@@ -45,7 +45,16 @@ public class IssueDocTesting { | |||
return newDocForProject(Uuids.createFast(), project); | |||
} | |||
/** | |||
* main branch definition should not be done based on main branch uuid. | |||
* Use org.sonar.server.issue.IssueDocTesting#newDoc(java.lang.String, java.lang.String, boolean, org.sonar.db.component.ComponentDto) instead. | |||
*/ | |||
@Deprecated | |||
public static IssueDoc newDoc(String key, String projectUuid, ComponentDto componentDto) { | |||
return newDoc(key, projectUuid, componentDto.branchUuid().equals(projectUuid), componentDto); | |||
} | |||
public static IssueDoc newDoc(String key, String projectUuid, boolean isMainBranch, ComponentDto componentDto) { | |||
return newDoc() | |||
.setKey(key) | |||
.setBranchUuid(componentDto.branchUuid()) | |||
@@ -53,7 +62,7 @@ public class IssueDocTesting { | |||
.setProjectUuid(projectUuid) | |||
// File path make no sens on modules and projects | |||
.setFilePath(!componentDto.scope().equals(Scopes.PROJECT) ? componentDto.path() : null) | |||
.setIsMainBranch(componentDto.branchUuid().equals(projectUuid)) | |||
.setIsMainBranch(isMainBranch) | |||
.setFuncCreationDate(Date.from(LocalDateTime.of(1970, 1, 1, 1, 1).toInstant(ZoneOffset.UTC))); | |||
} | |||
@@ -30,6 +30,7 @@ import org.elasticsearch.search.SearchHit; | |||
import org.junit.Test; | |||
import org.sonar.api.issue.Issue; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ProjectData; | |||
import org.sonar.db.rule.RuleDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -157,23 +158,23 @@ public class IssueIndexTest extends IssueIndexTestCommon { | |||
@Test | |||
public void authorized_issues_on_groups() { | |||
ComponentDto project1 = newPrivateProjectDto(); | |||
ComponentDto project2 = newPrivateProjectDto(); | |||
ComponentDto project3 = newPrivateProjectDto(); | |||
ComponentDto file1 = newFileDto(project1); | |||
ComponentDto file2 = newFileDto(project2); | |||
ComponentDto file3 = newFileDto(project3); | |||
ProjectData project1 = db.components().insertPublicProject(); | |||
ProjectData project2 = db.components().insertPublicProject(); | |||
ProjectData project3 = db.components().insertPublicProject(); | |||
ComponentDto file1 = newFileDto(project1.getMainBranchComponent()); | |||
ComponentDto file2 = newFileDto(project2.getMainBranchComponent()); | |||
ComponentDto file3 = newFileDto(project3.getMainBranchComponent()); | |||
GroupDto group1 = newGroupDto(); | |||
GroupDto group2 = newGroupDto(); | |||
// project1 can be seen by group1 | |||
indexIssue(newDoc("I1", project1.uuid(), file1)); | |||
authorizationIndexer.allowOnlyGroup(project1, group1); | |||
indexIssue(newDoc("I1", project1.projectUuid(), true, file1)); | |||
authorizationIndexer.allowOnlyGroup(project1.getProjectDto(), group1); | |||
// project2 can be seen by group2 | |||
indexIssue(newDoc("I2", project2.uuid(), file2)); | |||
authorizationIndexer.allowOnlyGroup(project2, group2); | |||
indexIssue(newDoc("I2", project2.projectUuid(), true, file2)); | |||
authorizationIndexer.allowOnlyGroup(project2.getProjectDto(), group2); | |||
// project3 can be seen by nobody but root | |||
indexIssue(newDoc("I3", project3.uuid(), file3)); | |||
indexIssue(newDoc("I3", project3.projectUuid(), true, file3)); | |||
userSessionRule.logIn().setGroups(group1); | |||
assertThatSearchReturnsOnly(IssueQuery.builder(), "I1"); | |||
@@ -189,30 +190,30 @@ public class IssueIndexTest extends IssueIndexTestCommon { | |||
assertThatSearchReturnsEmpty(IssueQuery.builder()); | |||
userSessionRule.logIn().setGroups(group1, group2); | |||
assertThatSearchReturnsEmpty(IssueQuery.builder().projectUuids(singletonList(project3.uuid()))); | |||
assertThatSearchReturnsEmpty(IssueQuery.builder().projectUuids(singletonList(project3.projectUuid()))); | |||
} | |||
@Test | |||
public void authorized_issues_on_user() { | |||
ComponentDto project1 = newPrivateProjectDto(); | |||
ComponentDto project2 = newPrivateProjectDto(); | |||
ComponentDto project3 = newPrivateProjectDto(); | |||
ComponentDto file1 = newFileDto(project1); | |||
ComponentDto file2 = newFileDto(project2); | |||
ComponentDto file3 = newFileDto(project3); | |||
ProjectData project1 = db.components().insertPublicProject(); | |||
ProjectData project2 = db.components().insertPublicProject(); | |||
ProjectData project3 = db.components().insertPublicProject(); | |||
ComponentDto file1 = newFileDto(project1.getMainBranchComponent()); | |||
ComponentDto file2 = newFileDto(project2.getMainBranchComponent()); | |||
ComponentDto file3 = newFileDto(project3.getMainBranchComponent()); | |||
UserDto user1 = newUserDto(); | |||
UserDto user2 = newUserDto(); | |||
// project1 can be seen by john, project2 by max, project3 cannot be seen by anyone | |||
indexIssue(newDoc("I1", project1.uuid(), file1)); | |||
authorizationIndexer.allowOnlyUser(project1, user1); | |||
indexIssue(newDoc("I2", project2.uuid(), file2)); | |||
authorizationIndexer.allowOnlyUser(project2, user2); | |||
indexIssue(newDoc("I3", project3.uuid(), file3)); | |||
indexIssue(newDoc("I1", project1.projectUuid(), true, file1)); | |||
authorizationIndexer.allowOnlyUser(project1.getProjectDto(), user1); | |||
indexIssue(newDoc("I2", project2.projectUuid(), true, file2)); | |||
authorizationIndexer.allowOnlyUser(project2.getProjectDto(), user2); | |||
indexIssue(newDoc("I3", project3.projectUuid(), true, file3)); | |||
userSessionRule.logIn(user1); | |||
assertThatSearchReturnsOnly(IssueQuery.builder(), "I1"); | |||
assertThatSearchReturnsEmpty(IssueQuery.builder().projectUuids(singletonList(project3.getKey()))); | |||
assertThatSearchReturnsEmpty(IssueQuery.builder().projectUuids(singletonList(project3.projectUuid()))); | |||
userSessionRule.logIn(user2); | |||
assertThatSearchReturnsOnly(IssueQuery.builder(), "I2"); |
@@ -19,8 +19,11 @@ | |||
*/ | |||
package org.sonar.server.permission.index; | |||
import com.google.common.base.Preconditions; | |||
import java.util.List; | |||
import java.util.stream.Stream; | |||
import org.assertj.core.api.Assertions; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.entity.EntityDto; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -38,32 +41,22 @@ public class PermissionIndexerTester { | |||
this.permissionIndexer = new PermissionIndexer(null, esTester.client(), indexers); | |||
} | |||
public PermissionIndexerTester allowOnlyAnyone(ComponentDto... projects) { | |||
return allow(stream(projects).map(project -> new IndexPermissions(project.uuid(), project.qualifier()).allowAnyone()).toList()); | |||
public PermissionIndexerTester allowOnlyAnyone(ComponentDto... portfolios) { | |||
stream(portfolios) | |||
.forEach(p -> Preconditions.checkArgument(p.qualifier().equals(Qualifiers.VIEW), "Permission should be applied on a portfolio")); | |||
return allow(stream(portfolios).map(project -> new IndexPermissions(project.uuid(), project.qualifier()).allowAnyone()).toList()); | |||
} | |||
public PermissionIndexerTester allowOnlyAnyone(EntityDto... entities) { | |||
return allow(stream(entities).map(entity -> new IndexPermissions(entity.getUuid(), entity.getQualifier()).allowAnyone()).toList()); | |||
} | |||
public PermissionIndexerTester allowOnlyUser(ComponentDto project, UserDto user) { | |||
IndexPermissions dto = new IndexPermissions(project.uuid(), project.qualifier()) | |||
.addUserUuid(user.getUuid()); | |||
return allow(dto); | |||
} | |||
public PermissionIndexerTester allowOnlyUser(EntityDto entityDto, UserDto user) { | |||
IndexPermissions dto = new IndexPermissions(entityDto.getUuid(), entityDto.getQualifier()) | |||
.addUserUuid(user.getUuid()); | |||
return allow(dto); | |||
} | |||
public PermissionIndexerTester allowOnlyGroup(ComponentDto project, GroupDto group) { | |||
IndexPermissions dto = new IndexPermissions(project.uuid(), project.qualifier()) | |||
.addGroupUuid(group.getUuid()); | |||
return allow(dto); | |||
} | |||
public PermissionIndexerTester allowOnlyGroup(EntityDto entityDto, GroupDto group) { | |||
IndexPermissions dto = new IndexPermissions(entityDto.getUuid(), entityDto.getQualifier()) | |||
.addGroupUuid(group.getUuid()); |
@@ -1194,25 +1194,28 @@ public class SearchProjectsActionIT { | |||
@Test | |||
public void return_last_analysis_date() { | |||
userSession.logIn(); | |||
ComponentDto project1 = db.components().insertPublicProject().getMainBranchComponent(); | |||
db.components().insertSnapshot(project1, snapshot -> snapshot.setCreatedAt(10_000_000_000L).setLast(false)); | |||
db.components().insertSnapshot(project1, snapshot -> snapshot.setCreatedAt(20_000_000_000L).setLast(true)); | |||
authorizationIndexerTester.allowOnlyAnyone(project1); | |||
ComponentDto project2 = db.components().insertPublicProject().getMainBranchComponent(); | |||
db.components().insertSnapshot(project2, snapshot -> snapshot.setCreatedAt(30_000_000_000L).setLast(true)); | |||
authorizationIndexerTester.allowOnlyAnyone(project2); | |||
ProjectData projectData1 = db.components().insertPublicProject(); | |||
ComponentDto mainBranch1 = projectData1.getMainBranchComponent(); | |||
db.components().insertSnapshot(mainBranch1, snapshot -> snapshot.setCreatedAt(10_000_000_000L).setLast(false)); | |||
db.components().insertSnapshot(mainBranch1, snapshot -> snapshot.setCreatedAt(20_000_000_000L).setLast(true)); | |||
authorizationIndexerTester.allowOnlyAnyone(projectData1.getProjectDto()); | |||
ProjectData projectData2 = db.components().insertPublicProject(); | |||
ComponentDto mainBranch2 = projectData2.getMainBranchComponent(); | |||
db.components().insertSnapshot(mainBranch2, snapshot -> snapshot.setCreatedAt(30_000_000_000L).setLast(true)); | |||
authorizationIndexerTester.allowOnlyAnyone(projectData2.getProjectDto()); | |||
// No snapshot on project 3 | |||
ComponentDto project3 = db.components().insertPublicProject().getMainBranchComponent(); | |||
authorizationIndexerTester.allowOnlyAnyone(project3); | |||
ProjectData projectData3 = db.components().insertPublicProject(); | |||
ComponentDto mainBranch3 = projectData3.getMainBranchComponent(); | |||
authorizationIndexerTester.allowOnlyAnyone(projectData3.getProjectDto()); | |||
index(); | |||
SearchProjectsWsResponse result = call(request.setAdditionalFields(singletonList("analysisDate"))); | |||
assertThat(result.getComponentsList()).extracting(Component::getKey, Component::hasAnalysisDate, Component::getAnalysisDate) | |||
.containsOnly( | |||
tuple(project1.getKey(), true, formatDateTime(new Date(20_000_000_000L))), | |||
tuple(project2.getKey(), true, formatDateTime(new Date(30_000_000_000L))), | |||
tuple(project3.getKey(), false, "")); | |||
tuple(mainBranch1.getKey(), true, formatDateTime(new Date(20_000_000_000L))), | |||
tuple(mainBranch2.getKey(), true, formatDateTime(new Date(30_000_000_000L))), | |||
tuple(mainBranch3.getKey(), false, "")); | |||
} | |||
@Test | |||
@@ -1251,9 +1254,9 @@ public class SearchProjectsActionIT { | |||
@Test | |||
public void return_visibility_flag() { | |||
userSession.logIn(); | |||
ComponentDto privateProject = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto privateProject = db.components().insertPublicProject().getProjectDto(); | |||
authorizationIndexerTester.allowOnlyAnyone(privateProject); | |||
ComponentDto publicProject = db.components().insertPrivateProject().getMainBranchComponent(); | |||
ProjectDto publicProject = db.components().insertPrivateProject().getProjectDto(); | |||
authorizationIndexerTester.allowOnlyAnyone(publicProject); | |||
index(); | |||
@@ -1267,9 +1270,9 @@ public class SearchProjectsActionIT { | |||
@Test | |||
public void does_not_return_branches() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
ProjectDto project = db.components().insertPublicProject().getProjectDto(); | |||
authorizationIndexerTester.allowOnlyAnyone(project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
db.components().insertProjectBranch(project); | |||
index(); | |||
SearchProjectsWsResponse result = call(request); |
@@ -30,6 +30,7 @@ import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.BranchDto; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ProjectData; | |||
@@ -560,15 +561,14 @@ public class SuggestionsActionIT { | |||
@Test | |||
public void does_not_return_branches() { | |||
ComponentDto project = db.components().insertPublicProject().getMainBranchComponent(); | |||
authorizationIndexerTester.allowOnlyAnyone(project); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
ProjectDto projectDto = db.components().insertPublicProject().getProjectDto(); | |||
authorizationIndexerTester.allowOnlyAnyone(projectDto); | |||
db.components().insertProjectBranch(projectDto); | |||
entityDefinitionIndexer.indexAll(); | |||
authorizationIndexerTester.allowOnlyAnyone(project); | |||
SuggestionsWsResponse response = ws.newRequest() | |||
.setMethod("POST") | |||
.setParam(PARAM_QUERY, project.name()) | |||
.setParam(PARAM_QUERY, projectDto.getName()) | |||
.executeProtobuf(SuggestionsWsResponse.class); | |||
assertThat(response.getResultsList()) |
@@ -282,7 +282,7 @@ public class SearchActionComponentsIT { | |||
ComponentDto subView = db.components().insertComponent(ComponentTesting.newSubPortfolio(view, "SV1", "MySubView")); | |||
db.components().insertComponent(newProjectCopy(project, subView)); | |||
allowAnyoneOnProjects(projectData.getProjectDto()); | |||
allowAnyoneOnPortfolios(view, subView); | |||
allowAnyoneOnPortfolios(view); | |||
indexIssuesAndViews(); | |||
ws.newRequest() |