mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
Browse Source

SONAR-1330 Purge edit permissions when removing group

tags/6.6-RC1
Julien Lancelot 6 years ago
parent
b21a14010c
commit
cf6b9cb7a6
6 changed files with 52 additions and 0 deletions
Split View Show Diff Stats
  1. 4
    0
      server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsDao.java
  2. 2
    0
      server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.java
  3. 5
    0
      server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.xml
  4. 23
    0
      server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditGroupsDaoTest.java
  5. 1
    0
      server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
  6. 17
    0
      server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java

+ 4
- 0
server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsDao.java View File

@@ -76,6 +76,10 @@ public class QProfileEditGroupsDao implements Dao {
executeLargeUpdates(qProfiles.stream().map(QProfileDto::getKee).collect(toList()), p -> mapper(dbSession).deleteByQProfiles(p));
}

public void deleteByGroup(DbSession dbSession, GroupDto group) {
mapper(dbSession).deleteByGroup(group.getId());
}

private static QProfileEditGroupsMapper mapper(DbSession dbSession) {
return dbSession.getMapper(QProfileEditGroupsMapper.class);
}

+ 2
- 0
server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.java View File

@@ -40,4 +40,6 @@ public interface QProfileEditGroupsMapper {

void deleteByQProfiles(@Param("qProfileUuids") Collection<String> qProfileUuids);

void deleteByGroup(@Param("groupId") int groupId);

}

+ 5
- 0
server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.xml View File

@@ -109,5 +109,10 @@
where qprofile_uuid in <foreach collection="qProfileUuids" open="(" close=")" item="qProfileUuid" separator=",">#{qProfileUuid, jdbcType=VARCHAR}</foreach>
</delete>

<delete id="deleteByGroup" parameterType="map">
delete from qprofile_edit_groups
where group_id = #{groupId, jdbcType=INTEGER}
</delete>

</mapper>


+ 23
- 0
server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditGroupsDaoTest.java View File

@@ -277,4 +277,27 @@ public class QProfileEditGroupsDaoTest {
assertThat(underTest.exists(db.getSession(), anotherProfile, group1)).isTrue();
}

@Test
public void deleteByGroup() {
OrganizationDto organization = db.organizations().insert();
OrganizationDto anotherOrganization = db.organizations().insert();
QProfileDto profile1 = db.qualityProfiles().insert(organization);
QProfileDto profile2 = db.qualityProfiles().insert(organization);
QProfileDto profile3 = db.qualityProfiles().insert(organization);
QProfileDto anotherProfile = db.qualityProfiles().insert(anotherOrganization);
GroupDto group1 = db.users().insertGroup(organization);
GroupDto group2 = db.users().insertGroup(organization);
db.qualityProfiles().addGroupPermission(profile1, group1);
db.qualityProfiles().addGroupPermission(profile2, group2);
db.qualityProfiles().addGroupPermission(profile3, group1);
db.qualityProfiles().addGroupPermission(anotherProfile, group1);

underTest.deleteByGroup(db.getSession(), group1);

assertThat(underTest.exists(db.getSession(), profile1, group1)).isFalse();
assertThat(underTest.exists(db.getSession(), profile2, group2)).isTrue();
assertThat(underTest.exists(db.getSession(), profile3, group1)).isFalse();
assertThat(underTest.exists(db.getSession(), anotherProfile, group1)).isFalse();
}

}

+ 1
- 0
server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java View File

@@ -72,6 +72,7 @@ public class DeleteAction implements UserGroupsWsAction {
removeGroupPermissions(dbSession, group);
removeFromPermissionTemplates(dbSession, group);
removeGroupMembers(dbSession, group);
dbClient.qProfileEditGroupsDao().deleteByGroup(dbSession, group);
dbClient.groupDao().deleteById(dbSession, group.getId());

dbSession.commit();

+ 17
- 0
server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java View File

@@ -31,6 +31,7 @@ import org.sonar.db.component.ComponentTesting;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateTesting;
import org.sonar.db.qualityprofile.QProfileDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.NotFoundException;
@@ -184,6 +185,22 @@ public class DeleteActionTest {
assertThat(db.countRowsOfTable("perm_templates_groups")).isEqualTo(0);
}

@Test
public void delete_qprofile_permissions() throws Exception {
addAdminToDefaultOrganization();
insertDefaultGroupOnDefaultOrganization();
GroupDto group = db.users().insertGroup();
QProfileDto profile = db.qualityProfiles().insert(db.getDefaultOrganization());
db.qualityProfiles().addGroupPermission(profile, group);
loginAsAdminOnDefaultOrganization();

newRequest()
.setParam("id", group.getId().toString())
.execute();

assertThat(db.countRowsOfTable("qprofile_edit_groups")).isZero();
}

@Test
public void fail_if_id_does_not_exist() throws Exception {
addAdminToDefaultOrganization();

Write Preview
Loading…
Cancel
Save