM_PROJECT, project.getKey()) | |||
request.setParam(PARAM_PROJECT, project.projectKey()) | |||
.setParam(PARAM_VISIBILITY, initiallyPrivate ? PUBLIC : PRIVATE) | |||
.execute(); | |||
assertThat(isPrivateInDb(project)).isEqualTo(!initiallyPrivate); | |||
assertThat(dbClient.projectDao().selectProjectByKey(dbSession, project.projectKey()).get().isPrivate()).isEqualTo(!initiallyPrivate); | |||
assertThat(isPrivateInDb(branch)).isEqualTo(!initiallyPrivate); | |||
assertThat(isPrivateInDb(dir)).isEqualTo(!initiallyPrivate); | |||
assertThat(isPrivateInDb(file)).isEqualTo(!initiallyPrivate); | |||
@@ -326,27 +329,27 @@ public class UpdateVisibilityActionIT { | |||
@Test | |||
public void execute_has_no_effect_if_specified_project_already_has_specified_visibility() { | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.isPrivate(); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
BranchDto branchDto = ComponentTesting.newBranchDto(project); | |||
BranchDto branchDto = ComponentTesting.newBranchDto(project.getMainBranchComponent()); | |||
dbClient.branchDao().insert(dbSession, branchDto); | |||
ComponentDto branch = ComponentTesting.newBranchComponent(project, branchDto) | |||
ComponentDto branch = ComponentTesting.newBranchComponent(project.getProjectDto(), branchDto) | |||
.setPrivate(initiallyPrivate); | |||
ComponentDto dir = ComponentTesting.newDirectory(project, "path") | |||
ComponentDto dir = ComponentTesting.newDirectory(project.getMainBranchComponent(), "path") | |||
// child is inconsistent with root (should not occur) and won't be fixed | |||
.setPrivate(!initiallyPrivate); | |||
ComponentDto file = ComponentTesting.newFileDto(project) | |||
ComponentDto file = ComponentTesting.newFileDto(project.getMainBranchComponent()) | |||
.setPrivate(initiallyPrivate); | |||
dbTester.components().insertComponents(branch, dir, file); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
request.setParam(PARAM_PROJECT, project.getKey()) | |||
request.setParam(PARAM_PROJECT, project.projectKey()) | |||
.setParam(PARAM_VISIBILITY, initiallyPrivate ? PRIVATE : PUBLIC) | |||
.execute(); | |||
assertThat(isPrivateInDb(project)).isEqualTo(initiallyPrivate); | |||
assertThat(isPrivateInDb(project.getMainBranchComponent())).isEqualTo(initiallyPrivate); | |||
assertThat(isPrivateInDb(branch)).isEqualTo(initiallyPrivate); | |||
assertThat(isPrivateInDb(dir)).isEqualTo(!initiallyPrivate); | |||
assertThat(isPrivateInDb(file)).isEqualTo(initiallyPrivate); | |||
@@ -414,33 +417,33 @@ public class UpdateVisibilityActionIT { | |||
@Test | |||
public void execute_updates_permission_of_specified_project_in_indexes_when_changing_visibility() { | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.isPrivate(); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
request.setParam(PARAM_PROJECT, project.getKey()) | |||
request.setParam(PARAM_PROJECT, project.projectKey()) | |||
.setParam(PARAM_VISIBILITY, initiallyPrivate ? PUBLIC : PRIVATE) | |||
.execute(); | |||
assertThat(projectIndexers.hasBeenCalled(project.uuid(), ProjectIndexer.Cause.PERMISSION_CHANGE)).isTrue(); | |||
assertThat(projectIndexers.hasBeenCalled(project.projectUuid(), ProjectIndexer.Cause.PERMISSION_CHANGE)).isTrue(); | |||
} | |||
@Test | |||
public void execute_does_not_update_permission_of_specified_project_in_indexes_if_already_has_specified_visibility() { | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.isPrivate(); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
ProjectData project = randomPublicOrPrivateProject(); | |||
boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
request.setParam(PARAM_PROJECT, project.getKey()) | |||
request.setParam(PARAM_PROJECT, project.projectKey()) | |||
.setParam(PARAM_VISIBILITY, initiallyPrivate ? PRIVATE : PUBLIC) | |||
.execute(); | |||
assertThat(projectIndexers.hasBeenCalled(project.uuid())).isFalse(); | |||
assertThat(projectIndexers.hasBeenCalled(project.projectUuid())).isFalse(); | |||
} | |||
@Test | |||
public void execute_grants_USER_and_CODEVIEWER_permissions_to_any_user_with_at_least_one_permission_when_making_project_private() { | |||
ComponentDto project = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = dbTester.components().insertPublicProject().getProjectDto(); | |||
UserDto user1 = dbTester.users().insertUser(); | |||
UserDto user2 = dbTester.users().insertUser(); | |||
UserDto user3 = dbTester.users().insertUser(); | |||
@@ -453,17 +456,17 @@ public class UpdateVisibilityActionIT { | |||
.setParam(PARAM_VISIBILITY, PRIVATE) | |||
.execute(); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project.uuid())) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p1", "p2"); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project.uuid())) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p2"); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user3.getUuid(), project.uuid())) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user3.getUuid(), project.getUuid())) | |||
.isEmpty(); | |||
} | |||
@Test | |||
public void execute_grants_USER_and_CODEVIEWER_permissions_to_any_group_with_at_least_one_permission_when_making_project_private() { | |||
ComponentDto project = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = dbTester.components().insertPublicProject().getProjectDto(); | |||
GroupDto group1 = dbTester.users().insertGroup(); | |||
GroupDto group2 = dbTester.users().insertGroup(); | |||
GroupDto group3 = dbTester.users().insertGroup(); | |||
@@ -476,38 +479,38 @@ public class UpdateVisibilityActionIT { | |||
.setParam(PARAM_VISIBILITY, PRIVATE) | |||
.execute(); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p1", "p2"); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p2"); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group3.getUuid(), project.uuid())) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group3.getUuid(), project.getUuid())) | |||
.isEmpty(); | |||
} | |||
@Test | |||
public void update_a_portfolio_to_private() { | |||
ComponentDto portfolio = dbTester.components().insertPublicPortfolio(); | |||
PortfolioDto portfolio = dbTester.components().insertPublicPortfolioDto(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, portfolio); | |||
UserDto user = dbTester.users().insertUser(); | |||
dbTester.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, portfolio); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, portfolio); | |||
userSessionRule.addPortfolioPermission(UserRole.ADMIN, portfolio); | |||
request.setParam(PARAM_PROJECT, portfolio.getKey()) | |||
.setParam(PARAM_VISIBILITY, PRIVATE) | |||
.execute(); | |||
assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.uuid()).get().isPrivate()).isTrue(); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), portfolio.uuid())) | |||
assertThat(dbClient.portfolioDao().selectByUuid(dbSession, portfolio.getUuid()).get().isPrivate()).isTrue(); | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), portfolio.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), portfolio.uuid())) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), portfolio.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ADMIN); | |||
} | |||
@Test | |||
public void update_a_portfolio_to_public() { | |||
ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, portfolio); | |||
PortfolioDto portfolio = dbTester.components().insertPrivatePortfolioDto(); | |||
userSessionRule.addPortfolioPermission(UserRole.ADMIN, portfolio); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, portfolio); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.USER, portfolio); | |||
@@ -521,16 +524,16 @@ public class UpdateVisibilityActionIT { | |||
.setParam(PARAM_VISIBILITY, PUBLIC) | |||
.execute(); | |||
assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.uuid()).get().isPrivate()).isFalse(); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), portfolio.uuid())) | |||
assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.getUuid()).get().isPrivate()).isFalse(); | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), portfolio.getUuid())) | |||
.containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), portfolio.uuid())) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), portfolio.getUuid())) | |||
.containsOnly(UserRole.ADMIN); | |||
} | |||
@Test | |||
public void update_an_application_to_private() { | |||
ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, application); | |||
UserDto user = dbTester.users().insertUser(); | |||
@@ -541,34 +544,34 @@ public class UpdateVisibilityActionIT { | |||
.setParam(PARAM_VISIBILITY, PRIVATE) | |||
.execute(); | |||
assertThat(dbClient.componentDao().selectByUuid(dbSession, application.uuid()).get().isPrivate()).isTrue(); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), application.uuid())) | |||
assertThat(dbClient.projectDao().selectByUuid(dbSession, application.getUuid()).get().isPrivate()).isTrue(); | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), application.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), application.uuid())) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), application.getUuid())) | |||
.containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ADMIN); | |||
} | |||
@Test | |||
public void update_an_application_to_public() { | |||
ComponentDto portfolio = dbTester.components().insertPrivateApplication().getMainBranchComponent(); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, portfolio); | |||
ProjectDto application = dbTester.components().insertPrivateApplication().getProjectDto(); | |||
userSessionRule.addProjectPermission(UserRole.ADMIN, application); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, portfolio); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.USER, portfolio); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, portfolio); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, application); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.USER, application); | |||
dbTester.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, application); | |||
UserDto user = dbTester.users().insertUser(); | |||
dbTester.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, portfolio); | |||
dbTester.users().insertProjectPermissionOnUser(user, UserRole.USER, portfolio); | |||
dbTester.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, portfolio); | |||
dbTester.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, application); | |||
dbTester.users().insertProjectPermissionOnUser(user, UserRole.USER, application); | |||
dbTester.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, application); | |||
request.setParam(PARAM_PROJECT, portfolio.getKey()) | |||
request.setParam(PARAM_PROJECT, application.getKey()) | |||
.setParam(PARAM_VISIBILITY, PUBLIC) | |||
.execute(); | |||
assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.uuid()).get().isPrivate()).isFalse(); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), portfolio.uuid())) | |||
assertThat(dbClient.projectDao().selectApplicationByKey(dbSession, application.getKey()).get().isPrivate()).isFalse(); | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), application.getUuid())) | |||
.containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), portfolio.uuid())) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), application.getUuid())) | |||
.containsOnly(UserRole.ADMIN); | |||
} | |||
@@ -623,11 +626,11 @@ public class UpdateVisibilityActionIT { | |||
.containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())) | |||
.containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, null, projectUuid)) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, null, projectUuid)) | |||
.isEmpty(); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
.containsAll(permissionService.getAllProjectPermissions()); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
.containsAll(permissionService.getAllProjectPermissions()); | |||
} | |||
@@ -638,15 +641,15 @@ public class UpdateVisibilityActionIT { | |||
.containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())) | |||
.containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, null, projectUuid)) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, null, projectUuid)) | |||
.doesNotContain(UserRole.USER) | |||
.doesNotContain(UserRole.CODEVIEWER) | |||
.containsAll(PROJECT_PERMISSIONS_BUT_USER_AND_CODEVIEWER); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
.doesNotContain(UserRole.USER) | |||
.doesNotContain(UserRole.CODEVIEWER) | |||
.containsAll(PROJECT_PERMISSIONS_BUT_USER_AND_CODEVIEWER); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
.doesNotContain(UserRole.USER) | |||
.doesNotContain(UserRole.CODEVIEWER) | |||
.containsAll(PROJECT_PERMISSIONS_BUT_USER_AND_CODEVIEWER); | |||
@@ -659,39 +662,39 @@ public class UpdateVisibilityActionIT { | |||
.containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())) | |||
.containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, null, projectUuid)) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, null, projectUuid)) | |||
.containsAll(permissionService.getAllProjectPermissions()); | |||
assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
.containsAll(permissionService.getAllProjectPermissions()); | |||
assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
.containsAll(permissionService.getAllProjectPermissions()); | |||
} | |||
private void insertPendingTask(ComponentDto project) { | |||
insertCeQueueDto(project, CeQueueDto.Status.PENDING); | |||
private void insertPendingTask(String projectUuid) { | |||
insertCeQueueDto(projectUuid, CeQueueDto.Status.PENDING); | |||
} | |||
private void insertInProgressTask(ComponentDto project) { | |||
insertCeQueueDto(project, CeQueueDto.Status.IN_PROGRESS); | |||
private void insertInProgressTask(String projectUuid) { | |||
insertCeQueueDto(projectUuid, CeQueueDto.Status.IN_PROGRESS); | |||
} | |||
private int counter = 0; | |||
private void insertCeQueueDto(ComponentDto project, CeQueueDto.Status status) { | |||
private void insertCeQueueDto(String projectUuid, CeQueueDto.Status status) { | |||
dbClient.ceQueueDao().insert(dbTester.getSession(), new CeQueueDto() | |||
.setUuid("pending" + counter++) | |||
.setComponentUuid(project.uuid()) | |||
.setMainComponentUuid(project.uuid()) | |||
.setComponentUuid(projectUuid) | |||
.setMainComponentUuid(projectUuid) | |||
.setTaskType("foo") | |||
.setStatus(status)); | |||
dbTester.commit(); | |||
} | |||
private boolean isPrivateInDb(ComponentDto project) { | |||
return dbClient.componentDao().selectByUuid(dbTester.getSession(), project.uuid()).get().isPrivate(); | |||
private boolean isPrivateInDb(ComponentDto component) { | |||
return dbClient.componentDao().selectByUuid(dbTester.getSession(), component.uuid()).get().isPrivate(); | |||
} | |||
private ComponentDto randomPublicOrPrivateProject() { | |||
return random.nextBoolean() ? dbTester.components().insertPublicProject().getMainBranchComponent() : dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
private ProjectData randomPublicOrPrivateProject() { | |||
return random.nextBoolean() ? dbTester.components().insertPublicProject() : dbTester.components().insertPrivateProject(); | |||
} | |||
} |
@@ -174,7 +174,7 @@ public class DeactivateActionIT { | |||
deactivate(user.getLogin()); | |||
assertThat(db.getDbClient().userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())).isEmpty(); | |||
assertThat(db.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).isEmpty(); | |||
assertThat(db.getDbClient().userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).isEmpty(); | |||
} | |||
@Test |
@@ -143,23 +143,22 @@ public class ComponentUpdater { | |||
if (isRootProject(componentDto)) { | |||
projectDto = toProjectDto(componentDto, now); | |||
dbClient.projectDao().insert(dbSession, projectDto); | |||
addToFavourites(dbSession, projectDto, userUuid, userLogin, componentDto); | |||
addToFavourites(dbSession, projectDto, userUuid, userLogin); | |||
mainBranch = createMainBranch(dbSession, componentDto.uuid(), projectDto.getUuid(), mainBranchName); | |||
} | |||
if (isRootView(componentDto)) { | |||
permissionTemplateService.applyDefaultToNewComponent(dbSession, projectDto, userUuid); | |||
} else if (isRootView(componentDto)) { | |||
PortfolioDto portfolioDto = toPortfolioDto(componentDto, now); | |||
dbClient.portfolioDao().insert(dbSession, portfolioDto); | |||
permissionTemplateService.applyDefaultToNewComponent(dbSession, portfolioDto, userUuid); | |||
} else { | |||
throw new IllegalArgumentException("Component " + componentDto + " is not a top level entity"); | |||
} | |||
// TODO SONAR-19445: probably we want to apply it to the projectDto or portfolioDto | |||
permissionTemplateService.applyDefaultToNewComponent(dbSession, componentDto, userUuid); | |||
return new ComponentCreationData(componentDto, mainBranch, projectDto); | |||
} | |||
// TODO SONAR-19445, when working on permissions, maybe we could remove the last argument from this method | |||
private void addToFavourites(DbSession dbSession, ProjectDto projectDto, @Nullable String userUuid, @Nullable String userLogin, ComponentDto componentDto) { | |||
if (permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(dbSession, componentDto)) { | |||
private void addToFavourites(DbSession dbSession, ProjectDto projectDto, @Nullable String userUuid, @Nullable String userLogin) { | |||
if (permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(dbSession, projectDto)) { | |||
favoriteUpdater.add(dbSession, projectDto, userUuid, userLogin, false); | |||
} | |||
} |
@@ -20,15 +20,15 @@ | |||
package org.sonar.server.permission; | |||
import javax.annotation.Nullable; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
public class GroupPermissionChange extends PermissionChange { | |||
private final GroupUuidOrAnyone group; | |||
public GroupPermissionChange(Operation operation, String permission, @Nullable ComponentDto project, | |||
public GroupPermissionChange(Operation operation, String permission, @Nullable EntityDto entityDto, | |||
GroupUuidOrAnyone group, PermissionService permissionService) { | |||
super(operation, permission, project, permissionService); | |||
super(operation, permission, entityDto, permissionService); | |||
this.group = group; | |||
} | |||
@@ -25,10 +25,9 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.UuidFactory; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import static com.google.common.base.Preconditions.checkNotNull; | |||
@@ -63,32 +62,32 @@ public class GroupPermissionChanger { | |||
} | |||
private static boolean isImplicitlyAlreadyDone(GroupPermissionChange change) { | |||
ComponentDto project = change.getProject(); | |||
EntityDto project = change.getEntity(); | |||
if (project != null) { | |||
return isImplicitlyAlreadyDone(project, change); | |||
} | |||
return false; | |||
} | |||
private static boolean isImplicitlyAlreadyDone(ComponentDto project, GroupPermissionChange change) { | |||
private static boolean isImplicitlyAlreadyDone(EntityDto project, GroupPermissionChange change) { | |||
return isAttemptToAddPublicPermissionToPublicComponent(change, project) | |||
|| isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(change, project); | |||
} | |||
private static boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, ComponentDto project) { | |||
private static boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, EntityDto project) { | |||
return !project.isPrivate() | |||
&& change.getOperation() == ADD | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
} | |||
private static boolean isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(GroupPermissionChange change, ComponentDto project) { | |||
private static boolean isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(GroupPermissionChange change, EntityDto project) { | |||
return project.isPrivate() | |||
&& change.getOperation() == REMOVE | |||
&& change.getGroupUuidOrAnyone().isAnyone(); | |||
} | |||
private static void ensureConsistencyWithVisibility(GroupPermissionChange change) { | |||
ComponentDto project = change.getProject(); | |||
EntityDto project = change.getEntity(); | |||
if (project != null) { | |||
checkRequest( | |||
!isAttemptToAddPermissionToAnyoneOnPrivateComponent(change, project), | |||
@@ -99,13 +98,13 @@ public class GroupPermissionChanger { | |||
} | |||
} | |||
private static boolean isAttemptToAddPermissionToAnyoneOnPrivateComponent(GroupPermissionChange change, ComponentDto project) { | |||
private static boolean isAttemptToAddPermissionToAnyoneOnPrivateComponent(GroupPermissionChange change, EntityDto project) { | |||
return project.isPrivate() | |||
&& change.getOperation() == ADD | |||
&& change.getGroupUuidOrAnyone().isAnyone(); | |||
} | |||
private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, ComponentDto project) { | |||
private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, EntityDto project) { | |||
return !project.isPrivate() | |||
&& change.getOperation() == REMOVE | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
@@ -131,15 +130,7 @@ public class GroupPermissionChanger { | |||
.map(GroupDto::getName) | |||
.ifPresent(addedDto::setGroupName); | |||
//TODO remove this code | |||
ProjectDto projectDto = new ProjectDto(); | |||
ComponentDto project = change.getProject(); | |||
if (project != null) { | |||
projectDto.setKey(project.getKey()); | |||
projectDto.setQualifier(project.qualifier()); | |||
} | |||
dbClient.groupPermissionDao().insert(dbSession, addedDto, projectDto, null); | |||
dbClient.groupPermissionDao().insert(dbSession, addedDto, change.getEntity(), null); | |||
return true; | |||
} | |||
@@ -163,15 +154,14 @@ public class GroupPermissionChanger { | |||
change.getPermission(), | |||
groupUuid, | |||
groupName, | |||
change.getProjectUuid(), | |||
change.getProject()); | |||
change.getEntity()); | |||
return true; | |||
} | |||
private List<String> loadExistingPermissions(DbSession dbSession, GroupPermissionChange change) { | |||
String projectUuid = change.getProjectUuid(); | |||
if (projectUuid != null) { | |||
return dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, | |||
return dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, | |||
change.getGroupUuidOrAnyone().getUuid(), | |||
projectUuid); | |||
} |
@@ -21,8 +21,8 @@ package org.sonar.server.permission; | |||
import javax.annotation.CheckForNull; | |||
import javax.annotation.Nullable; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.component.ComponentDto; | |||
import static java.util.Objects.requireNonNull; | |||
import static org.sonar.core.util.stream.MoreCollectors.toList; | |||
@@ -36,15 +36,15 @@ public abstract class PermissionChange { | |||
private final Operation operation; | |||
private final String permission; | |||
private final ComponentDto project; | |||
private final EntityDto entity; | |||
protected final PermissionService permissionService; | |||
protected PermissionChange(Operation operation, String permission, @Nullable ComponentDto project, PermissionService permissionService) { | |||
protected PermissionChange(Operation operation, String permission, @Nullable EntityDto entity, PermissionService permissionService) { | |||
this.operation = requireNonNull(operation); | |||
this.permission = requireNonNull(permission); | |||
this.project = project; | |||
this.entity = entity; | |||
this.permissionService = permissionService; | |||
if (project == null) { | |||
if (entity == null) { | |||
checkRequest(permissionService.getGlobalPermissions().stream().anyMatch(p -> p.getKey().equals(permission)), | |||
"Invalid global permission '%s'. Valid values are %s", permission, | |||
permissionService.getGlobalPermissions().stream().map(GlobalPermission::getKey).collect(toList())); | |||
@@ -63,17 +63,17 @@ public abstract class PermissionChange { | |||
} | |||
@CheckForNull | |||
public ComponentDto getProject() { | |||
return project; | |||
public EntityDto getEntity() { | |||
return entity; | |||
} | |||
@CheckForNull | |||
public String getProjectName() { | |||
return project == null ? null : project.name(); | |||
return entity == null ? null : entity.getName(); | |||
} | |||
@CheckForNull | |||
public String getProjectUuid() { | |||
return project == null ? null : project.uuid(); | |||
return entity == null ? null : entity.getUuid(); | |||
} | |||
} |
@@ -22,7 +22,7 @@ package org.sonar.server.permission; | |||
import javax.annotation.Nullable; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.user.UserSession; | |||
@@ -45,7 +45,7 @@ public class PermissionPrivilegeChecker { | |||
* Checks that user is administrator of the specified project | |||
* @throws org.sonar.server.exceptions.ForbiddenException if user is not administrator | |||
*/ | |||
public static void checkProjectAdmin(UserSession userSession, Configuration config, @Nullable ComponentDto componentDto) { | |||
public static void checkProjectAdmin(UserSession userSession, Configuration config, @Nullable EntityDto entity) { | |||
userSession.checkLoggedIn(); | |||
if (userSession.hasPermission(GlobalPermission.ADMINISTER)) { | |||
@@ -54,8 +54,8 @@ public class PermissionPrivilegeChecker { | |||
boolean allowChangingPermissionsByProjectAdmins = config.getBoolean(CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_PROPERTY) | |||
.orElse(CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_DEFAULT_VALUE); | |||
if (componentDto != null && allowChangingPermissionsByProjectAdmins) { | |||
userSession.checkComponentPermission(UserRole.ADMIN, componentDto); | |||
if (entity != null && allowChangingPermissionsByProjectAdmins) { | |||
userSession.checkEntityPermission(UserRole.ADMIN, entity); | |||
} else { | |||
throw insufficientPrivilegesException(); | |||
} |
@@ -35,7 +35,7 @@ import org.sonar.api.server.ServerSide; | |||
import org.sonar.core.util.UuidFactory; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.permission.UserPermissionDto; | |||
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto; | |||
@@ -81,8 +81,8 @@ public class PermissionTemplateService { | |||
return true; | |||
} | |||
ComponentDto dto = new ComponentDto().setKey(projectKey).setQualifier(Qualifiers.PROJECT); | |||
PermissionTemplateDto template = findTemplate(dbSession, dto); | |||
ProjectDto projectDto = new ProjectDto().setKey(projectKey).setQualifier(Qualifiers.PROJECT); | |||
PermissionTemplateDto template = findTemplate(dbSession, projectDto); | |||
if (template == null) { | |||
return false; | |||
} | |||
@@ -96,31 +96,31 @@ public class PermissionTemplateService { | |||
* is not verified. The projects must exist, so the "project creator" permissions defined in the | |||
* template are ignored. | |||
*/ | |||
public void applyAndCommit(DbSession dbSession, PermissionTemplateDto template, Collection<ComponentDto> projects) { | |||
if (projects.isEmpty()) { | |||
public void applyAndCommit(DbSession dbSession, PermissionTemplateDto template, Collection<EntityDto> entities) { | |||
if (entities.isEmpty()) { | |||
return; | |||
} | |||
for (ComponentDto project : projects) { | |||
dbClient.groupPermissionDao().deleteByRootComponentUuid(dbSession, project); | |||
dbClient.userPermissionDao().deleteProjectPermissions(dbSession, project); | |||
copyPermissions(dbSession, template, project, null); | |||
for (EntityDto entity : entities) { | |||
dbClient.groupPermissionDao().deleteByEntityUuid(dbSession, entity); | |||
dbClient.userPermissionDao().deleteEntityPermissions(dbSession, entity); | |||
copyPermissions(dbSession, template, entity, null); | |||
} | |||
projectIndexers.commitAndIndexComponents(dbSession, projects, ProjectIndexer.Cause.PERMISSION_CHANGE); | |||
projectIndexers.commitAndIndexEntities(dbSession, entities, ProjectIndexer.Cause.PERMISSION_CHANGE); | |||
} | |||
/** | |||
* Apply the default permission template to a new project (has no permissions yet). | |||
* @param projectCreatorUserId id of the user creating the project. | |||
*/ | |||
public void applyDefaultToNewComponent(DbSession dbSession, ComponentDto component, @Nullable String projectCreatorUserId) { | |||
PermissionTemplateDto template = findTemplate(dbSession, component); | |||
public void applyDefaultToNewComponent(DbSession dbSession, EntityDto entityDto, @Nullable String projectCreatorUserId) { | |||
PermissionTemplateDto template = findTemplate(dbSession, entityDto); | |||
checkArgument(template != null, "Cannot retrieve default permission template"); | |||
copyPermissions(dbSession, template, component, projectCreatorUserId); | |||
copyPermissions(dbSession, template, entityDto, projectCreatorUserId); | |||
} | |||
public boolean hasDefaultTemplateWithPermissionOnProjectCreator(DbSession dbSession, ComponentDto component) { | |||
PermissionTemplateDto template = findTemplate(dbSession, component); | |||
public boolean hasDefaultTemplateWithPermissionOnProjectCreator(DbSession dbSession, ProjectDto projectDto) { | |||
PermissionTemplateDto template = findTemplate(dbSession, projectDto); | |||
return hasProjectCreatorPermission(dbSession, template); | |||
} | |||
@@ -129,23 +129,23 @@ public class PermissionTemplateService { | |||
.anyMatch(PermissionTemplateCharacteristicDto::getWithProjectCreator); | |||
} | |||
private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, ComponentDto project, @Nullable String projectCreatorUserUuid) { | |||
private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, EntityDto entity, @Nullable String projectCreatorUserUuid) { | |||
List<PermissionTemplateUserDto> usersPermissions = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(dbSession, template.getUuid()); | |||
Set<String> permissionTemplateUserUuids = usersPermissions.stream().map(PermissionTemplateUserDto::getUserUuid).collect(Collectors.toSet()); | |||
Map<String, UserId> userIdByUuid = dbClient.userDao().selectByUuids(dbSession, permissionTemplateUserUuids).stream().collect(Collectors.toMap(UserDto::getUuid, u -> u)); | |||
usersPermissions | |||
.stream() | |||
.filter(up -> permissionValidForProject(project, up.getPermission())) | |||
.filter(up -> permissionValidForProject(entity.isPrivate(), up.getPermission())) | |||
.forEach(up -> { | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), up.getUserUuid(), project.uuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, project, userIdByUuid.get(up.getUserUuid()), template); | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), up.getUserUuid(), entity.getUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, entity, userIdByUuid.get(up.getUserUuid()), template); | |||
}); | |||
List<PermissionTemplateGroupDto> groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, template.getUuid()); | |||
groupsPermissions | |||
.stream() | |||
.filter(gp -> groupNameValidForProject(project, gp.getGroupName())) | |||
.filter(gp -> permissionValidForProject(project, gp.getPermission())) | |||
.filter(gp -> groupNameValidForProject(entity.isPrivate(), gp.getGroupName())) | |||
.filter(gp -> permissionValidForProject(entity.isPrivate(), gp.getPermission())) | |||
.forEach(gp -> { | |||
String groupUuid = isAnyone(gp.getGroupName()) ? null : gp.getGroupUuid(); | |||
String groupName = groupUuid == null ? null : dbClient.groupDao().selectByUuid(dbSession, groupUuid).getName(); | |||
@@ -154,14 +154,10 @@ public class PermissionTemplateService { | |||
.setGroupUuid(groupUuid) | |||
.setGroupName(groupName) | |||
.setRole(gp.getPermission()) | |||
.setComponentUuid(project.uuid()) | |||
.setComponentName(project.name()); | |||
//TODO remove this code | |||
ProjectDto projectDto = new ProjectDto(); | |||
projectDto.setKey(project.getKey()); | |||
projectDto.setQualifier(project.qualifier()); | |||
dbClient.groupPermissionDao().insert(dbSession, dto, projectDto, template); | |||
.setComponentUuid(entity.getUuid()) | |||
.setComponentName(entity.getName()); | |||
dbClient.groupPermissionDao().insert(dbSession, dto, entity, template); | |||
}); | |||
List<PermissionTemplateCharacteristicDto> characteristics = dbClient.permissionTemplateCharacteristicDao().selectByTemplateUuids(dbSession, singletonList(template.getUuid())); | |||
@@ -174,21 +170,21 @@ public class PermissionTemplateService { | |||
UserDto userDto = dbClient.userDao().selectByUuid(dbSession, projectCreatorUserUuid); | |||
characteristics.stream() | |||
.filter(PermissionTemplateCharacteristicDto::getWithProjectCreator) | |||
.filter(up -> permissionValidForProject(project, up.getPermission())) | |||
.filter(up -> permissionValidForProject(entity.isPrivate(), up.getPermission())) | |||
.filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission())) | |||
.forEach(c -> { | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), project.uuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, project, userDto, template); | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), entity.getUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, entity, userDto, template); | |||
}); | |||
} | |||
} | |||
private static boolean permissionValidForProject(ComponentDto project, String permission) { | |||
return project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission); | |||
private static boolean permissionValidForProject(boolean isPrivateEntity, String permission) { | |||
return isPrivateEntity || !PUBLIC_PERMISSIONS.contains(permission); | |||
} | |||
private static boolean groupNameValidForProject(ComponentDto project, String groupName) { | |||
return !project.isPrivate() || !isAnyone(groupName); | |||
private static boolean groupNameValidForProject(boolean isPrivateEntity, String groupName) { | |||
return !isPrivateEntity || !isAnyone(groupName); | |||
} | |||
/** | |||
@@ -196,21 +192,21 @@ public class PermissionTemplateService { | |||
* template for the component qualifier. | |||
*/ | |||
@CheckForNull | |||
private PermissionTemplateDto findTemplate(DbSession dbSession, ComponentDto component) { | |||
private PermissionTemplateDto findTemplate(DbSession dbSession, EntityDto entityDto) { | |||
List<PermissionTemplateDto> allPermissionTemplates = dbClient.permissionTemplateDao().selectAll(dbSession, null); | |||
List<PermissionTemplateDto> matchingTemplates = new ArrayList<>(); | |||
for (PermissionTemplateDto permissionTemplateDto : allPermissionTemplates) { | |||
String keyPattern = permissionTemplateDto.getKeyPattern(); | |||
if (StringUtils.isNotBlank(keyPattern) && component.getKey().matches(keyPattern)) { | |||
if (StringUtils.isNotBlank(keyPattern) && entityDto.getKey().matches(keyPattern)) { | |||
matchingTemplates.add(permissionTemplateDto); | |||
} | |||
} | |||
checkAtMostOneMatchForComponentKey(component.getKey(), matchingTemplates); | |||
checkAtMostOneMatchForComponentKey(entityDto.getKey(), matchingTemplates); | |||
if (matchingTemplates.size() == 1) { | |||
return matchingTemplates.get(0); | |||
} | |||
String qualifier = component.qualifier(); | |||
String qualifier = entityDto.getQualifier(); | |||
ResolvedDefaultTemplates resolvedDefaultTemplates = defaultTemplatesResolver.resolve(dbSession); | |||
switch (qualifier) { | |||
case Qualifiers.PROJECT: |
@@ -20,7 +20,7 @@ | |||
package org.sonar.server.permission; | |||
import javax.annotation.Nullable; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.user.UserId; | |||
import static java.util.Objects.requireNonNull; | |||
@@ -29,8 +29,9 @@ public class UserPermissionChange extends PermissionChange { | |||
private final UserId userId; | |||
public UserPermissionChange(Operation operation, String permission, @Nullable ComponentDto project, UserId userId, PermissionService permissionService) { | |||
super(operation, permission, project, permissionService); | |||
public UserPermissionChange(Operation operation, String permission, @Nullable EntityDto entity, UserId userId, | |||
PermissionService permissionService) { | |||
super(operation, permission, entity, permissionService); | |||
this.userId = requireNonNull(userId); | |||
} | |||
@@ -24,7 +24,7 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.UuidFactory; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.UserPermissionDto; | |||
@@ -61,33 +61,33 @@ public class UserPermissionChanger { | |||
} | |||
private static boolean isImplicitlyAlreadyDone(UserPermissionChange change) { | |||
ComponentDto project = change.getProject(); | |||
EntityDto project = change.getEntity(); | |||
if (project != null) { | |||
return isImplicitlyAlreadyDone(project, change); | |||
} | |||
return false; | |||
} | |||
private static boolean isImplicitlyAlreadyDone(ComponentDto project, UserPermissionChange change) { | |||
private static boolean isImplicitlyAlreadyDone(EntityDto project, UserPermissionChange change) { | |||
return isAttemptToAddPublicPermissionToPublicComponent(change, project); | |||
} | |||
private static boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, ComponentDto project) { | |||
private static boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, EntityDto project) { | |||
return !project.isPrivate() | |||
&& change.getOperation() == ADD | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
} | |||
private static void ensureConsistencyWithVisibility(UserPermissionChange change) { | |||
ComponentDto project = change.getProject(); | |||
EntityDto project = change.getEntity(); | |||
if (project != null) { | |||
checkRequest(!isAttemptToRemovePublicPermissionFromPublicComponent(change, project), | |||
"Permission %s can't be removed from a public component", change.getPermission()); | |||
} | |||
} | |||
private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, ComponentDto projectUuid) { | |||
return !projectUuid.isPrivate() | |||
private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, EntityDto entity) { | |||
return !entity.isPrivate() | |||
&& change.getOperation() == REMOVE | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
} | |||
@@ -98,7 +98,7 @@ public class UserPermissionChanger { | |||
} | |||
UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), change.getPermission(), change.getUserId().getUuid(), | |||
change.getProjectUuid()); | |||
dbClient.userPermissionDao().insert(dbSession, dto, change.getProject(), change.getUserId(), null); | |||
dbClient.userPermissionDao().insert(dbSession, dto, change.getEntity(), change.getUserId(), null); | |||
return true; | |||
} | |||
@@ -107,9 +107,9 @@ public class UserPermissionChanger { | |||
return false; | |||
} | |||
checkOtherAdminsExist(dbSession, change); | |||
ComponentDto project = change.getProject(); | |||
if (project != null) { | |||
dbClient.userPermissionDao().deleteProjectPermission(dbSession, change.getUserId(), change.getPermission(), project); | |||
EntityDto entity = change.getEntity(); | |||
if (entity != null) { | |||
dbClient.userPermissionDao().deleteEntityPermission(dbSession, change.getUserId(), change.getPermission(), entity); | |||
} else { | |||
dbClient.userPermissionDao().deleteGlobalPermission(dbSession, change.getUserId(), change.getPermission()); | |||
} | |||
@@ -119,7 +119,7 @@ public class UserPermissionChanger { | |||
private List<String> loadExistingPermissions(DbSession dbSession, UserPermissionChange change) { | |||
String projectUuid = change.getProjectUuid(); | |||
if (projectUuid != null) { | |||
return dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, change.getUserId().getUuid(), projectUuid); | |||
return dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, change.getUserId().getUuid(), projectUuid); | |||
} | |||
return dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, change.getUserId().getUuid()); | |||
} |
@@ -20,14 +20,13 @@ | |||
package org.sonar.server.permission.ws; | |||
import java.util.List; | |||
import java.util.Optional; | |||
import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.Response; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.server.permission.GroupPermissionChange; | |||
import org.sonar.server.permission.GroupUuidOrAnyone; | |||
import org.sonar.server.permission.PermissionChange; | |||
@@ -86,12 +85,12 @@ public class AddGroupAction implements PermissionsWsAction { | |||
public void handle(Request request, Response response) throws Exception { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
GroupUuidOrAnyone group = wsSupport.findGroup(dbSession, request); | |||
Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
wsSupport.checkPermissionManagementAccess(userSession, project.orElse(null)); | |||
EntityDto project = wsSupport.findEntity(dbSession, request); | |||
wsSupport.checkPermissionManagementAccess(userSession, project); | |||
PermissionChange change = new GroupPermissionChange( | |||
PermissionChange.Operation.ADD, | |||
request.mandatoryParam(PARAM_PERMISSION), | |||
project.orElse(null), | |||
project, | |||
group, permissionService); | |||
permissionUpdater.apply(dbSession, List.of(change)); | |||
} |
@@ -19,14 +19,13 @@ | |||
*/ | |||
package org.sonar.server.permission.ws; | |||
import java.util.Optional; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.Response; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.user.UserId; | |||
import org.sonar.server.permission.PermissionChange; | |||
import org.sonar.server.permission.PermissionService; | |||
@@ -87,14 +86,14 @@ public class AddUserAction implements PermissionsWsAction { | |||
public void handle(Request request, Response response) throws Exception { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
String userLogin = request.mandatoryParam(PARAM_USER_LOGIN); | |||
Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
checkProjectAdmin(userSession, configuration, project.orElse(null)); | |||
EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
checkProjectAdmin(userSession, configuration, entity); | |||
UserId user = wsSupport.findUser(dbSession, userLogin); | |||
PermissionChange change = new UserPermissionChange( | |||
PermissionChange.Operation.ADD, | |||
request.mandatoryParam(PARAM_PERMISSION), | |||
project.orElse(null), | |||
entity, | |||
user, permissionService); | |||
permissionUpdater.apply(dbSession, singletonList(change)); | |||
} |
@@ -25,7 +25,6 @@ import com.google.common.collect.TreeMultimap; | |||
import com.google.common.io.Resources; | |||
import java.util.List; | |||
import java.util.Map; | |||
import java.util.Optional; | |||
import java.util.Set; | |||
import javax.annotation.Nullable; | |||
import org.sonar.api.security.DefaultGroups; | |||
@@ -38,7 +37,7 @@ import org.sonar.api.utils.Paging; | |||
import org.sonar.core.util.stream.MoreCollectors; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -105,13 +104,13 @@ public class GroupsAction implements PermissionsWsAction { | |||
@Override | |||
public void handle(Request request, Response response) throws Exception { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
wsSupport.checkPermissionManagementAccess(userSession, project.orElse(null)); | |||
EntityDto project = wsSupport.findEntity(dbSession, request); | |||
wsSupport.checkPermissionManagementAccess(userSession, project); | |||
PermissionQuery query = buildPermissionQuery(request, project.orElse(null)); | |||
PermissionQuery query = buildPermissionQuery(request, project); | |||
List<GroupDto> groups = findGroups(dbSession, query); | |||
int total = dbClient.groupPermissionDao().countGroupsByQuery(dbSession, query); | |||
List<GroupPermissionDto> groupsWithPermission = findGroupPermissions(dbSession, groups, project.orElse(null)); | |||
List<GroupPermissionDto> groupsWithPermission = findGroupPermissions(dbSession, groups, project); | |||
Map<String, Boolean> groupUuidToIsManaged = managedInstanceService.getGroupUuidToManaged(dbSession, getUserUuids(groups)); | |||
Paging paging = Paging.forPageIndex(request.mandatoryParamAsInt(Param.PAGE)).withPageSize(query.getPageSize()).andTotal(total); | |||
WsGroupsResponse groupsResponse = buildResponse(groups, groupsWithPermission, groupUuidToIsManaged, paging); | |||
@@ -123,15 +122,15 @@ public class GroupsAction implements PermissionsWsAction { | |||
return groups.stream().map(GroupDto::getUuid).collect(toSet()); | |||
} | |||
private static PermissionQuery buildPermissionQuery(Request request, @Nullable ComponentDto project) { | |||
private static PermissionQuery buildPermissionQuery(Request request, @Nullable EntityDto entity) { | |||
String textQuery = request.param(Param.TEXT_QUERY); | |||
PermissionQuery.Builder permissionQuery = PermissionQuery.builder() | |||
.setPermission(request.param(PARAM_PERMISSION)) | |||
.setPageIndex(request.mandatoryParamAsInt(Param.PAGE)) | |||
.setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE)) | |||
.setSearchQuery(textQuery); | |||
if (project != null) { | |||
permissionQuery.setComponent(project.uuid()); | |||
if (entity != null) { | |||
permissionQuery.setEntityUuid(entity.getUuid()); | |||
} | |||
return permissionQuery.build(); | |||
} | |||
@@ -170,11 +169,11 @@ public class GroupsAction implements PermissionsWsAction { | |||
return Ordering.explicit(orderedNames).onResultOf(GroupDto::getName).immutableSortedCopy(groups); | |||
} | |||
private List<GroupPermissionDto> findGroupPermissions(DbSession dbSession, List<GroupDto> groups, @Nullable ComponentDto project) { | |||
private List<GroupPermissionDto> findGroupPermissions(DbSession dbSession, List<GroupDto> groups, @Nullable EntityDto entity) { | |||
if (groups.isEmpty()) { | |||
return emptyList(); | |||
} | |||
List<String> uuids = groups.stream().map(GroupDto::getUuid).collect(MoreCollectors.toList(groups.size())); | |||
return dbClient.groupPermissionDao().selectByGroupUuids(dbSession, uuids, project != null ? project.uuid() : null); | |||
return dbClient.groupPermissionDao().selectByGroupUuids(dbSession, uuids, entity != null ? entity.getUuid() : null); | |||
} | |||
} |
@@ -20,14 +20,17 @@ | |||
package org.sonar.server.permission.ws; | |||
import java.util.Optional; | |||
import javax.annotation.CheckForNull; | |||
import java.util.Set; | |||
import javax.annotation.Nullable; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -67,18 +70,24 @@ public class PermissionWsSupport { | |||
this.groupWsSupport = groupWsSupport; | |||
} | |||
public void checkPermissionManagementAccess(UserSession userSession, @Nullable ComponentDto project) { | |||
checkProjectAdmin(userSession, configuration, project); | |||
public void checkPermissionManagementAccess(UserSession userSession, @Nullable EntityDto entity) { | |||
checkProjectAdmin(userSession, configuration, entity); | |||
} | |||
public Optional<ComponentDto> findProject(DbSession dbSession, Request request) { | |||
@CheckForNull | |||
public EntityDto findEntity(DbSession dbSession, Request request) { | |||
String uuid = request.param(PermissionsWsParameters.PARAM_PROJECT_ID); | |||
String key = request.param(PermissionsWsParameters.PARAM_PROJECT_KEY); | |||
if (uuid != null || key != null) { | |||
ProjectWsRef ref = ProjectWsRef.newWsProjectRef(uuid, key); | |||
return Optional.of(componentFinder.getRootComponentByUuidOrKey(dbSession, ref.uuid(), ref.key())); | |||
ProjectWsRef.validateUuidAndKeyPair(uuid, key); | |||
Optional<EntityDto> entityDto = uuid != null ? dbClient.entityDao().selectByUuid(dbSession, uuid) : dbClient.entityDao().selectByKey(dbSession, key); | |||
if (entityDto.isPresent() && !Qualifiers.SUBVIEW.equals(entityDto.get().getQualifier())) { | |||
return entityDto.get(); | |||
} else { | |||
throw new NotFoundException("Entity not found"); | |||
} | |||
} | |||
return Optional.empty(); | |||
return null; | |||
} | |||
public ComponentDto getRootComponent(DbSession dbSession, ProjectWsRef projectRef) { |
@@ -37,17 +37,13 @@ public class ProjectWsRef { | |||
private final String key; | |||
private ProjectWsRef(@Nullable String uuid, @Nullable String key) { | |||
validateUuidAndKeyPair(uuid, key); | |||
this.uuid = uuid; | |||
this.key = key; | |||
checkRequest(this.uuid != null ^ this.key != null, MSG_ID_OR_KEY_MUST_BE_PROVIDED); | |||
} | |||
public static Optional<ProjectWsRef> newOptionalWsProjectRef(@Nullable String uuid, @Nullable String key) { | |||
if (uuid == null && key == null) { | |||
return Optional.empty(); | |||
} | |||
return Optional.of(new ProjectWsRef(uuid, key)); | |||
public static void validateUuidAndKeyPair(@Nullable String uuid, @Nullable String key) { | |||
checkRequest(uuid != null ^ key != null, MSG_ID_OR_KEY_MUST_BE_PROVIDED); | |||
} | |||
public static ProjectWsRef newWsProjectRef(@Nullable String uuid, @Nullable String key) { |
@@ -25,7 +25,7 @@ import org.sonar.api.server.ws.Response; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.server.permission.GroupPermissionChange; | |||
import org.sonar.server.permission.GroupUuidOrAnyone; | |||
import org.sonar.server.permission.PermissionChange; | |||
@@ -86,17 +86,17 @@ public class RemoveGroupAction implements PermissionsWsAction { | |||
public void handle(Request request, Response response) throws Exception { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
GroupUuidOrAnyone group = wsSupport.findGroup(dbSession, request); | |||
ComponentDto project = wsSupport.findProject(dbSession, request).orElse(null); | |||
EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
wsSupport.checkPermissionManagementAccess(userSession, project); | |||
wsSupport.checkPermissionManagementAccess(userSession, entity); | |||
String permission = request.mandatoryParam(PARAM_PERMISSION); | |||
wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(dbSession, userSession, project, permission, group); | |||
wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(dbSession, userSession, entity, permission, group); | |||
PermissionChange change = new GroupPermissionChange( | |||
PermissionChange.Operation.REMOVE, | |||
permission, | |||
project, | |||
entity, | |||
group, | |||
permissionService); | |||
permissionUpdater.apply(dbSession, singletonList(change)); |
@@ -24,7 +24,7 @@ import org.sonar.api.server.ws.Response; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.user.UserId; | |||
import org.sonar.server.permission.PermissionChange; | |||
import org.sonar.server.permission.PermissionService; | |||
@@ -84,13 +84,13 @@ public class RemoveUserAction implements PermissionsWsAction { | |||
UserId user = wsSupport.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN)); | |||
String permission = request.mandatoryParam(PARAM_PERMISSION); | |||
wsSupport.checkRemovingOwnAdminRight(userSession, user, permission); | |||
ComponentDto project = wsSupport.findProject(dbSession, request).orElse(null); | |||
wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(userSession, project, permission, user); | |||
wsSupport.checkPermissionManagementAccess(userSession, project); | |||
EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(userSession, entity, permission, user); | |||
wsSupport.checkPermissionManagementAccess(userSession, entity); | |||
PermissionChange change = new UserPermissionChange( | |||
PermissionChange.Operation.REMOVE, | |||
permission, | |||
project, | |||
entity, | |||
user, permissionService); | |||
permissionUpdater.apply(dbSession, singletonList(change)); | |||
response.noContent(); |
@@ -24,7 +24,6 @@ import com.google.common.collect.Ordering; | |||
import com.google.common.collect.TreeMultimap; | |||
import java.util.List; | |||
import java.util.Map; | |||
import java.util.Optional; | |||
import java.util.Set; | |||
import javax.annotation.Nullable; | |||
import org.sonar.api.server.ws.Change; | |||
@@ -35,7 +34,7 @@ import org.sonar.api.server.ws.WebService.Param; | |||
import org.sonar.api.utils.Paging; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.UserPermissionDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -111,13 +110,13 @@ public class UsersAction implements PermissionsWsAction { | |||
@Override | |||
public void handle(Request request, Response response) throws Exception { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
wsSupport.checkPermissionManagementAccess(userSession, project.orElse(null)); | |||
EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
wsSupport.checkPermissionManagementAccess(userSession, entity); | |||
PermissionQuery query = buildPermissionQuery(request, project.orElse(null)); | |||
PermissionQuery query = buildPermissionQuery(request, entity); | |||
List<UserDto> users = findUsers(dbSession, query); | |||
int total = dbClient.userPermissionDao().countUsersByQuery(dbSession, query); | |||
List<UserPermissionDto> userPermissions = findUserPermissions(dbSession, users, project.orElse(null)); | |||
List<UserPermissionDto> userPermissions = findUserPermissions(dbSession, users, entity); | |||
Paging paging = Paging.forPageIndex(request.mandatoryParamAsInt(Param.PAGE)).withPageSize(query.getPageSize()).andTotal(total); | |||
Map<String, Boolean> userUuidToIsManaged = managedInstanceService.getUserUuidToManaged(dbSession, getUserUuids(users)); | |||
UsersWsResponse usersWsResponse = buildResponse(users, userPermissions, userUuidToIsManaged, paging); | |||
@@ -129,7 +128,7 @@ public class UsersAction implements PermissionsWsAction { | |||
return users.stream().map(UserDto::getUuid).collect(toSet()); | |||
} | |||
private PermissionQuery buildPermissionQuery(Request request, @Nullable ComponentDto project) { | |||
private PermissionQuery buildPermissionQuery(Request request, @Nullable EntityDto entity) { | |||
String textQuery = request.param(Param.TEXT_QUERY); | |||
String permission = request.param(PARAM_PERMISSION); | |||
PermissionQuery.Builder permissionQuery = PermissionQuery.builder() | |||
@@ -138,12 +137,12 @@ public class UsersAction implements PermissionsWsAction { | |||
.setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE)) | |||
.setSearchQuery(textQuery); | |||
if (project != null) { | |||
permissionQuery.setComponent(project.uuid()); | |||
if (entity != null) { | |||
permissionQuery.setEntityUuid(entity.getUuid()); | |||
} | |||
if (permission != null) { | |||
if (project != null) { | |||
if (entity != null) { | |||
requestValidator.validateProjectPermission(permission); | |||
} else { | |||
validateGlobalPermission(permission); | |||
@@ -183,15 +182,15 @@ public class UsersAction implements PermissionsWsAction { | |||
return Ordering.explicit(orderedUuids).onResultOf(UserDto::getUuid).immutableSortedCopy(dbClient.userDao().selectByUuids(dbSession, orderedUuids)); | |||
} | |||
private List<UserPermissionDto> findUserPermissions(DbSession dbSession, List<UserDto> users, @Nullable ComponentDto project) { | |||
private List<UserPermissionDto> findUserPermissions(DbSession dbSession, List<UserDto> users, @Nullable EntityDto entity) { | |||
if (users.isEmpty()) { | |||
return emptyList(); | |||
} | |||
List<String> userUuids = users.stream().map(UserDto::getUuid).toList(); | |||
PermissionQuery.Builder queryBuilder = PermissionQuery.builder() | |||
.withAtLeastOnePermission(); | |||
if (project != null) { | |||
queryBuilder.setComponent(project.uuid()); | |||
if (entity != null) { | |||
queryBuilder.setEntityUuid(entity.getUuid()); | |||
} | |||
return dbClient.userPermissionDao().selectUserPermissionsByQuery(dbSession, queryBuilder.build(), userUuids); | |||
} |
@@ -20,18 +20,23 @@ | |||
package org.sonar.server.permission.ws.template; | |||
import java.util.Collections; | |||
import java.util.Optional; | |||
import javax.annotation.CheckForNull; | |||
import javax.annotation.Nullable; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.Response; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.server.exceptions.NotFoundException; | |||
import org.sonar.server.permission.PermissionTemplateService; | |||
import org.sonar.server.permission.ws.PermissionWsSupport; | |||
import org.sonar.server.permission.ws.PermissionsWsAction; | |||
import org.sonar.server.permission.ws.ProjectWsRef; | |||
import org.sonar.server.user.UserSession; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; | |||
@@ -92,10 +97,20 @@ public class ApplyTemplateAction implements PermissionsWsAction { | |||
PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef( | |||
request.getTemplateId(), request.getTemplateName())); | |||
ComponentDto project = wsSupport.getRootComponent(dbSession, newWsProjectRef(request.getProjectId(), request.getProjectKey())); | |||
ProjectWsRef.validateUuidAndKeyPair(request.getProjectId(), request.getProjectKey()); | |||
EntityDto entityDto = getEntityByKeyOrUuid(request.getProjectId(), request.getProjectKey(), dbSession); | |||
checkGlobalAdmin(userSession); | |||
permissionTemplateService.applyAndCommit(dbSession, template, Collections.singletonList(project)); | |||
permissionTemplateService.applyAndCommit(dbSession, template, Collections.singletonList(entityDto)); | |||
} | |||
} | |||
private EntityDto getEntityByKeyOrUuid(@Nullable String uuid, @Nullable String key, DbSession dbSession) { | |||
Optional<EntityDto> entityDto = uuid != null ? dbClient.entityDao().selectByUuid(dbSession, uuid) : dbClient.entityDao().selectByKey(dbSession, key); | |||
if (entityDto.isPresent() && !Qualifiers.SUBVIEW.equals(entityDto.get().getQualifier())) { | |||
return entityDto.get(); | |||
} else { | |||
throw new NotFoundException("Entity not found"); | |||
} | |||
} | |||
@@ -22,6 +22,7 @@ package org.sonar.server.permission.ws.template; | |||
import java.util.Collection; | |||
import java.util.HashSet; | |||
import java.util.List; | |||
import java.util.stream.Collectors; | |||
import javax.annotation.CheckForNull; | |||
import javax.annotation.Nullable; | |||
import org.sonar.api.resources.Qualifiers; | |||
@@ -37,6 +38,7 @@ import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentQuery; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.server.permission.PermissionTemplateService; | |||
import org.sonar.server.permission.ws.PermissionWsSupport; | |||
@@ -150,9 +152,13 @@ public class BulkApplyTemplateAction implements PermissionsWsAction { | |||
checkGlobalAdmin(userSession); | |||
ComponentQuery componentQuery = buildDbQuery(request); | |||
List<ComponentDto> projects = dbClient.componentDao().selectByQuery(dbSession, componentQuery, 0, Integer.MAX_VALUE); | |||
List<ComponentDto> components = dbClient.componentDao().selectByQuery(dbSession, componentQuery, 0, Integer.MAX_VALUE); | |||
permissionTemplateService.applyAndCommit(dbSession, template, projects); | |||
List<EntityDto> entities = dbClient.entityDao().selectByKeys(dbSession, components.stream() | |||
.map(ComponentDto::getKey) | |||
.collect(Collectors.toSet())); | |||
permissionTemplateService.applyAndCommit(dbSession, template, entities); | |||
} | |||
} | |||
@@ -19,6 +19,7 @@ | |||
*/ | |||
package org.sonar.server.project.ws; | |||
import java.util.Optional; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.server.ws.Request; | |||
import org.sonar.api.server.ws.Response; | |||
@@ -27,6 +28,7 @@ import org.sonar.core.util.UuidFactory; | |||
import org.sonar.core.util.Uuids; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.BranchDto; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
@@ -130,7 +132,9 @@ public class UpdateVisibilityAction implements ProjectsWsAction { | |||
} | |||
private void setPrivateForRootComponentUuid(DbSession dbSession, EntityDto entity, boolean newIsPrivate) { | |||
dbClient.componentDao().setPrivateForBranchUuid(dbSession, entity.getUuid(), newIsPrivate, entity.getKey(), entity.getQualifier(), entity.getName()); | |||
Optional<BranchDto> branchDto = dbClient.branchDao().selectMainBranchByProjectUuid(dbSession, entity.getUuid()); | |||
String branchUuid = branchDto.isPresent() ? branchDto.get().getUuid() : entity.getUuid(); | |||
dbClient.componentDao().setPrivateForBranchUuid(dbSession, branchUuid, newIsPrivate, entity.getKey(), entity.getQualifier(), entity.getName()); | |||
if (entity.isProjectOrApp()) { | |||
dbClient.projectDao().updateVisibility(dbSession, entity.getUuid(), newIsPrivate); | |||
@@ -153,9 +157,9 @@ public class UpdateVisibilityAction implements ProjectsWsAction { | |||
dbClient.groupPermissionDao().deleteByEntityUuidForAnyOne(dbSession, entity); | |||
// grant UserRole.CODEVIEWER and UserRole.USER to any group or user with at least one permission on project | |||
PUBLIC_PERMISSIONS.forEach(permission -> { | |||
dbClient.groupPermissionDao().selectGroupUuidsWithPermissionOnProjectBut(dbSession, entity.getUuid(), permission) | |||
dbClient.groupPermissionDao().selectGroupUuidsWithPermissionOnEntityBut(dbSession, entity.getUuid(), permission) | |||
.forEach(group -> insertProjectPermissionOnGroup(dbSession, entity, permission, group)); | |||
dbClient.userPermissionDao().selectUserIdsWithPermissionOnProjectBut(dbSession, entity.getUuid(), permission) | |||
dbClient.userPermissionDao().selectUserIdsWithPermissionOnEntityBut(dbSession, entity.getUuid(), permission) | |||
.forEach(userUuid -> insertProjectPermissionOnUser(dbSession, entity, permission, userUuid)); | |||
}); | |||
} |