소스 검색
SONAR-19455 refactored permissions in the codebase to not rely on main branch from components table
tags/10.2.0.77647
Lukasz Jarocki
1 년 전
+ 149
- 149
server/sonar-db-dao/src/it/java/org/sonar/db/permission/GroupPermissionDaoIT.java
파일 보기
| @@ -55,19 +55,19 @@ public class GroupPermissionDaoIT { | |||
| private static final String MISSING_UUID = "-1"; | |||
| @Rule | |||
| public DbTester db = DbTester.create(System2.INSTANCE); | |||
| public DbTester db = DbTester.create(System2.INSTANCE, true); | |||
| private final DbSession dbSession = db.getSession(); | |||
| private final GroupPermissionDao underTest = new GroupPermissionDao(new NoOpAuditPersister()); | |||
| @Test | |||
| public void group_count_by_permission_and_component_id_on_private_projects() { | |||
| public void group_count_by_permission_and_entity_id_on_private_projects() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| GroupDto group3 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project3 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project3 = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnGroup(group1, UserRole.ISSUE_ADMIN, project1); | |||
| db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project2); | |||
| @@ -76,24 +76,24 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project2); | |||
| db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project3); | |||
| final List<CountPerProjectPermission> result = new ArrayList<>(); | |||
| underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"), | |||
| final List<CountPerEntityPermission> result = new ArrayList<>(); | |||
| underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.getUuid(), project3.getUuid(), "789"), | |||
| context -> result.add(context.getResultObject())); | |||
| assertThat(result).hasSize(3); | |||
| assertThat(result).extracting("permission").containsOnly(UserRole.ADMIN, UserRole.USER); | |||
| assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid()); | |||
| assertThat(result).extracting("entityUuid").containsOnly(project2.getUuid(), project3.getUuid()); | |||
| assertThat(result).extracting("count").containsOnly(3, 1); | |||
| } | |||
| @Test | |||
| public void group_count_by_permission_and_component_id_on_public_projects() { | |||
| public void group_count_by_permission_and_entity_id_on_public_projects() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| GroupDto group3 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto project3 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPublicProject().getProjectDto(); | |||
| ProjectDto project3 = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project1); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p2", project2); | |||
| @@ -104,13 +104,13 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertProjectPermissionOnGroup(group1, "p3", project2); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p3", project3); | |||
| final List<CountPerProjectPermission> result = new ArrayList<>(); | |||
| underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"), | |||
| final List<CountPerEntityPermission> result = new ArrayList<>(); | |||
| underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.getUuid(), project3.getUuid(), "789"), | |||
| context -> result.add(context.getResultObject())); | |||
| assertThat(result).hasSize(3); | |||
| assertThat(result).extracting("permission").containsOnly("p2", "p3"); | |||
| assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid()); | |||
| assertThat(result).extracting("entityUuid").containsOnly(project2.getUuid(), project3.getUuid()); | |||
| assertThat(result).extracting("count").containsOnly(4, 1); | |||
| } | |||
| @@ -128,7 +128,7 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void selectGroupNamesByQuery_is_ordered_by_permissions_then_by_group_when_many_groups_for_global_permissions() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
| GroupDto group = db.users().insertGroup("Group-" + i); | |||
| // Add permission on project to be sure projects are excluded | |||
| @@ -143,18 +143,18 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void selectGroupNamesByQuery_is_ordered_by_global_permissions_then_by_group_when_many_groups_for_project_permissions() { | |||
| public void selectGroupNamesByQuery_is_ordered_by_global_permissions_then_by_group_when_many_groups_for_entity_permissions() { | |||
| IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
| GroupDto group = db.users().insertGroup("Group-" + i); | |||
| // Add global permission to be sure they are excluded | |||
| db.users().insertPermissionOnGroup(group, GlobalPermission.SCAN.getKey()); | |||
| }); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1); | |||
| db.users().insertProjectPermissionOnGroup(db.users().selectGroup(lastGroupName).orElseGet(() -> fail("group not found")), GlobalPermission.SCAN.getKey(), project); | |||
| assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery() | |||
| .setComponent(project) | |||
| .setEntity(project) | |||
| .build())) | |||
| .hasSize(DEFAULT_PAGE_SIZE) | |||
| .startsWith(ANYONE, lastGroupName, "Group-1"); | |||
| @@ -186,7 +186,7 @@ public class GroupPermissionDaoIT { | |||
| GroupDto group2 = db.users().insertGroup("Group-2"); | |||
| GroupDto group3 = db.users().insertGroup("Group-3"); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
| db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); | |||
| @@ -210,8 +210,8 @@ public class GroupPermissionDaoIT { | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| GroupDto group3 = db.users().insertGroup(); | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto anotherProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| ProjectDto anotherProject = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p2", project); | |||
| @@ -223,7 +223,7 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertPermissionOnGroup(group2, "p5"); | |||
| PermissionQuery.Builder builderOnComponent = newQuery() | |||
| .setComponent(project); | |||
| .setEntity(project); | |||
| assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
| builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName()); | |||
| assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
| @@ -238,8 +238,8 @@ public class GroupPermissionDaoIT { | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| GroupDto group3 = db.users().insertGroup(); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto anotherProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto anotherProject = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.SCAN.getKey(), project); | |||
| db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS.getKey(), project); | |||
| @@ -249,7 +249,7 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertPermissionOnGroup(group2, GlobalPermission.SCAN); | |||
| PermissionQuery.Builder builderOnComponent = newQuery() | |||
| .setComponent(project); | |||
| .setEntity(project); | |||
| assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
| builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName()); | |||
| assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
| @@ -413,7 +413,7 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void selectProjectPermissionsOfGroup_on_public_project() { | |||
| public void selectEntityPermissionsOfGroup_on_public_project() { | |||
| GroupDto group1 = db.users().insertGroup("group1"); | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| @@ -425,13 +425,13 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm5", project2); | |||
| db.users().insertProjectPermissionOnAnyone("perm6", project1); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
| .containsOnly("perm3", "perm4"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
| .containsOnly("perm5"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
| .containsOnly("perm6"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
| .isEmpty(); | |||
| } | |||
| @@ -447,9 +447,9 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void selectProjectKeysWithAnyonePermissions_on_public_project_ordered_by_kee() { | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto project3 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPublicProject().getProjectDto(); | |||
| ProjectDto project3 = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnAnyone("perm1", project1); | |||
| db.users().insertProjectPermissionOnAnyone("perm1", project2); | |||
| db.users().insertProjectPermissionOnAnyone("perm1", project3); | |||
| @@ -460,7 +460,7 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void selectProjectKeysWithAnyonePermissions_on_public_project_ordered_by_kee_max_5() { | |||
| IntStream.rangeClosed(1, 9).forEach(i -> { | |||
| ComponentDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getProjectDto(); | |||
| db.users().insertProjectPermissionOnAnyone("perm-" + i, project); | |||
| }); | |||
| @@ -474,7 +474,7 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertPermissionOnAnyone("perm-anyone"); | |||
| IntStream.rangeClosed(1, 9).forEach(i -> { | |||
| ComponentDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getProjectDto(); | |||
| db.users().insertProjectPermissionOnAnyone("perm-" + i, project); | |||
| }); | |||
| @@ -483,7 +483,7 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void countProjectsWithAnyonePermissions() { | |||
| public void countEntitiesWithAnyonePermissions() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| IntStream.rangeClosed(1, 5).forEach(i -> { | |||
| ComponentDto project = db.components().insertPublicProject(p -> p.setKey("key-" + i)).getMainBranchComponent(); | |||
| @@ -491,11 +491,11 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertProjectPermissionOnGroup(group, "perm-", project); | |||
| }); | |||
| assertThat(underTest.countProjectsWithAnyonePermissions(dbSession)).isEqualTo(5); | |||
| assertThat(underTest.countEntitiesWithAnyonePermissions(dbSession)).isEqualTo(5); | |||
| } | |||
| @Test | |||
| public void selectProjectPermissionsOfGroup_on_private_project() { | |||
| public void selectEntityPermissionsOfGroup_on_private_project() { | |||
| GroupDto group1 = db.users().insertGroup("group1"); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| @@ -506,13 +506,13 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm4", project1); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm5", project2); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid())) | |||
| .containsOnly("perm3", "perm4"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid())) | |||
| .containsOnly("perm5"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project1.uuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project2.uuid())) | |||
| .isEmpty(); | |||
| } | |||
| @@ -554,33 +554,33 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void selectGroupUuidsWithPermissionOnProjectBut_returns_empty_if_project_does_not_exist() { | |||
| public void selectGroupUuidsWithPermissionOnEntityBut_returns_empty_if_project_does_not_exist() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| GroupDto group = db.users().insertGroup(); | |||
| db.users().insertProjectPermissionOnGroup(group, "foo", project.getMainBranchComponent()); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER)) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, "1234", UserRole.USER)) | |||
| .isEmpty(); | |||
| } | |||
| @Test | |||
| public void selectGroupUuidsWithPermissionOnProjectBut_returns_only_groups_of_project_which_do_not_have_permission() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| public void selectGroupUuidsWithPermissionOnEntityBut_returns_only_groups_of_project_which_do_not_have_permission() { | |||
| ProjectDto project = randomPublicOrPrivateProject().getProjectDto(); | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group2, "p2", project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
| db.users().insertProjectPermissionOnGroup(group2, "p2", project); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p2")) | |||
| .containsOnly(group1.getUuid()); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p1")) | |||
| .containsOnly(group2.getUuid()); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p3")) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p3")) | |||
| .containsOnly(group1.getUuid(), group2.getUuid()); | |||
| } | |||
| @Test | |||
| public void selectGroupUuidsWithPermissionOnProjectBut_does_not_returns_group_AnyOne_of_project_when_it_does_not_have_permission() { | |||
| public void selectGroupUuidsWithPermissionOnEntityBut_does_not_returns_group_AnyOne_of_project_when_it_does_not_have_permission() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| @@ -588,73 +588,73 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertProjectPermissionOnGroup(group2, "p2", project); | |||
| db.users().insertProjectPermissionOnAnyone("p2", project); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2")) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.uuid(), "p2")) | |||
| .containsOnly(group1.getUuid()); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1")) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.uuid(), "p1")) | |||
| .containsOnly(group2.getUuid()); | |||
| } | |||
| @Test | |||
| public void selectGroupUuidsWithPermissionOnProjectBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
| public void selectGroupUuidsWithPermissionOnEntityBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| db.users().insertGroup(); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group2, "p2", project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project.getProjectDto()); | |||
| db.users().insertProjectPermissionOnGroup(group2, "p2", project.getProjectDto()); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p2")) | |||
| .containsOnly(group1.getUuid()); | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
| assertThat(underTest.selectGroupUuidsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p1")) | |||
| .containsOnly(group2.getUuid()); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuid_on_private_project() { | |||
| public void deleteByRootEntityUuid_on_private_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertPermissionOnGroup(group1, "perm1"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm2", project1); | |||
| db.users().insertProjectPermissionOnGroup(group2, "perm3", project2); | |||
| underTest.deleteByRootComponentUuid(dbSession, project1); | |||
| underTest.deleteByEntityUuid(dbSession, project1); | |||
| dbSession.commit(); | |||
| assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.uuid() + "'")).isZero(); | |||
| assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.getUuid() + "'")).isZero(); | |||
| assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuid_on_public_project() { | |||
| public void deleteByRootEntityUuid_on_public_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertPermissionOnGroup(group1, "perm1"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm2", project1); | |||
| db.users().insertProjectPermissionOnGroup(group2, "perm3", project2); | |||
| db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
| db.users().insertProjectPermissionOnAnyone("perm5", project2); | |||
| underTest.deleteByRootComponentUuid(dbSession, project1); | |||
| underTest.deleteByEntityUuid(dbSession, project1); | |||
| dbSession.commit(); | |||
| assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.uuid() + "'")).isZero(); | |||
| assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.getUuid() + "'")).isZero(); | |||
| assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3); | |||
| } | |||
| @Test | |||
| public void delete_global_permission_from_group_on_public_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone("perm1"); | |||
| db.users().insertPermissionOnGroup(group1, "perm2"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
| db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
| underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null, project1); | |||
| underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null); | |||
| dbSession.commit(); | |||
| assertThatNoPermission("perm2"); | |||
| @@ -664,12 +664,12 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void delete_global_permission_from_group_on_private_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone("perm1"); | |||
| db.users().insertPermissionOnGroup(group1, "perm2"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
| underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null, project1); | |||
| underTest.delete(dbSession, "perm2", group1.getUuid(), group1.getName(), null); | |||
| dbSession.commit(); | |||
| assertThatNoPermission("perm2"); | |||
| @@ -679,13 +679,13 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void delete_global_permission_from_anyone_on_public_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone("perm1"); | |||
| db.users().insertPermissionOnGroup(group1, "perm2"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
| db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
| underTest.delete(dbSession, "perm1", null, null, null, project1); | |||
| underTest.delete(dbSession, "perm1", null, null, null); | |||
| dbSession.commit(); | |||
| assertThatNoPermission("perm1"); | |||
| @@ -695,12 +695,12 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void delete_project_permission_from_group_on_private_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone("perm1"); | |||
| db.users().insertPermissionOnGroup(group1, "perm2"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
| underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1.uuid(), project1); | |||
| underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1); | |||
| dbSession.commit(); | |||
| assertThatNoPermission("perm3"); | |||
| @@ -710,13 +710,13 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void delete_project_permission_from_group_on_public_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone("perm1"); | |||
| db.users().insertPermissionOnGroup(group1, "perm2"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
| db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
| underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1.uuid(), project1); | |||
| underTest.delete(dbSession, "perm3", group1.getUuid(), group1.getName(), project1); | |||
| dbSession.commit(); | |||
| assertThatNoPermission("perm3"); | |||
| @@ -726,13 +726,13 @@ public class GroupPermissionDaoIT { | |||
| @Test | |||
| public void delete_project_permission_from_anybody_on_private_project() { | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone("perm1"); | |||
| db.users().insertPermissionOnGroup(group1, "perm2"); | |||
| db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); | |||
| db.users().insertProjectPermissionOnAnyone("perm4", project1); | |||
| underTest.delete(dbSession, "perm4", null, null, project1.uuid(), project1); | |||
| underTest.delete(dbSession, "perm4", null, null, project1); | |||
| dbSession.commit(); | |||
| assertThatNoPermission("perm4"); | |||
| @@ -740,28 +740,28 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndGroupUuid_deletes_all_permissions_of_group_AnyOne_of_specified_component_if_groupUuid_is_null() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| public void deleteByRootEntityAndGroupUuid_deletes_all_permissions_of_group_AnyOne_of_specified_component_if_groupUuid_is_null() { | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| GroupDto group = db.users().insertGroup(); | |||
| db.users().insertProjectPermissionOnAnyone("p1", project); | |||
| db.users().insertProjectPermissionOnGroup(group, "p2", project); | |||
| db.users().insertPermissionOnAnyone("p3"); | |||
| db.users().insertPermissionOnGroup(group, "p4"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
| .containsOnly("p1"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group.getUuid(), project.getUuid())) | |||
| .containsOnly("p2"); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
| .containsOnly("p3"); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group.getUuid())) | |||
| .containsOnly("p4"); | |||
| int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, project); | |||
| int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, null, project); | |||
| assertThat(deletedCount).isOne(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group.getUuid(), project.getUuid())) | |||
| .containsOnly("p2"); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
| .containsOnly("p3"); | |||
| @@ -770,8 +770,8 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndGroupUuid_deletes_all_permissions_of_specified_group_of_specified_component_if_groupUuid_is_non_null() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| public void deleteByRootEntityAndGroupUuid_deletes_all_permissions_of_specified_group_of_specified_component_if_groupUuid_is_non_null() { | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| db.users().insertProjectPermissionOnAnyone("p1", project); | |||
| @@ -781,11 +781,11 @@ public class GroupPermissionDaoIT { | |||
| db.users().insertPermissionOnAnyone("p5"); | |||
| db.users().insertPermissionOnGroup(group1, "p6"); | |||
| db.users().insertPermissionOnGroup(group2, "p7"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
| .containsOnly("p1"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
| .containsOnly("p2"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
| .containsOnly("p3", "p4"); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
| .containsOnly("p5"); | |||
| @@ -794,28 +794,28 @@ public class GroupPermissionDaoIT { | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid())) | |||
| .containsOnly("p7"); | |||
| int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group1.getUuid(), project); | |||
| int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, group1.getUuid(), project); | |||
| assertThat(deletedCount).isOne(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
| .containsOnly("p1"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
| .containsOnly("p3", "p4"); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid())) | |||
| .containsOnly("p6"); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid())) | |||
| .containsOnly("p7"); | |||
| deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group2.getUuid(), project); | |||
| deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, group2.getUuid(), project); | |||
| assertThat(deletedCount).isEqualTo(2); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
| .containsOnly("p1"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid())) | |||
| .containsOnly("p6"); | |||
| @@ -824,48 +824,48 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_does_not_exist() { | |||
| public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_does_not_exist() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ComponentDto component = new ComponentDto().setUuid("1234"); | |||
| ProjectDto projectDto = new ProjectDto().setUuid("1234"); | |||
| assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, component)).isZero(); | |||
| assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group.getUuid(), component)).isZero(); | |||
| assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, null, projectDto)).isZero(); | |||
| assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, group.getUuid(), projectDto)).isZero(); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
| public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| GroupDto group = db.users().insertGroup(); | |||
| assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, project.getMainBranchComponent())).isZero(); | |||
| assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group.getUuid(), project.getMainBranchComponent())).isZero(); | |||
| assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, null, project.getProjectDto())).isZero(); | |||
| assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, group.getUuid(), project.getProjectDto())).isZero(); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_group_does_not_exist() { | |||
| public void deleteByRootEntityAndGroupUuid_has_no_effect_if_group_does_not_exist() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "5678", project.getMainBranchComponent())).isZero(); | |||
| assertThat(underTest.deleteByEntityAndGroupUuid(dbSession, "5678", project.getProjectDto())).isZero(); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_group_AnyOne() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_group_AnyOne() { | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
| .containsOnly("p1"); | |||
| db.users().insertPermissionOnAnyone("p2"); | |||
| db.users().insertPermissionOnGroup(group1, "p3"); | |||
| int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, null, project); | |||
| int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, null, project); | |||
| assertThat(deletedCount).isZero(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, null, project.getUuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
| .containsOnly("p1"); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
| .containsOnly("p2"); | |||
| @@ -874,20 +874,20 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_specified_group() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| public void deleteByRootEntityAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_specified_group() { | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto group1 = db.users().insertGroup(); | |||
| GroupDto group2 = db.users().insertGroup(); | |||
| db.users().insertProjectPermissionOnGroup(group1, "p1", project); | |||
| db.users().insertPermissionOnAnyone("p2"); | |||
| db.users().insertPermissionOnGroup(group1, "p3"); | |||
| int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, group2.getUuid(), project); | |||
| int deletedCount = underTest.deleteByEntityAndGroupUuid(dbSession, group2.getUuid(), project); | |||
| assertThat(deletedCount).isZero(); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
| .containsOnly("p1"); | |||
| assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
| assertThat(underTest.selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
| .isEmpty(); | |||
| assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)) | |||
| .containsOnly("p2"); | |||
| @@ -896,55 +896,55 @@ public class GroupPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndPermission_deletes_all_rows_for_specified_role_of_specified_component() { | |||
| ProjectData project = db.components().insertPublicProject(); | |||
| public void deleteByEntityAndPermission_deletes_all_rows_for_specified_role_of_specified_component() { | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| GroupDto group = db.users().insertGroup(); | |||
| Stream.of("p1", "p2").forEach(permission -> { | |||
| db.users().insertPermissionOnAnyone(permission); | |||
| db.users().insertPermissionOnGroup(group, permission); | |||
| db.users().insertProjectPermissionOnGroup(group, permission, project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnAnyone(permission, project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group, permission, project); | |||
| db.users().insertProjectPermissionOnAnyone(permission, project); | |||
| }); | |||
| assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2"); | |||
| assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).containsOnly("p1", "p2"); | |||
| assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).containsOnly("p1", "p2"); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getUuid())).containsOnly("p1", "p2"); | |||
| assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).containsOnly("p1", "p2"); | |||
| int deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p1", project.getProjectDto()); | |||
| int deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p1", project); | |||
| assertThat(deletedRows).isEqualTo(2); | |||
| assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2"); | |||
| assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).containsOnly("p2"); | |||
| assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).containsOnly("p2"); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getUuid())).containsOnly("p2"); | |||
| assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).containsOnly("p2"); | |||
| deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p2", project.getProjectDto()); | |||
| deletedRows = underTest.deleteByEntityAndPermission(dbSession, "p2", project); | |||
| assertThat(deletedRows).isEqualTo(2); | |||
| assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2"); | |||
| assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).isEmpty(); | |||
| assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).isEmpty(); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getUuid())).isEmpty(); | |||
| assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).isEmpty(); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
| public void deleteByEntityAndPermission_has_no_effect_if_component_has_no_group_permission_at_all() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ProjectData project = db.components().insertPrivateProject(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertPermissionOnAnyone("p1"); | |||
| db.users().insertPermissionOnGroup(group, "p1"); | |||
| assertThat(underTest.deleteByEntityAndPermission(dbSession, "p1", project.getProjectDto())).isZero(); | |||
| assertThat(underTest.deleteByEntityAndPermission(dbSession, "p1", project)).isZero(); | |||
| assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1"); | |||
| assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1"); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getMainBranchComponent())).isEmpty(); | |||
| assertThat(getProjectPermissionsForGroup(project.getMainBranchComponent(), group)).isEmpty(); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getUuid())).isEmpty(); | |||
| assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).isEmpty(); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_does_not_exist() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| public void deleteByEntityAndPermission_has_no_effect_if_component_does_not_exist() { | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| GroupDto group = db.users().insertGroup(); | |||
| db.users().insertPermissionOnAnyone("p1"); | |||
| db.users().insertPermissionOnGroup(group, "p1"); | |||
| @@ -957,12 +957,12 @@ public class GroupPermissionDaoIT { | |||
| assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1"); | |||
| assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1"); | |||
| assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1"); | |||
| assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1"); | |||
| assertThat(getProjectPermissionsForAnyOne(project.getUuid())).containsOnly("p1"); | |||
| assertThat(getProjectPermissionsForGroup(project.getUuid(), group)).containsOnly("p1"); | |||
| } | |||
| @Test | |||
| public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_does_not_have_specified_permission() { | |||
| public void deleteByEntityAndPermission_has_no_effect_if_component_does_not_have_specified_permission() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| db.users().insertPermissionOnAnyone("p1"); | |||
| @@ -996,12 +996,12 @@ public class GroupPermissionDaoIT { | |||
| return getPermissions("group_uuid = '" + groupDto.getUuid() + "' and component_uuid is null"); | |||
| } | |||
| private Collection<String> getProjectPermissionsForAnyOne(ComponentDto project) { | |||
| return getPermissions("group_uuid is null and component_uuid = '" + project.uuid() + "'"); | |||
| private Collection<String> getProjectPermissionsForAnyOne(String projectUuid) { | |||
| return getPermissions("group_uuid is null and component_uuid = '" + projectUuid + "'"); | |||
| } | |||
| private Collection<String> getProjectPermissionsForGroup(ComponentDto project, GroupDto group) { | |||
| return getPermissions("group_uuid = '" + group.getUuid() + "' and component_uuid = '" + project.uuid() + "'"); | |||
| private Collection<String> getProjectPermissionsForGroup(String projectUuid, GroupDto group) { | |||
| return getPermissions("group_uuid = '" + group.getUuid() + "' and component_uuid = '" + projectUuid + "'"); | |||
| } | |||
| private Collection<String> getPermissions(String whereClauses) { | |||
+ 27
- 25
server/sonar-db-dao/src/it/java/org/sonar/db/permission/GroupPermissionDaoWithPersisterIT.java
파일 보기
| @@ -29,10 +29,8 @@ import org.sonar.db.DbSession; | |||
| import org.sonar.db.DbTester; | |||
| import org.sonar.db.audit.AuditPersister; | |||
| import org.sonar.db.audit.model.GroupPermissionNewValue; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ProjectData; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import static org.assertj.core.api.Assertions.assertThat; | |||
| @@ -46,7 +44,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| private final AuditPersister auditPersister = mock(AuditPersister.class); | |||
| @Rule | |||
| public DbTester db = DbTester.create(System2.INSTANCE); | |||
| public DbTester db = DbTester.create(System2.INSTANCE, true); | |||
| private final SequenceUuidFactory uuidFactory = new SequenceUuidFactory(); | |||
| private final ArgumentCaptor<GroupPermissionNewValue> newValueCaptor = ArgumentCaptor.forClass(GroupPermissionNewValue.class); | |||
| @@ -66,7 +64,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), null, dto.getRole(), null, null, null); | |||
| assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\" }"); | |||
| underTest.delete(dbSession, ADMIN, group.getUuid(), group.getName(), null, (EntityDto) null); | |||
| underTest.delete(dbSession, ADMIN, group.getUuid(), group.getName(), null); | |||
| verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
| newValue = newValueCaptor.getValue(); | |||
| @@ -76,7 +74,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| @Test | |||
| public void groupGlobalPermissionDeleteWithoutAffectedRowsIsNotPersisted() { | |||
| underTest.delete(dbSession, ADMIN, "group-uuid", "group-name", null, (EntityDto) null); | |||
| underTest.delete(dbSession, ADMIN, "group-uuid", "group-name", null); | |||
| verifyNoInteractions(auditPersister); | |||
| } | |||
| @@ -87,24 +85,26 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
| GroupPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), project.projectUuid(), dto.getRole(), project.projectKey(), | |||
| project.getProjectDto().getName(), "TRK"); | |||
| assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\"," + | |||
| " \"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| " \"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| underTest.deleteByRootComponentUuid(dbSession, project.getMainBranchComponent()); | |||
| underTest.deleteByEntityUuid(dbSession, project.getProjectDto()); | |||
| verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
| newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, null, null, null, project.projectUuid(), null, project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
| assertThat(newValue).hasToString("{\"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| assertThat(newValue).hasToString("{\"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| } | |||
| @Test | |||
| public void groupProjectPermissionDeleteByComponentWithoutAffectedRowsIsNotPersisted() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| underTest.deleteByRootComponentUuid(dbSession, project); | |||
| underTest.deleteByEntityUuid(dbSession, project); | |||
| verifyNoInteractions(auditPersister); | |||
| } | |||
| @@ -115,16 +115,18 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| verify(auditPersister).addGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
| GroupPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, dto.getUuid(), null, null, project.projectUuid(), dto.getRole(), project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
| assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"componentUuid\": \"cuuid\", " | |||
| assertNewValue(newValue, dto.getUuid(), null, null, project.projectUuid(), dto.getRole(), project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
| assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"componentUuid\": \"projectUuid\", " | |||
| + "\"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| underTest.deleteByEntityUuidForAnyOne(dbSession, project.getProjectDto()); | |||
| verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
| newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, null, null, null, project.projectUuid(), null, project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
| assertThat(newValue).hasToString("{\"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", " + | |||
| assertThat(newValue).hasToString("{\"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", " + | |||
| "\"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| } | |||
| @@ -145,14 +147,14 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| GroupPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, dto.getUuid(), group.getUuid(), group.getName(), project.projectUuid(), dto.getRole(), project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
| assertThat(newValue).hasToString("{\"permissionUuid\": \"1\", \"permission\": \"admin\", \"groupUuid\": \"guuid\", \"groupName\": \"gname\", " | |||
| + "\"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| + "\"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\", \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| underTest.deleteByEntityAndPermission(dbSession, dto.getRole(), project.getProjectDto()); | |||
| verify(auditPersister).deleteGroupPermission(eq(dbSession), newValueCaptor.capture()); | |||
| newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, null, null, null, project.projectUuid(), ADMIN, project.projectKey(), project.getProjectDto().getName(), "TRK"); | |||
| assertThat(newValue).hasToString("{\"permission\": \"admin\", \"componentUuid\": \"cuuid\", \"componentKey\": \"cKey\"," + | |||
| assertThat(newValue).hasToString("{\"permission\": \"admin\", \"componentUuid\": \"projectUuid\", \"componentKey\": \"cKey\"," + | |||
| " \"componentName\": \"cname\", \"qualifier\": \"project\" }"); | |||
| } | |||
| @@ -160,7 +162,7 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| public void groupProjectPermissionDeleteByComponentAndPermissionWithoutAffectedRowsIsNotPersisted() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ProjectData project = db.components().insertPrivateProject(); | |||
| GroupPermissionDto dto = getGroupPermission(group, project.getMainBranchComponent()); | |||
| GroupPermissionDto dto = getGroupPermission(group, project.getProjectDto()); | |||
| underTest.deleteByEntityAndPermission(dbSession, dto.getRole(), project.getProjectDto()); | |||
| @@ -176,38 +178,38 @@ public class GroupPermissionDaoWithPersisterIT { | |||
| private void addGroupPermission() { | |||
| group = db.users().insertGroup(g -> g.setUuid("guuid").setName("gname")); | |||
| project = db.components().insertPrivateProject(c -> c.setUuid("cuuid").setName("cname").setKey("cKey")); | |||
| dto = getGroupPermission(group, project.getMainBranchComponent()); | |||
| project = db.components().insertPrivateProject(c -> c.setName("cname").setKey("cKey"), p -> p.setUuid("projectUuid")); | |||
| dto = getGroupPermission(group, project.getProjectDto()); | |||
| underTest.insert(dbSession, dto, project.getProjectDto(), null); | |||
| } | |||
| private void addGroupPermissionWithoutGroup() { | |||
| project = db.components().insertPrivateProject(c -> c.setUuid("cuuid").setName("cname").setKey("cKey")); | |||
| dto = getGroupPermission(project.getMainBranchComponent()); | |||
| project = db.components().insertPrivateProject(c -> c.setName("cname").setKey("cKey"), p -> p.setUuid("projectUuid")); | |||
| dto = getGroupPermission(project.getProjectDto()); | |||
| underTest.insert(dbSession, dto, project.getProjectDto(), null); | |||
| } | |||
| private void addGroupPermissionWithoutComponent() { | |||
| group = db.users().insertGroup(g -> g.setUuid("guuid").setName("gname")); | |||
| dto = getGroupPermission(group); | |||
| underTest.insert(dbSession, dto, (EntityDto) null, null); | |||
| underTest.insert(dbSession, dto, null, null); | |||
| } | |||
| private GroupPermissionDto getGroupPermission(@Nullable GroupDto group, @Nullable ComponentDto project) { | |||
| private GroupPermissionDto getGroupPermission(@Nullable GroupDto group, @Nullable ProjectDto project) { | |||
| return new GroupPermissionDto() | |||
| .setUuid(uuidFactory.create()) | |||
| .setGroupUuid(group != null ? group.getUuid() : null) | |||
| .setGroupName(group != null ? group.getName() : null) | |||
| .setRole(ADMIN) | |||
| .setComponentUuid(project != null ? project.uuid() : null) | |||
| .setComponentName(project != null ? project.name(): null); | |||
| .setComponentUuid(project != null ? project.getUuid() : null) | |||
| .setComponentName(project != null ? project.getName(): null); | |||
| } | |||
| private GroupPermissionDto getGroupPermission(GroupDto group) { | |||
| return getGroupPermission(group, null); | |||
| } | |||
| private GroupPermissionDto getGroupPermission(ComponentDto project) { | |||
| private GroupPermissionDto getGroupPermission(ProjectDto project) { | |||
| return getGroupPermission(null, project); | |||
| } | |||
| } | |||
+ 98
- 99
server/sonar-db-dao/src/it/java/org/sonar/db/permission/UserPermissionDaoIT.java
파일 보기
| @@ -54,17 +54,17 @@ import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
| public class UserPermissionDaoIT { | |||
| @Rule | |||
| public DbTester db = DbTester.create(System2.INSTANCE); | |||
| public DbTester db = DbTester.create(System2.INSTANCE, true); | |||
| private DbSession dbSession = db.getSession(); | |||
| private UserPermissionDao underTest = new UserPermissionDao(new NoOpAuditPersister()); | |||
| private final DbSession dbSession = db.getSession(); | |||
| private final UserPermissionDao underTest = new UserPermissionDao(new NoOpAuditPersister()); | |||
| @Test | |||
| public void select_global_permissions() { | |||
| UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
| UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| UserPermissionDto global1 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
| UserPermissionDto global2 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user2); | |||
| UserPermissionDto global3 = addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user2); | |||
| @@ -115,35 +115,35 @@ public class UserPermissionDaoIT { | |||
| UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
| UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); | |||
| addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| UserPermissionDto perm1 = addProjectPermission(UserRole.USER, user1, project1); | |||
| UserPermissionDto perm2 = addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); | |||
| UserPermissionDto perm3 = addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); | |||
| addProjectPermission(UserRole.ISSUE_ADMIN, user3, project2); | |||
| // project permissions of users who has at least one permission on this project | |||
| PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponent(project1).build(); | |||
| PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setEntity(project1).build(); | |||
| expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1); | |||
| // empty if nobody has the specified global permission | |||
| query = PermissionQuery.builder().setPermission("missing").setComponent(project1).build(); | |||
| query = PermissionQuery.builder().setPermission("missing").setEntity(project1).build(); | |||
| expectPermissions(query, emptyList()); | |||
| // search by user name (matches 2 users), users with at least one permission | |||
| query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setComponent(project1).build(); | |||
| query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setEntity(project1).build(); | |||
| expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1); | |||
| // search by user name (matches 2 users) and project permission | |||
| query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(UserRole.ISSUE_ADMIN).setComponent(project1).build(); | |||
| query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(UserRole.ISSUE_ADMIN).setEntity(project1).build(); | |||
| expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2); | |||
| // search by user name (no match) | |||
| query = PermissionQuery.builder().setSearchQuery("Unknown").setComponent(project1).build(); | |||
| query = PermissionQuery.builder().setSearchQuery("Unknown").setEntity(project1).build(); | |||
| expectPermissions(query, emptyList()); | |||
| // permissions of unknown project | |||
| query = PermissionQuery.builder().setComponent(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
| query = PermissionQuery.builder().setEntity(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
| expectPermissions(query, emptyList()); | |||
| } | |||
| @@ -190,11 +190,11 @@ public class UserPermissionDaoIT { | |||
| }); | |||
| String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1); | |||
| UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnUser(lastUser, GlobalPermission.SCAN.getKey(), project); | |||
| PermissionQuery query = PermissionQuery.builder() | |||
| .setComponent(project) | |||
| .setEntity(project) | |||
| .build(); | |||
| assertThat(underTest.selectUserUuidsByQueryAndScope(dbSession, query)) | |||
| @@ -207,7 +207,7 @@ public class UserPermissionDaoIT { | |||
| UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com")); | |||
| UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com")); | |||
| addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| addProjectPermission(UserRole.USER, user2, project1); | |||
| addProjectPermission(UserRole.USER, user1, project1); | |||
| addProjectPermission(UserRole.ADMIN, user1, project1); | |||
| @@ -220,11 +220,11 @@ public class UserPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void countUsersByProjectPermission() { | |||
| public void countUsersByEntityPermission() { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
| addProjectPermission(UserRole.USER, user1, project1); | |||
| addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); | |||
| @@ -232,38 +232,38 @@ public class UserPermissionDaoIT { | |||
| addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
| // no projects -> return empty list | |||
| assertThat(underTest.countUsersByProjectPermission(dbSession, emptyList())).isEmpty(); | |||
| assertThat(underTest.countUsersByEntityPermission(dbSession, emptyList())).isEmpty(); | |||
| // one project | |||
| expectCount(singletonList(project1.uuid()), | |||
| new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), | |||
| new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2)); | |||
| expectCount(singletonList(project1.getUuid()), | |||
| new CountPerEntityPermission(project1.getUuid(), UserRole.USER, 1), | |||
| new CountPerEntityPermission(project1.getUuid(), UserRole.ISSUE_ADMIN, 2)); | |||
| // multiple projects | |||
| expectCount(asList(project1.uuid(), project2.uuid(), "invalid"), | |||
| new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), | |||
| new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2), | |||
| new CountPerProjectPermission(project2.uuid(), UserRole.ISSUE_ADMIN, 1)); | |||
| expectCount(asList(project1.getUuid(), project2.getUuid(), "invalid"), | |||
| new CountPerEntityPermission(project1.getUuid(), UserRole.USER, 1), | |||
| new CountPerEntityPermission(project1.getUuid(), UserRole.ISSUE_ADMIN, 2), | |||
| new CountPerEntityPermission(project2.getUuid(), UserRole.ISSUE_ADMIN, 1)); | |||
| } | |||
| @Test | |||
| public void selectUserUuidsByQuery() { | |||
| UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| addProjectPermission(UserRole.USER, user1, project1); | |||
| addProjectPermission(UserRole.USER, user2, project1); | |||
| addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); | |||
| // logins are ordered by user name: user2 ("Marie") then user1 ("Marius") | |||
| PermissionQuery query = PermissionQuery.builder().setComponent(project1).withAtLeastOnePermission().build(); | |||
| PermissionQuery query = PermissionQuery.builder().setEntity(project1).withAtLeastOnePermission().build(); | |||
| assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user2.getUuid(), user1.getUuid()); | |||
| query = PermissionQuery.builder().setComponent(project2).withAtLeastOnePermission().build(); | |||
| query = PermissionQuery.builder().setEntity(project2).withAtLeastOnePermission().build(); | |||
| assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).isEmpty(); | |||
| // on a project without permissions | |||
| query = PermissionQuery.builder().setComponent(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
| query = PermissionQuery.builder().setEntity(newPrivateProjectDto()).withAtLeastOnePermission().build(); | |||
| assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).isEmpty(); | |||
| // search all users whose name matches "mar", whatever the permissions | |||
| @@ -275,7 +275,7 @@ public class UserPermissionDaoIT { | |||
| assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user1.getUuid()); | |||
| // search all users whose name matches "mariu", whatever the permissions | |||
| query = PermissionQuery.builder().setSearchQuery("mariu").setComponent(project1).build(); | |||
| query = PermissionQuery.builder().setSearchQuery("mariu").setEntity(project1).build(); | |||
| assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user1.getUuid()); | |||
| } | |||
| @@ -283,8 +283,8 @@ public class UserPermissionDaoIT { | |||
| public void selectUserUuidsByQueryAndScope_with_global_scope() { | |||
| UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| addProjectPermission(UserRole.USER, user1, project1); | |||
| addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); | |||
| addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
| @@ -300,13 +300,13 @@ public class UserPermissionDaoIT { | |||
| public void selectUserUuidsByQueryAndScope_with_project_scope() { | |||
| UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| addProjectPermission(UserRole.USER, user1, project1); | |||
| addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); | |||
| addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
| PermissionQuery query = PermissionQuery.builder() | |||
| .setComponent(project1) | |||
| .setEntity(project1) | |||
| .build(); | |||
| List<String> result = underTest.selectUserUuidsByQueryAndScope(dbSession, query); | |||
| @@ -354,8 +354,8 @@ public class UserPermissionDaoIT { | |||
| public void deleteGlobalPermission() { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| addGlobalPermission("perm1", user1); | |||
| addGlobalPermission("perm2", user1); | |||
| addProjectPermission("perm1", user1, project1); | |||
| @@ -382,39 +382,39 @@ public class UserPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteProjectPermission() { | |||
| public void deleteEntityPermission() { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| addGlobalPermission("perm", user1); | |||
| addProjectPermission("perm", user1, project1); | |||
| addProjectPermission("perm", user1, project2); | |||
| addProjectPermission("perm", user2, project1); | |||
| // no such provision -> ignore | |||
| underTest.deleteProjectPermission(dbSession, user1, "anotherPerm", project1); | |||
| underTest.deleteEntityPermission(dbSession, user1, "anotherPerm", project1); | |||
| assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4); | |||
| underTest.deleteProjectPermission(dbSession, user1, "perm", project1); | |||
| assertThatProjectPermissionDoesNotExist(user1, "perm", project1); | |||
| underTest.deleteEntityPermission(dbSession, user1, "perm", project1); | |||
| assertThatProjectPermissionDoesNotExist(user1, "perm", project1.getUuid()); | |||
| assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(3); | |||
| } | |||
| @Test | |||
| public void deleteProjectPermissions() { | |||
| public void deleteEntityPermissions() { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| addGlobalPermission("perm", user1); | |||
| addProjectPermission("perm", user1, project1); | |||
| addProjectPermission("perm", user2, project1); | |||
| addProjectPermission("perm", user1, project2); | |||
| underTest.deleteProjectPermissions(dbSession, project1); | |||
| underTest.deleteEntityPermissions(dbSession, project1); | |||
| assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(2); | |||
| assertThatProjectHasNoPermissions(project1); | |||
| assertThatProjectHasNoPermissions(project1.getUuid()); | |||
| } | |||
| @Test | |||
| @@ -422,7 +422,7 @@ public class UserPermissionDaoIT { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| UserDto user3 = insertUser(); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| addGlobalPermission("perm1", user1); | |||
| addGlobalPermission("perm2", user2); | |||
| addGlobalPermission("perm3", user1); | |||
| @@ -436,64 +436,64 @@ public class UserPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void selectProjectPermissionsOfUser() { | |||
| public void selectEntityPermissionsOfUser() { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project3 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project3 = db.components().insertPrivateProject().getProjectDto(); | |||
| addGlobalPermission("perm1", user1); | |||
| addProjectPermission("perm2", user1, project1); | |||
| addProjectPermission("perm3", user1, project1); | |||
| addProjectPermission("perm4", user1, project2); | |||
| addProjectPermission("perm5", user2, project1); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).containsOnly("perm2", "perm3"); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly("perm4"); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project3.uuid())).isEmpty(); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project1.getUuid())).containsOnly("perm2", "perm3"); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project2.getUuid())).containsOnly("perm4"); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project3.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void selectGroupUuidsWithPermissionOnProjectBut_returns_empty_if_project_does_not_exist() { | |||
| public void selectUserIdsWithPermissionOnEntityBut_returns_empty_if_project_does_not_exist() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| UserDto user = insertUser(); | |||
| db.users().insertProjectPermissionOnUser(user, "foo", project.getMainBranchComponent()); | |||
| assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER)) | |||
| assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, "1234", UserRole.USER)) | |||
| .isEmpty(); | |||
| } | |||
| @Test | |||
| public void selectGroupUuidsWithPermissionOnProjectBut_returns_only_users_of_projects_which_do_not_have_permission() { | |||
| public void selectUserIdsWithPermissionOnEntityBut_returns_only_users_of_projects_which_do_not_have_permission() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| db.users().insertProjectPermissionOnUser(user1, "p1", project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnUser(user2, "p2", project.getMainBranchComponent()); | |||
| assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
| assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p2")) | |||
| .extracting("uuid", "login") | |||
| .containsOnly(tuple(user1.getUuid(), user1.getLogin())); | |||
| assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
| assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p1")) | |||
| .extracting("uuid", "login") | |||
| .containsOnly(tuple(user2.getUuid(), user2.getLogin())); | |||
| assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p3")) | |||
| assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.projectUuid(), "p3")) | |||
| .extracting("uuid", "login") | |||
| .containsOnly(tuple(user1.getUuid(), user1.getLogin()), tuple(user2.getUuid(), user2.getLogin())); | |||
| } | |||
| @Test | |||
| public void selectGroupUuidsWithPermissionOnProjectBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| public void selectUserIdsWithPermissionOnEntityBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() { | |||
| ProjectDto project = randomPublicOrPrivateProject().getProjectDto(); | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| db.users().insertProjectPermissionOnUser(user1, "p1", project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnUser(user2, "p2", project.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnUser(user1, "p1", project); | |||
| db.users().insertProjectPermissionOnUser(user2, "p2", project); | |||
| assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p2")) | |||
| assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p2")) | |||
| .extracting("uuid", "login") | |||
| .containsOnly(tuple(user1.getUuid(), user1.getLogin())); | |||
| assertThat(underTest.selectUserIdsWithPermissionOnProjectBut(dbSession, project.projectUuid(), "p1")) | |||
| assertThat(underTest.selectUserIdsWithPermissionOnEntityBut(dbSession, project.getUuid(), "p1")) | |||
| .extracting("uuid", "login") | |||
| .containsOnly(tuple(user2.getUuid(), user2.getLogin())); | |||
| } | |||
| @@ -502,7 +502,7 @@ public class UserPermissionDaoIT { | |||
| public void deleteByUserId() { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
| db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); | |||
| db.users().insertProjectPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), project); | |||
| @@ -512,13 +512,13 @@ public class UserPermissionDaoIT { | |||
| underTest.deleteByUserUuid(dbSession, user1); | |||
| dbSession.commit(); | |||
| assertThat(db.select("select user_uuid as \"userUuid\", component_uuid as \"projectUuid\", role as \"permission\" from user_roles")) | |||
| .extracting((row) -> row.get("userUuid"), (row) -> row.get("projectUuid"), (row) -> row.get("permission")) | |||
| .containsOnly(tuple(user2.getUuid(), null, GlobalPermission.SCAN.getKey()), tuple(user2.getUuid(), project.uuid(), GlobalPermission.ADMINISTER_QUALITY_GATES.getKey())); | |||
| assertThat(db.select("select user_uuid as \"userUuid\", component_uuid as \"entityUuid\", role as \"permission\" from user_roles")) | |||
| .extracting((row) -> row.get("userUuid"), (row) -> row.get("entityUuid"), (row) -> row.get("permission")) | |||
| .containsOnly(tuple(user2.getUuid(), null, GlobalPermission.SCAN.getKey()), tuple(user2.getUuid(), project.getUuid(), GlobalPermission.ADMINISTER_QUALITY_GATES.getKey())); | |||
| } | |||
| @Test | |||
| public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_entity_does_not_exist() { | |||
| public void deleteEntityPermissionOfAnyUser_has_no_effect_if_specified_entity_does_not_exist() { | |||
| UserDto user = insertUser(); | |||
| db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
| @@ -531,7 +531,7 @@ public class UserPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_has_no_permission_at_all() { | |||
| public void deleteEntityPermissionOfAnyUser_has_no_effect_if_specified_component_has_no_permission_at_all() { | |||
| UserDto user = insertUser(); | |||
| db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| @@ -543,7 +543,7 @@ public class UserPermissionDaoIT { | |||
| } | |||
| @Test | |||
| public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() { | |||
| public void deleteEntityPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() { | |||
| UserDto user = insertUser(); | |||
| db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| @@ -553,11 +553,11 @@ public class UserPermissionDaoIT { | |||
| assertThat(deletedCount).isZero(); | |||
| assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user.getUuid(), project.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void deleteProjectPermissionOfAnyUser_deletes_specified_permission_for_any_user_on_the_specified_component() { | |||
| public void deleteEntityPermissionOfAnyUser_deletes_specified_permission_for_any_user_on_the_specified_component() { | |||
| UserDto user1 = insertUser(); | |||
| UserDto user2 = insertUser(); | |||
| db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
| @@ -575,20 +575,20 @@ public class UserPermissionDaoIT { | |||
| assertThat(deletedCount).isEqualTo(2); | |||
| assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.SCAN.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| deletedCount = underTest.deleteEntityPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project2.getProjectDto()); | |||
| assertThat(deletedCount).isEqualTo(2); | |||
| assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(); | |||
| assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project1.projectUuid())).isEmpty(); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project2.projectUuid())).containsOnly(); | |||
| assertThat(underTest.selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project2.projectUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| private ProjectData randomPublicOrPrivateProject() { | |||
| @@ -603,14 +603,14 @@ public class UserPermissionDaoIT { | |||
| return db.users().insertUser(); | |||
| } | |||
| private void expectCount(List<String> projectUuids, CountPerProjectPermission... expected) { | |||
| List<CountPerProjectPermission> got = underTest.countUsersByProjectPermission(dbSession, projectUuids); | |||
| private void expectCount(List<String> entityUuids, CountPerEntityPermission... expected) { | |||
| List<CountPerEntityPermission> got = underTest.countUsersByEntityPermission(dbSession, entityUuids); | |||
| assertThat(got).hasSize(expected.length); | |||
| for (CountPerProjectPermission expect : expected) { | |||
| for (CountPerEntityPermission expect : expected) { | |||
| boolean found = got.stream().anyMatch(b -> b.getPermission().equals(expect.getPermission()) && | |||
| b.getCount() == expect.getCount() && | |||
| b.getComponentUuid().equals(expect.getComponentUuid())); | |||
| b.getEntityUuid().equals(expect.getEntityUuid())); | |||
| assertThat(found).isTrue(); | |||
| } | |||
| } | |||
| @@ -626,32 +626,31 @@ public class UserPermissionDaoIT { | |||
| .extracting(UserPermissionDto::getUserUuid, UserPermissionDto::getPermission, UserPermissionDto::getComponentUuid) | |||
| .containsOnly(expectedPermissionsAsTuple); | |||
| // test method "countUsers()" | |||
| long distinctUsers = stream(expectedPermissions).map(UserPermissionDto::getUserUuid).distinct().count(); | |||
| assertThat((long) underTest.countUsersByQuery(dbSession, query)).isEqualTo(distinctUsers); | |||
| } | |||
| private UserPermissionDto addGlobalPermission(String permission, UserDto user) { | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); | |||
| underTest.insert(dbSession, dto, (EntityDto) null, user, null); | |||
| underTest.insert(dbSession, dto, null, user, null); | |||
| db.commit(); | |||
| return dto; | |||
| } | |||
| private UserPermissionDto addProjectPermission(String permission, UserDto user, ComponentDto project) { | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); | |||
| private UserPermissionDto addProjectPermission(String permission, UserDto user, EntityDto project) { | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.getUuid()); | |||
| underTest.insert(dbSession, dto, project, user, null); | |||
| db.commit(); | |||
| return dto; | |||
| } | |||
| private void assertThatProjectPermissionDoesNotExist(UserDto user, String permission, ComponentDto project) { | |||
| private void assertThatProjectPermissionDoesNotExist(UserDto user, String permission, String projectUuid) { | |||
| assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where role='" + permission + "' and user_uuid='" + user.getUuid() | |||
| + "' and component_uuid='" + project.uuid() + "'")) | |||
| + "' and component_uuid='" + projectUuid + "'")) | |||
| .isZero(); | |||
| } | |||
| private void assertThatProjectHasNoPermissions(ComponentDto project) { | |||
| assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where component_uuid='" + project.uuid() + "'")).isZero(); | |||
| private void assertThatProjectHasNoPermissions(String projectUuid) { | |||
| assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where component_uuid='" + projectUuid + "'")).isZero(); | |||
| } | |||
| } | |||
+ 23
- 23
server/sonar-db-dao/src/it/java/org/sonar/db/permission/UserPermissionDaoWithPersisterIT.java
파일 보기
| @@ -29,9 +29,9 @@ import org.sonar.db.DbSession; | |||
| import org.sonar.db.DbTester; | |||
| import org.sonar.db.audit.AuditPersister; | |||
| import org.sonar.db.audit.model.UserPermissionNewValue; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.UserDto; | |||
| @@ -49,7 +49,7 @@ public class UserPermissionDaoWithPersisterIT { | |||
| private final AuditPersister auditPersister = mock(AuditPersister.class); | |||
| @Rule | |||
| public final DbTester db = DbTester.create(System2.INSTANCE, auditPersister); | |||
| public final DbTester db = DbTester.create(System2.INSTANCE, auditPersister, true); | |||
| private final ArgumentCaptor<UserPermissionNewValue> newValueCaptor = ArgumentCaptor.forClass(UserPermissionNewValue.class); | |||
| private final DbSession dbSession = db.getSession(); | |||
| @@ -59,7 +59,7 @@ public class UserPermissionDaoWithPersisterIT { | |||
| public void userGlobalPermissionInsertAndDeleteArePersisted() { | |||
| UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); | |||
| underTest.insert(dbSession, dto, (EntityDto) null, user, null); | |||
| underTest.insert(dbSession, dto, null, user, null); | |||
| verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
| UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| @@ -80,7 +80,7 @@ public class UserPermissionDaoWithPersisterIT { | |||
| db.getDbClient().permissionTemplateDao().insert(db.getSession(), templateDto); | |||
| UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); | |||
| underTest.insert(dbSession, dto, (EntityDto) null, user, templateDto); | |||
| underTest.insert(dbSession, dto, null, user, templateDto); | |||
| verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
| UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| @@ -97,31 +97,31 @@ public class UserPermissionDaoWithPersisterIT { | |||
| @Test | |||
| public void userProjectPermissionInsertAndDeleteArePersisted() { | |||
| UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.getUuid()); | |||
| underTest.insert(dbSession, dto, project, user, null); | |||
| verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
| UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), project.uuid(), dto.getPermission(), | |||
| project.getKey(), project.name(), "TRK"); | |||
| assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), project.getUuid(), dto.getPermission(), | |||
| project.getKey(), project.getName(), "TRK"); | |||
| assertThat(newValue.toString()).contains("componentUuid"); | |||
| underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
| underTest.deleteEntityPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
| verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
| newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, null, user.getUuid(), user.getLogin(), project.uuid(), dto.getPermission(), | |||
| project.getKey(), project.name(), "TRK"); | |||
| assertNewValue(newValue, null, user.getUuid(), user.getLogin(), project.getUuid(), dto.getPermission(), | |||
| project.getKey(), project.getName(), "TRK"); | |||
| assertThat(newValue.toString()).doesNotContain("permissionUuid"); | |||
| } | |||
| @Test | |||
| public void userProjectPermissionDeleteWithoutAffectedRowsIsNotPersisted() { | |||
| UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
| underTest.deleteEntityPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
| verify(auditPersister).addUser(any(), any()); | |||
| verify(auditPersister).addComponent(any(), any()); | |||
| @@ -131,28 +131,28 @@ public class UserPermissionDaoWithPersisterIT { | |||
| @Test | |||
| public void userPortfolioPermissionIsPersisted() { | |||
| UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| ComponentDto portfolio = db.components().insertPublicPortfolio(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), portfolio.uuid()); | |||
| PortfolioDto portfolio = db.components().insertPublicPortfolioDto(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), portfolio.getUuid()); | |||
| underTest.insert(dbSession, dto, portfolio, user, null); | |||
| verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
| UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), portfolio.uuid(), dto.getPermission(), | |||
| portfolio.getKey(), portfolio.name(), "VW"); | |||
| assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), portfolio.getUuid(), dto.getPermission(), | |||
| portfolio.getKey(), portfolio.getName(), "VW"); | |||
| assertThat(newValue.toString()).contains("componentUuid"); | |||
| } | |||
| @Test | |||
| public void userApplicationPermissionIsPersisted() { | |||
| UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| ComponentDto application = db.components().insertPublicApplication().getMainBranchComponent(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), application.uuid()); | |||
| ProjectDto application = db.components().insertPublicApplication().getProjectDto(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), application.getUuid()); | |||
| underTest.insert(dbSession, dto, application, user, null); | |||
| verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
| UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
| assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), application.uuid(), dto.getPermission(), | |||
| application.getKey(), application.name(), "APP"); | |||
| assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), application.getUuid(), dto.getPermission(), | |||
| application.getKey(), application.getName(), "APP"); | |||
| assertThat(newValue.toString()).contains("componentUuid"); | |||
| } | |||
| @@ -184,8 +184,8 @@ public class UserPermissionDaoWithPersisterIT { | |||
| @Test | |||
| public void deleteUserPermissionByUserUuidIsPersisted() { | |||
| UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); | |||
| EntityDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.getUuid()); | |||
| underTest.insert(dbSession, dto, project, user, null); | |||
| underTest.deleteByUserUuid(dbSession, user); | |||
+ 2
- 2
server/sonar-db-dao/src/it/java/org/sonar/db/user/RoleDaoIT.java
파일 보기
| @@ -126,11 +126,11 @@ public class RoleDaoIT { | |||
| db.getSession().commit(); | |||
| assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group1.getUuid())).isEmpty(); | |||
| assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group1.getUuid(), project.uuid())) | |||
| assertThat(db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), group1.getUuid(), project.uuid())) | |||
| .isEmpty(); | |||
| assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group2.getUuid())) | |||
| .containsOnly("gateadmin"); | |||
| assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group2.getUuid(), project.uuid())) | |||
| assertThat(db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), group2.getUuid(), project.uuid())) | |||
| .containsOnly("admin"); | |||
| assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), null)).containsOnly("scan", | |||
| "provisioning"); | |||
server/sonar-db-dao/src/main/java/org/sonar/db/permission/CountPerProjectPermission.java → server/sonar-db-dao/src/main/java/org/sonar/db/permission/CountPerEntityPermission.java
파일 보기
| @@ -24,24 +24,24 @@ import com.google.common.annotations.VisibleForTesting; | |||
| /** | |||
| * Count the number of users or groups for a given project and permission | |||
| */ | |||
| public class CountPerProjectPermission { | |||
| private String componentUuid; | |||
| public class CountPerEntityPermission { | |||
| private String entityUuid; | |||
| private String permission; | |||
| private int count; | |||
| public CountPerProjectPermission() { | |||
| public CountPerEntityPermission() { | |||
| // used by MyBatis | |||
| } | |||
| @VisibleForTesting | |||
| CountPerProjectPermission(String componentUuid, String permission, int count) { | |||
| this.componentUuid = componentUuid; | |||
| CountPerEntityPermission(String entityUuid, String permission, int count) { | |||
| this.entityUuid = entityUuid; | |||
| this.permission = permission; | |||
| this.count = count; | |||
| } | |||
| public String getComponentUuid() { | |||
| return componentUuid; | |||
| public String getEntityUuid() { | |||
| return entityUuid; | |||
| } | |||
| public String getPermission() { | |||
+ 34
- 48
server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java
파일 보기
| @@ -31,7 +31,6 @@ import org.sonar.db.Dao; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.audit.AuditPersister; | |||
| import org.sonar.db.audit.model.GroupPermissionNewValue; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| @@ -67,19 +66,19 @@ public class GroupPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Select global or project permission of given groups. Anyone virtual group is supported | |||
| * Select global or entity permission of given groups. Anyone virtual group is supported | |||
| * through the value "zero" (0L) in {@code groupUuids}. | |||
| */ | |||
| public List<GroupPermissionDto> selectByGroupUuids(DbSession dbSession, List<String> groupUuids, @Nullable String projectUuid) { | |||
| return executeLargeInputs(groupUuids, groups -> mapper(dbSession).selectByGroupUuids(groups, projectUuid)); | |||
| public List<GroupPermissionDto> selectByGroupUuids(DbSession dbSession, List<String> groupUuids, @Nullable String entityUuid) { | |||
| return executeLargeInputs(groupUuids, groups -> mapper(dbSession).selectByGroupUuids(groups, entityUuid)); | |||
| } | |||
| public List<String> selectProjectKeysWithAnyonePermissions(DbSession dbSession, int max) { | |||
| return mapper(dbSession).selectProjectKeysWithAnyonePermissions(max); | |||
| } | |||
| public int countProjectsWithAnyonePermissions(DbSession dbSession) { | |||
| return mapper(dbSession).countProjectsWithAnyonePermissions(); | |||
| public int countEntitiesWithAnyonePermissions(DbSession dbSession) { | |||
| return mapper(dbSession).countEntitiesWithAnyonePermissions(); | |||
| } | |||
| /** | |||
| @@ -91,17 +90,17 @@ public class GroupPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Each row returns a {@link CountPerProjectPermission} | |||
| * Each row returns a {@link CountPerEntityPermission} | |||
| */ | |||
| public void groupsCountByComponentUuidAndPermission(DbSession dbSession, List<String> componentUuids, ResultHandler<CountPerProjectPermission> resultHandler) { | |||
| public void groupsCountByComponentUuidAndPermission(DbSession dbSession, List<String> entityUuids, ResultHandler<CountPerEntityPermission> resultHandler) { | |||
| Map<String, Object> parameters = new HashMap<>(2); | |||
| parameters.put(ANYONE_GROUP_PARAMETER, DefaultGroups.ANYONE); | |||
| executeLargeInputsWithoutOutput( | |||
| componentUuids, | |||
| entityUuids, | |||
| partitionedComponentUuids -> { | |||
| parameters.put("componentUuids", partitionedComponentUuids); | |||
| mapper(dbSession).groupsCountByProjectUuidAndPermission(parameters, resultHandler); | |||
| parameters.put("entityUuids", partitionedComponentUuids); | |||
| mapper(dbSession).groupsCountByEntityUuidAndPermission(parameters, resultHandler); | |||
| }); | |||
| } | |||
| @@ -114,20 +113,20 @@ public class GroupPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Selects the permissions granted to group and project. An empty list is returned if the | |||
| * group or project do not exist. | |||
| * Selects the permissions granted to group and entity. An empty list is returned if the | |||
| * group or entity do not exist. | |||
| */ | |||
| public List<String> selectProjectPermissionsOfGroup(DbSession session, @Nullable String groupUuid, String projectUuid) { | |||
| return mapper(session).selectProjectPermissionsOfGroup(groupUuid, projectUuid); | |||
| public List<String> selectEntityPermissionsOfGroup(DbSession session, @Nullable String groupUuid, String entityUuid) { | |||
| return mapper(session).selectEntityPermissionsOfGroup(groupUuid, entityUuid); | |||
| } | |||
| /** | |||
| * Lists uuid of groups with at least one permission on the specified root component but which do not have the specified | |||
| * Lists uuid of groups with at least one permission on the specified entity but which do not have the specified | |||
| * permission, <strong>excluding group "AnyOne"</strong> (which implies the returned {@code Sett} can't contain | |||
| * {@code null}). | |||
| */ | |||
| public Set<String> selectGroupUuidsWithPermissionOnProjectBut(DbSession session, String projectUuid, String permission) { | |||
| return mapper(session).selectGroupUuidsWithPermissionOnProjectBut(projectUuid, permission); | |||
| public Set<String> selectGroupUuidsWithPermissionOnEntityBut(DbSession session, String entityUuid, String permission) { | |||
| return mapper(session).selectGroupUuidsWithPermissionOnEntityBut(entityUuid, permission); | |||
| } | |||
| /** | |||
| @@ -146,27 +145,27 @@ public class GroupPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Delete all the permissions associated to a root component (project) | |||
| * Delete all the permissions associated to a entity | |||
| */ | |||
| public void deleteByRootComponentUuid(DbSession dbSession, ComponentDto component) { | |||
| int deletedRecords = mapper(dbSession).deleteByRootComponentUuid(component.uuid()); | |||
| public void deleteByEntityUuid(DbSession dbSession, EntityDto entityDto) { | |||
| int deletedRecords = mapper(dbSession).deleteByEntityUuid(entityDto.getUuid()); | |||
| if (deletedRecords > 0) { | |||
| auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), | |||
| component.getKey(), component.name(), null, null, null, component.qualifier())); | |||
| auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(entityDto.getUuid(), | |||
| entityDto.getKey(), entityDto.getName(), null, null, null, entityDto.getQualifier())); | |||
| } | |||
| } | |||
| /** | |||
| * Delete all permissions of the specified group (group "AnyOne" if {@code groupUuid} is {@code null}) for the specified | |||
| * component. | |||
| * entity. | |||
| */ | |||
| public int deleteByRootComponentUuidAndGroupUuid(DbSession dbSession, @Nullable String groupUuid, ComponentDto component) { | |||
| int deletedRecords = mapper(dbSession).deleteByEntityUuidAndGroupUuid(component.uuid(), groupUuid); | |||
| public int deleteByEntityAndGroupUuid(DbSession dbSession, @Nullable String groupUuid, EntityDto entityDto) { | |||
| int deletedRecords = mapper(dbSession).deleteByEntityUuidAndGroupUuid(entityDto.getUuid(), groupUuid); | |||
| if (deletedRecords > 0) { | |||
| auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(component.uuid(), | |||
| component.getKey(), component.name(), null, groupUuid, "", component.qualifier())); | |||
| auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(entityDto.getUuid(), | |||
| entityDto.getKey(), entityDto.getName(), null, groupUuid, "", entityDto.getQualifier())); | |||
| } | |||
| return deletedRecords; | |||
| } | |||
| @@ -201,39 +200,26 @@ public class GroupPermissionDao implements Dao { | |||
| * <ul> | |||
| * <li>a global permission granted to a group</li> | |||
| * <li>a global permission granted to anyone</li> | |||
| * <li>a permission granted to a group for a project</li> | |||
| * <li>a permission granted to anyone for a project</li> | |||
| * <li>a permission granted to a group for a entity</li> | |||
| * <li>a permission granted to anyone for a entity</li> | |||
| * </ul> | |||
| * | |||
| * @param dbSession | |||
| * @param permission the kind of permission | |||
| * @param groupUuid if null, then anyone, else uuid of group | |||
| * @param rootComponentUuid if null, then global permission, otherwise the uuid of root component (project) | |||
| * @param entityDto if null, then global permission, otherwise the uuid of entity | |||
| */ | |||
| public void delete(DbSession dbSession, String permission, @Nullable String groupUuid, | |||
| @Nullable String groupName, @Nullable String rootComponentUuid, @Nullable ComponentDto componentDto) { | |||
| @Nullable String groupName, @Nullable EntityDto entityDto) { | |||
| int deletedRecords = mapper(dbSession).delete(permission, groupUuid, rootComponentUuid); | |||
| if (deletedRecords > 0) { | |||
| String qualifier = (componentDto != null) ? componentDto.qualifier() : null; | |||
| String componentKey = (componentDto != null) ? componentDto.getKey() : null; | |||
| String componentName = (componentDto != null) ? componentDto.name() : null; | |||
| auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(rootComponentUuid, | |||
| componentKey, componentName, permission, groupUuid, groupName, qualifier)); | |||
| } | |||
| } | |||
| public void delete(DbSession dbSession, String permission, @Nullable String groupUuid, | |||
| @Nullable String groupName, @Nullable String rootComponentUuid, @Nullable EntityDto entityDto) { | |||
| int deletedRecords = mapper(dbSession).delete(permission, groupUuid, rootComponentUuid); | |||
| int deletedRecords = mapper(dbSession).delete(permission, groupUuid, entityDto != null ? entityDto.getUuid() : null); | |||
| if (deletedRecords > 0) { | |||
| String entityUuid = (entityDto != null) ? entityDto.getUuid() : null; | |||
| String qualifier = (entityDto != null) ? entityDto.getQualifier() : null; | |||
| String componentKey = (entityDto != null) ? entityDto.getKey() : null; | |||
| String componentName = (entityDto != null) ? entityDto.getName() : null; | |||
| auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(rootComponentUuid, | |||
| auditPersister.deleteGroupPermission(dbSession, new GroupPermissionNewValue(entityUuid, | |||
| componentKey, componentName, permission, groupUuid, groupName, qualifier)); | |||
| } | |||
| } | |||
+ 8
- 8
server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java
파일 보기
| @@ -33,34 +33,34 @@ public interface GroupPermissionMapper { | |||
| int countGroupsByQuery(@Param("query") PermissionQuery query); | |||
| List<GroupPermissionDto> selectByGroupUuids(@Param("groupUuids") List<String> groupUuids, @Nullable @Param("projectUuid") String projectUuid); | |||
| List<GroupPermissionDto> selectByGroupUuids(@Param("groupUuids") List<String> groupUuids, @Nullable @Param("entityUuid") String entityUuid); | |||
| void groupsCountByProjectUuidAndPermission(Map<String, Object> parameters, ResultHandler<CountPerProjectPermission> resultHandler); | |||
| void groupsCountByEntityUuidAndPermission(Map<String, Object> parameters, ResultHandler<CountPerEntityPermission> resultHandler); | |||
| List<String> selectProjectKeysWithAnyonePermissions(int max); | |||
| int countProjectsWithAnyonePermissions(); | |||
| int countEntitiesWithAnyonePermissions(); | |||
| void insert(GroupPermissionDto dto); | |||
| int delete(@Param("permission") String permission, @Nullable @Param("groupUuid") String groupUuid, @Nullable @Param("rootComponentUuid") String rootComponentUuid); | |||
| int delete(@Param("permission") String permission, @Nullable @Param("groupUuid") String groupUuid, @Nullable @Param("entityUuid") String entityUuid); | |||
| List<String> selectGlobalPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid); | |||
| List<String> selectProjectPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid, @Param("projectUuid") String projectUuid); | |||
| List<String> selectEntityPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid, @Param("entityUuid") String entityUuid); | |||
| void selectAllPermissionsByGroupUuid(@Param("groupUuid") String groupUuid, ResultHandler<GroupPermissionDto> resultHandler); | |||
| /** | |||
| * Lists uuid of groups with at least one permission on the specified root component but which do not have the specified | |||
| * Lists uuid of groups with at least one permission on the specified entity but which do not have the specified | |||
| * permission, <strong>excluding group "AnyOne"</strong> (which implies the returned {@code Set} can't contain | |||
| * {@code null}). | |||
| */ | |||
| Set<String> selectGroupUuidsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("role") String permission); | |||
| Set<String> selectGroupUuidsWithPermissionOnEntityBut(@Param("entityUuid") String entityUuid, @Param("role") String permission); | |||
| Set<String> selectGroupUuidsWithPermissionOnProject(@Param("projectUuid") String projectUuid, @Param("role") String permission); | |||
| int deleteByRootComponentUuid(@Param("rootComponentUuid") String rootComponentUuid); | |||
| int deleteByEntityUuid(@Param("entityUuid") String entityUuid); | |||
| int deleteByEntityUuidAndGroupUuid(@Param("entityUuid") String entityUuid, @Nullable @Param("groupUuid") String groupUuid); | |||
+ 14
- 9
server/sonar-db-dao/src/main/java/org/sonar/db/permission/PermissionQuery.java
파일 보기
| @@ -25,6 +25,7 @@ import javax.annotation.Nullable; | |||
| import javax.annotation.concurrent.Immutable; | |||
| import org.sonar.db.WildcardPosition; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import static com.google.common.base.MoreObjects.firstNonNull; | |||
| import static com.google.common.base.Preconditions.checkArgument; | |||
| @@ -45,7 +46,7 @@ public class PermissionQuery { | |||
| // filter: return only the users or groups who have this permission | |||
| private final String permission; | |||
| // filter on project, else filter org permissions | |||
| private final String componentUuid; | |||
| private final String entityUuid; | |||
| // filter on login, email or name of users or groups | |||
| private final String searchQuery; | |||
| @@ -62,7 +63,7 @@ public class PermissionQuery { | |||
| private PermissionQuery(Builder builder) { | |||
| this.permission = builder.permission; | |||
| this.withAtLeastOnePermission = builder.withAtLeastOnePermission; | |||
| this.componentUuid = builder.componentUuid; | |||
| this.entityUuid = builder.entityUuid; | |||
| this.searchQuery = builder.searchQuery; | |||
| this.searchQueryToSql = builder.searchQuery == null ? null : buildLikeValue(builder.searchQuery, WildcardPosition.BEFORE_AND_AFTER); | |||
| this.searchQueryToSqlLowercase = searchQueryToSql == null ? null : searchQueryToSql.toLowerCase(Locale.ENGLISH); | |||
| @@ -80,8 +81,8 @@ public class PermissionQuery { | |||
| } | |||
| @CheckForNull | |||
| public String getComponentUuid() { | |||
| return componentUuid; | |||
| public String getEntityUuid() { | |||
| return entityUuid; | |||
| } | |||
| @CheckForNull | |||
| @@ -113,7 +114,7 @@ public class PermissionQuery { | |||
| public static class Builder { | |||
| private String permission; | |||
| private String componentUuid; | |||
| private String entityUuid; | |||
| private String searchQuery; | |||
| private boolean withAtLeastOnePermission; | |||
| @@ -130,12 +131,16 @@ public class PermissionQuery { | |||
| return this; | |||
| } | |||
| public Builder setComponent(ComponentDto component) { | |||
| return setComponent(component.uuid()); | |||
| public Builder setEntity(ComponentDto component) { | |||
| return setEntityUuid(component.uuid()); | |||
| } | |||
| public Builder setComponent(String componentUuid) { | |||
| this.componentUuid = componentUuid; | |||
| public Builder setEntity(EntityDto entity) { | |||
| return setEntityUuid(entity.getUuid()); | |||
| } | |||
| public Builder setEntityUuid(String entityUuid) { | |||
| this.entityUuid = entityUuid; | |||
| return this; | |||
| } | |||
+ 28
- 50
server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java
파일 보기
| @@ -19,6 +19,7 @@ | |||
| */ | |||
| package org.sonar.db.permission; | |||
| import com.google.common.annotations.VisibleForTesting; | |||
| import java.util.Collection; | |||
| import java.util.List; | |||
| import java.util.Set; | |||
| @@ -29,7 +30,6 @@ import org.sonar.db.DatabaseUtils; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.audit.AuditPersister; | |||
| import org.sonar.db.audit.model.UserPermissionNewValue; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.db.user.UserId; | |||
| @@ -84,12 +84,13 @@ public class UserPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Count the number of users per permission for a given list of projects | |||
| * Count the number of users per permission for a given list of entities | |||
| * | |||
| * @param projectUuids a non-null list of project uuids to filter on. If empty then an empty list is returned. | |||
| * @param entityUuids a non-null list of entity uuids to filter on. If empty then an empty list is returned. | |||
| */ | |||
| public List<CountPerProjectPermission> countUsersByProjectPermission(DbSession dbSession, Collection<String> projectUuids) { | |||
| return executeLargeInputs(projectUuids, mapper(dbSession)::countUsersByProjectPermission); | |||
| @VisibleForTesting | |||
| List<CountPerEntityPermission> countUsersByEntityPermission(DbSession dbSession, Collection<String> entityUuids) { | |||
| return executeLargeInputs(entityUuids, mapper(dbSession)::countUsersByEntityPermission); | |||
| } | |||
| /** | |||
| @@ -102,38 +103,26 @@ public class UserPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Gets all the project permissions granted to user for the specified project. | |||
| * Gets all the entity permissions granted to user for the specified entity. | |||
| * | |||
| * @return the project permissions. An empty list is returned if project or user do not exist. | |||
| * @return the entity permissions. An empty list is returned if entity or user do not exist. | |||
| */ | |||
| public List<String> selectProjectPermissionsOfUser(DbSession dbSession, String userUuid, String projectUuid) { | |||
| return mapper(dbSession).selectProjectPermissionsOfUser(userUuid, projectUuid); | |||
| public List<String> selectEntityPermissionsOfUser(DbSession dbSession, String userUuid, String entityUuid) { | |||
| return mapper(dbSession).selectEntityPermissionsOfUser(userUuid, entityUuid); | |||
| } | |||
| public Set<UserIdDto> selectUserIdsWithPermissionOnProjectBut(DbSession session, String projectUuid, String permission) { | |||
| return mapper(session).selectUserIdsWithPermissionOnProjectBut(projectUuid, permission); | |||
| } | |||
| //TODO, will be removed later | |||
| public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable ComponentDto componentDto, | |||
| @Nullable UserId userId, @Nullable PermissionTemplateDto templateDto) { | |||
| mapper(dbSession).insert(dto); | |||
| String componentName = (componentDto != null) ? componentDto.name() : null; | |||
| String componentKey = (componentDto != null) ? componentDto.getKey() : null; | |||
| String qualifier = (componentDto != null) ? componentDto.qualifier() : null; | |||
| auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, componentKey, componentName, userId, qualifier, | |||
| templateDto)); | |||
| public Set<UserIdDto> selectUserIdsWithPermissionOnEntityBut(DbSession session, String entityUuid, String permission) { | |||
| return mapper(session).selectUserIdsWithPermissionOnEntityBut(entityUuid, permission); | |||
| } | |||
| public void insert(DbSession dbSession, UserPermissionDto dto, @Nullable EntityDto entityDto, | |||
| @Nullable UserId userId, @Nullable PermissionTemplateDto templateDto) { | |||
| mapper(dbSession).insert(dto); | |||
| String componentName = (entityDto != null) ? entityDto.getName() : null; | |||
| String componentKey = (entityDto != null) ? entityDto.getKey() : null; | |||
| String qualifier = (entityDto != null) ? entityDto.getQualifier() : null; | |||
| auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, componentKey, componentName, userId, qualifier, | |||
| String entityName = (entityDto != null) ? entityDto.getName() : null; | |||
| String entityKey = (entityDto != null) ? entityDto.getKey() : null; | |||
| String entityQualifier = (entityDto != null) ? entityDto.getQualifier() : null; | |||
| auditPersister.addUserPermission(dbSession, new UserPermissionNewValue(dto, entityKey, entityName, userId, entityQualifier, | |||
| templateDto)); | |||
| } | |||
| @@ -149,21 +138,10 @@ public class UserPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Removes a single project permission from user | |||
| */ | |||
| public void deleteProjectPermission(DbSession dbSession, UserId user, String permission, ComponentDto component) { | |||
| int deletedRows = mapper(dbSession).deleteProjectPermission(user.getUuid(), permission, component.uuid()); | |||
| if (deletedRows > 0) { | |||
| auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, component.uuid(), component.getKey(), component.name(), user, component.qualifier())); | |||
| } | |||
| } | |||
| /** | |||
| * Removes a single project permission from user | |||
| * Removes a single entity permission from user | |||
| */ | |||
| public void deleteProjectPermission(DbSession dbSession, UserId user, String permission, EntityDto entity) { | |||
| int deletedRows = mapper(dbSession).deleteProjectPermission(user.getUuid(), permission, entity.getUuid()); | |||
| public void deleteEntityPermission(DbSession dbSession, UserId user, String permission, EntityDto entity) { | |||
| int deletedRows = mapper(dbSession).deleteEntityPermission(user.getUuid(), permission, entity.getUuid()); | |||
| if (deletedRows > 0) { | |||
| auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, entity.getUuid(), entity.getKey(), entity.getName(), user, entity.getQualifier())); | |||
| @@ -171,26 +149,26 @@ public class UserPermissionDao implements Dao { | |||
| } | |||
| /** | |||
| * Deletes all the permissions defined on a project | |||
| * Deletes all the permissions defined on an entity | |||
| */ | |||
| public void deleteProjectPermissions(DbSession dbSession, ComponentDto component) { | |||
| int deletedRows = mapper(dbSession).deleteProjectPermissions(component.uuid()); | |||
| public void deleteEntityPermissions(DbSession dbSession, EntityDto entity) { | |||
| int deletedRows = mapper(dbSession).deleteEntityPermissions(entity.getUuid()); | |||
| if (deletedRows > 0) { | |||
| auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(null, component.uuid(), component.getKey(), | |||
| component.name(), null, component.qualifier())); | |||
| auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(null, entity.getUuid(), entity.getKey(), | |||
| entity.getName(), null, entity.getQualifier())); | |||
| } | |||
| } | |||
| /** | |||
| * Deletes the specified permission on the specified entity for any user. | |||
| */ | |||
| public int deleteEntityPermissionOfAnyUser(DbSession dbSession, String permission, EntityDto entityDto) { | |||
| int deletedRows = mapper(dbSession).deleteEntityPermissionOfAnyUser(entityDto.getUuid(), permission); | |||
| public int deleteEntityPermissionOfAnyUser(DbSession dbSession, String permission, EntityDto entity) { | |||
| int deletedRows = mapper(dbSession).deleteEntityPermissionOfAnyUser(entity.getUuid(), permission); | |||
| if (deletedRows > 0) { | |||
| auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, entityDto.getUuid(), entityDto.getKey(), | |||
| entityDto.getName(), null, entityDto.getQualifier())); | |||
| auditPersister.deleteUserPermission(dbSession, new UserPermissionNewValue(permission, entity.getUuid(), entity.getKey(), | |||
| entity.getName(), null, entity.getQualifier())); | |||
| } | |||
| return deletedRows; | |||
+ 10
- 10
server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java
파일 보기
| @@ -32,7 +32,7 @@ public interface UserPermissionMapper { | |||
| List<String> selectUserUuidsByQuery(@Param("query") PermissionQuery query); | |||
| /** | |||
| * Fetch user ids based on permission query and only in a specific scope (global permissions only or project permissions only) | |||
| * Fetch user ids based on permission query and only in a specific scope (global permissions only or entity permissions only) | |||
| */ | |||
| List<String> selectUserUuidsByQueryAndScope(@Param("query") PermissionQuery query); | |||
| @@ -43,30 +43,30 @@ public interface UserPermissionMapper { | |||
| int countUsersByQuery(@Param("query") PermissionQuery query); | |||
| /** | |||
| * Count the number of users per permission for a given list of projects. | |||
| * @param projectUuids a non-null and non-empty list of project ids | |||
| * Count the number of users per permission for a given list of entities. | |||
| * @param entityUuids a non-null and non-empty list of entities uuids | |||
| */ | |||
| List<CountPerProjectPermission> countUsersByProjectPermission(@Param("projectUuids") List<String> projectUuids); | |||
| List<CountPerEntityPermission> countUsersByEntityPermission(@Param("entityUuids") List<String> entityUuids); | |||
| /** | |||
| * select id of users with at least one permission on the specified project but which do not have the specified permission. | |||
| * select id of users with at least one permission on the specified entity but which do not have the specified permission. | |||
| */ | |||
| Set<UserIdDto> selectUserIdsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("permission") String permission); | |||
| Set<UserIdDto> selectUserIdsWithPermissionOnEntityBut(@Param("entityUuid") String entityUuid, @Param("permission") String permission); | |||
| void insert(@Param("dto")UserPermissionDto dto); | |||
| int deleteGlobalPermission(@Param("userUuid") String userUuid, @Param("permission") String permission); | |||
| int deleteProjectPermission(@Param("userUuid") String userUuid, @Param("permission") String permission, | |||
| @Param("projectUuid") String projectUuid); | |||
| int deleteEntityPermission(@Param("userUuid") String userUuid, @Param("permission") String permission, | |||
| @Param("entityUuid") String entityUuid); | |||
| int deleteProjectPermissions(@Param("projectUuid") String projectUuid); | |||
| int deleteEntityPermissions(@Param("entityUuid") String entityUuid); | |||
| int deleteEntityPermissionOfAnyUser(@Param("entityUuid") String entityUuid, @Param("permission") String permission); | |||
| List<String> selectGlobalPermissionsOfUser(@Param("userUuid") String userUuid); | |||
| List<String> selectProjectPermissionsOfUser(@Param("userUuid") String userUuid, @Param("projectUuid") String projectUuid); | |||
| List<String> selectEntityPermissionsOfUser(@Param("userUuid") String userUuid, @Param("entityUuid") String entityUuid); | |||
| int deleteByUserUuid(@Param("userUuid") String userUuid); | |||
| } | |||
+ 3
- 3
server/sonar-db-dao/src/main/java/org/sonar/db/permission/template/PermissionTemplateDao.java
파일 보기
| @@ -35,7 +35,7 @@ import org.sonar.db.Dao; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.audit.AuditPersister; | |||
| import org.sonar.db.audit.model.PermissionTemplateNewValue; | |||
| import org.sonar.db.permission.CountPerProjectPermission; | |||
| import org.sonar.db.permission.CountPerEntityPermission; | |||
| import org.sonar.db.permission.PermissionQuery; | |||
| import static java.lang.String.format; | |||
| @@ -125,7 +125,7 @@ public class PermissionTemplateDao implements Dao { | |||
| } | |||
| /** | |||
| * Each row returns a #{@link CountPerProjectPermission} | |||
| * Each row returns a #{@link CountPerEntityPermission} | |||
| */ | |||
| public void usersCountByTemplateUuidAndPermission(DbSession dbSession, List<String> templateUuids, ResultHandler<CountByTemplateAndPermissionDto> resultHandler) { | |||
| Map<String, Object> parameters = new HashMap<>(1); | |||
| @@ -139,7 +139,7 @@ public class PermissionTemplateDao implements Dao { | |||
| } | |||
| /** | |||
| * Each row returns a #{@link CountPerProjectPermission} | |||
| * Each row returns a #{@link CountPerEntityPermission} | |||
| */ | |||
| public void groupsCountByTemplateUuidAndPermission(DbSession dbSession, List<String> templateUuids, ResultHandler<CountByTemplateAndPermissionDto> resultHandler) { | |||
| Map<String, Object> parameters = new HashMap<>(2); | |||
+ 1
- 1
server/sonar-db-dao/src/main/resources/org/sonar/db/entity/EntityMapper.xml
파일 보기
| @@ -26,7 +26,7 @@ | |||
| from projects p) | |||
| UNION | |||
| (select <include refid="org.sonar.db.entity.EntityMapper.entityPortfolioColumns"/> | |||
| from portfolios p) | |||
| from portfolios p where p.parent_uuid is null) | |||
| </sql> | |||
| <select id="selectByUuids" resultType="Entity"> | |||
+ 30
- 30
server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml
파일 보기
| @@ -3,17 +3,17 @@ | |||
| <mapper namespace="org.sonar.db.permission.GroupPermissionMapper"> | |||
| <select id="groupsCountByProjectUuidAndPermission" parameterType="map" | |||
| resultType="org.sonar.db.permission.CountPerProjectPermission"> | |||
| <select id="groupsCountByEntityUuidAndPermission" parameterType="map" | |||
| resultType="org.sonar.db.permission.CountPerEntityPermission"> | |||
| SELECT | |||
| count(1) as count, | |||
| permission, | |||
| componentUuid | |||
| entityUuid | |||
| FROM ( | |||
| SELECT | |||
| g.name as name, | |||
| group_role.role as permission, | |||
| group_role.component_uuid as componentUuid | |||
| group_role.component_uuid as entityUuid | |||
| FROM | |||
| groups g | |||
| INNER JOIN group_roles group_role ON | |||
| @@ -23,20 +23,20 @@ | |||
| SELECT | |||
| #{anyoneGroup} as name, | |||
| group_role.role as permission, | |||
| group_role.component_uuid as componentUuid | |||
| group_role.component_uuid as entityUuid | |||
| FROM | |||
| group_roles group_role | |||
| where | |||
| group_role.group_uuid IS NULL | |||
| ) groups | |||
| where | |||
| groups.componentUuid in | |||
| <foreach collection="componentUuids" open="(" close=")" item="id" separator=","> | |||
| groups.entityUuid in | |||
| <foreach collection="entityUuids" open="(" close=")" item="id" separator=","> | |||
| #{id,jdbcType=VARCHAR} | |||
| </foreach> | |||
| GROUP BY | |||
| groups.permission, | |||
| groups.componentUuid | |||
| groups.entityUuid | |||
| </select> | |||
| <select id="selectProjectKeysWithAnyonePermissions" parameterType="int" resultType="string"> | |||
| @@ -65,7 +65,7 @@ | |||
| ORDER BY kee ASC | |||
| </select> | |||
| <select id="countProjectsWithAnyonePermissions" resultType="int"> | |||
| <select id="countEntitiesWithAnyonePermissions" resultType="int"> | |||
| select count(distinct(gr.component_uuid)) | |||
| from group_roles gr where gr.group_uuid is null and gr.component_uuid is not null | |||
| </select> | |||
| @@ -89,11 +89,11 @@ | |||
| select g.uuid as groupUuid, g.name as name, gr.role as permission, gr.component_uuid as componentUuid, gr.uuid as uuid | |||
| from groups g | |||
| left join group_roles gr on g.uuid = gr.group_uuid | |||
| <if test="query.componentUuid == null"> | |||
| <if test="query.entityUuid == null"> | |||
| and gr.component_uuid is null | |||
| </if> | |||
| <if test="query.componentUuid != null"> | |||
| and gr.component_uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
| <if test="query.entityUuid != null"> | |||
| and gr.component_uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
| </if> | |||
| union all | |||
| @@ -101,11 +101,11 @@ | |||
| select 'Anyone' as groupUuid, 'Anyone' as name, gr.role as permission, gr.component_uuid as componentUuid, gr.uuid as uuid | |||
| from group_roles gr | |||
| <where> | |||
| <if test="query.componentUuid == null"> | |||
| <if test="query.entityUuid == null"> | |||
| and gr.component_uuid is null | |||
| </if> | |||
| <if test="query.componentUuid != null"> | |||
| and gr.component_uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
| <if test="query.entityUuid != null"> | |||
| and gr.component_uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
| </if> | |||
| <if test="query.withAtLeastOnePermission()"> | |||
| and gr.group_uuid is null | |||
| @@ -113,7 +113,7 @@ | |||
| </where> | |||
| ) sub | |||
| left join components p on sub.componentUuid = p.uuid | |||
| left join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on sub.componentUuid = entity.uuid | |||
| <where> | |||
| <if test="query.searchQueryToSql != null"> | |||
| and lower(sub.name) like #{query.searchQueryToSqlLowercase,jdbcType=VARCHAR} ESCAPE '/' | |||
| @@ -121,11 +121,11 @@ | |||
| <!-- filter rows with group permissions --> | |||
| <if test="query.withAtLeastOnePermission()"> | |||
| and sub.permission is not null | |||
| <if test="query.componentUuid==null"> | |||
| <if test="query.entityUuid==null"> | |||
| and sub.componentUuid is null | |||
| </if> | |||
| <if test="query.componentUuid!=null"> | |||
| and p.uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
| <if test="query.entityUuid!=null"> | |||
| and entity.uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
| </if> | |||
| <if test="query.permission!=null"> | |||
| and sub.permission = #{query.permission,jdbcType=VARCHAR} | |||
| @@ -155,10 +155,10 @@ | |||
| <foreach collection="groupUuids" open="(" close=")" item="groupUuid" separator=","> | |||
| #{groupUuid,jdbcType=VARCHAR} | |||
| </foreach> | |||
| <if test="projectUuid != null"> | |||
| and sub.componentUuid=#{projectUuid,jdbcType=VARCHAR} | |||
| <if test="entityUuid != null"> | |||
| and sub.componentUuid=#{entityUuid,jdbcType=VARCHAR} | |||
| </if> | |||
| <if test="projectUuid==null"> | |||
| <if test="entityUuid==null"> | |||
| and sub.componentUuid is null | |||
| </if> | |||
| </select> | |||
| @@ -178,11 +178,11 @@ | |||
| </choose> | |||
| </select> | |||
| <select id="selectProjectPermissionsOfGroup" parameterType="map" resultType="String"> | |||
| <select id="selectEntityPermissionsOfGroup" parameterType="map" resultType="String"> | |||
| select gr.role | |||
| from group_roles gr | |||
| where | |||
| gr.component_uuid = #{projectUuid,jdbcType=VARCHAR} and | |||
| gr.component_uuid = #{entityUuid,jdbcType=VARCHAR} and | |||
| <choose> | |||
| <when test="groupUuid != null"> | |||
| gr.group_uuid = #{groupUuid,jdbcType=VARCHAR} | |||
| @@ -199,13 +199,13 @@ | |||
| where gr.group_uuid = #{groupUuid,jdbcType=VARCHAR} | |||
| </select> | |||
| <select id="selectGroupUuidsWithPermissionOnProjectBut" resultType="string"> | |||
| <select id="selectGroupUuidsWithPermissionOnEntityBut" resultType="string"> | |||
| select | |||
| distinct gr1.group_uuid | |||
| from | |||
| group_roles gr1 | |||
| where | |||
| gr1.component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
| gr1.component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
| and gr1.group_uuid is not null | |||
| and not exists ( | |||
| select | |||
| @@ -244,9 +244,9 @@ | |||
| ) | |||
| </insert> | |||
| <delete id="deleteByRootComponentUuid" parameterType="String"> | |||
| <delete id="deleteByEntityUuid" parameterType="String"> | |||
| delete from group_roles | |||
| where component_uuid=#{rootComponentUuid,jdbcType=VARCHAR} | |||
| where component_uuid=#{entityUuid,jdbcType=VARCHAR} | |||
| </delete> | |||
| <delete id="deleteByEntityUuidAndGroupUuid"> | |||
| @@ -277,8 +277,8 @@ | |||
| where | |||
| role=#{permission,jdbcType=VARCHAR} and | |||
| <choose> | |||
| <when test="rootComponentUuid != null"> | |||
| component_uuid=#{rootComponentUuid,jdbcType=BIGINT} | |||
| <when test="entityUuid != null"> | |||
| component_uuid=#{entityUuid,jdbcType=BIGINT} | |||
| </when> | |||
| <otherwise> | |||
| component_uuid is null | |||
+ 19
- 19
server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml
파일 보기
| @@ -32,14 +32,14 @@ | |||
| from users u | |||
| left join user_roles ur on ur.user_uuid = u.uuid | |||
| <choose> | |||
| <when test="query.componentUuid == null"> | |||
| <when test="query.entityUuid == null"> | |||
| and ur.component_uuid is null | |||
| </when> | |||
| <otherwise> | |||
| and ur.component_uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
| and ur.component_uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
| </otherwise> | |||
| </choose> | |||
| left join components p on ur.component_uuid = p.uuid | |||
| left join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on ur.component_uuid = entity.uuid | |||
| <where> | |||
| <include refid="sqlQueryFilters"/> | |||
| </where> | |||
| @@ -58,7 +58,7 @@ | |||
| <sql id="sqlQueryJoins"> | |||
| from users u | |||
| left join user_roles ur on ur.user_uuid = u.uuid | |||
| left join components p on ur.component_uuid = p.uuid | |||
| left join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on ur.component_uuid = entity.uuid | |||
| </sql> | |||
| <sql id="sqlQueryFilters"> | |||
| @@ -72,11 +72,11 @@ | |||
| <!-- filter rows with user permissions --> | |||
| <if test="query.withAtLeastOnePermission()"> | |||
| and ur.role is not null | |||
| <if test="query.componentUuid==null"> | |||
| <if test="query.entityUuid == null"> | |||
| and ur.component_uuid is null | |||
| </if> | |||
| <if test="query.componentUuid!=null"> | |||
| and p.uuid = #{query.componentUuid,jdbcType=VARCHAR} | |||
| <if test="query.entityUuid != null"> | |||
| and entity.uuid = #{query.entityUuid,jdbcType=VARCHAR} | |||
| </if> | |||
| <if test="query.permission!=null"> | |||
| and ur.role = #{query.permission,jdbcType=VARCHAR} | |||
| @@ -92,31 +92,31 @@ | |||
| ur.component_uuid is null | |||
| </select> | |||
| <select id="selectProjectPermissionsOfUser" parameterType="map" resultType="string"> | |||
| <select id="selectEntityPermissionsOfUser" parameterType="map" resultType="string"> | |||
| select ur.role | |||
| from user_roles ur | |||
| where | |||
| ur.user_uuid = #{userUuid,jdbcType=VARCHAR} and | |||
| ur.component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
| ur.component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
| </select> | |||
| <select id="countUsersByProjectPermission" resultType="org.sonar.db.permission.CountPerProjectPermission"> | |||
| select ur.component_uuid as componentUuid, ur.role as permission, count(u.login) as count | |||
| <select id="countUsersByEntityPermission" resultType="org.sonar.db.permission.CountPerEntityPermission"> | |||
| select ur.component_uuid as entityUuid, ur.role as permission, count(u.login) as count | |||
| from users u | |||
| inner join user_roles ur on ur.user_uuid = u.uuid | |||
| inner join components p on p.uuid = ur.component_uuid | |||
| inner join (<include refid="org.sonar.db.entity.EntityMapper.selectAll"/>) entity on ur.component_uuid = entity.uuid | |||
| where u.active = ${_true} | |||
| and p.uuid in <foreach collection="projectUuids" open="(" close=")" item="projectUuid" separator=",">#{projectUuid}</foreach> | |||
| and entity.uuid in <foreach collection="entityUuids" open="(" close=")" item="entityUuid" separator=",">#{entityUuid}</foreach> | |||
| group by ur.component_uuid, ur.role | |||
| </select> | |||
| <select id="selectUserIdsWithPermissionOnProjectBut" resultType="org.sonar.db.user.UserIdDto"> | |||
| <select id="selectUserIdsWithPermissionOnEntityBut" resultType="org.sonar.db.user.UserIdDto"> | |||
| select | |||
| distinct ur1.user_uuid, u.login | |||
| from | |||
| user_roles ur1 inner join users u on ur1.user_uuid = u.uuid | |||
| where | |||
| ur1.component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
| ur1.component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
| and role <> #{permission,jdbcType=VARCHAR} | |||
| and not exists ( | |||
| select | |||
| @@ -152,18 +152,18 @@ | |||
| component_uuid is null | |||
| </delete> | |||
| <delete id="deleteProjectPermission" parameterType="map"> | |||
| <delete id="deleteEntityPermission" parameterType="map"> | |||
| delete from user_roles | |||
| where | |||
| role = #{permission,jdbcType=VARCHAR} and | |||
| user_uuid = #{userUuid,jdbcType=VARCHAR} and | |||
| component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
| component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
| </delete> | |||
| <delete id="deleteProjectPermissions" parameterType="map"> | |||
| <delete id="deleteEntityPermissions" parameterType="map"> | |||
| delete from user_roles | |||
| where | |||
| component_uuid = #{projectUuid,jdbcType=VARCHAR} | |||
| component_uuid = #{entityUuid,jdbcType=VARCHAR} | |||
| </delete> | |||
| <delete id="deleteEntityPermissionOfAnyUser" parameterType="map"> | |||
+ 2
- 2
server/sonar-db-dao/src/test/java/org/sonar/db/permission/PermissionQueryTest.java
파일 보기
| @@ -33,12 +33,12 @@ public class PermissionQueryTest { | |||
| public void create_query() { | |||
| ComponentDto project = newPublicProjectDto(); | |||
| PermissionQuery query = PermissionQuery.builder() | |||
| .setComponent(project) | |||
| .setEntity(project) | |||
| .setPermission("user") | |||
| .setSearchQuery("sonar") | |||
| .build(); | |||
| assertThat(query.getComponentUuid()).isEqualTo(project.uuid()); | |||
| assertThat(query.getEntityUuid()).isEqualTo(project.uuid()); | |||
| assertThat(query.getPermission()).isEqualTo("user"); | |||
| assertThat(query.getSearchQuery()).isEqualTo("sonar"); | |||
| } | |||
+ 4
- 0
server/sonar-db-dao/src/testFixtures/java/org/sonar/db/DbTester.java
파일 보기
| @@ -136,6 +136,10 @@ public class DbTester extends AbstractDbTester<TestDbImpl> { | |||
| return new DbTester(system2, false, null, auditPersister); | |||
| } | |||
| public static DbTester create(System2 system2, AuditPersister auditPersister, boolean useDifferentProjectUuids) { | |||
| return new DbTester(system2, useDifferentProjectUuids, null, auditPersister); | |||
| } | |||
| public static DbTester create(System2 system2) { | |||
| return new DbTester(system2, false, null, new NoOpAuditPersister()); | |||
| } | |||
+ 12
- 0
server/sonar-db-dao/src/testFixtures/java/org/sonar/db/component/ComponentDbTester.java
파일 보기
| @@ -61,6 +61,12 @@ public class ComponentDbTester { | |||
| return insertSnapshot(component); | |||
| } | |||
| public ProjectData insertProjectDataAndSnapshot(ComponentDto component) { | |||
| ProjectData projectData = insertComponentAndBranchAndProject(component, null, defaults(), defaults(), defaults()); | |||
| insertSnapshot(component); | |||
| return projectData; | |||
| } | |||
| public SnapshotDto insertPortfolioAndSnapshot(ComponentDto component) { | |||
| dbClient.componentDao().insert(dbSession, component, true); | |||
| return insertSnapshot(component); | |||
| @@ -217,6 +223,12 @@ public class ComponentDbTester { | |||
| return getPortfolioDto(component); | |||
| } | |||
| public final PortfolioData insertPrivatePortfolioData() { | |||
| ComponentDto component = insertComponentAndPortfolio(ComponentTesting.newPortfolio().setPrivate(true), true, defaults(), defaults()); | |||
| PortfolioDto portfolioDto = getPortfolioDto(component); | |||
| return new PortfolioData(portfolioDto, component); | |||
| } | |||
| public final PortfolioDto insertPrivatePortfolioDto(Consumer<ComponentDto> dtoPopulator) { | |||
| ComponentDto component = insertComponentAndPortfolio(ComponentTesting.newPortfolio().setPrivate(true), true, dtoPopulator, defaults()); | |||
| return getPortfolioDto(component); | |||
+ 42
- 0
server/sonar-db-dao/src/testFixtures/java/org/sonar/db/component/PortfolioData.java
파일 보기
| @@ -0,0 +1,42 @@ | |||
| /* | |||
| * SonarQube | |||
| * Copyright (C) 2009-2023 SonarSource SA | |||
| * mailto:info AT sonarsource DOT com | |||
| * | |||
| * This program is free software; you can redistribute it and/or | |||
| * modify it under the terms of the GNU Lesser General Public | |||
| * License as published by the Free Software Foundation; either | |||
| * version 3 of the License, or (at your option) any later version. | |||
| * | |||
| * This program is distributed in the hope that it will be useful, | |||
| * but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
| * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
| * Lesser General Public License for more details. | |||
| * | |||
| * You should have received a copy of the GNU Lesser General Public License | |||
| * along with this program; if not, write to the Free Software Foundation, | |||
| * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
| */ | |||
| package org.sonar.db.component; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| public class PortfolioData { | |||
| private final ComponentDto rootComponent; | |||
| private final PortfolioDto portfolioDto; | |||
| public PortfolioData(PortfolioDto projectDto, ComponentDto rootComponent) { | |||
| this.rootComponent = rootComponent; | |||
| this.portfolioDto = projectDto; | |||
| } | |||
| public ComponentDto getRootComponent() { | |||
| return rootComponent; | |||
| } | |||
| public PortfolioDto getPortfolioDto() { | |||
| return portfolioDto; | |||
| } | |||
| } | |||
+ 18
- 25
server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java
파일 보기
| @@ -233,7 +233,7 @@ public class UserDbTester { | |||
| .setUuid(Uuids.createFast()) | |||
| .setGroupUuid(null) | |||
| .setRole(permission); | |||
| db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, (EntityDto) null, null); | |||
| db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, null, null); | |||
| db.commit(); | |||
| return dto; | |||
| } | |||
| @@ -256,11 +256,6 @@ public class UserDbTester { | |||
| return insertPermissionOnGroup(group, permission.getKey()); | |||
| } | |||
| public void deletePermissionFromGroup(GroupDto group, String permission) { | |||
| db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getUuid(), group.getName(), null, (ComponentDto) null); | |||
| db.commit(); | |||
| } | |||
| public GroupPermissionDto insertProjectPermissionOnAnyone(String permission, ComponentDto project) { | |||
| checkArgument(!project.isPrivate(), "No permission to group AnyOne can be granted on a private project"); | |||
| checkArgument(!PUBLIC_PERMISSIONS.contains(permission), | |||
| @@ -300,8 +295,8 @@ public class UserDbTester { | |||
| return dto; | |||
| } | |||
| public void deleteProjectPermissionFromAnyone(EntityDto project, String permission) { | |||
| db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, null, null, project.getUuid(), project); | |||
| public void deleteProjectPermissionFromAnyone(EntityDto entity, String permission) { | |||
| db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, null, null, entity); | |||
| db.commit(); | |||
| } | |||
| @@ -328,36 +323,33 @@ public class UserDbTester { | |||
| return dto; | |||
| } | |||
| public GroupPermissionDto insertProjectPermissionOnGroup(GroupDto group, String permission, ProjectDto project) { | |||
| checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), | |||
| public GroupPermissionDto insertProjectPermissionOnGroup(GroupDto group, String permission, EntityDto entity) { | |||
| checkArgument(entity.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), | |||
| "%s can't be granted on a public project", permission); | |||
| Optional<BranchDto> branchDto = db.getDbClient().branchDao().selectByUuid(db.getSession(), project.getUuid()); | |||
| // I don't know if this check is worth it | |||
| branchDto.ifPresent(dto -> checkArgument(dto.isMain(), PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES)); | |||
| GroupPermissionDto dto = new GroupPermissionDto() | |||
| .setUuid(Uuids.createFast()) | |||
| .setGroupUuid(group.getUuid()) | |||
| .setGroupName(group.getName()) | |||
| .setRole(permission) | |||
| .setComponentUuid(project.getUuid()) | |||
| .setComponentName(project.getUuid()); | |||
| db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, project, null); | |||
| .setComponentUuid(entity.getUuid()) | |||
| .setComponentName(entity.getName()); | |||
| db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, entity, null); | |||
| db.commit(); | |||
| return dto; | |||
| } | |||
| public List<String> selectGroupPermissions(GroupDto group, @Nullable ComponentDto project) { | |||
| if (project == null) { | |||
| public List<String> selectGroupPermissions(GroupDto group, @Nullable EntityDto entity) { | |||
| if (entity == null) { | |||
| return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group.getUuid()); | |||
| } | |||
| return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group.getUuid(), project.uuid()); | |||
| return db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), group.getUuid(), entity.getUuid()); | |||
| } | |||
| public List<String> selectAnyonePermissions(@Nullable ComponentDto project) { | |||
| if (project == null) { | |||
| public List<String> selectAnyonePermissions(@Nullable String entityUuid) { | |||
| if (entityUuid == null) { | |||
| return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), null); | |||
| } | |||
| return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), null, project.uuid()); | |||
| return db.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(db.getSession(), null, entityUuid); | |||
| } | |||
| // USER PERMISSIONS | |||
| @@ -385,7 +377,7 @@ public class UserDbTester { | |||
| } | |||
| public void deletePermissionFromUser(EntityDto project, UserDto user, String permission) { | |||
| db.getDbClient().userPermissionDao().deleteProjectPermission(db.getSession(), user, permission, project); | |||
| db.getDbClient().userPermissionDao().deleteEntityPermission(db.getSession(), user, permission, project); | |||
| db.commit(); | |||
| } | |||
| @@ -429,10 +421,11 @@ public class UserDbTester { | |||
| .selectGlobalPermissionsOfUser(db.getSession(), user.getUuid())); | |||
| } | |||
| public List<String> selectProjectPermissionsOfUser(UserDto user, ComponentDto project) { | |||
| return db.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(db.getSession(), user.getUuid(), project.uuid()); | |||
| public List<String> selectEntityPermissionOfUser(UserDto user, String entityUuid) { | |||
| return db.getDbClient().userPermissionDao().selectEntityPermissionsOfUser(db.getSession(), user.getUuid(), entityUuid); | |||
| } | |||
| private static List<GlobalPermission> toListOfGlobalPermissions(List<String> keys) { | |||
| return keys | |||
| .stream() | |||
+ 1
- 1
server/sonar-webserver-core/src/main/java/org/sonar/server/platform/db/CheckAnyonePermissionsAtStartup.java
파일 보기
| @@ -62,7 +62,7 @@ public class CheckAnyonePermissionsAtStartup implements Startable { | |||
| "instance to security risks. Unauthenticated visitors may unintentionally have permissions on projects."); | |||
| } | |||
| int total = dbClient.groupPermissionDao().countProjectsWithAnyonePermissions(dbSession); | |||
| int total = dbClient.groupPermissionDao().countEntitiesWithAnyonePermissions(dbSession); | |||
| if (total > 0) { | |||
| List<String> list = dbClient.groupPermissionDao().selectProjectKeysWithAnyonePermissions(dbSession, 3); | |||
| LOG.warn("Authentication is not enforced, and project permissions assigned to the 'Anyone' group expose {} " + | |||
+ 4
- 4
server/sonar-webserver-webapi/src/it/java/org/sonar/server/ce/queue/ReportSubmitterIT.java
파일 보기
| @@ -161,7 +161,7 @@ public class ReportSubmitterIT { | |||
| .addPermission(PROVISION_PROJECTS); | |||
| mockSuccessfulPrepareSubmitCall(); | |||
| when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
| underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}", UTF_8)); | |||
| @@ -181,7 +181,7 @@ public class ReportSubmitterIT { | |||
| .addPermission(PROVISION_PROJECTS); | |||
| mockSuccessfulPrepareSubmitCall(); | |||
| when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
| underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}", UTF_8)); | |||
| @@ -197,7 +197,7 @@ public class ReportSubmitterIT { | |||
| .addPermission(PROVISION_PROJECTS); | |||
| when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))) | |||
| .thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(false); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(false); | |||
| mockSuccessfulPrepareSubmitCall(); | |||
| underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}")); | |||
| @@ -216,7 +216,7 @@ public class ReportSubmitterIT { | |||
| .addPermission(PROVISION_PROJECTS); | |||
| mockSuccessfulPrepareSubmitCall(); | |||
| when(permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(any(DbSession.class), any(), eq(PROJECT_KEY))).thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
| underTest.submit(PROJECT_KEY, PROJECT_NAME, emptyMap(), IOUtils.toInputStream("{binary}", UTF_8)); | |||
+ 4
- 3
server/sonar-webserver-webapi/src/it/java/org/sonar/server/component/ComponentUpdaterIT.java
파일 보기
| @@ -43,6 +43,7 @@ import org.sonar.server.favorite.FavoriteUpdater; | |||
| import org.sonar.server.l18n.I18nRule; | |||
| import org.sonar.server.permission.PermissionTemplateService; | |||
| import org.sonar.server.project.DefaultBranchNameResolver; | |||
| import org.sonar.server.project.Project; | |||
| import static java.util.stream.IntStream.rangeClosed; | |||
| import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic; | |||
| @@ -222,7 +223,7 @@ public class ComponentUpdaterIT { | |||
| .setKey(DEFAULT_PROJECT_KEY) | |||
| .setName(DEFAULT_PROJECT_NAME) | |||
| .build(); | |||
| ComponentDto dto = underTest.create(db.getSession(), project, userUuid, "user-login").mainBranchComponent(); | |||
| ProjectDto dto = underTest.create(db.getSession(), project, userUuid, "user-login").projectDto(); | |||
| verify(permissionTemplateService).applyDefaultToNewComponent(db.getSession(), dto, userUuid); | |||
| } | |||
| @@ -234,7 +235,7 @@ public class ComponentUpdaterIT { | |||
| .setKey(DEFAULT_PROJECT_KEY) | |||
| .setName(DEFAULT_PROJECT_NAME) | |||
| .build(); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))) | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))) | |||
| .thenReturn(true); | |||
| ProjectDto dto = underTest.create(db.getSession(), project, userDto.getUuid(), userDto.getLogin()).projectDto(); | |||
| @@ -250,7 +251,7 @@ public class ComponentUpdaterIT { | |||
| .setKey(DEFAULT_PROJECT_KEY) | |||
| .setName(DEFAULT_PROJECT_NAME) | |||
| .build(); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(eq(db.getSession()), any(ComponentDto.class))) | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(eq(db.getSession()), any(ProjectDto.class))) | |||
| .thenReturn(true); | |||
| ProjectDto dto = underTest.create(db.getSession(), | |||
+ 40
- 40
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/GroupPermissionChangerIT.java
파일 보기
| @@ -35,6 +35,7 @@ import org.sonar.db.component.ProjectData; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.permission.GroupPermissionDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.db.user.UserDto; | |||
| import org.sonar.server.exceptions.BadRequestException; | |||
| @@ -57,15 +58,14 @@ public class GroupPermissionChangerIT { | |||
| private final GroupPermissionChanger underTest = new GroupPermissionChanger(db.getDbClient(), new SequenceUuidFactory()); | |||
| private GroupDto group; | |||
| //TODO we should only be using ProjectDto here | |||
| private ProjectData privateProject; | |||
| private ProjectData publicProject; | |||
| private ProjectDto privateProject; | |||
| private ProjectDto publicProject; | |||
| @Before | |||
| public void setUp() { | |||
| group = db.users().insertGroup("a-group"); | |||
| privateProject = db.components().insertPrivateProject(); | |||
| publicProject = db.components().insertPublicProject(); | |||
| privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
| publicProject = db.components().insertPublicProject().getProjectDto(); | |||
| } | |||
| @Test | |||
| @@ -91,7 +91,7 @@ public class GroupPermissionChangerIT { | |||
| GroupUuidOrAnyone anyOneGroup = GroupUuidOrAnyone.forAnyone(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> { | |||
| GroupPermissionChange change = new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject.getMainBranchComponent(), anyOneGroup, permissionService); | |||
| GroupPermissionChange change = new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject, anyOneGroup, permissionService); | |||
| try { | |||
| apply(change); | |||
| fail("a BadRequestException should have been thrown"); | |||
| @@ -109,9 +109,9 @@ public class GroupPermissionChangerIT { | |||
| GroupUuidOrAnyone anyOneGroup = GroupUuidOrAnyone.forAnyone(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> { | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, perm, privateProject.getMainBranchComponent(), anyOneGroup, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, perm, privateProject, anyOneGroup, permissionService)); | |||
| assertThat(db.users().selectAnyonePermissions(privateProject.getMainBranchComponent())).contains(perm); | |||
| assertThat(db.users().selectAnyonePermissions(privateProject.getUuid())).contains(perm); | |||
| }); | |||
| } | |||
| @@ -143,10 +143,10 @@ public class GroupPermissionChangerIT { | |||
| private void applyAddsPermissionToGroupOnPrivateProject(String permission) { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).containsOnly(permission); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(permission); | |||
| } | |||
| @Test | |||
| @@ -176,36 +176,36 @@ public class GroupPermissionChangerIT { | |||
| private void applyRemovesPermissionFromGroupOnPrivateProject(String permission) { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
| db.users().insertProjectPermissionOnGroup(group, permission, privateProject.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group, permission, privateProject); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, privateProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).containsOnly(permission); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(permission); | |||
| } | |||
| @Test | |||
| public void apply_has_no_effect_when_adding_USER_permission_to_group_AnyOne_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, publicProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void apply_has_no_effect_when_adding_CODEVIEWER_permission_to_group_AnyOne_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.CODEVIEWER, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.CODEVIEWER, publicProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void apply_fails_with_BadRequestException_when_adding_permission_ADMIN_to_group_AnyOne_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ADMIN, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ADMIN, publicProject, groupUuid, permissionService))) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("It is not possible to add the 'admin' permission to group 'Anyone'."); | |||
| } | |||
| @@ -214,25 +214,25 @@ public class GroupPermissionChangerIT { | |||
| public void apply_adds_permission_ISSUE_ADMIN_to_group_AnyOne_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ISSUE_ADMIN, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ISSUE_ADMIN, publicProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
| } | |||
| @Test | |||
| public void apply_adds_permission_SCAN_EXECUTION_to_group_AnyOne_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermission.SCAN.getKey(), publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermission.SCAN.getKey(), publicProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_fails_with_BadRequestException_when_removing_USER_permission_from_group_AnyOne_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject, groupUuid, permissionService))) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Permission user can't be removed from a public component"); | |||
| } | |||
| @@ -241,7 +241,7 @@ public class GroupPermissionChangerIT { | |||
| public void apply_fails_with_BadRequestException_when_removing_CODEVIEWER_permission_from_group_AnyOne_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject, groupUuid, permissionService))) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Permission codeviewer can't be removed from a public component"); | |||
| } | |||
| @@ -263,18 +263,18 @@ public class GroupPermissionChangerIT { | |||
| private void applyRemovesPermissionFromGroupAnyOneOnAPublicProject(String permission) { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
| db.users().insertProjectPermissionOnAnyone(permission, publicProject.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnAnyone(permission, publicProject); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, permission, publicProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, permission, publicProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getMainBranchComponent())).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(publicProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void apply_fails_with_BadRequestException_when_removing_USER_permission_from_a_group_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.USER, publicProject, groupUuid, permissionService))) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Permission user can't be removed from a public component"); | |||
| } | |||
| @@ -283,7 +283,7 @@ public class GroupPermissionChangerIT { | |||
| public void apply_fails_with_BadRequestException_when_removing_CODEVIEWER_permission_from_a_group_on_a_public_project() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject.getMainBranchComponent(), groupUuid, permissionService))) | |||
| assertThatThrownBy(() -> apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.CODEVIEWER, publicProject, groupUuid, permissionService))) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Permission codeviewer can't be removed from a public component"); | |||
| } | |||
| @@ -317,7 +317,7 @@ public class GroupPermissionChangerIT { | |||
| .filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) | |||
| .forEach(perm -> { | |||
| try { | |||
| new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject.getMainBranchComponent(), groupUuid, permissionService); | |||
| new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject, groupUuid, permissionService); | |||
| fail("a BadRequestException should have been thrown for permission " + perm); | |||
| } catch (BadRequestException e) { | |||
| assertThat(e).hasMessage("Invalid project permission '" + perm + | |||
| @@ -335,7 +335,7 @@ public class GroupPermissionChangerIT { | |||
| .filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) | |||
| .forEach(perm -> { | |||
| try { | |||
| new GroupPermissionChange(PermissionChange.Operation.ADD, perm, publicProject.getMainBranchComponent(), groupUuid, permissionService); | |||
| new GroupPermissionChange(PermissionChange.Operation.ADD, perm, publicProject, groupUuid, permissionService); | |||
| fail("a BadRequestException should have been thrown for permission " + perm); | |||
| } catch (BadRequestException e) { | |||
| assertThat(e).hasMessage("Invalid project permission '" + perm + | |||
| @@ -376,23 +376,23 @@ public class GroupPermissionChangerIT { | |||
| public void remove_project_permission_from_group() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
| db.users().insertPermissionOnGroup(group, ADMINISTER_QUALITY_GATES); | |||
| db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, privateProject.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, privateProject.getMainBranchComponent()); | |||
| db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, privateProject); | |||
| db.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, privateProject); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(ADMINISTER_QUALITY_GATES.getKey()); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).containsOnly(UserRole.CODEVIEWER); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(UserRole.CODEVIEWER); | |||
| } | |||
| @Test | |||
| public void do_not_fail_if_removing_a_permission_that_does_not_exist() { | |||
| GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject.getMainBranchComponent(), groupUuid, permissionService)); | |||
| apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, privateProject, groupUuid, permissionService)); | |||
| assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject.getMainBranchComponent())).isEmpty(); | |||
| assertThat(db.users().selectGroupPermissions(group, privateProject)).isEmpty(); | |||
| } | |||
| @Test | |||
| @@ -427,9 +427,9 @@ public class GroupPermissionChangerIT { | |||
| .setUuid(Uuids.createFast()) | |||
| .setGroupUuid(null) | |||
| .setRole(perm) | |||
| .setComponentUuid(privateProject.projectUuid()) | |||
| .setComponentName(privateProject.getProjectDto().getName()); | |||
| db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, privateProject.getProjectDto(), null); | |||
| .setComponentUuid(privateProject.getUuid()) | |||
| .setComponentName(privateProject.getName()); | |||
| db.getDbClient().groupPermissionDao().insert(db.getSession(), dto, privateProject, null); | |||
| db.commit(); | |||
| } | |||
| } | |||
+ 61
- 62
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/PermissionTemplateServiceIT.java
파일 보기
| @@ -29,11 +29,12 @@ import org.sonar.api.web.UserRole; | |||
| import org.sonar.core.util.SequenceUuidFactory; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.DbTester; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.permission.template.PermissionTemplateDbTester; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.db.user.UserDto; | |||
| import org.sonar.server.es.ProjectIndexers; | |||
| @@ -62,22 +63,21 @@ public class PermissionTemplateServiceIT { | |||
| private final ProjectIndexers projectIndexers = new TestProjectIndexers(); | |||
| private final PermissionTemplateService underTest = new PermissionTemplateService(dbTester.getDbClient(), projectIndexers, userSession, defaultTemplatesResolver, | |||
| new SequenceUuidFactory()); | |||
| private ComponentDto privateProject; | |||
| @Test | |||
| public void apply_does_not_insert_permission_to_group_AnyOne_when_applying_template_on_private_project() { | |||
| ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1"); | |||
| underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
| assertThat(selectProjectPermissionsOfGroup(null, privateProject)).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfGroup(null, privateProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void apply_default_does_not_insert_permission_to_group_AnyOne_when_applying_template_on_private_project() { | |||
| ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| UserDto creator = dbTester.users().insertUser(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1"); | |||
| @@ -85,12 +85,12 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, privateProject, creator.getUuid()); | |||
| assertThat(selectProjectPermissionsOfGroup(null, privateProject)).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfGroup(null, privateProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void apply_inserts_permissions_to_group_AnyOne_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
| ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, perm)); | |||
| @@ -98,13 +98,13 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
| assertThat(selectProjectPermissionsOfGroup(null, publicProject)) | |||
| assertThat(selectProjectPermissionsOfGroup(null, publicProject.getUuid())) | |||
| .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void applyDefault_inserts_permissions_to_group_AnyOne_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
| ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, perm)); | |||
| @@ -113,13 +113,13 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
| assertThat(selectProjectPermissionsOfGroup(null, publicProject)) | |||
| assertThat(selectProjectPermissionsOfGroup(null, publicProject.getUuid())) | |||
| .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_inserts_any_permissions_to_group_when_applying_template_on_private_project() { | |||
| ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| permissionService.getAllProjectPermissions() | |||
| @@ -128,14 +128,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
| assertThat(selectProjectPermissionsOfGroup(group, privateProject)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, privateProject.getUuid())) | |||
| .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void applyDefault_inserts_any_permissions_to_group_when_applying_template_on_private_project() { | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm)); | |||
| @@ -144,14 +144,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, privateProject, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, privateProject)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, privateProject.getUuid())) | |||
| .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_inserts_permissions_to_group_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm)); | |||
| @@ -159,14 +159,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
| assertThat(selectProjectPermissionsOfGroup(group, publicProject)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, publicProject.getUuid())) | |||
| .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void applyDefault_inserts_permissions_to_group_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm)); | |||
| @@ -175,14 +175,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, publicProject)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, publicProject.getUuid())) | |||
| .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_inserts_permissions_to_user_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
| @@ -190,14 +190,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
| assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
| assertThat(selectProjectPermissionsOfUser(user, publicProject.getUuid())) | |||
| .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void applyDefault_inserts_permissions_to_user_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
| @@ -206,14 +206,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
| assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
| assertThat(selectProjectPermissionsOfUser(user, publicProject.getUuid())) | |||
| .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_inserts_any_permissions_to_user_when_applying_template_on_private_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
| @@ -221,14 +221,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
| assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
| assertThat(selectProjectPermissionsOfUser(user, privateProject.getUuid())) | |||
| .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void applyDefault_inserts_any_permissions_to_user_when_applying_template_on_private_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm)); | |||
| @@ -237,14 +237,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, privateProject, null); | |||
| assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
| assertThat(selectProjectPermissionsOfUser(user, privateProject.getUuid())) | |||
| .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void applyDefault_inserts_permissions_to_ProjectCreator_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto publicProject = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto publicProject = dbTester.components().insertPublicProject().getProjectDto(); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, perm)); | |||
| @@ -253,14 +253,14 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, publicProject, user.getUuid()); | |||
| assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
| assertThat(selectProjectPermissionsOfUser(user, publicProject.getUuid())) | |||
| .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void applyDefault_inserts_any_permissions_to_ProjectCreator_when_applying_template_on_private_project() { | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| ComponentDto privateProject = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, perm)); | |||
| @@ -269,13 +269,13 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, privateProject, user.getUuid()); | |||
| assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
| assertThat(selectProjectPermissionsOfUser(user, privateProject.getUuid())) | |||
| .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_template_on_view() { | |||
| ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); | |||
| PortfolioDto portfolio = dbTester.components().insertPrivatePortfolioDto(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
| @@ -284,13 +284,13 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, portfolio, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, portfolio)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, portfolio.getUuid())) | |||
| .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_default_template_on_application() { | |||
| ComponentDto view = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
| ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
| PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| @@ -298,15 +298,15 @@ public class PermissionTemplateServiceIT { | |||
| dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, null); | |||
| underTest.applyDefaultToNewComponent(session, view, null); | |||
| underTest.applyDefaultToNewComponent(session, application, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, view)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())) | |||
| .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_default_template_on_portfolio() { | |||
| ComponentDto view = dbTester.components().insertPublicPortfolio(); | |||
| PortfolioDto portfolio = dbTester.components().insertPublicPortfolioDto(); | |||
| PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| @@ -314,28 +314,28 @@ public class PermissionTemplateServiceIT { | |||
| dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, portPermissionTemplate); | |||
| underTest.applyDefaultToNewComponent(session, view, null); | |||
| underTest.applyDefaultToNewComponent(session, portfolio, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, view)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, portfolio.getUuid())) | |||
| .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_project_default_template_on_view_when_no_view_default_template() { | |||
| ComponentDto view = dbTester.components().insertPrivatePortfolio(); | |||
| PortfolioDto portfolio = dbTester.components().insertPrivatePortfolioDto(); | |||
| PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null); | |||
| underTest.applyDefaultToNewComponent(session, view, null); | |||
| underTest.applyDefaultToNewComponent(session, portfolio, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, view)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| assertThat(selectProjectPermissionsOfGroup(group, portfolio.getUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_template_on_applications() { | |||
| ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
| ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
| PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
| @@ -344,13 +344,13 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, application, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, application)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())) | |||
| .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_default_view_template_on_application() { | |||
| ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
| ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
| PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| @@ -361,13 +361,13 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, application, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, application)) | |||
| assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())) | |||
| .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_project_default_template_on_application_when_no_application_default_template() { | |||
| ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
| ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
| PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| @@ -375,13 +375,13 @@ public class PermissionTemplateServiceIT { | |||
| underTest.applyDefaultToNewComponent(session, application, null); | |||
| assertThat(selectProjectPermissionsOfGroup(group, application)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| assertThat(selectProjectPermissionsOfGroup(group, application.getUuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
| } | |||
| @Test | |||
| public void apply_permission_template() { | |||
| UserDto user = dbTester.users().insertUser(); | |||
| ComponentDto project = dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = dbTester.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto adminGroup = dbTester.users().insertGroup(); | |||
| GroupDto userGroup = dbTester.users().insertGroup(); | |||
| dbTester.users().insertPermissionOnGroup(adminGroup, GlobalPermission.ADMINISTER.getKey()); | |||
| @@ -396,26 +396,25 @@ public class PermissionTemplateServiceIT { | |||
| dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, UserRole.CODEVIEWER); | |||
| dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, GlobalPermission.ADMINISTER.getKey()); | |||
| assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfGroup(userGroup, project)).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfUser(user, project)).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfGroup(adminGroup, project.getUuid())).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfGroup(userGroup, project.getUuid())).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfGroup(null, project.getUuid())).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfUser(user, project.getUuid())).isEmpty(); | |||
| underTest.applyAndCommit(session, permissionTemplate, singletonList(project)); | |||
| assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).containsOnly(GlobalPermission.ADMINISTER.getKey(), UserRole.ISSUE_ADMIN); | |||
| assertThat(selectProjectPermissionsOfGroup(userGroup, project)).containsOnly(UserRole.USER, UserRole.CODEVIEWER); | |||
| assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| assertThat(selectProjectPermissionsOfGroup(adminGroup, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey(), UserRole.ISSUE_ADMIN); | |||
| assertThat(selectProjectPermissionsOfGroup(userGroup, project.getUuid())).containsOnly(UserRole.USER, UserRole.CODEVIEWER); | |||
| assertThat(selectProjectPermissionsOfGroup(null, project.getUuid())).isEmpty(); | |||
| assertThat(selectProjectPermissionsOfUser(user, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| } | |||
| private List<String> selectProjectPermissionsOfGroup(@Nullable GroupDto groupDto, ComponentDto project) { | |||
| return dbTester.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(session, groupDto != null ? groupDto.getUuid() : null, project.uuid()); | |||
| private List<String> selectProjectPermissionsOfGroup(@Nullable GroupDto groupDto, String projectUuid) { | |||
| return dbTester.getDbClient().groupPermissionDao().selectEntityPermissionsOfGroup(session, groupDto != null ? groupDto.getUuid() : null, projectUuid); | |||
| } | |||
| private List<String> selectProjectPermissionsOfUser(UserDto userDto, ComponentDto project) { | |||
| return dbTester.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(session, | |||
| userDto.getUuid(), project.uuid()); | |||
| private List<String> selectProjectPermissionsOfUser(UserDto userDto, String projectUuid) { | |||
| return dbTester.getDbClient().userPermissionDao().selectEntityPermissionsOfUser(session, userDto.getUuid(), projectUuid); | |||
| } | |||
| @Test | |||
| @@ -468,7 +467,7 @@ public class PermissionTemplateServiceIT { | |||
| .map(x -> String.format("\"%s\"", x)) | |||
| .collect(Collectors.joining(", ")); | |||
| ComponentDto project = dbTester.components().insertPrivateProject(p -> p.setKey(key)).getMainBranchComponent(); | |||
| ProjectDto project = dbTester.components().insertPrivateProject(p -> p.setKey(key)).getProjectDto(); | |||
| assertThatThrownBy(() -> underTest.applyDefaultToNewComponent(session, project, null)) | |||
| .isInstanceOf(TemplateMatchingKeyException.class) | |||
+ 21
- 20
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/UserPermissionChangerIT.java
파일 보기
| @@ -31,6 +31,7 @@ import org.sonar.core.util.SequenceUuidFactory; | |||
| import org.sonar.db.DbTester; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.db.user.UserDto; | |||
| @@ -52,15 +53,15 @@ public class UserPermissionChangerIT { | |||
| private final UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient(), new SequenceUuidFactory()); | |||
| private UserDto user1; | |||
| private UserDto user2; | |||
| private ComponentDto privateProject; | |||
| private ComponentDto publicProject; | |||
| private EntityDto privateProject; | |||
| private EntityDto publicProject; | |||
| @Before | |||
| public void setUp() { | |||
| user1 = db.users().insertUser(); | |||
| user2 = db.users().insertUser(); | |||
| privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
| privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
| publicProject = db.components().insertPublicProject().getProjectDto(); | |||
| } | |||
| @Test | |||
| @@ -100,7 +101,7 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.USER); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).doesNotContain(UserRole.USER); | |||
| } | |||
| @Test | |||
| @@ -109,7 +110,7 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.CODEVIEWER); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).doesNotContain(UserRole.CODEVIEWER); | |||
| } | |||
| @Test | |||
| @@ -132,7 +133,7 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).containsOnly(permission); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).containsOnly(permission); | |||
| } | |||
| @Test | |||
| @@ -174,7 +175,7 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).isEmpty(); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, publicProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| @@ -185,7 +186,7 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(permission); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).contains(permission); | |||
| }); | |||
| } | |||
| @@ -200,7 +201,7 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).doesNotContain(permission); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).doesNotContain(permission); | |||
| }); | |||
| } | |||
| @@ -211,9 +212,9 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).isEmpty(); | |||
| assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user2, privateProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| @@ -222,9 +223,9 @@ public class UserPermissionChangerIT { | |||
| apply(change); | |||
| assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).contains(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user2, privateProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| @@ -269,12 +270,12 @@ public class UserPermissionChangerIT { | |||
| assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); | |||
| assertThat(db.users().selectPermissionsOfUser(user2)).containsOnly(GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
| } | |||
| @Test | |||
| public void remove_project_permission_from_user() { | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| EntityDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
| db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, privateProject); | |||
| db.users().insertProjectPermissionOnUser(user1, UserRole.USER, privateProject); | |||
| @@ -284,9 +285,9 @@ public class UserPermissionChangerIT { | |||
| UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.USER); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, project2)).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).containsOnly(UserRole.USER); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user2, privateProject.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, project2.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
| } | |||
| @Test | |||
| @@ -302,7 +303,7 @@ public class UserPermissionChangerIT { | |||
| UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
| apply(change); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user1, privateProject.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
+ 44
- 48
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/AddGroupActionIT.java
파일 보기
| @@ -27,8 +27,12 @@ import org.sonar.api.server.ws.WebService.Action; | |||
| import org.sonar.api.web.UserRole; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ComponentTesting; | |||
| import org.sonar.db.component.ProjectData; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.server.exceptions.BadRequestException; | |||
| import org.sonar.server.exceptions.ForbiddenException; | |||
| @@ -37,14 +41,12 @@ import org.sonar.server.exceptions.ServerException; | |||
| import org.sonar.server.permission.PermissionService; | |||
| import org.sonar.server.permission.PermissionServiceImpl; | |||
| import static java.lang.String.format; | |||
| import static org.assertj.core.api.Assertions.assertThat; | |||
| import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
| import static org.assertj.core.api.Assertions.fail; | |||
| import static org.assertj.core.api.Assertions.tuple; | |||
| import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
| import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
| import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
| import static org.sonar.db.component.ComponentTesting.newSubPortfolio; | |||
| import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
| import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
| @@ -107,12 +109,12 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| @Test | |||
| public void add_permission_to_project_referenced_by_its_id() { | |||
| GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
| ComponentDto project = db.components().insertComponent(newPrivateProjectDto(A_PROJECT_UUID).setKey(A_PROJECT_KEY)); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, A_PROJECT_UUID) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| @@ -123,7 +125,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| @Test | |||
| public void add_permission_to_project_referenced_by_its_key() { | |||
| GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
| ComponentDto project = db.components().insertPrivateProject(A_PROJECT_UUID, c -> c.setKey(A_PROJECT_KEY)).getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject(A_PROJECT_UUID, c -> c.setKey(A_PROJECT_KEY)).getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -139,12 +141,12 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| @Test | |||
| public void add_with_portfolio_uuid() { | |||
| GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
| ComponentDto portfolio = db.components().insertPrivatePortfolio(); | |||
| PortfolioDto portfolio = db.components().insertPrivatePortfolioDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, portfolio.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, portfolio.getUuid()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| @@ -157,13 +159,11 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
| loginAsAdmin(); | |||
| assertThatThrownBy(() -> { | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, "not-found") | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| }) | |||
| assertThatThrownBy(() -> newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, "not-found") | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute()) | |||
| .isInstanceOf(NotFoundException.class); | |||
| } | |||
| @@ -195,15 +195,13 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
| loginAsAdmin(); | |||
| assertThatThrownBy(() -> { | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, file.uuid()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| }) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
| assertThatThrownBy(() -> newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, file.uuid()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute()) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
| @@ -231,7 +229,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| }) | |||
| .isInstanceOf(BadRequestException.class); | |||
| .isInstanceOf(NotFoundException.class); | |||
| } | |||
| @Test | |||
| @@ -341,12 +339,12 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| @Test | |||
| public void adding_project_permission_is_allowed_to_project_administrators() { | |||
| GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute(); | |||
| @@ -355,7 +353,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| @Test | |||
| public void fails_when_adding_any_permission_to_group_AnyOne_on_a_private_project() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| permissionService.getAllProjectPermissions() | |||
| @@ -363,7 +361,7 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| try { | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, "anyone") | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, permission) | |||
| .execute(); | |||
| fail("a BadRequestException should have been raised for " + permission); | |||
| @@ -375,60 +373,60 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| @Test | |||
| public void no_effect_when_adding_USER_permission_to_group_AnyOne_on_a_public_project() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, "anyone") | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.USER) | |||
| .execute(); | |||
| assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void no_effect_when_adding_CODEVIEWER_permission_to_group_AnyOne_on_a_public_project() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, "anyone") | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
| .execute(); | |||
| assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void no_effect_when_adding_USER_permission_to_group_on_a_public_project() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.USER) | |||
| .execute(); | |||
| assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void no_effect_when_adding_CODEVIEWER_permission_to_group_on_a_public_project() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
| .execute(); | |||
| assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| @@ -438,15 +436,13 @@ public class AddGroupActionIT extends BasePermissionWsIT<AddGroupAction> { | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| ComponentDto branch = db.components().insertProjectBranch(project); | |||
| assertThatThrownBy(() -> { | |||
| newRequest() | |||
| .setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute(); | |||
| }) | |||
| assertThatThrownBy(() -> newRequest() | |||
| .setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute()) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| private void executeRequest(GroupDto groupDto, String permission) { | |||
+ 27
- 25
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/AddUserActionIT.java
파일 보기
| @@ -26,9 +26,11 @@ import org.sonar.api.resources.Qualifiers; | |||
| import org.sonar.api.resources.ResourceTypes; | |||
| import org.sonar.api.web.UserRole; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ComponentTesting; | |||
| import org.sonar.db.component.PortfolioData; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.UserDto; | |||
| import org.sonar.server.exceptions.BadRequestException; | |||
| import org.sonar.server.exceptions.ForbiddenException; | |||
| @@ -82,22 +84,22 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| @Test | |||
| public void add_permission_to_project_referenced_by_its_id() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| } | |||
| @Test | |||
| public void add_permission_to_project_referenced_by_its_key() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -107,22 +109,22 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .execute(); | |||
| assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| } | |||
| @Test | |||
| public void add_permission_to_view() { | |||
| ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); | |||
| PortfolioDto portfolioDto = db.components().insertPrivatePortfolioDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, view.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, portfolioDto.getUuid()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, portfolioDto.getUuid())).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| } | |||
| @Test | |||
| @@ -173,8 +175,8 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| }) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
| @@ -203,7 +205,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .execute(); | |||
| }) | |||
| .isInstanceOf(BadRequestException.class); | |||
| .isInstanceOf(NotFoundException.class); | |||
| } | |||
| @Test | |||
| @@ -284,7 +286,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
| assertThatThrownBy(() -> request.execute()) | |||
| assertThatThrownBy(request::execute) | |||
| .isInstanceOf(ForbiddenException.class); | |||
| } | |||
| @@ -297,7 +299,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .setParam(PARAM_USER_LOGIN, "unknown") | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
| assertThatThrownBy(() -> request.execute()) | |||
| assertThatThrownBy(request::execute) | |||
| .isInstanceOf(ForbiddenException.class); | |||
| } | |||
| @@ -310,7 +312,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
| assertThatThrownBy(() -> request.execute()) | |||
| assertThatThrownBy(request::execute) | |||
| .isInstanceOf(IllegalArgumentException.class); | |||
| } | |||
| @@ -319,7 +321,7 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| */ | |||
| @Test | |||
| public void adding_project_permission_is_allowed_to_project_administrators() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| @@ -329,35 +331,35 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
| } | |||
| @Test | |||
| public void no_effect_when_adding_USER_permission_on_a_public_project() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.USER) | |||
| .execute(); | |||
| assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| public void no_effect_when_adding_CODEVIEWER_permission_on_a_public_project() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
| .execute(); | |||
| assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
| assertThat(db.users().selectAnyonePermissions(project.getUuid())).isEmpty(); | |||
| } | |||
| @Test | |||
| @@ -371,8 +373,8 @@ public class AddUserActionIT extends BasePermissionWsIT<AddUserAction> { | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
| assertThatThrownBy(() -> request.execute()) | |||
| assertThatThrownBy(request::execute) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| } | |||
+ 1
- 1
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/BasePermissionWsIT.java
파일 보기
| @@ -50,7 +50,7 @@ import static org.sonar.db.permission.template.PermissionTemplateTesting.newPerm | |||
| public abstract class BasePermissionWsIT<A extends PermissionsWsAction> { | |||
| @Rule | |||
| public DbTester db = DbTester.create(new AlwaysIncreasingSystem2()); | |||
| public DbTester db = DbTester.create(new AlwaysIncreasingSystem2(), true); | |||
| @Rule | |||
| public EsTester es = EsTester.createCustom(new FooIndexDefinition()); | |||
+ 18
- 20
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/GroupsActionIT.java
파일 보기
| @@ -29,9 +29,10 @@ import org.sonar.api.server.ws.Change; | |||
| import org.sonar.api.server.ws.WebService.Action; | |||
| import org.sonar.api.web.UserRole; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ComponentTesting; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.server.exceptions.BadRequestException; | |||
| import org.sonar.server.exceptions.ForbiddenException; | |||
| @@ -41,7 +42,6 @@ import org.sonar.server.management.ManagedInstanceService; | |||
| import org.sonar.server.permission.PermissionService; | |||
| import org.sonar.server.permission.PermissionServiceImpl; | |||
| import static java.lang.String.format; | |||
| import static java.util.function.Function.identity; | |||
| import static java.util.stream.Collectors.toMap; | |||
| import static org.assertj.core.api.Assertions.assertThat; | |||
| @@ -54,7 +54,6 @@ import static org.sonar.api.server.ws.WebService.Param.PAGE; | |||
| import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; | |||
| import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; | |||
| import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
| import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
| import static org.sonar.test.JsonAssert.assertJson; | |||
| import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
| import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
| @@ -185,11 +184,11 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| @Test | |||
| public void search_groups_with_project_permissions() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto group = db.users().insertGroup("project-group-name"); | |||
| db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
| ComponentDto anotherProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto anotherProject = db.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto anotherGroup = db.users().insertGroup("another-project-group-name"); | |||
| db.users().insertProjectPermissionOnGroup(anotherGroup, ISSUE_ADMIN, anotherProject); | |||
| @@ -198,7 +197,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| String result = newRequest() | |||
| .setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .execute() | |||
| .getInput(); | |||
| @@ -209,7 +208,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| @Test | |||
| public void return_also_groups_without_permission_when_search_query() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto group = db.users().insertGroup("group-with-permission"); | |||
| db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
| @@ -219,7 +218,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| loginAsAdmin(); | |||
| String result = newRequest() | |||
| .setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(TEXT_QUERY, "group-with") | |||
| .execute() | |||
| .getInput(); | |||
| @@ -231,7 +230,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| @Test | |||
| public void return_only_groups_with_permission_when_no_search_query() { | |||
| ComponentDto project = db.components().insertComponent(newPrivateProjectDto("project-uuid")); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto group = db.users().insertGroup("project-group-name"); | |||
| db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
| @@ -240,23 +239,22 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| loginAsAdmin(); | |||
| String result = newRequest() | |||
| .setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .execute() | |||
| .getInput(); | |||
| assertThat(result).contains(group.getName()) | |||
| .doesNotContain(groupWithoutPermission.getName()); | |||
| assertThat(result).contains(group.getName()).doesNotContain(groupWithoutPermission.getName()); | |||
| } | |||
| @Test | |||
| public void return_anyone_group_when_search_query_and_no_param_permission() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| GroupDto group = db.users().insertGroup("group-with-permission"); | |||
| db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
| loginAsAdmin(); | |||
| String result = newRequest() | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(TEXT_QUERY, "nyo") | |||
| .execute() | |||
| .getInput(); | |||
| @@ -266,9 +264,9 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| @Test | |||
| public void search_groups_on_views() { | |||
| ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); | |||
| PortfolioDto portfolio = db.components().insertPrivatePortfolioDto("view-uuid"); | |||
| GroupDto group = db.users().insertGroup("project-group-name"); | |||
| db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, view); | |||
| db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, portfolio); | |||
| loginAsAdmin(); | |||
| String result = newRequest() | |||
| @@ -285,11 +283,11 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| @Test | |||
| public void return_isManaged() { | |||
| ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); | |||
| PortfolioDto portfolio = db.components().insertPrivatePortfolioDto("view-uuid"); | |||
| GroupDto managedGroup = db.users().insertGroup("managed-group"); | |||
| GroupDto localGroup = db.users().insertGroup("local-group"); | |||
| db.users().insertProjectPermissionOnGroup(managedGroup, ISSUE_ADMIN, view); | |||
| db.users().insertProjectPermissionOnGroup(localGroup, ISSUE_ADMIN, view); | |||
| db.users().insertProjectPermissionOnGroup(managedGroup, ISSUE_ADMIN, portfolio); | |||
| db.users().insertProjectPermissionOnGroup(localGroup, ISSUE_ADMIN, portfolio); | |||
| mockGroupsAsManaged(managedGroup.getUuid()); | |||
| loginAsAdmin(); | |||
| @@ -373,7 +371,7 @@ public class GroupsActionIT extends BasePermissionWsIT<GroupsAction> { | |||
| .execute(); | |||
| }) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| private void mockGroupsAsManaged(String... groupUuids) { | |||
+ 28
- 32
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/RemoveGroupActionIT.java
파일 보기
| @@ -30,8 +30,8 @@ import org.sonar.api.server.ws.WebService.Action; | |||
| import org.sonar.api.web.UserRole; | |||
| import org.sonar.core.util.Uuids; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ProjectData; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.permission.GroupPermissionDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| @@ -44,7 +44,6 @@ import org.sonar.server.permission.PermissionService; | |||
| import org.sonar.server.permission.PermissionServiceImpl; | |||
| import org.sonar.server.ws.TestRequest; | |||
| import static java.lang.String.format; | |||
| import static org.assertj.core.api.Assertions.assertThat; | |||
| import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
| import static org.assertj.core.api.Assertions.tuple; | |||
| @@ -102,7 +101,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| @Test | |||
| public void wsAction_shouldRemoveProjectPermission() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
| @@ -110,7 +109,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
| .execute(); | |||
| @@ -120,25 +119,25 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| @Test | |||
| public void wsAction_whenUsingViewUuid_shouldRemovePermission() { | |||
| ComponentDto view = db.components().insertPrivatePortfolio(); | |||
| EntityDto portfolio = db.components().insertPrivatePortfolioDto(); | |||
| db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, view); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, view); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, portfolio); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, portfolio); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
| .setParam(PARAM_PROJECT_ID, view.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, portfolio.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
| .execute(); | |||
| assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
| assertThat(db.users().selectGroupPermissions(aGroup, view)).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectGroupPermissions(aGroup, portfolio)).containsOnly(UserRole.ISSUE_ADMIN); | |||
| } | |||
| @Test | |||
| public void wsAction_whenUsingProjectKey_shouldRemovePermission() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
| @@ -177,7 +176,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| assertThatThrownBy(testRequest::execute) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Project id 'unknown-project-uuid' not found"); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
| @@ -215,15 +214,13 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| private void failIfComponentIsNotAProjectOrView(ComponentDto file) { | |||
| loginAsAdmin(); | |||
| TestRequest testRequest = newRequest() | |||
| .setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
| .setParam(PARAM_PROJECT_ID, file.uuid()) | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
| assertThatThrownBy(testRequest::execute) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
| @@ -299,14 +296,14 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| @Test | |||
| public void wsAction_whenRemovingProjectPermissionAsProjectAdminButNotSystemAdmin_shouldRemovePermission() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.CODEVIEWER, project); | |||
| db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute(); | |||
| @@ -315,32 +312,31 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| @Test | |||
| public void wsAction_whenRemovingAnyPermissionFromGroupAnyoneOnPrivateProject_shouldHaveNoEffect() { | |||
| //TODO use projectDto | |||
| ProjectData project = db.components().insertPrivateProject(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(perm -> unsafeInsertProjectPermissionOnAnyone(perm, project.getProjectDto())); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
| .forEach(perm -> unsafeInsertProjectPermissionOnAnyone(perm, project)); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| permissionService.getAllProjectPermissions() | |||
| .forEach(permission -> { | |||
| newRequest() | |||
| .setParam(PARAM_GROUP_NAME, "anyone") | |||
| .setParam(PARAM_PROJECT_ID, project.projectUuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, permission) | |||
| .execute(); | |||
| assertThat(db.users().selectAnyonePermissions(project.getMainBranchComponent())).contains(permission); | |||
| assertThat(db.users().selectAnyonePermissions(project.getUuid())).contains(permission); | |||
| }); | |||
| } | |||
| @Test | |||
| public void wsAction_whenRemovingBrowsePermissionFromGroupAnyoneOnPublicProject_shouldFail() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| TestRequest testRequest = newRequest() | |||
| .setParam(PARAM_GROUP_NAME, "anyone") | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.USER); | |||
| assertThatThrownBy(testRequest::execute) | |||
| @@ -350,12 +346,12 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| @Test | |||
| public void wsAction_whenRemovingCodeviewerPermissionFromGroupAnyoneOnPublicProject_shouldFail() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| TestRequest testRequest = newRequest() | |||
| .setParam(PARAM_GROUP_NAME, "anyone") | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER); | |||
| assertThatThrownBy(testRequest::execute) | |||
| @@ -366,12 +362,12 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| @Test | |||
| public void wsAction_whenRemovingBrowsePermissionFromGroupOnPublicProject_shouldFail() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| TestRequest testRequest = newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.USER); | |||
| assertThatThrownBy(testRequest::execute) | |||
| @@ -382,12 +378,12 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| @Test | |||
| public void wsAction_whenRemovingCodeviewerPermissionFromGroupOnPublicProject() { | |||
| GroupDto group = db.users().insertGroup(); | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| TestRequest testRequest = newRequest() | |||
| .setParam(PARAM_GROUP_NAME, group.getName()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER); | |||
| assertThatThrownBy(testRequest::execute) | |||
| @@ -409,7 +405,7 @@ public class RemoveGroupActionIT extends BasePermissionWsIT<RemoveGroupAction> { | |||
| assertThatThrownBy(testRequest::execute) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
+ 17
- 16
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/RemoveUserActionIT.java
파일 보기
| @@ -27,6 +27,7 @@ import org.sonar.api.web.UserRole; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.UserDto; | |||
| import org.sonar.server.exceptions.BadRequestException; | |||
| import org.sonar.server.exceptions.ForbiddenException; | |||
| @@ -147,23 +148,23 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
| @Test | |||
| public void wsAction_whenProject_shouldRemovePermission() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
| .execute(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.ISSUE_ADMIN); | |||
| } | |||
| @Test | |||
| public void wsAction_whenUsingProjectKey_shouldRemovePermission() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
| loginAsAdmin(); | |||
| @@ -174,7 +175,7 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.CODEVIEWER); | |||
| } | |||
| @Test | |||
| @@ -190,7 +191,7 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(UserRole.ADMIN); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, view.uuid())).containsOnly(UserRole.ADMIN); | |||
| } | |||
| @Test | |||
| @@ -251,8 +252,8 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
| assertThatThrownBy(testRequest::execute) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Component '" + file.getKey() + "' (id: " + file.uuid() + ") must be a project or a view."); | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
| @@ -335,28 +336,28 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
| */ | |||
| @Test | |||
| public void wsAction_whenProjectPermissionAndProjectAdmin_shouldRemovePermission() { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .execute(); | |||
| assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); | |||
| assertThat(db.users().selectEntityPermissionOfUser(user, project.getUuid())).containsOnly(UserRole.CODEVIEWER); | |||
| } | |||
| @Test | |||
| public void wsAction_whenBrowsePermissionAndPublicProject_shouldFail() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| TestRequest testRequest = newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.USER); | |||
| assertThatThrownBy(testRequest::execute) | |||
| @@ -367,12 +368,12 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
| @Test | |||
| public void wsAction_whenCodeviewerPermissionAndPublicProject_shouldFail() { | |||
| ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
| userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
| TestRequest testRequest = newRequest() | |||
| .setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER); | |||
| assertThatThrownBy(testRequest::execute) | |||
| @@ -393,7 +394,7 @@ public class RemoveUserActionIT extends BasePermissionWsIT<RemoveUserAction> { | |||
| assertThatThrownBy(testRequest::execute) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| } | |||
+ 21
- 22
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/UsersActionIT.java
파일 보기
| @@ -29,6 +29,7 @@ import org.sonar.api.web.UserRole; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.UserDto; | |||
| import org.sonar.server.exceptions.BadRequestException; | |||
| import org.sonar.server.exceptions.ForbiddenException; | |||
| @@ -61,11 +62,11 @@ import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_U | |||
| public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
| private PermissionService permissionService = new PermissionServiceImpl(resourceTypes); | |||
| private WsParameters wsParameters = new WsParameters(permissionService); | |||
| private RequestValidator requestValidator = new RequestValidator(permissionService); | |||
| private ManagedInstanceService managedInstanceService = mock(ManagedInstanceService.class); | |||
| private final ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
| private final PermissionService permissionService = new PermissionServiceImpl(resourceTypes); | |||
| private final WsParameters wsParameters = new WsParameters(permissionService); | |||
| private final RequestValidator requestValidator = new RequestValidator(permissionService); | |||
| private final ManagedInstanceService managedInstanceService = mock(ManagedInstanceService.class); | |||
| @Override | |||
| protected UsersAction buildWsAction() { | |||
| @@ -102,12 +103,12 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| @Test | |||
| public void search_for_users_with_permission_on_project() { | |||
| // User has permission on project | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| UserDto user = db.users().insertUser(newUserDto()); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
| // User has permission on another project | |||
| ComponentDto anotherProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto anotherProject = db.components().insertPrivateProject().getProjectDto(); | |||
| UserDto userHavePermissionOnAnotherProject = db.users().insertUser(newUserDto()); | |||
| db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, UserRole.ISSUE_ADMIN, anotherProject); | |||
| @@ -117,7 +118,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| userSession.logIn().addProjectPermission(GlobalPermission.ADMINISTER.getKey(), project); | |||
| String result = newRequest() | |||
| .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .execute() | |||
| .getInput(); | |||
| @@ -129,7 +130,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| @Test | |||
| public void search_also_for_users_without_permission_when_filtering_name() { | |||
| // User with permission on project | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
| @@ -139,7 +140,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| loginAsAdmin(); | |||
| String result = newRequest() | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .setParam(TEXT_QUERY, "with") | |||
| .execute() | |||
| .getInput(); | |||
| @@ -150,7 +151,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| @Test | |||
| public void search_also_for_users_without_permission_when_filtering_email() { | |||
| // User with permission on project | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
| @@ -159,7 +160,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user")); | |||
| loginAsAdmin(); | |||
| String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "email").execute().getInput(); | |||
| String result = newRequest().setParam(PARAM_PROJECT_ID, project.getUuid()).setParam(TEXT_QUERY, "email").execute().getInput(); | |||
| assertThat(result).contains(user.getLogin(), withoutPermission.getLogin()).doesNotContain(anotherUser.getLogin()); | |||
| } | |||
| @@ -167,7 +168,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| @Test | |||
| public void search_also_for_users_without_permission_when_filtering_login() { | |||
| // User with permission on project | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project = db.components().insertPrivateProject().getProjectDto(); | |||
| UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
| db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
| @@ -176,7 +177,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| UserDto anotherUser = db.users().insertUser(newUserDto("another-user", "another-user", "another-user")); | |||
| loginAsAdmin(); | |||
| String result = newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).setParam(TEXT_QUERY, "login").execute().getInput(); | |||
| String result = newRequest().setParam(PARAM_PROJECT_ID, project.getUuid()).setParam(TEXT_QUERY, "login").execute().getInput(); | |||
| assertThat(result).contains(user.getLogin(), withoutPermission.getLogin()).doesNotContain(anotherUser.getLogin()); | |||
| } | |||
| @@ -309,13 +310,11 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| ComponentDto project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| loginAsAdmin(); | |||
| assertThatThrownBy(() -> { | |||
| newRequest() | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
| .execute(); | |||
| }) | |||
| assertThatThrownBy(() -> newRequest() | |||
| .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
| .execute()) | |||
| .isInstanceOf(BadRequestException.class) | |||
| .hasMessage("Project id or project key can be provided, not both."); | |||
| } | |||
| @@ -345,7 +344,7 @@ public class UsersActionIT extends BasePermissionWsIT<UsersAction> { | |||
| .execute(); | |||
| }) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage(format("Project id '%s' not found", branch.uuid())); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| private void insertUsersHavingGlobalPermissions() { | |||
+ 19
- 22
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/template/ApplyTemplateActionIT.java
파일 보기
| @@ -29,8 +29,10 @@ import org.sonar.core.util.SequenceUuidFactory; | |||
| import org.sonar.db.DbTester; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.PermissionQuery; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.db.user.UserDto; | |||
| import org.sonar.server.es.TestProjectIndexers; | |||
| @@ -63,13 +65,12 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| private UserDto user2; | |||
| private GroupDto group1; | |||
| private GroupDto group2; | |||
| private ComponentDto project; | |||
| private ProjectDto project; | |||
| private PermissionTemplateDto template1; | |||
| private PermissionTemplateDto template2; | |||
| private ResourceTypesRule resourceTypesRule = new ResourceTypesRule().setRootQualifiers(PROJECT, VIEW, APP); | |||
| private DefaultTemplatesResolver defaultTemplatesResolver = new DefaultTemplatesResolverImpl(dbTester.getDbClient(), resourceTypesRule); | |||
| private PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(), | |||
| private final ResourceTypesRule resourceTypesRule = new ResourceTypesRule().setRootQualifiers(PROJECT, VIEW, APP); | |||
| private final DefaultTemplatesResolver defaultTemplatesResolver = new DefaultTemplatesResolverImpl(dbTester.getDbClient(), resourceTypesRule); | |||
| private final PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(), | |||
| new TestProjectIndexers(), userSession, defaultTemplatesResolver, new SequenceUuidFactory()); | |||
| @Override | |||
| @@ -91,13 +92,13 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| addGroupToTemplate(group1, template1, UserRole.ADMIN); | |||
| addGroupToTemplate(group2, template1, UserRole.USER); | |||
| // template 2 | |||
| template2 = db.permissionTemplates().insertTemplate(); | |||
| PermissionTemplateDto template2 = db.permissionTemplates().insertTemplate(); | |||
| addUserToTemplate(user1, template2, UserRole.USER); | |||
| addUserToTemplate(user2, template2, UserRole.USER); | |||
| addGroupToTemplate(group1, template2, UserRole.USER); | |||
| addGroupToTemplate(group2, template2, UserRole.USER); | |||
| project = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| project = db.components().insertPrivateProject().getProjectDto(); | |||
| db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project); | |||
| db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project); | |||
| db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project); | |||
| @@ -108,7 +109,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| public void apply_template_with_project_uuid() { | |||
| loginAsAdmin(); | |||
| newRequest(template1.getUuid(), project.uuid(), null); | |||
| newRequest(template1.getUuid(), project.getUuid(), null); | |||
| assertTemplate1AppliedToProject(); | |||
| } | |||
| @@ -119,7 +120,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| newRequest() | |||
| .setParam(PARAM_TEMPLATE_NAME, template1.getName().toUpperCase()) | |||
| .setParam(PARAM_PROJECT_ID, project.uuid()) | |||
| .setParam(PARAM_PROJECT_ID, project.getUuid()) | |||
| .execute(); | |||
| assertTemplate1AppliedToProject(); | |||
| @@ -139,7 +140,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| loginAsAdmin(); | |||
| assertThatThrownBy(() -> { | |||
| newRequest("unknown-template-uuid", project.uuid(), null); | |||
| newRequest("unknown-template-uuid", project.getUuid(), null); | |||
| }) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Permission template with id 'unknown-template-uuid' is not found"); | |||
| @@ -153,7 +154,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| newRequest(template1.getUuid(), "unknown-project-uuid", null); | |||
| }) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Project id 'unknown-project-uuid' not found"); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
| @@ -164,16 +165,14 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| newRequest(template1.getUuid(), null, "unknown-project-key"); | |||
| }) | |||
| .isInstanceOf(NotFoundException.class) | |||
| .hasMessage("Project key 'unknown-project-key' not found"); | |||
| .hasMessage("Entity not found"); | |||
| } | |||
| @Test | |||
| public void fail_when_template_is_not_provided() { | |||
| loginAsAdmin(); | |||
| assertThatThrownBy(() -> { | |||
| newRequest(null, project.uuid(), null); | |||
| }) | |||
| assertThatThrownBy(() -> newRequest(null, project.getUuid(), null)) | |||
| .isInstanceOf(BadRequestException.class); | |||
| } | |||
| @@ -192,9 +191,7 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| public void fail_when_not_admin() { | |||
| userSession.logIn().addPermission(SCAN); | |||
| assertThatThrownBy(() -> { | |||
| newRequest(template1.getUuid(), project.uuid(), null); | |||
| }) | |||
| assertThatThrownBy(() -> newRequest(template1.getUuid(), project.getUuid(), null)) | |||
| .isInstanceOf(ForbiddenException.class); | |||
| } | |||
| @@ -232,13 +229,13 @@ public class ApplyTemplateActionIT extends BasePermissionWsIT<ApplyTemplateActio | |||
| db.commit(); | |||
| } | |||
| private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
| private List<String> selectProjectPermissionGroups(EntityDto entity, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(entity).build(); | |||
| return db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(db.getSession(), query); | |||
| } | |||
| private List<String> selectProjectPermissionUsers(ComponentDto project, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
| private List<String> selectProjectPermissionUsers(EntityDto entity, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(entity).build(); | |||
| return db.getDbClient().userPermissionDao().selectUserUuidsByQuery(db.getSession(), query); | |||
| } | |||
| } | |||
+ 63
- 60
server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/template/BulkApplyTemplateActionIT.java
파일 보기
| @@ -30,9 +30,13 @@ import org.sonar.api.web.UserRole; | |||
| import org.sonar.core.util.SequenceUuidFactory; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ComponentTesting; | |||
| import org.sonar.db.component.ProjectData; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.PermissionQuery; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.db.user.UserDto; | |||
| import org.sonar.server.es.ProjectIndexers; | |||
| @@ -51,7 +55,6 @@ import static org.sonar.api.resources.Qualifiers.APP; | |||
| import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
| import static org.sonar.api.resources.Qualifiers.VIEW; | |||
| import static org.sonar.api.utils.DateUtils.parseDate; | |||
| import static org.sonar.db.component.ComponentTesting.newPortfolio; | |||
| import static org.sonar.db.component.SnapshotTesting.newAnalysis; | |||
| import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
| import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
| @@ -103,10 +106,10 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| @Test | |||
| public void bulk_apply_template_by_template_uuid() { | |||
| // this project should not be applied the template | |||
| db.components().insertPrivateProject().getMainBranchComponent(); | |||
| db.components().insertPrivateProject().getProjectDto(); | |||
| ComponentDto privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -144,8 +147,8 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| @Test | |||
| public void bulk_apply_template_by_template_name() { | |||
| ComponentDto privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -158,10 +161,10 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| @Test | |||
| public void apply_template_by_qualifiers() { | |||
| ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ComponentDto privateProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto view = db.components().insertPrivatePortfolio(); | |||
| ComponentDto application = db.components().insertPublicApplication().getMainBranchComponent(); | |||
| ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
| ProjectDto privateProject = db.components().insertPrivateProject().getProjectDto(); | |||
| PortfolioDto portfolio = db.components().insertPrivatePortfolioDto(); | |||
| ProjectDto application = db.components().insertPublicApplication().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -172,17 +175,17 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| assertTemplate1AppliedToPrivateProject(privateProject); | |||
| assertTemplate1AppliedToPublicProject(publicProject); | |||
| assertTemplate1AppliedToPublicProject(application); | |||
| assertNoPermissionOnProject(view); | |||
| assertNoPermissionOnEntity(portfolio); | |||
| } | |||
| @Test | |||
| public void apply_template_by_query_on_name_and_key_public_project() { | |||
| ComponentDto publicProjectFoundByKey = ComponentTesting.newPublicProjectDto().setKey("sonar"); | |||
| db.components().insertProjectAndSnapshot(publicProjectFoundByKey); | |||
| ProjectDto publicProjectDtoFoundByKey = db.components().insertProjectDataAndSnapshot(publicProjectFoundByKey).getProjectDto(); | |||
| ComponentDto publicProjectFoundByName = ComponentTesting.newPublicProjectDto().setName("name-sonar-name"); | |||
| db.components().insertProjectAndSnapshot(publicProjectFoundByName); | |||
| ProjectDto publicProjectDtoFoundByName = db.components().insertProjectDataAndSnapshot(publicProjectFoundByName).getProjectDto(); | |||
| ComponentDto projectUntouched = ComponentTesting.newPublicProjectDto().setKey("new-sona").setName("project-name"); | |||
| db.components().insertProjectAndSnapshot(projectUntouched); | |||
| ProjectDto projectDtoUntouched = db.components().insertProjectDataAndSnapshot(projectUntouched).getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -190,20 +193,20 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| .setParam(Param.TEXT_QUERY, "SONAR") | |||
| .execute(); | |||
| assertTemplate1AppliedToPublicProject(publicProjectFoundByKey); | |||
| assertTemplate1AppliedToPublicProject(publicProjectFoundByName); | |||
| assertNoPermissionOnProject(projectUntouched); | |||
| assertTemplate1AppliedToPublicProject(publicProjectDtoFoundByKey); | |||
| assertTemplate1AppliedToPublicProject(publicProjectDtoFoundByName); | |||
| assertNoPermissionOnEntity(projectDtoUntouched); | |||
| } | |||
| @Test | |||
| public void apply_template_by_query_on_name_and_key() { | |||
| // partial match on key | |||
| ComponentDto privateProjectFoundByKey = ComponentTesting.newPrivateProjectDto().setKey("sonarqube"); | |||
| db.components().insertProjectAndSnapshot(privateProjectFoundByKey); | |||
| ProjectDto privateProjectDtoFoundByKey = db.components().insertProjectDataAndSnapshot(privateProjectFoundByKey).getProjectDto(); | |||
| ComponentDto privateProjectFoundByName = ComponentTesting.newPrivateProjectDto().setName("name-sonar-name"); | |||
| db.components().insertProjectAndSnapshot(privateProjectFoundByName); | |||
| ProjectDto privateProjectDtoFoundByName = db.components().insertProjectDataAndSnapshot(privateProjectFoundByName).getProjectDto(); | |||
| ComponentDto projectUntouched = ComponentTesting.newPublicProjectDto().setKey("new-sona").setName("project-name"); | |||
| db.components().insertProjectAndSnapshot(projectUntouched); | |||
| ProjectDto projectDtoUntouched = db.components().insertProjectDataAndSnapshot(projectUntouched).getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -211,16 +214,16 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| .setParam(Param.TEXT_QUERY, "SONAR") | |||
| .execute(); | |||
| assertTemplate1AppliedToPrivateProject(privateProjectFoundByKey); | |||
| assertTemplate1AppliedToPrivateProject(privateProjectFoundByName); | |||
| assertNoPermissionOnProject(projectUntouched); | |||
| assertTemplate1AppliedToPrivateProject(privateProjectDtoFoundByKey); | |||
| assertTemplate1AppliedToPrivateProject(privateProjectDtoFoundByName); | |||
| assertNoPermissionOnEntity(projectDtoUntouched); | |||
| } | |||
| @Test | |||
| public void apply_template_by_project_keys() { | |||
| ComponentDto project1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto project2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto untouchedProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ProjectDto project1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto project2 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto untouchedProject = db.components().insertPrivateProject().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -230,15 +233,15 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| assertTemplate1AppliedToPrivateProject(project1); | |||
| assertTemplate1AppliedToPrivateProject(project2); | |||
| assertNoPermissionOnProject(untouchedProject); | |||
| assertNoPermissionOnEntity(untouchedProject); | |||
| } | |||
| @Test | |||
| public void apply_template_by_provisioned_only() { | |||
| ComponentDto provisionedProject1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto provisionedProject2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto analyzedProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| db.components().insertSnapshot(newAnalysis(analyzedProject)); | |||
| ProjectDto provisionedProject1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto provisionedProject2 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectData analyzedProject = db.components().insertPrivateProject(); | |||
| db.components().insertSnapshot(newAnalysis(analyzedProject.getMainBranchDto().getUuid())); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -248,17 +251,17 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| assertTemplate1AppliedToPrivateProject(provisionedProject1); | |||
| assertTemplate1AppliedToPrivateProject(provisionedProject2); | |||
| assertNoPermissionOnProject(analyzedProject); | |||
| assertNoPermissionOnEntity(analyzedProject.getProjectDto()); | |||
| } | |||
| @Test | |||
| public void apply_template_by_analyzed_before() { | |||
| ComponentDto oldProject1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto oldProject2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto recentProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| db.components().insertSnapshot(oldProject1, a -> a.setCreatedAt(parseDate("2015-02-03").getTime())); | |||
| db.components().insertSnapshot(oldProject2, a -> a.setCreatedAt(parseDate("2016-12-11").getTime())); | |||
| db.components().insertSnapshot(recentProject, a -> a.setCreatedAt(System.currentTimeMillis())); | |||
| ProjectData oldProject1 = db.components().insertPrivateProject(); | |||
| ProjectData oldProject2 = db.components().insertPrivateProject(); | |||
| ProjectData recentProject = db.components().insertPrivateProject(); | |||
| db.components().insertSnapshot(oldProject1.getMainBranchComponent(), a -> a.setCreatedAt(parseDate("2015-02-03").getTime())); | |||
| db.components().insertSnapshot(oldProject2.getMainBranchComponent(), a -> a.setCreatedAt(parseDate("2016-12-11").getTime())); | |||
| db.components().insertSnapshot(recentProject.getMainBranchComponent(), a -> a.setCreatedAt(System.currentTimeMillis())); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -266,16 +269,16 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| .setParam(PARAM_ANALYZED_BEFORE, "2017-09-07") | |||
| .execute(); | |||
| assertTemplate1AppliedToPrivateProject(oldProject1); | |||
| assertTemplate1AppliedToPrivateProject(oldProject2); | |||
| assertNoPermissionOnProject(recentProject); | |||
| assertTemplate1AppliedToPrivateProject(oldProject1.getProjectDto()); | |||
| assertTemplate1AppliedToPrivateProject(oldProject2.getProjectDto()); | |||
| assertNoPermissionOnEntity(recentProject.getProjectDto()); | |||
| } | |||
| @Test | |||
| public void apply_template_by_visibility() { | |||
| ComponentDto privateProject1 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto privateProject2 = db.components().insertPrivateProject().getMainBranchComponent(); | |||
| ComponentDto publicProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto privateProject1 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto privateProject2 = db.components().insertPrivateProject().getProjectDto(); | |||
| ProjectDto publicProject = db.components().insertPublicProject().getProjectDto(); | |||
| loginAsAdmin(); | |||
| newRequest() | |||
| @@ -285,7 +288,7 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| assertTemplate1AppliedToPrivateProject(privateProject1); | |||
| assertTemplate1AppliedToPrivateProject(privateProject2); | |||
| assertNoPermissionOnProject(publicProject); | |||
| assertNoPermissionOnEntity(publicProject); | |||
| } | |||
| @Test | |||
| @@ -306,7 +309,7 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| .hasMessage("Permission template with id 'unknown-template-uuid' is not found"); | |||
| } | |||
| private void assertTemplate1AppliedToPublicProject(ComponentDto project) { | |||
| private void assertTemplate1AppliedToPublicProject(ProjectDto project) { | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName()); | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.USER)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty(); | |||
| @@ -314,7 +317,7 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getUuid()); | |||
| } | |||
| private void assertTemplate1AppliedToPrivateProject(ComponentDto project) { | |||
| private void assertTemplate1AppliedToPrivateProject(ProjectDto project) { | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName()); | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.USER)).containsExactly(group2.getName()); | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty(); | |||
| @@ -322,15 +325,15 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getUuid()); | |||
| } | |||
| private void assertNoPermissionOnProject(ComponentDto project) { | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.CODEVIEWER)).isEmpty(); | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionGroups(project, UserRole.USER)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.CODEVIEWER)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(project, UserRole.USER)).isEmpty(); | |||
| private void assertNoPermissionOnEntity(EntityDto entity) { | |||
| assertThat(selectProjectPermissionGroups(entity, UserRole.ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionGroups(entity, UserRole.CODEVIEWER)).isEmpty(); | |||
| assertThat(selectProjectPermissionGroups(entity, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionGroups(entity, UserRole.USER)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(entity, UserRole.ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(entity, UserRole.CODEVIEWER)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(entity, UserRole.ISSUE_ADMIN)).isEmpty(); | |||
| assertThat(selectProjectPermissionUsers(entity, UserRole.USER)).isEmpty(); | |||
| } | |||
| private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) { | |||
| @@ -345,13 +348,13 @@ public class BulkApplyTemplateActionIT extends BasePermissionWsIT<BulkApplyTempl | |||
| db.commit(); | |||
| } | |||
| private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
| private List<String> selectProjectPermissionGroups(EntityDto project, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(project).build(); | |||
| return db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(db.getSession(), query); | |||
| } | |||
| private List<String> selectProjectPermissionUsers(ComponentDto project, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponent(project).build(); | |||
| private List<String> selectProjectPermissionUsers(EntityDto project, String permission) { | |||
| PermissionQuery query = PermissionQuery.builder().setPermission(permission).setEntity(project).build(); | |||
| return db.getDbClient().userPermissionDao().selectUserUuidsByQuery(db.getSession(), query); | |||
| } | |||
| } | |||
+ 3
- 4
server/sonar-webserver-webapi/src/it/java/org/sonar/server/project/ws/CreateActionIT.java
파일 보기
| @@ -207,7 +207,7 @@ public class CreateActionIT { | |||
| @Test | |||
| public void add_project_to_user_favorites_if_project_creator_is_defined_in_permission_template() { | |||
| UserDto user = db.users().insertUser(); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
| userSession.logIn(user).addPermission(PROVISION_PROJECTS); | |||
| ws.newRequest() | |||
| @@ -222,9 +222,8 @@ public class CreateActionIT { | |||
| @Test | |||
| public void do_not_add_project_to_user_favorites_if_project_creator_is_defined_in_permission_template_and_already_100_favorites() { | |||
| UserDto user = db.users().insertUser(); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ComponentDto.class))).thenReturn(true); | |||
| rangeClosed(1, 100).forEach(i -> db.favorites().add(db.components().insertPrivateProject().getProjectDto(), user.getUuid(), | |||
| user.getLogin())); | |||
| when(permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(any(DbSession.class), any(ProjectDto.class))).thenReturn(true); | |||
| rangeClosed(1, 100).forEach(i -> db.favorites().add(db.components().insertPrivateProject().getProjectDto(), user.getUuid(), user.getLogin())); | |||
| userSession.logIn(user).addPermission(PROVISION_PROJECTS); | |||
| ws.newRequest() | |||
+ 107
- 104
server/sonar-webserver-webapi/src/it/java/org/sonar/server/project/ws/UpdateVisibilityActionIT.java
파일 보기
| @@ -40,12 +40,16 @@ import org.sonar.db.DbSession; | |||
| import org.sonar.db.DbTester; | |||
| import org.sonar.db.ce.CeQueueDto; | |||
| import org.sonar.db.component.BranchDto; | |||
| import org.sonar.db.component.BranchType; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ComponentTesting; | |||
| import org.sonar.db.component.PortfolioData; | |||
| import org.sonar.db.component.ProjectData; | |||
| import org.sonar.db.component.ResourceTypesRule; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.permission.GroupPermissionDto; | |||
| import org.sonar.db.permission.UserPermissionDto; | |||
| import org.sonar.db.portfolio.PortfolioDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.db.user.UserDto; | |||
| @@ -55,7 +59,6 @@ import org.sonar.server.es.ProjectIndexer; | |||
| import org.sonar.server.es.TestProjectIndexers; | |||
| import org.sonar.server.exceptions.BadRequestException; | |||
| import org.sonar.server.exceptions.ForbiddenException; | |||
| import org.sonar.server.exceptions.NotFoundException; | |||
| import org.sonar.server.exceptions.UnauthorizedException; | |||
| import org.sonar.server.permission.PermissionService; | |||
| import org.sonar.server.permission.PermissionServiceImpl; | |||
| @@ -84,9 +87,8 @@ public class UpdateVisibilityActionIT { | |||
| private static final Set<String> GLOBAL_PERMISSIONS_NAME_SET = stream(GlobalPermission.values()).map(GlobalPermission::getKey) | |||
| .collect(MoreCollectors.toSet(GlobalPermission.values().length)); | |||
| //TODO, use different uuids | |||
| @Rule | |||
| public final DbTester dbTester = DbTester.create(System2.INSTANCE); | |||
| public final DbTester dbTester = DbTester.create(System2.INSTANCE, true); | |||
| @Rule | |||
| public final EsTester es = EsTester.createCustom(new FooIndexDefinition()); | |||
| @Rule | |||
| @@ -190,18 +192,19 @@ public class UpdateVisibilityActionIT { | |||
| @Test | |||
| public void execute_fails_with_BadRequestException_if_specified_component_is_neither_a_project_a_portfolio_nor_an_application() { | |||
| ComponentDto project = randomPublicOrPrivateProject(); | |||
| ComponentDto dir = ComponentTesting.newDirectory(project, "path"); | |||
| ComponentDto file = ComponentTesting.newFileDto(project); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| ComponentDto dir = ComponentTesting.newDirectory(project.getMainBranchComponent(), "path"); | |||
| ComponentDto file = ComponentTesting.newFileDto(project.getMainBranchComponent()); | |||
| dbTester.components().insertComponents(dir, file); | |||
| ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
| ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); | |||
| ComponentDto subView = ComponentTesting.newSubPortfolio(portfolio); | |||
| ComponentDto projectCopy = newProjectCopy("foo", project, subView); | |||
| ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
| PortfolioData portfolio = dbTester.components().insertPrivatePortfolioData(); | |||
| ComponentDto subView = ComponentTesting.newSubPortfolio(portfolio.getRootComponent()); | |||
| ComponentDto projectCopy = newProjectCopy("foo", project.getMainBranchComponent(), subView); | |||
| dbTester.components().insertComponents(subView, projectCopy); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project, portfolio, application); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto(), application); | |||
| userSessionRule.addPortfolioPermission(UserRole.ADMIN, portfolio.getPortfolioDto()); | |||
| Stream.of(project, portfolio, application).forEach(c -> request | |||
| Stream.of(project.getProjectDto(), portfolio.getPortfolioDto(), application).forEach(c -> request | |||
| .setParam(PARAM_PROJECT, c.getKey()) | |||
| .setParam(PARAM_VISIBILITY, randomVisibility) | |||
| .execute()); | |||
| @@ -261,24 +264,24 @@ public class UpdateVisibilityActionIT { | |||
| @Test | |||
| public void execute_throws_ForbiddenException_if_user_has_global_ADMIN_permission_even_if_sonar_allowPermissionManagementForProjectAdmins_is_set_to_false() { | |||
| when(configuration.getBoolean(CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_PROPERTY)).thenReturn(of(false)); | |||
| ComponentDto project = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = dbTester.components().insertPublicProject().getProjectDto(); | |||
| userSessionRule.setSystemAdministrator().addProjectPermission(UserRole.ADMIN, project); | |||
| request.setParam(PARAM_PROJECT, project.getKey()) | |||
| .setParam(PARAM_VISIBILITY, "private"); | |||
| request.execute(); | |||
| assertThat(isPrivateInDb(project)).isTrue(); | |||
| assertThat(dbClient.projectDao().selectProjectByKey(dbSession, project.getKey()).get().isPrivate()).isTrue(); | |||
| } | |||
| @Test | |||
| public void execute_throws_BadRequestException_if_specified_component_has_pending_tasks() { | |||
| ComponentDto project = randomPublicOrPrivateProject(); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| IntStream.range(0, 1 + Math.abs(random.nextInt(5))) | |||
| .forEach(i -> insertPendingTask(project)); | |||
| request.setParam(PARAM_PROJECT, project.getKey()) | |||
| .forEach(i -> insertPendingTask(project.getMainBranchComponent().uuid())); | |||
| request.setParam(PARAM_PROJECT, project.projectKey()) | |||
| .setParam(PARAM_VISIBILITY, randomVisibility); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
| assertThatThrownBy(request::execute) | |||
| .isInstanceOf(BadRequestException.class) | |||
| @@ -287,12 +290,12 @@ public class UpdateVisibilityActionIT { | |||
| @Test | |||
| public void execute_throws_BadRequestException_if_main_component_of_specified_component_has_in_progress_tasks() { | |||
| ComponentDto project = randomPublicOrPrivateProject(); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| IntStream.range(0, 1 + Math.abs(random.nextInt(5))) | |||
| .forEach(i -> insertInProgressTask(project)); | |||
| request.setParam(PARAM_PROJECT, project.getKey()) | |||
| .forEach(i -> insertInProgressTask(project.getMainBranchComponent().uuid())); | |||
| request.setParam(PARAM_PROJECT, project.projectKey()) | |||
| .setParam(PARAM_VISIBILITY, randomVisibility); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
| assertThatThrownBy(request::execute) | |||
| .isInstanceOf(BadRequestException.class) | |||
| @@ -301,24 +304,24 @@ public class UpdateVisibilityActionIT { | |||
| @Test | |||
| public void execute_changes_private_flag_of_specified_project_and_all_children_to_specified_new_visibility() { | |||
| ComponentDto project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.isPrivate(); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
| BranchDto branchDto = ComponentTesting.newBranchDto(project); | |||
| BranchDto branchDto = ComponentTesting.newBranchDto(project.projectUuid(), BranchType.BRANCH); | |||
| dbClient.branchDao().insert(dbSession, branchDto); | |||
| ComponentDto branch = ComponentTesting.newBranchComponent(project, branchDto); | |||
| ComponentDto dir = ComponentTesting.newDirectory(project, "path"); | |||
| ComponentDto file = ComponentTesting.newFileDto(project); | |||
| ComponentDto branch = ComponentTesting.newBranchComponent(project.getProjectDto(), branchDto); | |||
| ComponentDto dir = ComponentTesting.newDirectory(project.getMainBranchComponent(), "path"); | |||
| ComponentDto file = ComponentTesting.newFileDto(project.getMainBranchComponent()); | |||
| dbTester.components().insertComponents(branch, dir, file); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
| request.setParam(PARAM_PROJECT, project.getKey()) | |||
| request.setParam(PARAM_PROJECT, project.projectKey()) | |||
| .setParam(PARAM_VISIBILITY, initiallyPrivate ? PUBLIC : PRIVATE) | |||
| .execute(); | |||
| assertThat(isPrivateInDb(project)).isEqualTo(!initiallyPrivate); | |||
| assertThat(dbClient.projectDao().selectProjectByKey(dbSession, project.projectKey()).get().isPrivate()).isEqualTo(!initiallyPrivate); | |||
| assertThat(isPrivateInDb(branch)).isEqualTo(!initiallyPrivate); | |||
| assertThat(isPrivateInDb(dir)).isEqualTo(!initiallyPrivate); | |||
| assertThat(isPrivateInDb(file)).isEqualTo(!initiallyPrivate); | |||
| @@ -326,27 +329,27 @@ public class UpdateVisibilityActionIT { | |||
| @Test | |||
| public void execute_has_no_effect_if_specified_project_already_has_specified_visibility() { | |||
| ComponentDto project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.isPrivate(); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
| BranchDto branchDto = ComponentTesting.newBranchDto(project); | |||
| BranchDto branchDto = ComponentTesting.newBranchDto(project.getMainBranchComponent()); | |||
| dbClient.branchDao().insert(dbSession, branchDto); | |||
| ComponentDto branch = ComponentTesting.newBranchComponent(project, branchDto) | |||
| ComponentDto branch = ComponentTesting.newBranchComponent(project.getProjectDto(), branchDto) | |||
| .setPrivate(initiallyPrivate); | |||
| ComponentDto dir = ComponentTesting.newDirectory(project, "path") | |||
| ComponentDto dir = ComponentTesting.newDirectory(project.getMainBranchComponent(), "path") | |||
| // child is inconsistent with root (should not occur) and won't be fixed | |||
| .setPrivate(!initiallyPrivate); | |||
| ComponentDto file = ComponentTesting.newFileDto(project) | |||
| ComponentDto file = ComponentTesting.newFileDto(project.getMainBranchComponent()) | |||
| .setPrivate(initiallyPrivate); | |||
| dbTester.components().insertComponents(branch, dir, file); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
| request.setParam(PARAM_PROJECT, project.getKey()) | |||
| request.setParam(PARAM_PROJECT, project.projectKey()) | |||
| .setParam(PARAM_VISIBILITY, initiallyPrivate ? PRIVATE : PUBLIC) | |||
| .execute(); | |||
| assertThat(isPrivateInDb(project)).isEqualTo(initiallyPrivate); | |||
| assertThat(isPrivateInDb(project.getMainBranchComponent())).isEqualTo(initiallyPrivate); | |||
| assertThat(isPrivateInDb(branch)).isEqualTo(initiallyPrivate); | |||
| assertThat(isPrivateInDb(dir)).isEqualTo(!initiallyPrivate); | |||
| assertThat(isPrivateInDb(file)).isEqualTo(initiallyPrivate); | |||
| @@ -414,33 +417,33 @@ public class UpdateVisibilityActionIT { | |||
| @Test | |||
| public void execute_updates_permission_of_specified_project_in_indexes_when_changing_visibility() { | |||
| ComponentDto project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.isPrivate(); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
| request.setParam(PARAM_PROJECT, project.getKey()) | |||
| request.setParam(PARAM_PROJECT, project.projectKey()) | |||
| .setParam(PARAM_VISIBILITY, initiallyPrivate ? PUBLIC : PRIVATE) | |||
| .execute(); | |||
| assertThat(projectIndexers.hasBeenCalled(project.uuid(), ProjectIndexer.Cause.PERMISSION_CHANGE)).isTrue(); | |||
| assertThat(projectIndexers.hasBeenCalled(project.projectUuid(), ProjectIndexer.Cause.PERMISSION_CHANGE)).isTrue(); | |||
| } | |||
| @Test | |||
| public void execute_does_not_update_permission_of_specified_project_in_indexes_if_already_has_specified_visibility() { | |||
| ComponentDto project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.isPrivate(); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project); | |||
| ProjectData project = randomPublicOrPrivateProject(); | |||
| boolean initiallyPrivate = project.getProjectDto().isPrivate(); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, project.getProjectDto()); | |||
| request.setParam(PARAM_PROJECT, project.getKey()) | |||
| request.setParam(PARAM_PROJECT, project.projectKey()) | |||
| .setParam(PARAM_VISIBILITY, initiallyPrivate ? PRIVATE : PUBLIC) | |||
| .execute(); | |||
| assertThat(projectIndexers.hasBeenCalled(project.uuid())).isFalse(); | |||
| assertThat(projectIndexers.hasBeenCalled(project.projectUuid())).isFalse(); | |||
| } | |||
| @Test | |||
| public void execute_grants_USER_and_CODEVIEWER_permissions_to_any_user_with_at_least_one_permission_when_making_project_private() { | |||
| ComponentDto project = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = dbTester.components().insertPublicProject().getProjectDto(); | |||
| UserDto user1 = dbTester.users().insertUser(); | |||
| UserDto user2 = dbTester.users().insertUser(); | |||
| UserDto user3 = dbTester.users().insertUser(); | |||
| @@ -453,17 +456,17 @@ public class UpdateVisibilityActionIT { | |||
| .setParam(PARAM_VISIBILITY, PRIVATE) | |||
| .execute(); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project.uuid())) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user1.getUuid(), project.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p1", "p2"); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project.uuid())) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user2.getUuid(), project.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p2"); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user3.getUuid(), project.uuid())) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user3.getUuid(), project.getUuid())) | |||
| .isEmpty(); | |||
| } | |||
| @Test | |||
| public void execute_grants_USER_and_CODEVIEWER_permissions_to_any_group_with_at_least_one_permission_when_making_project_private() { | |||
| ComponentDto project = dbTester.components().insertPublicProject().getMainBranchComponent(); | |||
| ProjectDto project = dbTester.components().insertPublicProject().getProjectDto(); | |||
| GroupDto group1 = dbTester.users().insertGroup(); | |||
| GroupDto group2 = dbTester.users().insertGroup(); | |||
| GroupDto group3 = dbTester.users().insertGroup(); | |||
| @@ -476,38 +479,38 @@ public class UpdateVisibilityActionIT { | |||
| .setParam(PARAM_VISIBILITY, PRIVATE) | |||
| .execute(); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid())) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group1.getUuid(), project.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p1", "p2"); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid())) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group2.getUuid(), project.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, "p2"); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group3.getUuid(), project.uuid())) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group3.getUuid(), project.getUuid())) | |||
| .isEmpty(); | |||
| } | |||
| @Test | |||
| public void update_a_portfolio_to_private() { | |||
| ComponentDto portfolio = dbTester.components().insertPublicPortfolio(); | |||
| PortfolioDto portfolio = dbTester.components().insertPublicPortfolioDto(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, portfolio); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| dbTester.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, portfolio); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, portfolio); | |||
| userSessionRule.addPortfolioPermission(UserRole.ADMIN, portfolio); | |||
| request.setParam(PARAM_PROJECT, portfolio.getKey()) | |||
| .setParam(PARAM_VISIBILITY, PRIVATE) | |||
| .execute(); | |||
| assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.uuid()).get().isPrivate()).isTrue(); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), portfolio.uuid())) | |||
| assertThat(dbClient.portfolioDao().selectByUuid(dbSession, portfolio.getUuid()).get().isPrivate()).isTrue(); | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), portfolio.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), portfolio.uuid())) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), portfolio.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ADMIN); | |||
| } | |||
| @Test | |||
| public void update_a_portfolio_to_public() { | |||
| ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, portfolio); | |||
| PortfolioDto portfolio = dbTester.components().insertPrivatePortfolioDto(); | |||
| userSessionRule.addPortfolioPermission(UserRole.ADMIN, portfolio); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, portfolio); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.USER, portfolio); | |||
| @@ -521,16 +524,16 @@ public class UpdateVisibilityActionIT { | |||
| .setParam(PARAM_VISIBILITY, PUBLIC) | |||
| .execute(); | |||
| assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.uuid()).get().isPrivate()).isFalse(); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), portfolio.uuid())) | |||
| assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.getUuid()).get().isPrivate()).isFalse(); | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), portfolio.getUuid())) | |||
| .containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), portfolio.uuid())) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), portfolio.getUuid())) | |||
| .containsOnly(UserRole.ADMIN); | |||
| } | |||
| @Test | |||
| public void update_an_application_to_private() { | |||
| ComponentDto application = dbTester.components().insertPublicApplication().getMainBranchComponent(); | |||
| ProjectDto application = dbTester.components().insertPublicApplication().getProjectDto(); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, application); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| @@ -541,34 +544,34 @@ public class UpdateVisibilityActionIT { | |||
| .setParam(PARAM_VISIBILITY, PRIVATE) | |||
| .execute(); | |||
| assertThat(dbClient.componentDao().selectByUuid(dbSession, application.uuid()).get().isPrivate()).isTrue(); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), application.uuid())) | |||
| assertThat(dbClient.projectDao().selectByUuid(dbSession, application.getUuid()).get().isPrivate()).isTrue(); | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), application.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), application.uuid())) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), application.getUuid())) | |||
| .containsOnly(UserRole.USER, UserRole.CODEVIEWER, UserRole.ADMIN); | |||
| } | |||
| @Test | |||
| public void update_an_application_to_public() { | |||
| ComponentDto portfolio = dbTester.components().insertPrivateApplication().getMainBranchComponent(); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, portfolio); | |||
| ProjectDto application = dbTester.components().insertPrivateApplication().getProjectDto(); | |||
| userSessionRule.addProjectPermission(UserRole.ADMIN, application); | |||
| GroupDto group = dbTester.users().insertGroup(); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, portfolio); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.USER, portfolio); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, portfolio); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, application); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.USER, application); | |||
| dbTester.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, application); | |||
| UserDto user = dbTester.users().insertUser(); | |||
| dbTester.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, portfolio); | |||
| dbTester.users().insertProjectPermissionOnUser(user, UserRole.USER, portfolio); | |||
| dbTester.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, portfolio); | |||
| dbTester.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, application); | |||
| dbTester.users().insertProjectPermissionOnUser(user, UserRole.USER, application); | |||
| dbTester.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, application); | |||
| request.setParam(PARAM_PROJECT, portfolio.getKey()) | |||
| request.setParam(PARAM_PROJECT, application.getKey()) | |||
| .setParam(PARAM_VISIBILITY, PUBLIC) | |||
| .execute(); | |||
| assertThat(dbClient.componentDao().selectByUuid(dbSession, portfolio.uuid()).get().isPrivate()).isFalse(); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), portfolio.uuid())) | |||
| assertThat(dbClient.projectDao().selectApplicationByKey(dbSession, application.getKey()).get().isPrivate()).isFalse(); | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), application.getUuid())) | |||
| .containsOnly(UserRole.ISSUE_ADMIN); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), portfolio.uuid())) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), application.getUuid())) | |||
| .containsOnly(UserRole.ADMIN); | |||
| } | |||
| @@ -623,11 +626,11 @@ public class UpdateVisibilityActionIT { | |||
| .containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
| assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())) | |||
| .containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, null, projectUuid)) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, null, projectUuid)) | |||
| .isEmpty(); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
| .containsAll(permissionService.getAllProjectPermissions()); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
| .containsAll(permissionService.getAllProjectPermissions()); | |||
| } | |||
| @@ -638,15 +641,15 @@ public class UpdateVisibilityActionIT { | |||
| .containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
| assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())) | |||
| .containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, null, projectUuid)) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, null, projectUuid)) | |||
| .doesNotContain(UserRole.USER) | |||
| .doesNotContain(UserRole.CODEVIEWER) | |||
| .containsAll(PROJECT_PERMISSIONS_BUT_USER_AND_CODEVIEWER); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
| .doesNotContain(UserRole.USER) | |||
| .doesNotContain(UserRole.CODEVIEWER) | |||
| .containsAll(PROJECT_PERMISSIONS_BUT_USER_AND_CODEVIEWER); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
| .doesNotContain(UserRole.USER) | |||
| .doesNotContain(UserRole.CODEVIEWER) | |||
| .containsAll(PROJECT_PERMISSIONS_BUT_USER_AND_CODEVIEWER); | |||
| @@ -659,39 +662,39 @@ public class UpdateVisibilityActionIT { | |||
| .containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
| assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())) | |||
| .containsAll(GLOBAL_PERMISSIONS_NAME_SET); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, null, projectUuid)) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, null, projectUuid)) | |||
| .containsAll(permissionService.getAllProjectPermissions()); | |||
| assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
| assertThat(dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, group.getUuid(), projectUuid)) | |||
| .containsAll(permissionService.getAllProjectPermissions()); | |||
| assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
| assertThat(dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), projectUuid)) | |||
| .containsAll(permissionService.getAllProjectPermissions()); | |||
| } | |||
| private void insertPendingTask(ComponentDto project) { | |||
| insertCeQueueDto(project, CeQueueDto.Status.PENDING); | |||
| private void insertPendingTask(String projectUuid) { | |||
| insertCeQueueDto(projectUuid, CeQueueDto.Status.PENDING); | |||
| } | |||
| private void insertInProgressTask(ComponentDto project) { | |||
| insertCeQueueDto(project, CeQueueDto.Status.IN_PROGRESS); | |||
| private void insertInProgressTask(String projectUuid) { | |||
| insertCeQueueDto(projectUuid, CeQueueDto.Status.IN_PROGRESS); | |||
| } | |||
| private int counter = 0; | |||
| private void insertCeQueueDto(ComponentDto project, CeQueueDto.Status status) { | |||
| private void insertCeQueueDto(String projectUuid, CeQueueDto.Status status) { | |||
| dbClient.ceQueueDao().insert(dbTester.getSession(), new CeQueueDto() | |||
| .setUuid("pending" + counter++) | |||
| .setComponentUuid(project.uuid()) | |||
| .setMainComponentUuid(project.uuid()) | |||
| .setComponentUuid(projectUuid) | |||
| .setMainComponentUuid(projectUuid) | |||
| .setTaskType("foo") | |||
| .setStatus(status)); | |||
| dbTester.commit(); | |||
| } | |||
| private boolean isPrivateInDb(ComponentDto project) { | |||
| return dbClient.componentDao().selectByUuid(dbTester.getSession(), project.uuid()).get().isPrivate(); | |||
| private boolean isPrivateInDb(ComponentDto component) { | |||
| return dbClient.componentDao().selectByUuid(dbTester.getSession(), component.uuid()).get().isPrivate(); | |||
| } | |||
| private ComponentDto randomPublicOrPrivateProject() { | |||
| return random.nextBoolean() ? dbTester.components().insertPublicProject().getMainBranchComponent() : dbTester.components().insertPrivateProject().getMainBranchComponent(); | |||
| private ProjectData randomPublicOrPrivateProject() { | |||
| return random.nextBoolean() ? dbTester.components().insertPublicProject() : dbTester.components().insertPrivateProject(); | |||
| } | |||
| } | |||
+ 1
- 1
server/sonar-webserver-webapi/src/it/java/org/sonar/server/user/ws/DeactivateActionIT.java
파일 보기
| @@ -174,7 +174,7 @@ public class DeactivateActionIT { | |||
| deactivate(user.getLogin()); | |||
| assertThat(db.getDbClient().userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())).isEmpty(); | |||
| assertThat(db.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).isEmpty(); | |||
| assertThat(db.getDbClient().userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).isEmpty(); | |||
| } | |||
| @Test | |||
+ 8
- 9
server/sonar-webserver-webapi/src/main/java/org/sonar/server/component/ComponentUpdater.java
파일 보기
| @@ -143,23 +143,22 @@ public class ComponentUpdater { | |||
| if (isRootProject(componentDto)) { | |||
| projectDto = toProjectDto(componentDto, now); | |||
| dbClient.projectDao().insert(dbSession, projectDto); | |||
| addToFavourites(dbSession, projectDto, userUuid, userLogin, componentDto); | |||
| addToFavourites(dbSession, projectDto, userUuid, userLogin); | |||
| mainBranch = createMainBranch(dbSession, componentDto.uuid(), projectDto.getUuid(), mainBranchName); | |||
| } | |||
| if (isRootView(componentDto)) { | |||
| permissionTemplateService.applyDefaultToNewComponent(dbSession, projectDto, userUuid); | |||
| } else if (isRootView(componentDto)) { | |||
| PortfolioDto portfolioDto = toPortfolioDto(componentDto, now); | |||
| dbClient.portfolioDao().insert(dbSession, portfolioDto); | |||
| permissionTemplateService.applyDefaultToNewComponent(dbSession, portfolioDto, userUuid); | |||
| } else { | |||
| throw new IllegalArgumentException("Component " + componentDto + " is not a top level entity"); | |||
| } | |||
| // TODO SONAR-19445: probably we want to apply it to the projectDto or portfolioDto | |||
| permissionTemplateService.applyDefaultToNewComponent(dbSession, componentDto, userUuid); | |||
| return new ComponentCreationData(componentDto, mainBranch, projectDto); | |||
| } | |||
| // TODO SONAR-19445, when working on permissions, maybe we could remove the last argument from this method | |||
| private void addToFavourites(DbSession dbSession, ProjectDto projectDto, @Nullable String userUuid, @Nullable String userLogin, ComponentDto componentDto) { | |||
| if (permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(dbSession, componentDto)) { | |||
| private void addToFavourites(DbSession dbSession, ProjectDto projectDto, @Nullable String userUuid, @Nullable String userLogin) { | |||
| if (permissionTemplateService.hasDefaultTemplateWithPermissionOnProjectCreator(dbSession, projectDto)) { | |||
| favoriteUpdater.add(dbSession, projectDto, userUuid, userLogin, false); | |||
| } | |||
| } | |||
+ 3
- 3
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChange.java
파일 보기
| @@ -20,15 +20,15 @@ | |||
| package org.sonar.server.permission; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| public class GroupPermissionChange extends PermissionChange { | |||
| private final GroupUuidOrAnyone group; | |||
| public GroupPermissionChange(Operation operation, String permission, @Nullable ComponentDto project, | |||
| public GroupPermissionChange(Operation operation, String permission, @Nullable EntityDto entityDto, | |||
| GroupUuidOrAnyone group, PermissionService permissionService) { | |||
| super(operation, permission, project, permissionService); | |||
| super(operation, permission, entityDto, permissionService); | |||
| this.group = group; | |||
| } | |||
+ 11
- 21
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java
파일 보기
| @@ -25,10 +25,9 @@ import org.sonar.api.web.UserRole; | |||
| import org.sonar.core.util.UuidFactory; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.permission.GroupPermissionDto; | |||
| import org.sonar.db.project.ProjectDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import static com.google.common.base.Preconditions.checkNotNull; | |||
| @@ -63,32 +62,32 @@ public class GroupPermissionChanger { | |||
| } | |||
| private static boolean isImplicitlyAlreadyDone(GroupPermissionChange change) { | |||
| ComponentDto project = change.getProject(); | |||
| EntityDto project = change.getEntity(); | |||
| if (project != null) { | |||
| return isImplicitlyAlreadyDone(project, change); | |||
| } | |||
| return false; | |||
| } | |||
| private static boolean isImplicitlyAlreadyDone(ComponentDto project, GroupPermissionChange change) { | |||
| private static boolean isImplicitlyAlreadyDone(EntityDto project, GroupPermissionChange change) { | |||
| return isAttemptToAddPublicPermissionToPublicComponent(change, project) | |||
| || isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(change, project); | |||
| } | |||
| private static boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, ComponentDto project) { | |||
| private static boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, EntityDto project) { | |||
| return !project.isPrivate() | |||
| && change.getOperation() == ADD | |||
| && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
| } | |||
| private static boolean isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(GroupPermissionChange change, ComponentDto project) { | |||
| private static boolean isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(GroupPermissionChange change, EntityDto project) { | |||
| return project.isPrivate() | |||
| && change.getOperation() == REMOVE | |||
| && change.getGroupUuidOrAnyone().isAnyone(); | |||
| } | |||
| private static void ensureConsistencyWithVisibility(GroupPermissionChange change) { | |||
| ComponentDto project = change.getProject(); | |||
| EntityDto project = change.getEntity(); | |||
| if (project != null) { | |||
| checkRequest( | |||
| !isAttemptToAddPermissionToAnyoneOnPrivateComponent(change, project), | |||
| @@ -99,13 +98,13 @@ public class GroupPermissionChanger { | |||
| } | |||
| } | |||
| private static boolean isAttemptToAddPermissionToAnyoneOnPrivateComponent(GroupPermissionChange change, ComponentDto project) { | |||
| private static boolean isAttemptToAddPermissionToAnyoneOnPrivateComponent(GroupPermissionChange change, EntityDto project) { | |||
| return project.isPrivate() | |||
| && change.getOperation() == ADD | |||
| && change.getGroupUuidOrAnyone().isAnyone(); | |||
| } | |||
| private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, ComponentDto project) { | |||
| private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, EntityDto project) { | |||
| return !project.isPrivate() | |||
| && change.getOperation() == REMOVE | |||
| && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
| @@ -131,15 +130,7 @@ public class GroupPermissionChanger { | |||
| .map(GroupDto::getName) | |||
| .ifPresent(addedDto::setGroupName); | |||
| //TODO remove this code | |||
| ProjectDto projectDto = new ProjectDto(); | |||
| ComponentDto project = change.getProject(); | |||
| if (project != null) { | |||
| projectDto.setKey(project.getKey()); | |||
| projectDto.setQualifier(project.qualifier()); | |||
| } | |||
| dbClient.groupPermissionDao().insert(dbSession, addedDto, projectDto, null); | |||
| dbClient.groupPermissionDao().insert(dbSession, addedDto, change.getEntity(), null); | |||
| return true; | |||
| } | |||
| @@ -163,15 +154,14 @@ public class GroupPermissionChanger { | |||
| change.getPermission(), | |||
| groupUuid, | |||
| groupName, | |||
| change.getProjectUuid(), | |||
| change.getProject()); | |||
| change.getEntity()); | |||
| return true; | |||
| } | |||
| private List<String> loadExistingPermissions(DbSession dbSession, GroupPermissionChange change) { | |||
| String projectUuid = change.getProjectUuid(); | |||
| if (projectUuid != null) { | |||
| return dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, | |||
| return dbClient.groupPermissionDao().selectEntityPermissionsOfGroup(dbSession, | |||
| change.getGroupUuidOrAnyone().getUuid(), | |||
| projectUuid); | |||
| } | |||
+ 9
- 9
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java
파일 보기
| @@ -21,8 +21,8 @@ package org.sonar.server.permission; | |||
| import javax.annotation.CheckForNull; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import static java.util.Objects.requireNonNull; | |||
| import static org.sonar.core.util.stream.MoreCollectors.toList; | |||
| @@ -36,15 +36,15 @@ public abstract class PermissionChange { | |||
| private final Operation operation; | |||
| private final String permission; | |||
| private final ComponentDto project; | |||
| private final EntityDto entity; | |||
| protected final PermissionService permissionService; | |||
| protected PermissionChange(Operation operation, String permission, @Nullable ComponentDto project, PermissionService permissionService) { | |||
| protected PermissionChange(Operation operation, String permission, @Nullable EntityDto entity, PermissionService permissionService) { | |||
| this.operation = requireNonNull(operation); | |||
| this.permission = requireNonNull(permission); | |||
| this.project = project; | |||
| this.entity = entity; | |||
| this.permissionService = permissionService; | |||
| if (project == null) { | |||
| if (entity == null) { | |||
| checkRequest(permissionService.getGlobalPermissions().stream().anyMatch(p -> p.getKey().equals(permission)), | |||
| "Invalid global permission '%s'. Valid values are %s", permission, | |||
| permissionService.getGlobalPermissions().stream().map(GlobalPermission::getKey).collect(toList())); | |||
| @@ -63,17 +63,17 @@ public abstract class PermissionChange { | |||
| } | |||
| @CheckForNull | |||
| public ComponentDto getProject() { | |||
| return project; | |||
| public EntityDto getEntity() { | |||
| return entity; | |||
| } | |||
| @CheckForNull | |||
| public String getProjectName() { | |||
| return project == null ? null : project.name(); | |||
| return entity == null ? null : entity.getName(); | |||
| } | |||
| @CheckForNull | |||
| public String getProjectUuid() { | |||
| return project == null ? null : project.uuid(); | |||
| return entity == null ? null : entity.getUuid(); | |||
| } | |||
| } | |||
+ 4
- 4
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionPrivilegeChecker.java
파일 보기
| @@ -22,7 +22,7 @@ package org.sonar.server.permission; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.api.config.Configuration; | |||
| import org.sonar.api.web.UserRole; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.server.user.UserSession; | |||
| @@ -45,7 +45,7 @@ public class PermissionPrivilegeChecker { | |||
| * Checks that user is administrator of the specified project | |||
| * @throws org.sonar.server.exceptions.ForbiddenException if user is not administrator | |||
| */ | |||
| public static void checkProjectAdmin(UserSession userSession, Configuration config, @Nullable ComponentDto componentDto) { | |||
| public static void checkProjectAdmin(UserSession userSession, Configuration config, @Nullable EntityDto entity) { | |||
| userSession.checkLoggedIn(); | |||
| if (userSession.hasPermission(GlobalPermission.ADMINISTER)) { | |||
| @@ -54,8 +54,8 @@ public class PermissionPrivilegeChecker { | |||
| boolean allowChangingPermissionsByProjectAdmins = config.getBoolean(CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_PROPERTY) | |||
| .orElse(CORE_ALLOW_PERMISSION_MANAGEMENT_FOR_PROJECT_ADMINS_DEFAULT_VALUE); | |||
| if (componentDto != null && allowChangingPermissionsByProjectAdmins) { | |||
| userSession.checkComponentPermission(UserRole.ADMIN, componentDto); | |||
| if (entity != null && allowChangingPermissionsByProjectAdmins) { | |||
| userSession.checkEntityPermission(UserRole.ADMIN, entity); | |||
| } else { | |||
| throw insufficientPrivilegesException(); | |||
| } | |||
+ 36
- 40
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionTemplateService.java
파일 보기
| @@ -35,7 +35,7 @@ import org.sonar.api.server.ServerSide; | |||
| import org.sonar.core.util.UuidFactory; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GroupPermissionDto; | |||
| import org.sonar.db.permission.UserPermissionDto; | |||
| import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto; | |||
| @@ -81,8 +81,8 @@ public class PermissionTemplateService { | |||
| return true; | |||
| } | |||
| ComponentDto dto = new ComponentDto().setKey(projectKey).setQualifier(Qualifiers.PROJECT); | |||
| PermissionTemplateDto template = findTemplate(dbSession, dto); | |||
| ProjectDto projectDto = new ProjectDto().setKey(projectKey).setQualifier(Qualifiers.PROJECT); | |||
| PermissionTemplateDto template = findTemplate(dbSession, projectDto); | |||
| if (template == null) { | |||
| return false; | |||
| } | |||
| @@ -96,31 +96,31 @@ public class PermissionTemplateService { | |||
| * is not verified. The projects must exist, so the "project creator" permissions defined in the | |||
| * template are ignored. | |||
| */ | |||
| public void applyAndCommit(DbSession dbSession, PermissionTemplateDto template, Collection<ComponentDto> projects) { | |||
| if (projects.isEmpty()) { | |||
| public void applyAndCommit(DbSession dbSession, PermissionTemplateDto template, Collection<EntityDto> entities) { | |||
| if (entities.isEmpty()) { | |||
| return; | |||
| } | |||
| for (ComponentDto project : projects) { | |||
| dbClient.groupPermissionDao().deleteByRootComponentUuid(dbSession, project); | |||
| dbClient.userPermissionDao().deleteProjectPermissions(dbSession, project); | |||
| copyPermissions(dbSession, template, project, null); | |||
| for (EntityDto entity : entities) { | |||
| dbClient.groupPermissionDao().deleteByEntityUuid(dbSession, entity); | |||
| dbClient.userPermissionDao().deleteEntityPermissions(dbSession, entity); | |||
| copyPermissions(dbSession, template, entity, null); | |||
| } | |||
| projectIndexers.commitAndIndexComponents(dbSession, projects, ProjectIndexer.Cause.PERMISSION_CHANGE); | |||
| projectIndexers.commitAndIndexEntities(dbSession, entities, ProjectIndexer.Cause.PERMISSION_CHANGE); | |||
| } | |||
| /** | |||
| * Apply the default permission template to a new project (has no permissions yet). | |||
| * @param projectCreatorUserId id of the user creating the project. | |||
| */ | |||
| public void applyDefaultToNewComponent(DbSession dbSession, ComponentDto component, @Nullable String projectCreatorUserId) { | |||
| PermissionTemplateDto template = findTemplate(dbSession, component); | |||
| public void applyDefaultToNewComponent(DbSession dbSession, EntityDto entityDto, @Nullable String projectCreatorUserId) { | |||
| PermissionTemplateDto template = findTemplate(dbSession, entityDto); | |||
| checkArgument(template != null, "Cannot retrieve default permission template"); | |||
| copyPermissions(dbSession, template, component, projectCreatorUserId); | |||
| copyPermissions(dbSession, template, entityDto, projectCreatorUserId); | |||
| } | |||
| public boolean hasDefaultTemplateWithPermissionOnProjectCreator(DbSession dbSession, ComponentDto component) { | |||
| PermissionTemplateDto template = findTemplate(dbSession, component); | |||
| public boolean hasDefaultTemplateWithPermissionOnProjectCreator(DbSession dbSession, ProjectDto projectDto) { | |||
| PermissionTemplateDto template = findTemplate(dbSession, projectDto); | |||
| return hasProjectCreatorPermission(dbSession, template); | |||
| } | |||
| @@ -129,23 +129,23 @@ public class PermissionTemplateService { | |||
| .anyMatch(PermissionTemplateCharacteristicDto::getWithProjectCreator); | |||
| } | |||
| private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, ComponentDto project, @Nullable String projectCreatorUserUuid) { | |||
| private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, EntityDto entity, @Nullable String projectCreatorUserUuid) { | |||
| List<PermissionTemplateUserDto> usersPermissions = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(dbSession, template.getUuid()); | |||
| Set<String> permissionTemplateUserUuids = usersPermissions.stream().map(PermissionTemplateUserDto::getUserUuid).collect(Collectors.toSet()); | |||
| Map<String, UserId> userIdByUuid = dbClient.userDao().selectByUuids(dbSession, permissionTemplateUserUuids).stream().collect(Collectors.toMap(UserDto::getUuid, u -> u)); | |||
| usersPermissions | |||
| .stream() | |||
| .filter(up -> permissionValidForProject(project, up.getPermission())) | |||
| .filter(up -> permissionValidForProject(entity.isPrivate(), up.getPermission())) | |||
| .forEach(up -> { | |||
| UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), up.getUserUuid(), project.uuid()); | |||
| dbClient.userPermissionDao().insert(dbSession, dto, project, userIdByUuid.get(up.getUserUuid()), template); | |||
| UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), up.getUserUuid(), entity.getUuid()); | |||
| dbClient.userPermissionDao().insert(dbSession, dto, entity, userIdByUuid.get(up.getUserUuid()), template); | |||
| }); | |||
| List<PermissionTemplateGroupDto> groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, template.getUuid()); | |||
| groupsPermissions | |||
| .stream() | |||
| .filter(gp -> groupNameValidForProject(project, gp.getGroupName())) | |||
| .filter(gp -> permissionValidForProject(project, gp.getPermission())) | |||
| .filter(gp -> groupNameValidForProject(entity.isPrivate(), gp.getGroupName())) | |||
| .filter(gp -> permissionValidForProject(entity.isPrivate(), gp.getPermission())) | |||
| .forEach(gp -> { | |||
| String groupUuid = isAnyone(gp.getGroupName()) ? null : gp.getGroupUuid(); | |||
| String groupName = groupUuid == null ? null : dbClient.groupDao().selectByUuid(dbSession, groupUuid).getName(); | |||
| @@ -154,14 +154,10 @@ public class PermissionTemplateService { | |||
| .setGroupUuid(groupUuid) | |||
| .setGroupName(groupName) | |||
| .setRole(gp.getPermission()) | |||
| .setComponentUuid(project.uuid()) | |||
| .setComponentName(project.name()); | |||
| //TODO remove this code | |||
| ProjectDto projectDto = new ProjectDto(); | |||
| projectDto.setKey(project.getKey()); | |||
| projectDto.setQualifier(project.qualifier()); | |||
| dbClient.groupPermissionDao().insert(dbSession, dto, projectDto, template); | |||
| .setComponentUuid(entity.getUuid()) | |||
| .setComponentName(entity.getName()); | |||
| dbClient.groupPermissionDao().insert(dbSession, dto, entity, template); | |||
| }); | |||
| List<PermissionTemplateCharacteristicDto> characteristics = dbClient.permissionTemplateCharacteristicDao().selectByTemplateUuids(dbSession, singletonList(template.getUuid())); | |||
| @@ -174,21 +170,21 @@ public class PermissionTemplateService { | |||
| UserDto userDto = dbClient.userDao().selectByUuid(dbSession, projectCreatorUserUuid); | |||
| characteristics.stream() | |||
| .filter(PermissionTemplateCharacteristicDto::getWithProjectCreator) | |||
| .filter(up -> permissionValidForProject(project, up.getPermission())) | |||
| .filter(up -> permissionValidForProject(entity.isPrivate(), up.getPermission())) | |||
| .filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission())) | |||
| .forEach(c -> { | |||
| UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), project.uuid()); | |||
| dbClient.userPermissionDao().insert(dbSession, dto, project, userDto, template); | |||
| UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), entity.getUuid()); | |||
| dbClient.userPermissionDao().insert(dbSession, dto, entity, userDto, template); | |||
| }); | |||
| } | |||
| } | |||
| private static boolean permissionValidForProject(ComponentDto project, String permission) { | |||
| return project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission); | |||
| private static boolean permissionValidForProject(boolean isPrivateEntity, String permission) { | |||
| return isPrivateEntity || !PUBLIC_PERMISSIONS.contains(permission); | |||
| } | |||
| private static boolean groupNameValidForProject(ComponentDto project, String groupName) { | |||
| return !project.isPrivate() || !isAnyone(groupName); | |||
| private static boolean groupNameValidForProject(boolean isPrivateEntity, String groupName) { | |||
| return !isPrivateEntity || !isAnyone(groupName); | |||
| } | |||
| /** | |||
| @@ -196,21 +192,21 @@ public class PermissionTemplateService { | |||
| * template for the component qualifier. | |||
| */ | |||
| @CheckForNull | |||
| private PermissionTemplateDto findTemplate(DbSession dbSession, ComponentDto component) { | |||
| private PermissionTemplateDto findTemplate(DbSession dbSession, EntityDto entityDto) { | |||
| List<PermissionTemplateDto> allPermissionTemplates = dbClient.permissionTemplateDao().selectAll(dbSession, null); | |||
| List<PermissionTemplateDto> matchingTemplates = new ArrayList<>(); | |||
| for (PermissionTemplateDto permissionTemplateDto : allPermissionTemplates) { | |||
| String keyPattern = permissionTemplateDto.getKeyPattern(); | |||
| if (StringUtils.isNotBlank(keyPattern) && component.getKey().matches(keyPattern)) { | |||
| if (StringUtils.isNotBlank(keyPattern) && entityDto.getKey().matches(keyPattern)) { | |||
| matchingTemplates.add(permissionTemplateDto); | |||
| } | |||
| } | |||
| checkAtMostOneMatchForComponentKey(component.getKey(), matchingTemplates); | |||
| checkAtMostOneMatchForComponentKey(entityDto.getKey(), matchingTemplates); | |||
| if (matchingTemplates.size() == 1) { | |||
| return matchingTemplates.get(0); | |||
| } | |||
| String qualifier = component.qualifier(); | |||
| String qualifier = entityDto.getQualifier(); | |||
| ResolvedDefaultTemplates resolvedDefaultTemplates = defaultTemplatesResolver.resolve(dbSession); | |||
| switch (qualifier) { | |||
| case Qualifiers.PROJECT: | |||
+ 4
- 3
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChange.java
파일 보기
| @@ -20,7 +20,7 @@ | |||
| package org.sonar.server.permission; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.user.UserId; | |||
| import static java.util.Objects.requireNonNull; | |||
| @@ -29,8 +29,9 @@ public class UserPermissionChange extends PermissionChange { | |||
| private final UserId userId; | |||
| public UserPermissionChange(Operation operation, String permission, @Nullable ComponentDto project, UserId userId, PermissionService permissionService) { | |||
| super(operation, permission, project, permissionService); | |||
| public UserPermissionChange(Operation operation, String permission, @Nullable EntityDto entity, UserId userId, | |||
| PermissionService permissionService) { | |||
| super(operation, permission, entity, permissionService); | |||
| this.userId = requireNonNull(userId); | |||
| } | |||
+ 12
- 12
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java
파일 보기
| @@ -24,7 +24,7 @@ import org.sonar.api.web.UserRole; | |||
| import org.sonar.core.util.UuidFactory; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GlobalPermission; | |||
| import org.sonar.db.permission.UserPermissionDto; | |||
| @@ -61,33 +61,33 @@ public class UserPermissionChanger { | |||
| } | |||
| private static boolean isImplicitlyAlreadyDone(UserPermissionChange change) { | |||
| ComponentDto project = change.getProject(); | |||
| EntityDto project = change.getEntity(); | |||
| if (project != null) { | |||
| return isImplicitlyAlreadyDone(project, change); | |||
| } | |||
| return false; | |||
| } | |||
| private static boolean isImplicitlyAlreadyDone(ComponentDto project, UserPermissionChange change) { | |||
| private static boolean isImplicitlyAlreadyDone(EntityDto project, UserPermissionChange change) { | |||
| return isAttemptToAddPublicPermissionToPublicComponent(change, project); | |||
| } | |||
| private static boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, ComponentDto project) { | |||
| private static boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, EntityDto project) { | |||
| return !project.isPrivate() | |||
| && change.getOperation() == ADD | |||
| && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
| } | |||
| private static void ensureConsistencyWithVisibility(UserPermissionChange change) { | |||
| ComponentDto project = change.getProject(); | |||
| EntityDto project = change.getEntity(); | |||
| if (project != null) { | |||
| checkRequest(!isAttemptToRemovePublicPermissionFromPublicComponent(change, project), | |||
| "Permission %s can't be removed from a public component", change.getPermission()); | |||
| } | |||
| } | |||
| private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, ComponentDto projectUuid) { | |||
| return !projectUuid.isPrivate() | |||
| private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, EntityDto entity) { | |||
| return !entity.isPrivate() | |||
| && change.getOperation() == REMOVE | |||
| && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
| } | |||
| @@ -98,7 +98,7 @@ public class UserPermissionChanger { | |||
| } | |||
| UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), change.getPermission(), change.getUserId().getUuid(), | |||
| change.getProjectUuid()); | |||
| dbClient.userPermissionDao().insert(dbSession, dto, change.getProject(), change.getUserId(), null); | |||
| dbClient.userPermissionDao().insert(dbSession, dto, change.getEntity(), change.getUserId(), null); | |||
| return true; | |||
| } | |||
| @@ -107,9 +107,9 @@ public class UserPermissionChanger { | |||
| return false; | |||
| } | |||
| checkOtherAdminsExist(dbSession, change); | |||
| ComponentDto project = change.getProject(); | |||
| if (project != null) { | |||
| dbClient.userPermissionDao().deleteProjectPermission(dbSession, change.getUserId(), change.getPermission(), project); | |||
| EntityDto entity = change.getEntity(); | |||
| if (entity != null) { | |||
| dbClient.userPermissionDao().deleteEntityPermission(dbSession, change.getUserId(), change.getPermission(), entity); | |||
| } else { | |||
| dbClient.userPermissionDao().deleteGlobalPermission(dbSession, change.getUserId(), change.getPermission()); | |||
| } | |||
| @@ -119,7 +119,7 @@ public class UserPermissionChanger { | |||
| private List<String> loadExistingPermissions(DbSession dbSession, UserPermissionChange change) { | |||
| String projectUuid = change.getProjectUuid(); | |||
| if (projectUuid != null) { | |||
| return dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, change.getUserId().getUuid(), projectUuid); | |||
| return dbClient.userPermissionDao().selectEntityPermissionsOfUser(dbSession, change.getUserId().getUuid(), projectUuid); | |||
| } | |||
| return dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, change.getUserId().getUuid()); | |||
| } | |||
+ 4
- 5
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/AddGroupAction.java
파일 보기
| @@ -20,14 +20,13 @@ | |||
| package org.sonar.server.permission.ws; | |||
| import java.util.List; | |||
| import java.util.Optional; | |||
| import org.sonar.api.server.ws.Change; | |||
| import org.sonar.api.server.ws.Request; | |||
| import org.sonar.api.server.ws.Response; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.server.permission.GroupPermissionChange; | |||
| import org.sonar.server.permission.GroupUuidOrAnyone; | |||
| import org.sonar.server.permission.PermissionChange; | |||
| @@ -86,12 +85,12 @@ public class AddGroupAction implements PermissionsWsAction { | |||
| public void handle(Request request, Response response) throws Exception { | |||
| try (DbSession dbSession = dbClient.openSession(false)) { | |||
| GroupUuidOrAnyone group = wsSupport.findGroup(dbSession, request); | |||
| Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
| wsSupport.checkPermissionManagementAccess(userSession, project.orElse(null)); | |||
| EntityDto project = wsSupport.findEntity(dbSession, request); | |||
| wsSupport.checkPermissionManagementAccess(userSession, project); | |||
| PermissionChange change = new GroupPermissionChange( | |||
| PermissionChange.Operation.ADD, | |||
| request.mandatoryParam(PARAM_PERMISSION), | |||
| project.orElse(null), | |||
| project, | |||
| group, permissionService); | |||
| permissionUpdater.apply(dbSession, List.of(change)); | |||
| } | |||
+ 4
- 5
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/AddUserAction.java
파일 보기
| @@ -19,14 +19,13 @@ | |||
| */ | |||
| package org.sonar.server.permission.ws; | |||
| import java.util.Optional; | |||
| import org.sonar.api.config.Configuration; | |||
| import org.sonar.api.server.ws.Request; | |||
| import org.sonar.api.server.ws.Response; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.user.UserId; | |||
| import org.sonar.server.permission.PermissionChange; | |||
| import org.sonar.server.permission.PermissionService; | |||
| @@ -87,14 +86,14 @@ public class AddUserAction implements PermissionsWsAction { | |||
| public void handle(Request request, Response response) throws Exception { | |||
| try (DbSession dbSession = dbClient.openSession(false)) { | |||
| String userLogin = request.mandatoryParam(PARAM_USER_LOGIN); | |||
| Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
| checkProjectAdmin(userSession, configuration, project.orElse(null)); | |||
| EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
| checkProjectAdmin(userSession, configuration, entity); | |||
| UserId user = wsSupport.findUser(dbSession, userLogin); | |||
| PermissionChange change = new UserPermissionChange( | |||
| PermissionChange.Operation.ADD, | |||
| request.mandatoryParam(PARAM_PERMISSION), | |||
| project.orElse(null), | |||
| entity, | |||
| user, permissionService); | |||
| permissionUpdater.apply(dbSession, singletonList(change)); | |||
| } | |||
+ 10
- 11
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/GroupsAction.java
파일 보기
| @@ -25,7 +25,6 @@ import com.google.common.collect.TreeMultimap; | |||
| import com.google.common.io.Resources; | |||
| import java.util.List; | |||
| import java.util.Map; | |||
| import java.util.Optional; | |||
| import java.util.Set; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.api.security.DefaultGroups; | |||
| @@ -38,7 +37,7 @@ import org.sonar.api.utils.Paging; | |||
| import org.sonar.core.util.stream.MoreCollectors; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GroupPermissionDto; | |||
| import org.sonar.db.permission.PermissionQuery; | |||
| import org.sonar.db.user.GroupDto; | |||
| @@ -105,13 +104,13 @@ public class GroupsAction implements PermissionsWsAction { | |||
| @Override | |||
| public void handle(Request request, Response response) throws Exception { | |||
| try (DbSession dbSession = dbClient.openSession(false)) { | |||
| Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
| wsSupport.checkPermissionManagementAccess(userSession, project.orElse(null)); | |||
| EntityDto project = wsSupport.findEntity(dbSession, request); | |||
| wsSupport.checkPermissionManagementAccess(userSession, project); | |||
| PermissionQuery query = buildPermissionQuery(request, project.orElse(null)); | |||
| PermissionQuery query = buildPermissionQuery(request, project); | |||
| List<GroupDto> groups = findGroups(dbSession, query); | |||
| int total = dbClient.groupPermissionDao().countGroupsByQuery(dbSession, query); | |||
| List<GroupPermissionDto> groupsWithPermission = findGroupPermissions(dbSession, groups, project.orElse(null)); | |||
| List<GroupPermissionDto> groupsWithPermission = findGroupPermissions(dbSession, groups, project); | |||
| Map<String, Boolean> groupUuidToIsManaged = managedInstanceService.getGroupUuidToManaged(dbSession, getUserUuids(groups)); | |||
| Paging paging = Paging.forPageIndex(request.mandatoryParamAsInt(Param.PAGE)).withPageSize(query.getPageSize()).andTotal(total); | |||
| WsGroupsResponse groupsResponse = buildResponse(groups, groupsWithPermission, groupUuidToIsManaged, paging); | |||
| @@ -123,15 +122,15 @@ public class GroupsAction implements PermissionsWsAction { | |||
| return groups.stream().map(GroupDto::getUuid).collect(toSet()); | |||
| } | |||
| private static PermissionQuery buildPermissionQuery(Request request, @Nullable ComponentDto project) { | |||
| private static PermissionQuery buildPermissionQuery(Request request, @Nullable EntityDto entity) { | |||
| String textQuery = request.param(Param.TEXT_QUERY); | |||
| PermissionQuery.Builder permissionQuery = PermissionQuery.builder() | |||
| .setPermission(request.param(PARAM_PERMISSION)) | |||
| .setPageIndex(request.mandatoryParamAsInt(Param.PAGE)) | |||
| .setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE)) | |||
| .setSearchQuery(textQuery); | |||
| if (project != null) { | |||
| permissionQuery.setComponent(project.uuid()); | |||
| if (entity != null) { | |||
| permissionQuery.setEntityUuid(entity.getUuid()); | |||
| } | |||
| return permissionQuery.build(); | |||
| } | |||
| @@ -170,11 +169,11 @@ public class GroupsAction implements PermissionsWsAction { | |||
| return Ordering.explicit(orderedNames).onResultOf(GroupDto::getName).immutableSortedCopy(groups); | |||
| } | |||
| private List<GroupPermissionDto> findGroupPermissions(DbSession dbSession, List<GroupDto> groups, @Nullable ComponentDto project) { | |||
| private List<GroupPermissionDto> findGroupPermissions(DbSession dbSession, List<GroupDto> groups, @Nullable EntityDto entity) { | |||
| if (groups.isEmpty()) { | |||
| return emptyList(); | |||
| } | |||
| List<String> uuids = groups.stream().map(GroupDto::getUuid).collect(MoreCollectors.toList(groups.size())); | |||
| return dbClient.groupPermissionDao().selectByGroupUuids(dbSession, uuids, project != null ? project.uuid() : null); | |||
| return dbClient.groupPermissionDao().selectByGroupUuids(dbSession, uuids, entity != null ? entity.getUuid() : null); | |||
| } | |||
| } | |||
+ 15
- 6
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/PermissionWsSupport.java
파일 보기
| @@ -20,14 +20,17 @@ | |||
| package org.sonar.server.permission.ws; | |||
| import java.util.Optional; | |||
| import javax.annotation.CheckForNull; | |||
| import java.util.Set; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.api.config.Configuration; | |||
| import org.sonar.api.resources.Qualifiers; | |||
| import org.sonar.api.server.ws.Request; | |||
| import org.sonar.api.web.UserRole; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.db.user.GroupDto; | |||
| import org.sonar.db.user.UserDto; | |||
| @@ -67,18 +70,24 @@ public class PermissionWsSupport { | |||
| this.groupWsSupport = groupWsSupport; | |||
| } | |||
| public void checkPermissionManagementAccess(UserSession userSession, @Nullable ComponentDto project) { | |||
| checkProjectAdmin(userSession, configuration, project); | |||
| public void checkPermissionManagementAccess(UserSession userSession, @Nullable EntityDto entity) { | |||
| checkProjectAdmin(userSession, configuration, entity); | |||
| } | |||
| public Optional<ComponentDto> findProject(DbSession dbSession, Request request) { | |||
| @CheckForNull | |||
| public EntityDto findEntity(DbSession dbSession, Request request) { | |||
| String uuid = request.param(PermissionsWsParameters.PARAM_PROJECT_ID); | |||
| String key = request.param(PermissionsWsParameters.PARAM_PROJECT_KEY); | |||
| if (uuid != null || key != null) { | |||
| ProjectWsRef ref = ProjectWsRef.newWsProjectRef(uuid, key); | |||
| return Optional.of(componentFinder.getRootComponentByUuidOrKey(dbSession, ref.uuid(), ref.key())); | |||
| ProjectWsRef.validateUuidAndKeyPair(uuid, key); | |||
| Optional<EntityDto> entityDto = uuid != null ? dbClient.entityDao().selectByUuid(dbSession, uuid) : dbClient.entityDao().selectByKey(dbSession, key); | |||
| if (entityDto.isPresent() && !Qualifiers.SUBVIEW.equals(entityDto.get().getQualifier())) { | |||
| return entityDto.get(); | |||
| } else { | |||
| throw new NotFoundException("Entity not found"); | |||
| } | |||
| } | |||
| return Optional.empty(); | |||
| return null; | |||
| } | |||
| public ComponentDto getRootComponent(DbSession dbSession, ProjectWsRef projectRef) { | |||
+ 3
- 7
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/ProjectWsRef.java
파일 보기
| @@ -37,17 +37,13 @@ public class ProjectWsRef { | |||
| private final String key; | |||
| private ProjectWsRef(@Nullable String uuid, @Nullable String key) { | |||
| validateUuidAndKeyPair(uuid, key); | |||
| this.uuid = uuid; | |||
| this.key = key; | |||
| checkRequest(this.uuid != null ^ this.key != null, MSG_ID_OR_KEY_MUST_BE_PROVIDED); | |||
| } | |||
| public static Optional<ProjectWsRef> newOptionalWsProjectRef(@Nullable String uuid, @Nullable String key) { | |||
| if (uuid == null && key == null) { | |||
| return Optional.empty(); | |||
| } | |||
| return Optional.of(new ProjectWsRef(uuid, key)); | |||
| public static void validateUuidAndKeyPair(@Nullable String uuid, @Nullable String key) { | |||
| checkRequest(uuid != null ^ key != null, MSG_ID_OR_KEY_MUST_BE_PROVIDED); | |||
| } | |||
| public static ProjectWsRef newWsProjectRef(@Nullable String uuid, @Nullable String key) { | |||
+ 5
- 5
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/RemoveGroupAction.java
파일 보기
| @@ -25,7 +25,7 @@ import org.sonar.api.server.ws.Response; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.server.permission.GroupPermissionChange; | |||
| import org.sonar.server.permission.GroupUuidOrAnyone; | |||
| import org.sonar.server.permission.PermissionChange; | |||
| @@ -86,17 +86,17 @@ public class RemoveGroupAction implements PermissionsWsAction { | |||
| public void handle(Request request, Response response) throws Exception { | |||
| try (DbSession dbSession = dbClient.openSession(false)) { | |||
| GroupUuidOrAnyone group = wsSupport.findGroup(dbSession, request); | |||
| ComponentDto project = wsSupport.findProject(dbSession, request).orElse(null); | |||
| EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
| wsSupport.checkPermissionManagementAccess(userSession, project); | |||
| wsSupport.checkPermissionManagementAccess(userSession, entity); | |||
| String permission = request.mandatoryParam(PARAM_PERMISSION); | |||
| wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(dbSession, userSession, project, permission, group); | |||
| wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(dbSession, userSession, entity, permission, group); | |||
| PermissionChange change = new GroupPermissionChange( | |||
| PermissionChange.Operation.REMOVE, | |||
| permission, | |||
| project, | |||
| entity, | |||
| group, | |||
| permissionService); | |||
| permissionUpdater.apply(dbSession, singletonList(change)); | |||
+ 5
- 5
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/RemoveUserAction.java
파일 보기
| @@ -24,7 +24,7 @@ import org.sonar.api.server.ws.Response; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.user.UserId; | |||
| import org.sonar.server.permission.PermissionChange; | |||
| import org.sonar.server.permission.PermissionService; | |||
| @@ -84,13 +84,13 @@ public class RemoveUserAction implements PermissionsWsAction { | |||
| UserId user = wsSupport.findUser(dbSession, request.mandatoryParam(PARAM_USER_LOGIN)); | |||
| String permission = request.mandatoryParam(PARAM_PERMISSION); | |||
| wsSupport.checkRemovingOwnAdminRight(userSession, user, permission); | |||
| ComponentDto project = wsSupport.findProject(dbSession, request).orElse(null); | |||
| wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(userSession, project, permission, user); | |||
| wsSupport.checkPermissionManagementAccess(userSession, project); | |||
| EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
| wsSupport.checkRemovingOwnBrowsePermissionOnPrivateProject(userSession, entity, permission, user); | |||
| wsSupport.checkPermissionManagementAccess(userSession, entity); | |||
| PermissionChange change = new UserPermissionChange( | |||
| PermissionChange.Operation.REMOVE, | |||
| permission, | |||
| project, | |||
| entity, | |||
| user, permissionService); | |||
| permissionUpdater.apply(dbSession, singletonList(change)); | |||
| response.noContent(); | |||
+ 12
- 13
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/UsersAction.java
파일 보기
| @@ -24,7 +24,6 @@ import com.google.common.collect.Ordering; | |||
| import com.google.common.collect.TreeMultimap; | |||
| import java.util.List; | |||
| import java.util.Map; | |||
| import java.util.Optional; | |||
| import java.util.Set; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.api.server.ws.Change; | |||
| @@ -35,7 +34,7 @@ import org.sonar.api.server.ws.WebService.Param; | |||
| import org.sonar.api.utils.Paging; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.PermissionQuery; | |||
| import org.sonar.db.permission.UserPermissionDto; | |||
| import org.sonar.db.user.UserDto; | |||
| @@ -111,13 +110,13 @@ public class UsersAction implements PermissionsWsAction { | |||
| @Override | |||
| public void handle(Request request, Response response) throws Exception { | |||
| try (DbSession dbSession = dbClient.openSession(false)) { | |||
| Optional<ComponentDto> project = wsSupport.findProject(dbSession, request); | |||
| wsSupport.checkPermissionManagementAccess(userSession, project.orElse(null)); | |||
| EntityDto entity = wsSupport.findEntity(dbSession, request); | |||
| wsSupport.checkPermissionManagementAccess(userSession, entity); | |||
| PermissionQuery query = buildPermissionQuery(request, project.orElse(null)); | |||
| PermissionQuery query = buildPermissionQuery(request, entity); | |||
| List<UserDto> users = findUsers(dbSession, query); | |||
| int total = dbClient.userPermissionDao().countUsersByQuery(dbSession, query); | |||
| List<UserPermissionDto> userPermissions = findUserPermissions(dbSession, users, project.orElse(null)); | |||
| List<UserPermissionDto> userPermissions = findUserPermissions(dbSession, users, entity); | |||
| Paging paging = Paging.forPageIndex(request.mandatoryParamAsInt(Param.PAGE)).withPageSize(query.getPageSize()).andTotal(total); | |||
| Map<String, Boolean> userUuidToIsManaged = managedInstanceService.getUserUuidToManaged(dbSession, getUserUuids(users)); | |||
| UsersWsResponse usersWsResponse = buildResponse(users, userPermissions, userUuidToIsManaged, paging); | |||
| @@ -129,7 +128,7 @@ public class UsersAction implements PermissionsWsAction { | |||
| return users.stream().map(UserDto::getUuid).collect(toSet()); | |||
| } | |||
| private PermissionQuery buildPermissionQuery(Request request, @Nullable ComponentDto project) { | |||
| private PermissionQuery buildPermissionQuery(Request request, @Nullable EntityDto entity) { | |||
| String textQuery = request.param(Param.TEXT_QUERY); | |||
| String permission = request.param(PARAM_PERMISSION); | |||
| PermissionQuery.Builder permissionQuery = PermissionQuery.builder() | |||
| @@ -138,12 +137,12 @@ public class UsersAction implements PermissionsWsAction { | |||
| .setPageSize(request.mandatoryParamAsInt(Param.PAGE_SIZE)) | |||
| .setSearchQuery(textQuery); | |||
| if (project != null) { | |||
| permissionQuery.setComponent(project.uuid()); | |||
| if (entity != null) { | |||
| permissionQuery.setEntityUuid(entity.getUuid()); | |||
| } | |||
| if (permission != null) { | |||
| if (project != null) { | |||
| if (entity != null) { | |||
| requestValidator.validateProjectPermission(permission); | |||
| } else { | |||
| validateGlobalPermission(permission); | |||
| @@ -183,15 +182,15 @@ public class UsersAction implements PermissionsWsAction { | |||
| return Ordering.explicit(orderedUuids).onResultOf(UserDto::getUuid).immutableSortedCopy(dbClient.userDao().selectByUuids(dbSession, orderedUuids)); | |||
| } | |||
| private List<UserPermissionDto> findUserPermissions(DbSession dbSession, List<UserDto> users, @Nullable ComponentDto project) { | |||
| private List<UserPermissionDto> findUserPermissions(DbSession dbSession, List<UserDto> users, @Nullable EntityDto entity) { | |||
| if (users.isEmpty()) { | |||
| return emptyList(); | |||
| } | |||
| List<String> userUuids = users.stream().map(UserDto::getUuid).toList(); | |||
| PermissionQuery.Builder queryBuilder = PermissionQuery.builder() | |||
| .withAtLeastOnePermission(); | |||
| if (project != null) { | |||
| queryBuilder.setComponent(project.uuid()); | |||
| if (entity != null) { | |||
| queryBuilder.setEntityUuid(entity.getUuid()); | |||
| } | |||
| return dbClient.userPermissionDao().selectUserPermissionsByQuery(dbSession, queryBuilder.build(), userUuids); | |||
| } | |||
+ 17
- 2
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/template/ApplyTemplateAction.java
파일 보기
| @@ -20,18 +20,23 @@ | |||
| package org.sonar.server.permission.ws.template; | |||
| import java.util.Collections; | |||
| import java.util.Optional; | |||
| import javax.annotation.CheckForNull; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.api.resources.Qualifiers; | |||
| import org.sonar.api.server.ws.Request; | |||
| import org.sonar.api.server.ws.Response; | |||
| import org.sonar.api.server.ws.WebService; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.server.exceptions.NotFoundException; | |||
| import org.sonar.server.permission.PermissionTemplateService; | |||
| import org.sonar.server.permission.ws.PermissionWsSupport; | |||
| import org.sonar.server.permission.ws.PermissionsWsAction; | |||
| import org.sonar.server.permission.ws.ProjectWsRef; | |||
| import org.sonar.server.user.UserSession; | |||
| import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; | |||
| @@ -92,10 +97,20 @@ public class ApplyTemplateAction implements PermissionsWsAction { | |||
| PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef( | |||
| request.getTemplateId(), request.getTemplateName())); | |||
| ComponentDto project = wsSupport.getRootComponent(dbSession, newWsProjectRef(request.getProjectId(), request.getProjectKey())); | |||
| ProjectWsRef.validateUuidAndKeyPair(request.getProjectId(), request.getProjectKey()); | |||
| EntityDto entityDto = getEntityByKeyOrUuid(request.getProjectId(), request.getProjectKey(), dbSession); | |||
| checkGlobalAdmin(userSession); | |||
| permissionTemplateService.applyAndCommit(dbSession, template, Collections.singletonList(project)); | |||
| permissionTemplateService.applyAndCommit(dbSession, template, Collections.singletonList(entityDto)); | |||
| } | |||
| } | |||
| private EntityDto getEntityByKeyOrUuid(@Nullable String uuid, @Nullable String key, DbSession dbSession) { | |||
| Optional<EntityDto> entityDto = uuid != null ? dbClient.entityDao().selectByUuid(dbSession, uuid) : dbClient.entityDao().selectByKey(dbSession, key); | |||
| if (entityDto.isPresent() && !Qualifiers.SUBVIEW.equals(entityDto.get().getQualifier())) { | |||
| return entityDto.get(); | |||
| } else { | |||
| throw new NotFoundException("Entity not found"); | |||
| } | |||
| } | |||
+ 8
- 2
server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/template/BulkApplyTemplateAction.java
파일 보기
| @@ -22,6 +22,7 @@ package org.sonar.server.permission.ws.template; | |||
| import java.util.Collection; | |||
| import java.util.HashSet; | |||
| import java.util.List; | |||
| import java.util.stream.Collectors; | |||
| import javax.annotation.CheckForNull; | |||
| import javax.annotation.Nullable; | |||
| import org.sonar.api.resources.Qualifiers; | |||
| @@ -37,6 +38,7 @@ import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.component.ComponentQuery; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.template.PermissionTemplateDto; | |||
| import org.sonar.server.permission.PermissionTemplateService; | |||
| import org.sonar.server.permission.ws.PermissionWsSupport; | |||
| @@ -150,9 +152,13 @@ public class BulkApplyTemplateAction implements PermissionsWsAction { | |||
| checkGlobalAdmin(userSession); | |||
| ComponentQuery componentQuery = buildDbQuery(request); | |||
| List<ComponentDto> projects = dbClient.componentDao().selectByQuery(dbSession, componentQuery, 0, Integer.MAX_VALUE); | |||
| List<ComponentDto> components = dbClient.componentDao().selectByQuery(dbSession, componentQuery, 0, Integer.MAX_VALUE); | |||
| permissionTemplateService.applyAndCommit(dbSession, template, projects); | |||
| List<EntityDto> entities = dbClient.entityDao().selectByKeys(dbSession, components.stream() | |||
| .map(ComponentDto::getKey) | |||
| .collect(Collectors.toSet())); | |||
| permissionTemplateService.applyAndCommit(dbSession, template, entities); | |||
| } | |||
| } | |||
+ 7
- 3
server/sonar-webserver-webapi/src/main/java/org/sonar/server/project/ws/UpdateVisibilityAction.java
파일 보기
| @@ -19,6 +19,7 @@ | |||
| */ | |||
| package org.sonar.server.project.ws; | |||
| import java.util.Optional; | |||
| import org.sonar.api.config.Configuration; | |||
| import org.sonar.api.server.ws.Request; | |||
| import org.sonar.api.server.ws.Response; | |||
| @@ -27,6 +28,7 @@ import org.sonar.core.util.UuidFactory; | |||
| import org.sonar.core.util.Uuids; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| import org.sonar.db.component.BranchDto; | |||
| import org.sonar.db.component.ComponentDto; | |||
| import org.sonar.db.entity.EntityDto; | |||
| import org.sonar.db.permission.GroupPermissionDto; | |||
| @@ -130,7 +132,9 @@ public class UpdateVisibilityAction implements ProjectsWsAction { | |||
| } | |||
| private void setPrivateForRootComponentUuid(DbSession dbSession, EntityDto entity, boolean newIsPrivate) { | |||
| dbClient.componentDao().setPrivateForBranchUuid(dbSession, entity.getUuid(), newIsPrivate, entity.getKey(), entity.getQualifier(), entity.getName()); | |||
| Optional<BranchDto> branchDto = dbClient.branchDao().selectMainBranchByProjectUuid(dbSession, entity.getUuid()); | |||
| String branchUuid = branchDto.isPresent() ? branchDto.get().getUuid() : entity.getUuid(); | |||
| dbClient.componentDao().setPrivateForBranchUuid(dbSession, branchUuid, newIsPrivate, entity.getKey(), entity.getQualifier(), entity.getName()); | |||
| if (entity.isProjectOrApp()) { | |||
| dbClient.projectDao().updateVisibility(dbSession, entity.getUuid(), newIsPrivate); | |||
| @@ -153,9 +157,9 @@ public class UpdateVisibilityAction implements ProjectsWsAction { | |||
| dbClient.groupPermissionDao().deleteByEntityUuidForAnyOne(dbSession, entity); | |||
| // grant UserRole.CODEVIEWER and UserRole.USER to any group or user with at least one permission on project | |||
| PUBLIC_PERMISSIONS.forEach(permission -> { | |||
| dbClient.groupPermissionDao().selectGroupUuidsWithPermissionOnProjectBut(dbSession, entity.getUuid(), permission) | |||
| dbClient.groupPermissionDao().selectGroupUuidsWithPermissionOnEntityBut(dbSession, entity.getUuid(), permission) | |||
| .forEach(group -> insertProjectPermissionOnGroup(dbSession, entity, permission, group)); | |||
| dbClient.userPermissionDao().selectUserIdsWithPermissionOnProjectBut(dbSession, entity.getUuid(), permission) | |||
| dbClient.userPermissionDao().selectUserIdsWithPermissionOnEntityBut(dbSession, entity.getUuid(), permission) | |||
| .forEach(userUuid -> insertProjectPermissionOnUser(dbSession, entity, permission, userUuid)); | |||
| }); | |||
| } | |||
Loading…