@@ -1,54 +0,0 @@ | |||
/* | |||
* SonarQube | |||
* Copyright (C) 2009-2023 SonarSource SA | |||
* mailto:info AT sonarsource DOT com | |||
* | |||
* This program is free software; you can redistribute it and/or | |||
* modify it under the terms of the GNU Lesser General Public | |||
* License as published by the Free Software Foundation; either | |||
* version 3 of the License, or (at your option) any later version. | |||
* | |||
* This program is distributed in the hope that it will be useful, | |||
* but WITHOUT ANY WARRANTY; without even the implied warranty of | |||
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |||
* Lesser General Public License for more details. | |||
* | |||
* You should have received a copy of the GNU Lesser General Public License | |||
* along with this program; if not, write to the Free Software Foundation, | |||
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. | |||
*/ | |||
package org.sonar.core.permission; | |||
import com.google.common.base.Joiner; | |||
import java.util.List; | |||
import org.sonar.db.permission.GlobalPermission; | |||
/** | |||
* Holds the constants representing the various global permissions that can be assigned to users & groups | |||
* | |||
* @deprecated replaced by enum {@link GlobalPermission} | |||
*/ | |||
@Deprecated | |||
public final class GlobalPermissions { | |||
public static final String SYSTEM_ADMIN = "admin"; | |||
public static final String QUALITY_PROFILE_ADMIN = "profileadmin"; | |||
public static final String QUALITY_GATE_ADMIN = "gateadmin"; | |||
public static final String SCAN_EXECUTION = "scan"; | |||
public static final String PROVISIONING = "provisioning"; | |||
/** | |||
* All the global permissions values, ordered from {@link #SYSTEM_ADMIN} to {@link #PROVISIONING}. | |||
*/ | |||
public static final List<String> ALL = List.of( | |||
SYSTEM_ADMIN, | |||
QUALITY_PROFILE_ADMIN, | |||
QUALITY_GATE_ADMIN, | |||
SCAN_EXECUTION, | |||
PROVISIONING | |||
); | |||
public static final String ALL_ON_ONE_LINE = Joiner.on(", ").join(GlobalPermissions.ALL); | |||
private GlobalPermissions() { | |||
// only static methods | |||
} | |||
} |
@@ -19,6 +19,9 @@ | |||
*/ | |||
package org.sonar.db.permission; | |||
import java.util.Arrays; | |||
import java.util.stream.Collectors; | |||
public enum GlobalPermission { | |||
ADMINISTER("admin"), | |||
@@ -33,6 +36,8 @@ public enum GlobalPermission { | |||
APPLICATION_CREATOR("applicationcreator"), | |||
PORTFOLIO_CREATOR("portfoliocreator"); | |||
public static final String ALL_ON_ONE_LINE = Arrays.stream(values()).map(GlobalPermission::getKey).collect(Collectors.joining(", ")); | |||
private final String key; | |||
GlobalPermission(String key) { | |||
@@ -56,4 +61,8 @@ public enum GlobalPermission { | |||
} | |||
throw new IllegalArgumentException("Unsupported permission: " + key); | |||
} | |||
public static boolean contains(String key) { | |||
return Arrays.stream(values()).anyMatch(v -> v.getKey().equals(key)); | |||
} | |||
} |
@@ -45,7 +45,6 @@ import org.sonar.db.user.UserDto; | |||
import static com.google.common.collect.Sets.newHashSet; | |||
import static java.util.Collections.singleton; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
@@ -53,7 +52,6 @@ import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
public class AuthorizationDaoTest { | |||
private static final String PROJECT_UUID = "uuid"; | |||
private static final int MISSING_ID = -1; | |||
private static final String MISSING_UUID = "unknown"; | |||
private static final String A_PERMISSION = "a-permission"; | |||
private static final String DOES_NOT_EXIST = "does-not-exist"; | |||
@@ -207,7 +205,7 @@ public class AuthorizationDaoTest { | |||
db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS); | |||
db.users().insertMember(group1, user1); | |||
db.users().insertMember(group1, user2); | |||
db.users().insertPermissionOnUser(user3, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user3, ADMINISTER); | |||
db.users().insertPermissionOnAnyone(ADMINISTER); | |||
assertThat(underTest.selectUserUuidsWithGlobalPermission(db.getSession(), ADMINISTER.getKey())) | |||
@@ -869,10 +867,10 @@ public class AuthorizationDaoTest { | |||
@Test | |||
public void selectQualityProfileAdministratorLogins_return_users_with_quality_profile_administrator_permission() { | |||
UserDto user1 = db.users().insertUser(withEmail("user1")); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES); | |||
UserDto user2 = db.users().insertUser(withEmail("user2")); | |||
db.users().insertPermissionOnUser(user2, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user2, ADMINISTER_QUALITY_PROFILES); | |||
Set<EmailSubscriberDto> subscribers = underTest.selectQualityProfileAdministratorLogins(dbSession); | |||
@@ -898,7 +896,7 @@ public class AuthorizationDaoTest { | |||
@Test | |||
public void selectQualityProfileAdministratorLogins_does_not_return_non_quality_profile_administrator() { | |||
UserDto user1 = db.users().insertUser(withEmail("user1")); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertUser(withoutEmail("user2")); | |||
Set<EmailSubscriberDto> subscribers = underTest.selectQualityProfileAdministratorLogins(dbSession); | |||
@@ -909,9 +907,9 @@ public class AuthorizationDaoTest { | |||
@Test | |||
public void selectQualityProfileAdministratorLogins_does_not_return_quality_profile_administrator_without_email() { | |||
UserDto user1NoEmail = db.users().insertUser(withoutEmail("user1NoEmail")); | |||
db.users().insertPermissionOnUser(user1NoEmail, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user1NoEmail, ADMINISTER_QUALITY_PROFILES); | |||
UserDto user1WithEmail = db.users().insertUser(withEmail("user1WithEmail")); | |||
db.users().insertPermissionOnUser(user1WithEmail, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user1WithEmail, ADMINISTER_QUALITY_PROFILES); | |||
GroupDto qualityProfileAdministratorGroup1 = db.users().insertGroup(); | |||
db.users().insertPermissionOnGroup(qualityProfileAdministratorGroup1, ADMINISTER_QUALITY_PROFILES); | |||
UserDto user2NoEmail = db.users().insertUser(withoutEmail("user2NoEmail")); | |||
@@ -926,13 +924,13 @@ public class AuthorizationDaoTest { | |||
UserDto user3WithEmail = db.users().insertUser(withEmail("user3WithEmail")); | |||
db.users().insertMember(qualityProfileAdministratorGroup2, user3WithEmail); | |||
UserDto user4NoEmail = db.users().insertUser(withoutEmail("user4NoEmail")); | |||
db.users().insertPermissionOnUser(user4NoEmail, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user4NoEmail, ADMINISTER_QUALITY_PROFILES); | |||
UserDto user4WithEmail = db.users().insertUser(withEmail("user4WithEmail")); | |||
db.users().insertPermissionOnUser(user4WithEmail, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user4WithEmail, ADMINISTER_QUALITY_PROFILES); | |||
UserDto user5NoEmail = db.users().insertUser(withoutEmail("user5NoEmail")); | |||
db.users().insertPermissionOnUser(user5NoEmail, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user5NoEmail, ADMINISTER_QUALITY_PROFILES); | |||
UserDto user5WithEmail = db.users().insertUser(withEmail("user5WithEmail")); | |||
db.users().insertPermissionOnUser(user5WithEmail, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user5WithEmail, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertUser(withoutEmail("user6NoEmail")); | |||
db.users().insertUser(withEmail("user6WithEmail")); | |||
@@ -950,10 +948,10 @@ public class AuthorizationDaoTest { | |||
@Test | |||
public void selectGlobalAdministerEmailSubscribers_returns_only_global_administers() { | |||
UserDto user1 = db.users().insertUser(withEmail("user1")); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); | |||
UserDto user2 = db.users().insertUser(withEmail("user2")); | |||
db.users().insertPermissionOnUser(user2, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user2, ADMINISTER); | |||
// user3 is global administer via a group | |||
GroupDto administratorGroup2 = db.users().insertGroup(); | |||
@@ -962,7 +960,7 @@ public class AuthorizationDaoTest { | |||
db.users().insertMember(administratorGroup2, user3); | |||
// user4 has another global permission via a group | |||
GroupDto administratorGroup3 = db.users().insertGroup(); | |||
db.users().insertPermissionOnGroup(administratorGroup3, QUALITY_PROFILE_ADMIN); | |||
db.users().insertPermissionOnGroup(administratorGroup3, ADMINISTER_QUALITY_PROFILES); | |||
UserDto user4 = db.users().insertUser(withEmail("user4")); | |||
db.users().insertMember(administratorGroup3, user4); | |||
@@ -974,7 +972,7 @@ public class AuthorizationDaoTest { | |||
db.users().insertProjectPermissionOnUser(user5, "admin", project); | |||
// user6 has other global permission | |||
UserDto user6 = db.users().insertUser(withEmail("user6")); | |||
db.users().insertPermissionOnUser(user6, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user6, ADMINISTER_QUALITY_PROFILES); | |||
// user7 has no permission | |||
db.users().insertUser(withEmail("user7")); | |||
@@ -990,14 +988,14 @@ public class AuthorizationDaoTest { | |||
public void selectGlobalAdministerEmailSubscribers_ignores_global_administers_without_email() { | |||
// user1 and user1NoEmail are global administers | |||
UserDto user1 = db.users().insertUser(withEmail("user1")); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); | |||
UserDto user1NoEmail = db.users().insertUser(withoutEmail("user1NoEmail")); | |||
db.users().insertPermissionOnUser(user1NoEmail, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1NoEmail, ADMINISTER); | |||
// user2 and user2NoEmail are global administers | |||
UserDto user2 = db.users().insertUser(withEmail("user2")); | |||
db.users().insertPermissionOnUser(user2, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user2, ADMINISTER); | |||
UserDto user2NoEmail = db.users().insertUser(withoutEmail("user2NoEmail")); | |||
db.users().insertPermissionOnUser(user2NoEmail, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user2NoEmail, ADMINISTER); | |||
// user3 and user3NoEmail are global administer via a group | |||
GroupDto administratorGroup2 = db.users().insertGroup(); |
@@ -19,9 +19,11 @@ | |||
*/ | |||
package org.sonar.db.permission; | |||
import java.util.Arrays; | |||
import org.junit.Test; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
public class GlobalPermissionTest { | |||
@@ -31,4 +33,31 @@ public class GlobalPermissionTest { | |||
assertThat(GlobalPermission.fromKey(p.getKey())).isEqualTo(p); | |||
} | |||
} | |||
@Test | |||
public void fromKey_throws_exception_for_non_existing_keys() { | |||
String non_existing_permission = "non_existing"; | |||
assertThatThrownBy(() -> GlobalPermission.fromKey(non_existing_permission)) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
} | |||
@Test | |||
public void contains_returns_true_for_existing_permissions() { | |||
Arrays.stream(GlobalPermission.values()) | |||
.map(GlobalPermission::getKey) | |||
.forEach(key -> { | |||
assertThat(GlobalPermission.contains(key)).isTrue(); | |||
}); | |||
} | |||
@Test | |||
public void contains_returns_false_for_non_existing_permissions() { | |||
String non_existing_permission = "non_existing"; | |||
assertThat(GlobalPermission.contains(non_existing_permission)).isFalse(); | |||
} | |||
@Test | |||
public void all_in_one_line_contains_all_permissions() { | |||
assertThat(GlobalPermission.ALL_ON_ONE_LINE).isEqualTo("admin, gateadmin, profileadmin, provisioning, scan, applicationcreator, portfoliocreator"); | |||
} | |||
} |
@@ -42,13 +42,6 @@ import static java.util.Collections.singletonList; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.api.security.DefaultGroups.ANYONE; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
public class GroupPermissionDaoTest { | |||
@@ -71,19 +64,19 @@ public class GroupPermissionDaoTest { | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
ComponentDto project3 = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnGroup(group1, ISSUE_ADMIN, project1); | |||
db.users().insertProjectPermissionOnGroup(group1, ADMIN, project2); | |||
db.users().insertProjectPermissionOnGroup(group2, ADMIN, project2); | |||
db.users().insertProjectPermissionOnGroup(group3, ADMIN, project2); | |||
db.users().insertProjectPermissionOnGroup(group1, USER, project2); | |||
db.users().insertProjectPermissionOnGroup(group1, USER, project3); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.ISSUE_ADMIN, project1); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project2); | |||
db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project2); | |||
db.users().insertProjectPermissionOnGroup(group3, UserRole.ADMIN, project2); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project2); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project3); | |||
final List<CountPerProjectPermission> result = new ArrayList<>(); | |||
underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"), | |||
context -> result.add(context.getResultObject())); | |||
assertThat(result).hasSize(3); | |||
assertThat(result).extracting("permission").containsOnly(ADMIN, USER); | |||
assertThat(result).extracting("permission").containsOnly(UserRole.ADMIN, UserRole.USER); | |||
assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid()); | |||
assertThat(result).extracting("count").containsOnly(3, 1); | |||
} | |||
@@ -121,8 +114,8 @@ public class GroupPermissionDaoTest { | |||
GroupDto group2 = db.users().insertGroup("Group-2"); | |||
GroupDto group3 = db.users().insertGroup("Group-3"); | |||
GroupDto group1 = db.users().insertGroup("Group-1"); | |||
db.users().insertPermissionOnAnyone(SCAN); | |||
db.users().insertPermissionOnGroup(group3, SCAN); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
db.users().insertPermissionOnGroup(group3, GlobalPermission.SCAN); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery().build())) | |||
.containsExactly(ANYONE, group3.getName(), group1.getName(), group2.getName()); | |||
@@ -134,10 +127,10 @@ public class GroupPermissionDaoTest { | |||
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
GroupDto group = db.users().insertGroup("Group-" + i); | |||
// Add permission on project to be sure projects are excluded | |||
db.users().insertProjectPermissionOnGroup(group, SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnGroup(group, GlobalPermission.SCAN.getKey(), project); | |||
}); | |||
String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1); | |||
db.users().insertPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), SCAN); | |||
db.users().insertPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), GlobalPermission.SCAN); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery().build())) | |||
.hasSize(DEFAULT_PAGE_SIZE) | |||
@@ -149,11 +142,11 @@ public class GroupPermissionDaoTest { | |||
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
GroupDto group = db.users().insertGroup("Group-" + i); | |||
// Add global permission to be sure they are excluded | |||
db.users().insertPermissionOnGroup(group, SCAN.getKey()); | |||
db.users().insertPermissionOnGroup(group, GlobalPermission.SCAN.getKey()); | |||
}); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1); | |||
db.users().insertProjectPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), GlobalPermission.SCAN.getKey(), project); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery() | |||
.setComponent(project) | |||
@@ -167,13 +160,13 @@ public class GroupPermissionDaoTest { | |||
GroupDto group1 = db.users().insertGroup("Group-1"); | |||
db.users().insertGroup("Group-2"); | |||
db.users().insertGroup("Group-3"); | |||
db.users().insertPermissionOnAnyone(SCAN); | |||
db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
db.users().insertPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS); | |||
assertThat(underTest.countGroupsByQuery(dbSession, | |||
newQuery().build())).isEqualTo(4); | |||
assertThat(underTest.countGroupsByQuery(dbSession, | |||
newQuery().setPermission(PROVISION_PROJECTS.getKey()).build())).isOne(); | |||
newQuery().setPermission(GlobalPermission.PROVISION_PROJECTS.getKey()).build())).isOne(); | |||
assertThat(underTest.countGroupsByQuery(dbSession, | |||
newQuery().withAtLeastOnePermission().build())).isEqualTo(2); | |||
assertThat(underTest.countGroupsByQuery(dbSession, | |||
@@ -190,20 +183,20 @@ public class GroupPermissionDaoTest { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnAnyone(SCAN); | |||
db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); | |||
db.users().insertPermissionOnGroup(group1, SCAN); | |||
db.users().insertPermissionOnGroup(group3, ADMINISTER); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); | |||
db.users().insertPermissionOnGroup(group1, GlobalPermission.SCAN); | |||
db.users().insertPermissionOnGroup(group3, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
newQuery().setPermission(SCAN.getKey()).build())).containsExactly(ANYONE, group1.getName()); | |||
newQuery().setPermission(GlobalPermission.SCAN.getKey()).build())).containsExactly(ANYONE, group1.getName()); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
newQuery().setPermission(ADMINISTER.getKey()).build())).containsExactly(group3.getName()); | |||
newQuery().setPermission(GlobalPermission.ADMINISTER.getKey()).build())).containsExactly(group3.getName()); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
newQuery().setPermission(PROVISION_PROJECTS.getKey()).build())).containsExactly(ANYONE); | |||
newQuery().setPermission(GlobalPermission.PROVISION_PROJECTS.getKey()).build())).containsExactly(ANYONE); | |||
} | |||
@Test | |||
@@ -243,21 +236,21 @@ public class GroupPermissionDaoTest { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto anotherProject = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnGroup(group1, SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnGroup(group1, PROVISION_PROJECTS.getKey(), project); | |||
db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS.getKey(), project); | |||
db.users().insertProjectPermissionOnGroup(group1, ADMIN, anotherProject); | |||
db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, anotherProject); | |||
db.users().insertProjectPermissionOnGroup(group3, UserRole.SCAN, anotherProject); | |||
db.users().insertPermissionOnGroup(group2, SCAN); | |||
db.users().insertPermissionOnGroup(group2, GlobalPermission.SCAN); | |||
PermissionQuery.Builder builderOnComponent = newQuery() | |||
.setComponent(project); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName()); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
builderOnComponent.setPermission(SCAN_EXECUTION).build())).containsOnlyOnce(group1.getName()); | |||
builderOnComponent.setPermission(GlobalPermission.SCAN.getKey()).build())).containsOnlyOnce(group1.getName()); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
builderOnComponent.setPermission(USER).build())).isEmpty(); | |||
builderOnComponent.setPermission(UserRole.USER).build())).isEmpty(); | |||
} | |||
@Test | |||
@@ -273,7 +266,7 @@ public class GroupPermissionDaoTest { | |||
public void selectGroupNamesByQuery_with_search_query() { | |||
GroupDto group = db.users().insertGroup("group-anyone"); | |||
db.users().insertGroup("unknown"); | |||
db.users().insertPermissionOnGroup(group, SCAN); | |||
db.users().insertPermissionOnGroup(group, GlobalPermission.SCAN); | |||
assertThat(underTest.selectGroupNamesByQuery(dbSession, | |||
newQuery().setSearchQuery("any").build())).containsOnlyOnce(ANYONE, group.getName()); | |||
@@ -292,34 +285,34 @@ public class GroupPermissionDaoTest { | |||
@Test | |||
public void selectByGroupUuids_on_global_permissions() { | |||
GroupDto group1 = db.users().insertGroup("Group-1"); | |||
db.users().insertPermissionOnGroup(group1, SCAN); | |||
db.users().insertPermissionOnGroup(group1, GlobalPermission.SCAN); | |||
GroupDto group2 = db.users().insertGroup("Group-2"); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project); | |||
GroupDto group3 = db.users().insertGroup("Group-3"); | |||
db.users().insertPermissionOnGroup(group3, ADMINISTER); | |||
db.users().insertPermissionOnGroup(group3, GlobalPermission.ADMINISTER); | |||
// Anyone | |||
db.users().insertPermissionOnAnyone(SCAN); | |||
db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); | |||
assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid()), null)) | |||
.extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) | |||
.containsOnly(tuple(group1.getUuid(), SCAN_EXECUTION, null)); | |||
.containsOnly(tuple(group1.getUuid(), GlobalPermission.SCAN.getKey(), null)); | |||
assertThat(underTest.selectByGroupUuids(dbSession, asList(group2.getUuid()), null)).isEmpty(); | |||
assertThat(underTest.selectByGroupUuids(dbSession, asList(group3.getUuid()), null)) | |||
.extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) | |||
.containsOnly(tuple(group3.getUuid(), ADMINISTER.getKey(), null)); | |||
.containsOnly(tuple(group3.getUuid(), GlobalPermission.ADMINISTER.getKey(), null)); | |||
assertThat(underTest.selectByGroupUuids(dbSession, asList(ANYONE_UUID), null)) | |||
.extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) | |||
.containsOnly( | |||
tuple(ANYONE_UUID, SCAN.getKey(), null), | |||
tuple(ANYONE_UUID, PROVISION_PROJECTS.getKey(), null)); | |||
tuple(ANYONE_UUID, GlobalPermission.SCAN.getKey(), null), | |||
tuple(ANYONE_UUID, GlobalPermission.PROVISION_PROJECTS.getKey(), null)); | |||
assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid(), group2.getUuid(), ANYONE_UUID), null)).hasSize(3); | |||
assertThat(underTest.selectByGroupUuids(dbSession, asList(MISSING_UUID), null)).isEmpty(); | |||
@@ -365,27 +358,27 @@ public class GroupPermissionDaoTest { | |||
@Test | |||
public void selectByGroupUuids_on_private_projects() { | |||
GroupDto group1 = db.users().insertGroup("Group-1"); | |||
db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS); | |||
db.users().insertPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS); | |||
GroupDto group2 = db.users().insertGroup("Group-2"); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnGroup(group2, USER, project); | |||
db.users().insertProjectPermissionOnGroup(group2, UserRole.USER, project); | |||
GroupDto group3 = db.users().insertGroup("Group-3"); | |||
db.users().insertProjectPermissionOnGroup(group3, USER, project); | |||
db.users().insertProjectPermissionOnGroup(group3, UserRole.USER, project); | |||
// Anyone group | |||
db.users().insertPermissionOnAnyone(SCAN); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group1.getUuid()), project.uuid())).isEmpty(); | |||
assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group2.getUuid()), project.uuid())) | |||
.extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) | |||
.containsOnly(tuple(group2.getUuid(), USER, project.uuid())); | |||
.containsOnly(tuple(group2.getUuid(), UserRole.USER, project.uuid())); | |||
assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group3.getUuid()), project.uuid())) | |||
.extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) | |||
.containsOnly(tuple(group3.getUuid(), USER, project.uuid())); | |||
.containsOnly(tuple(group3.getUuid(), UserRole.USER, project.uuid())); | |||
assertThat(underTest.selectByGroupUuids(dbSession, singletonList(ANYONE_UUID), project.uuid())) | |||
.isEmpty(); |
@@ -44,17 +44,7 @@ import static java.util.Collections.emptyList; | |||
import static java.util.Collections.singletonList; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
public class UserPermissionDaoTest { | |||
@@ -71,10 +61,10 @@ public class UserPermissionDaoTest { | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserPermissionDto global1 = addGlobalPermission(SYSTEM_ADMIN, user1); | |||
UserPermissionDto global2 = addGlobalPermission(SYSTEM_ADMIN, user2); | |||
UserPermissionDto global3 = addGlobalPermission(PROVISIONING, user2); | |||
UserPermissionDto project1Perm = addProjectPermission(USER, user3, project); | |||
UserPermissionDto global1 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
UserPermissionDto global2 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user2); | |||
UserPermissionDto global3 = addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user2); | |||
UserPermissionDto project1Perm = addProjectPermission(UserRole.USER, user3, project); | |||
// global permissions of users who has at least one global permission, ordered by user name then permission | |||
PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().build(); | |||
@@ -87,14 +77,14 @@ public class UserPermissionDaoTest { | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid(), user3.getUuid()), global2, global3, global1, project1Perm); | |||
// global permissions "admin" | |||
query = PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build(); | |||
query = PermissionQuery.builder().setPermission(GlobalPermission.ADMINISTER.getKey()).build(); | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), global2, global1); | |||
// empty if nobody has the specified global permission | |||
query = PermissionQuery.builder().setPermission("missing").build(); | |||
expectPermissions(query, emptyList()); | |||
// search by user name (matches 2 users) | |||
// search by username (matches 2 users) | |||
query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("mari").build(); | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), global2, global3, global1); | |||
@@ -107,7 +97,7 @@ public class UserPermissionDaoTest { | |||
expectPermissions(query, singletonList(user2.getUuid()), global2, global3); | |||
// search by user name (matches 2 users) and global permission | |||
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(PROVISIONING).build(); | |||
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(GlobalPermission.PROVISION_PROJECTS.getKey()).build(); | |||
expectPermissions(query, singletonList(user2.getUuid()), global3); | |||
// search by user name (no match) | |||
@@ -120,13 +110,13 @@ public class UserPermissionDaoTest { | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); | |||
addGlobalPermission(SYSTEM_ADMIN, user1); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
ComponentDto project1 = db.components().insertPrivateProject(); | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
UserPermissionDto perm1 = addProjectPermission(USER, user1, project1); | |||
UserPermissionDto perm2 = addProjectPermission(ISSUE_ADMIN, user1, project1); | |||
UserPermissionDto perm3 = addProjectPermission(ISSUE_ADMIN, user2, project1); | |||
addProjectPermission(ISSUE_ADMIN, user3, project2); | |||
UserPermissionDto perm1 = addProjectPermission(UserRole.USER, user1, project1); | |||
UserPermissionDto perm2 = addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); | |||
UserPermissionDto perm3 = addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user3, project2); | |||
// project permissions of users who has at least one permission on this project | |||
PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponent(project1).build(); | |||
@@ -141,7 +131,7 @@ public class UserPermissionDaoTest { | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1); | |||
// search by user name (matches 2 users) and project permission | |||
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponent(project1).build(); | |||
query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(UserRole.ISSUE_ADMIN).setComponent(project1).build(); | |||
expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2); | |||
// search by user name (no match) | |||
@@ -159,8 +149,8 @@ public class UserPermissionDaoTest { | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com")); | |||
UserDto user3 = insertUser(u -> u.setLogin("login3").setName("Z").setEmail("zanother3@another.com")); | |||
UserDto user4 = insertUser(u -> u.setLogin("login4").setName("A").setEmail("zanother3@another.com")); | |||
addGlobalPermission(SYSTEM_ADMIN, user1); | |||
addGlobalPermission(QUALITY_PROFILE_ADMIN, user2); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
addGlobalPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES.getKey(), user2); | |||
PermissionQuery query = PermissionQuery.builder().build(); | |||
@@ -174,11 +164,11 @@ public class UserPermissionDaoTest { | |||
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i)); | |||
// Add permission on project to be sure projects are excluded | |||
db.users().insertProjectPermissionOnUser(user, SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnUser(user, GlobalPermission.SCAN.getKey(), project); | |||
}); | |||
String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1); | |||
UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin); | |||
addGlobalPermission(SYSTEM_ADMIN, lastUser); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), lastUser); | |||
PermissionQuery query = PermissionQuery.builder().build(); | |||
@@ -192,12 +182,12 @@ public class UserPermissionDaoTest { | |||
IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { | |||
UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i)); | |||
// Add global permission to be sure they are excluded | |||
addGlobalPermission(SYSTEM_ADMIN, user); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user); | |||
}); | |||
String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1); | |||
UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(lastUser, SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnUser(lastUser, GlobalPermission.SCAN.getKey(), project); | |||
PermissionQuery query = PermissionQuery.builder() | |||
.setComponent(project) | |||
@@ -212,11 +202,11 @@ public class UserPermissionDaoTest { | |||
public void selectUserUuidsByQuery_is_not_ordering_by_number_of_permissions() { | |||
UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com")); | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com")); | |||
addGlobalPermission(SYSTEM_ADMIN, user1); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
ComponentDto project1 = db.components().insertPrivateProject(); | |||
addProjectPermission(USER, user2, project1); | |||
addProjectPermission(USER, user1, project1); | |||
addProjectPermission(ADMIN, user1, project1); | |||
addProjectPermission(UserRole.USER, user2, project1); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addProjectPermission(UserRole.ADMIN, user1, project1); | |||
PermissionQuery query = PermissionQuery.builder().build(); | |||
@@ -231,25 +221,25 @@ public class UserPermissionDaoTest { | |||
UserDto user2 = insertUser(); | |||
ComponentDto project1 = db.components().insertPrivateProject(); | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
addGlobalPermission(SYSTEM_ADMIN, user1); | |||
addProjectPermission(USER, user1, project1); | |||
addProjectPermission(ISSUE_ADMIN, user1, project1); | |||
addProjectPermission(ISSUE_ADMIN, user2, project1); | |||
addProjectPermission(ISSUE_ADMIN, user2, project2); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
// no projects -> return empty list | |||
assertThat(underTest.countUsersByProjectPermission(dbSession, emptyList())).isEmpty(); | |||
// one project | |||
expectCount(singletonList(project1.uuid()), | |||
new CountPerProjectPermission(project1.uuid(), USER, 1), | |||
new CountPerProjectPermission(project1.uuid(), ISSUE_ADMIN, 2)); | |||
new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), | |||
new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2)); | |||
// multiple projects | |||
expectCount(asList(project1.uuid(), project2.uuid(), "invalid"), | |||
new CountPerProjectPermission(project1.uuid(), USER, 1), | |||
new CountPerProjectPermission(project1.uuid(), ISSUE_ADMIN, 2), | |||
new CountPerProjectPermission(project2.uuid(), ISSUE_ADMIN, 1)); | |||
new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), | |||
new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2), | |||
new CountPerProjectPermission(project2.uuid(), UserRole.ISSUE_ADMIN, 1)); | |||
} | |||
@Test | |||
@@ -258,9 +248,9 @@ public class UserPermissionDaoTest { | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
ComponentDto project1 = db.components().insertPrivateProject(); | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
addProjectPermission(USER, user1, project1); | |||
addProjectPermission(USER, user2, project1); | |||
addProjectPermission(ISSUE_ADMIN, user2, project1); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addProjectPermission(UserRole.USER, user2, project1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); | |||
// logins are ordered by user name: user2 ("Marie") then user1 ("Marius") | |||
PermissionQuery query = PermissionQuery.builder().setComponent(project1).withAtLeastOnePermission().build(); | |||
@@ -291,9 +281,9 @@ public class UserPermissionDaoTest { | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
ComponentDto project1 = db.components().insertPrivateProject(); | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
addProjectPermission(USER, user1, project1); | |||
addGlobalPermission(PROVISIONING, user1); | |||
addProjectPermission(ISSUE_ADMIN, user2, project2); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
PermissionQuery query = PermissionQuery.builder().build(); | |||
List<String> result = underTest.selectUserUuidsByQueryAndScope(dbSession, query); | |||
@@ -308,9 +298,9 @@ public class UserPermissionDaoTest { | |||
UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); | |||
ComponentDto project1 = db.components().insertPrivateProject(); | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
addProjectPermission(USER, user1, project1); | |||
addGlobalPermission(PROVISIONING, user1); | |||
addProjectPermission(ISSUE_ADMIN, user2, project2); | |||
addProjectPermission(UserRole.USER, user1, project1); | |||
addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); | |||
addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); | |||
PermissionQuery query = PermissionQuery.builder() | |||
.setComponent(project1) | |||
.build(); | |||
@@ -327,8 +317,8 @@ public class UserPermissionDaoTest { | |||
for (int i = 0; i < 10; i++) { | |||
String name = "user-" + i; | |||
UserDto user = insertUser(u -> u.setName(name)); | |||
addGlobalPermission(PROVISIONING, user); | |||
addGlobalPermission(SYSTEM_ADMIN, user); | |||
addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user); | |||
userUuids.add(user.getUuid()); | |||
} | |||
@@ -346,11 +336,11 @@ public class UserPermissionDaoTest { | |||
@Test | |||
public void selectUserUuidsByQuery_is_sorted_by_insensitive_name() { | |||
UserDto user1 = insertUser(u -> u.setName("user1")); | |||
addGlobalPermission(PROVISIONING, user1); | |||
addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); | |||
UserDto user3 = insertUser(u -> u.setName("user3")); | |||
addGlobalPermission(SYSTEM_ADMIN, user3); | |||
addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user3); | |||
UserDto user2 = insertUser(u -> u.setName("User2")); | |||
addGlobalPermission(PROVISIONING, user2); | |||
addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user2); | |||
assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder().build())) | |||
.containsExactly(user1.getUuid(), user2.getUuid(), user3.getUuid()); | |||
@@ -509,91 +499,91 @@ public class UserPermissionDaoTest { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnUser(user1, SCAN); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertProjectPermissionOnUser(user1, ADMINISTER_QUALITY_GATES.getKey(), project); | |||
db.users().insertPermissionOnUser(user2, SCAN); | |||
db.users().insertProjectPermissionOnUser(user2, ADMINISTER_QUALITY_GATES.getKey(), project); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), project); | |||
db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.SCAN); | |||
db.users().insertProjectPermissionOnUser(user2, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), project); | |||
underTest.deleteByUserUuid(dbSession, user1); | |||
dbSession.commit(); | |||
assertThat(db.select("select user_uuid as \"userUuid\", component_uuid as \"projectUuid\", role as \"permission\" from user_roles")) | |||
.extracting((row) -> row.get("userUuid"), (row) -> row.get("projectUuid"), (row) -> row.get("permission")) | |||
.containsOnly(tuple(user2.getUuid(), null, SCAN.getKey()), tuple(user2.getUuid(), project.uuid(), ADMINISTER_QUALITY_GATES.getKey())); | |||
.containsOnly(tuple(user2.getUuid(), null, GlobalPermission.SCAN.getKey()), tuple(user2.getUuid(), project.uuid(), GlobalPermission.ADMINISTER_QUALITY_GATES.getKey())); | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_exist() { | |||
UserDto user = insertUser(); | |||
db.users().insertPermissionOnUser(user, SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
ComponentDto component = newPrivateProjectDto(); | |||
int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), component); | |||
int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), component); | |||
assertThat(deletedCount).isZero(); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_has_no_permission_at_all() { | |||
UserDto user = insertUser(); | |||
db.users().insertPermissionOnUser(user, SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project); | |||
int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project); | |||
assertThat(deletedCount).isZero(); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() { | |||
UserDto user = insertUser(); | |||
db.users().insertPermissionOnUser(user, SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
ComponentDto project = randomPublicOrPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, SCAN.getKey(), project); | |||
db.users().insertProjectPermissionOnUser(user, GlobalPermission.SCAN.getKey(), project); | |||
int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, "p1", project); | |||
assertThat(deletedCount).isZero(); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
public void deleteProjectPermissionOfAnyUser_deletes_specified_permission_for_any_user_on_the_specified_component() { | |||
UserDto user1 = insertUser(); | |||
UserDto user2 = insertUser(); | |||
db.users().insertPermissionOnUser(user1, SCAN); | |||
db.users().insertPermissionOnUser(user2, SCAN); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.SCAN); | |||
ComponentDto project1 = randomPublicOrPrivateProject(); | |||
ComponentDto project2 = randomPublicOrPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user1, SCAN.getKey(), project1); | |||
db.users().insertProjectPermissionOnUser(user2, SCAN.getKey(), project1); | |||
db.users().insertProjectPermissionOnUser(user1, SCAN.getKey(), project2); | |||
db.users().insertProjectPermissionOnUser(user2, SCAN.getKey(), project2); | |||
db.users().insertProjectPermissionOnUser(user2, PROVISION_PROJECTS.getKey(), project2); | |||
db.users().insertProjectPermissionOnUser(user1, GlobalPermission.SCAN.getKey(), project1); | |||
db.users().insertProjectPermissionOnUser(user2, GlobalPermission.SCAN.getKey(), project1); | |||
db.users().insertProjectPermissionOnUser(user1, GlobalPermission.SCAN.getKey(), project2); | |||
db.users().insertProjectPermissionOnUser(user2, GlobalPermission.SCAN.getKey(), project2); | |||
db.users().insertProjectPermissionOnUser(user2, GlobalPermission.PROVISION_PROJECTS.getKey(), project2); | |||
int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project1); | |||
int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project1); | |||
assertThat(deletedCount).isEqualTo(2); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.uuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(SCAN.getKey(), PROVISION_PROJECTS.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(GlobalPermission.SCAN.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project2); | |||
deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project2); | |||
assertThat(deletedCount).isEqualTo(2); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.uuid())).isEmpty(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly(); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(PROVISION_PROJECTS.getKey()); | |||
assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
private ComponentDto randomPublicOrPrivateProject() { |
@@ -39,8 +39,8 @@ import static org.mockito.ArgumentMatchers.eq; | |||
import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.verify; | |||
import static org.mockito.Mockito.verifyNoMoreInteractions; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; | |||
public class UserPermissionDaoWithPersisterTest { | |||
@@ -56,7 +56,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
@Test | |||
public void userGlobalPermissionInsertAndDeleteArePersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), null); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); | |||
underTest.insert(dbSession, dto, null, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
@@ -64,7 +64,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), null, dto.getPermission(), null, null, null); | |||
assertThat(newValue.toString()).doesNotContain("projectUuid"); | |||
underTest.deleteGlobalPermission(dbSession, user, SYSTEM_ADMIN); | |||
underTest.deleteGlobalPermission(dbSession, user, ADMINISTER.getKey()); | |||
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
newValue = newValueCaptor.getValue(); | |||
@@ -77,7 +77,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
PermissionTemplateDto templateDto = newPermissionTemplateDto(); | |||
db.getDbClient().permissionTemplateDao().insert(db.getSession(), templateDto); | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), null); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); | |||
underTest.insert(dbSession, dto, null, user, templateDto); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
@@ -96,7 +96,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
public void userProjectPermissionInsertAndDeleteArePersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid()); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); | |||
underTest.insert(dbSession, dto, project, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
@@ -105,7 +105,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
project.getKey(), project.name(), "TRK"); | |||
assertThat(newValue.toString()).contains("componentUuid"); | |||
underTest.deleteProjectPermission(dbSession, user, SYSTEM_ADMIN, project); | |||
underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
newValue = newValueCaptor.getValue(); | |||
@@ -119,7 +119,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
underTest.deleteProjectPermission(dbSession, user, SYSTEM_ADMIN, project); | |||
underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); | |||
verify(auditPersister).addUser(any(), any()); | |||
verify(auditPersister).addComponent(any(), any()); | |||
@@ -130,7 +130,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
public void userPortfolioPermissionIsPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto portfolio = db.components().insertPublicPortfolio(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), portfolio.uuid()); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), portfolio.uuid()); | |||
underTest.insert(dbSession, dto, portfolio, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
@@ -144,7 +144,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
public void userApplicationPermissionIsPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto application = db.components().insertPublicApplication(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), application.uuid()); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), application.uuid()); | |||
underTest.insert(dbSession, dto, application, user, null); | |||
verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
@@ -158,9 +158,9 @@ public class UserPermissionDaoWithPersisterTest { | |||
public void deleteUserPermissionOfAnyUserIsPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SCAN_EXECUTION, user.getUuid(), project.uuid()); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SCAN.getKey(), user.getUuid(), project.uuid()); | |||
underTest.insert(dbSession, dto, project, user, null); | |||
underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN_EXECUTION, project); | |||
underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project); | |||
verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); | |||
UserPermissionNewValue newValue = newValueCaptor.getValue(); | |||
@@ -173,7 +173,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
public void deleteUserPermissionOfAnyUserWithoutAffectedRowsIsNotPersisted() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN_EXECUTION, project); | |||
underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project); | |||
verify(auditPersister).addComponent(any(), any()); | |||
verifyNoMoreInteractions(auditPersister); | |||
@@ -183,7 +183,7 @@ public class UserPermissionDaoWithPersisterTest { | |||
public void deleteUserPermissionByUserUuidIsPersisted() { | |||
UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid()); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); | |||
underTest.insert(dbSession, dto, project, user, null); | |||
underTest.deleteByUserUuid(dbSession, user); | |||
@@ -36,7 +36,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
import static org.sonar.db.permission.PermissionQuery.builder; | |||
import static org.sonar.db.user.GroupTesting.newGroupDto; | |||
@@ -59,11 +59,11 @@ public class GroupWithPermissionTemplateDaoTest { | |||
PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); | |||
PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); | |||
assertThat(selectGroupNamesByQueryAndTemplate(builder(), template)) | |||
.containsOnly("Group-1", "Group-2", "Group-3", "Anyone"); | |||
@@ -165,11 +165,11 @@ public class GroupWithPermissionTemplateDaoTest { | |||
PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); | |||
PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); | |||
assertThat(countGroupNamesByQueryAndTemplate(builder(), template)) | |||
.isEqualTo(4); | |||
@@ -200,11 +200,11 @@ public class GroupWithPermissionTemplateDaoTest { | |||
PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); | |||
PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); | |||
assertThat(underTest.selectGroupPermissionsByTemplateIdAndGroupNames(session, template.getUuid(), asList("Group-1"))) | |||
.extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) | |||
@@ -215,7 +215,7 @@ public class GroupWithPermissionTemplateDaoTest { | |||
assertThat(underTest.selectGroupPermissionsByTemplateIdAndGroupNames(session, anotherTemplate.getUuid(), asList("Group-1"))) | |||
.extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) | |||
.containsOnly( | |||
tuple(group1.getUuid(), "Group-1", PROVISIONING)); | |||
tuple(group1.getUuid(), "Group-1", PROVISION_PROJECTS.getKey())); | |||
assertThat(underTest.selectGroupPermissionsByTemplateIdAndGroupNames(session, anotherTemplate.getUuid(), asList("Anyone"))) | |||
.extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) | |||
@@ -236,22 +236,22 @@ public class GroupWithPermissionTemplateDaoTest { | |||
PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); | |||
PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); | |||
permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); | |||
assertThat(underTest.selectGroupPermissionsByTemplateUuid(session, template.getUuid())) | |||
.extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) | |||
.containsOnly( | |||
tuple(group1.getUuid(), "Group-1", USER), | |||
tuple(group1.getUuid(), "Group-1", ADMIN), | |||
tuple(group2.getUuid(), "Group-2", PROVISIONING)); | |||
tuple(group2.getUuid(), "Group-2", PROVISION_PROJECTS.getKey())); | |||
assertThat(underTest.selectGroupPermissionsByTemplateUuid(session, anotherTemplate.getUuid())) | |||
.extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) | |||
.containsOnly( | |||
tuple(group1.getUuid(), "Group-1", PROVISIONING), | |||
tuple(group1.getUuid(), "Group-1", PROVISION_PROJECTS.getKey()), | |||
tuple("Anyone", "Anyone", USER)); | |||
assertThat(underTest.selectGroupPermissionsByTemplateUuid(session, "321")).isEmpty(); |
@@ -32,6 +32,7 @@ import org.sonar.core.util.UuidFactoryFast; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.audit.NoOpAuditPersister; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -40,11 +41,6 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; | |||
import static org.sonar.db.user.GroupTesting.newGroupDto; | |||
@@ -275,20 +271,20 @@ public class PermissionTemplateDaoTest { | |||
GroupDto group1 = db.users().insertGroup(newGroupDto()); | |||
GroupDto group2 = db.users().insertGroup(newGroupDto()); | |||
GroupDto group3 = db.users().insertGroup(newGroupDto()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), CODEVIEWER, template1.getName(), group1.getName()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group2.getUuid(), CODEVIEWER, template1.getName(), group2.getName()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group3.getUuid(), CODEVIEWER, template1.getName(), group3.getName()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), null, CODEVIEWER, template1.getName(), null); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), ADMIN, template1.getName(), group1.getName()); | |||
templateDb.addGroupToTemplate(template2.getUuid(), group1.getUuid(), ADMIN, template2.getName(), group1.getName()); | |||
templateDb.addGroupToTemplate(template4.getUuid(), group1.getUuid(), ISSUE_ADMIN, template4.getName(), group1.getName()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), UserRole.CODEVIEWER, template1.getName(), group1.getName()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group2.getUuid(), UserRole.CODEVIEWER, template1.getName(), group2.getName()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group3.getUuid(), UserRole.CODEVIEWER, template1.getName(), group3.getName()); | |||
templateDb.addGroupToTemplate(template1.getUuid(), null, UserRole.CODEVIEWER, template1.getName(), null); | |||
templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), UserRole.ADMIN, template1.getName(), group1.getName()); | |||
templateDb.addGroupToTemplate(template2.getUuid(), group1.getUuid(), UserRole.ADMIN, template2.getName(), group1.getName()); | |||
templateDb.addGroupToTemplate(template4.getUuid(), group1.getUuid(), UserRole.ISSUE_ADMIN, template4.getName(), group1.getName()); | |||
final List<CountByTemplateAndPermissionDto> result = new ArrayList<>(); | |||
underTest.groupsCountByTemplateUuidAndPermission(dbSession, asList(template1.getUuid(), template2.getUuid(), template3.getUuid()), | |||
context -> result.add(context.getResultObject())); | |||
assertThat(result).extracting(CountByTemplateAndPermissionDto::getPermission, CountByTemplateAndPermissionDto::getTemplateUuid, CountByTemplateAndPermissionDto::getCount) | |||
.containsOnly(tuple(ADMIN, template1.getUuid(), 1), tuple(CODEVIEWER, template1.getUuid(), 4), tuple(ADMIN, template2.getUuid(), 1)); | |||
.containsOnly(tuple(UserRole.ADMIN, template1.getUuid(), 1), tuple(UserRole.CODEVIEWER, template1.getUuid(), 4), tuple(UserRole.ADMIN, template2.getUuid(), 1)); | |||
} | |||
@Test | |||
@@ -302,12 +298,12 @@ public class PermissionTemplateDaoTest { | |||
UserDto user2 = db.users().insertUser(); | |||
UserDto user3 = db.users().insertUser(); | |||
templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), ADMIN, template1.getName(), user1.getLogin()); | |||
templateDb.addUserToTemplate(template1.getUuid(), user2.getUuid(), ADMIN, template1.getName(), user2.getLogin()); | |||
templateDb.addUserToTemplate(template1.getUuid(), user3.getUuid(), ADMIN, template1.getName(), user3.getLogin()); | |||
templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), USER, template1.getName(), user1.getLogin()); | |||
templateDb.addUserToTemplate(template2.getUuid(), user1.getUuid(), USER, template2.getName(), user1.getLogin()); | |||
templateDb.addUserToTemplate(anotherTemplate.getUuid(), user1.getUuid(), ISSUE_ADMIN, anotherTemplate.getName(), user1.getLogin()); | |||
templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), UserRole.ADMIN, template1.getName(), user1.getLogin()); | |||
templateDb.addUserToTemplate(template1.getUuid(), user2.getUuid(), UserRole.ADMIN, template1.getName(), user2.getLogin()); | |||
templateDb.addUserToTemplate(template1.getUuid(), user3.getUuid(), UserRole.ADMIN, template1.getName(), user3.getLogin()); | |||
templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), UserRole.USER, template1.getName(), user1.getLogin()); | |||
templateDb.addUserToTemplate(template2.getUuid(), user1.getUuid(), UserRole.USER, template2.getName(), user1.getLogin()); | |||
templateDb.addUserToTemplate(anotherTemplate.getUuid(), user1.getUuid(), UserRole.ISSUE_ADMIN, anotherTemplate.getName(), user1.getLogin()); | |||
final List<CountByTemplateAndPermissionDto> result = new ArrayList<>(); | |||
underTest.usersCountByTemplateUuidAndPermission(dbSession, asList(template1.getUuid(), template2.getUuid(), template3.getUuid()), | |||
@@ -315,9 +311,9 @@ public class PermissionTemplateDaoTest { | |||
assertThat(result) | |||
.extracting(CountByTemplateAndPermissionDto::getPermission, CountByTemplateAndPermissionDto::getTemplateUuid, CountByTemplateAndPermissionDto::getCount) | |||
.containsExactlyInAnyOrder( | |||
tuple(ADMIN, template1.getUuid(), 3), | |||
tuple(USER, template1.getUuid(), 1), | |||
tuple(USER, template2.getUuid(), 1)); | |||
tuple(UserRole.ADMIN, template1.getUuid(), 3), | |||
tuple(UserRole.USER, template1.getUuid(), 1), | |||
tuple(UserRole.USER, template2.getUuid(), 1)); | |||
} | |||
@Test | |||
@@ -343,7 +339,7 @@ public class PermissionTemplateDaoTest { | |||
GroupDto group = db.users().insertGroup(newGroupDto()); | |||
db.users().insertMember(group, user); | |||
PermissionTemplateDto template = templateDb.insertTemplate(); | |||
templateDb.addProjectCreatorToTemplate(template.getUuid(), SCAN_EXECUTION, template.getName()); | |||
templateDb.addProjectCreatorToTemplate(template.getUuid(), GlobalPermission.SCAN.getKey(), template.getName()); | |||
templateDb.addProjectCreatorToTemplate(template.getUuid(), UserRole.ADMIN, template.getName()); | |||
templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin()); | |||
templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.ADMIN, template.getName(), user.getLogin()); | |||
@@ -354,7 +350,7 @@ public class PermissionTemplateDaoTest { | |||
List<String> resultWithUser = underTest.selectPotentialPermissionsByUserUuidAndTemplateUuid(dbSession, user.getUuid(), template.getUuid()); | |||
List<String> resultWithoutUser = underTest.selectPotentialPermissionsByUserUuidAndTemplateUuid(dbSession, null, template.getUuid()); | |||
assertThat(resultWithUser).containsOnlyOnce(SCAN_EXECUTION, UserRole.ADMIN, UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); | |||
assertThat(resultWithUser).containsOnlyOnce(GlobalPermission.SCAN.getKey(), UserRole.ADMIN, UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); | |||
// only permission from anyone group | |||
assertThat(resultWithoutUser).containsOnly(UserRole.ISSUE_ADMIN); | |||
} |
@@ -743,7 +743,7 @@ public class PurgeCommandsTest { | |||
UserDto user = dbTester.users().insertUser(); | |||
dbTester.users().insertProjectPermissionOnUser(user, "doh", root); | |||
dbTester.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
dbTester.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
assertThat(dbTester.countRowsOfTable("group_roles")).isEqualTo(root.isPrivate() ? 2 : 4); | |||
assertThat(dbTester.countRowsOfTable("user_roles")).isEqualTo(2); |
@@ -77,7 +77,7 @@ public class RoleDaoTest { | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project1); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2); | |||
// global permission - not returned | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); | |||
// project permission on another user id - not returned | |||
db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project1); | |||
// project permission on another permission - not returned | |||
@@ -96,7 +96,7 @@ public class RoleDaoTest { | |||
db.users().insertMember(group1, user1); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2); | |||
// global permission - not returned | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertPermissionOnGroup(group1, ADMINISTER); | |||
// project permission on another user id - not returned | |||
db.users().insertPermissionOnGroup(group2, ADMINISTER); |
@@ -19,15 +19,17 @@ | |||
*/ | |||
package org.sonar.db.permission; | |||
import com.google.common.collect.ImmutableSet; | |||
import java.util.Set; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import static org.sonar.db.permission.GlobalPermission.APPLICATION_CREATOR; | |||
import static org.sonar.db.permission.GlobalPermission.PORTFOLIO_CREATOR; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class PermissionsTestHelper { | |||
public static final Set<String> ALL_PERMISSIONS = ImmutableSet.of(UserRole.ADMIN, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, | |||
GlobalPermissions.SCAN_EXECUTION, UserRole.USER, GlobalPermission.APPLICATION_CREATOR.getKey(), GlobalPermission.PORTFOLIO_CREATOR.getKey()); | |||
public static final Set<String> ALL_PERMISSIONS = Set.of(UserRole.ADMIN, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, | |||
SCAN.getKey(), UserRole.USER, APPLICATION_CREATOR.getKey(), PORTFOLIO_CREATOR.getKey()); | |||
private PermissionsTestHelper() { | |||
} |
@@ -19,7 +19,6 @@ | |||
*/ | |||
package org.sonar.db.user; | |||
import com.google.common.collect.ImmutableSet; | |||
import java.util.Arrays; | |||
import java.util.List; | |||
import java.util.Optional; | |||
@@ -47,7 +46,8 @@ import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.user.GroupTesting.newGroupDto; | |||
public class UserDbTester { | |||
private static final Set<String> PUBLIC_PERMISSIONS = ImmutableSet.of(UserRole.USER, UserRole.CODEVIEWER); // FIXME to check with Simon | |||
private static final Set<String> PUBLIC_PERMISSIONS = Set.of(UserRole.USER, UserRole.CODEVIEWER); | |||
public static final String PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES = "Permissions can't be granted on branches"; | |||
private final DbTester db; | |||
private final DbClient dbClient; | |||
@@ -90,7 +90,7 @@ public class UserDbTester { | |||
public UserDto insertAdminByUserPermission() { | |||
UserDto user = insertUser(); | |||
insertPermissionOnUser(user, ADMINISTER); | |||
insertGlobalPermissionOnUser(user, ADMINISTER); | |||
return user; | |||
} | |||
@@ -211,7 +211,7 @@ public class UserDbTester { | |||
checkArgument(!project.isPrivate(), "No permission to group AnyOne can be granted on a private project"); | |||
checkArgument(!PUBLIC_PERMISSIONS.contains(permission), | |||
"permission %s can't be granted on a public project", permission); | |||
checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); | |||
checkArgument(project.getMainBranchProjectUuid() == null, PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES); | |||
GroupPermissionDto dto = new GroupPermissionDto() | |||
.setUuid(Uuids.createFast()) | |||
.setGroupUuid(null) | |||
@@ -231,7 +231,7 @@ public class UserDbTester { | |||
public GroupPermissionDto insertProjectPermissionOnGroup(GroupDto group, String permission, ComponentDto project) { | |||
checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), | |||
"%s can't be granted on a public project", permission); | |||
checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); | |||
checkArgument(project.getMainBranchProjectUuid() == null, PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES); | |||
GroupPermissionDto dto = new GroupPermissionDto() | |||
.setUuid(Uuids.createFast()) | |||
.setGroupUuid(group.getUuid()) | |||
@@ -261,17 +261,15 @@ public class UserDbTester { | |||
// USER PERMISSIONS | |||
/** | |||
* Grant permission | |||
* Grant global permission | |||
*/ | |||
public UserPermissionDto insertPermissionOnUser(UserDto user, GlobalPermission permission) { | |||
public UserPermissionDto insertGlobalPermissionOnUser(UserDto user, GlobalPermission permission) { | |||
return insertPermissionOnUser(user, permission.getKey()); | |||
} | |||
/** | |||
* Grant global permission | |||
* @deprecated use {@link #insertPermissionOnUser(UserDto, GlobalPermission)} | |||
* Grant permission | |||
*/ | |||
@Deprecated | |||
public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) { | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); | |||
db.getDbClient().userPermissionDao().insert(db.getSession(), dto, null, user, null); | |||
@@ -295,7 +293,7 @@ public class UserDbTester { | |||
public UserPermissionDto insertProjectPermissionOnUser(UserDto user, String permission, ComponentDto project) { | |||
checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), | |||
"%s can't be granted on a public project", permission); | |||
checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); | |||
checkArgument(project.getMainBranchProjectUuid() == null, PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES); | |||
UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); | |||
db.getDbClient().userPermissionDao().insert(db.getSession(), dto, project, user, null); | |||
db.commit(); |
@@ -61,8 +61,8 @@ public class DefaultAdminCredentialsVerifierNotificationHandlerTest { | |||
// Users granted admin permission directly | |||
UserDto admin1 = db.users().insertUser(u -> u.setEmail("admin1")); | |||
UserDto adminWithNoEmail = db.users().insertUser(u -> u.setEmail(null)); | |||
db.users().insertPermissionOnUser(admin1, ADMINISTER); | |||
db.users().insertPermissionOnUser(adminWithNoEmail, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(admin1, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(adminWithNoEmail, ADMINISTER); | |||
// User granted admin permission by group membership | |||
UserDto admin2 = db.users().insertUser(u -> u.setEmail("admin2")); | |||
GroupDto adminGroup = db.users().insertGroup(); |
@@ -27,9 +27,11 @@ import org.assertj.core.api.ThrowableAssert.ThrowingCallable; | |||
import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -39,18 +41,9 @@ import static com.google.common.base.Preconditions.checkState; | |||
import static java.util.Arrays.asList; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newChildComponent; | |||
import static org.sonar.db.component.ComponentTesting.newProjectCopy; | |||
import static org.sonar.db.component.ComponentTesting.newSubPortfolio; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class ServerUserSessionTest { | |||
@@ -142,23 +135,23 @@ public class ServerUserSessionTest { | |||
public void checkComponentUuidPermission_fails_with_FE_when_user_has_not_permission_for_specified_uuid_in_db() { | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, USER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project); | |||
UserSession session = newUserSession(user); | |||
assertThatForbiddenExceptionIsThrown(() -> session.checkComponentUuidPermission(USER, "another-uuid")); | |||
assertThatForbiddenExceptionIsThrown(() -> session.checkComponentUuidPermission(UserRole.USER, "another-uuid")); | |||
} | |||
@Test | |||
public void checkChildProjectsPermission_succeeds_if_user_has_permissions_on_all_application_child_projects() { | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, USER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project); | |||
ComponentDto application = db.components().insertPrivateApplication(); | |||
db.components().addApplicationProject(application, project); | |||
UserSession underTest = newUserSession(user); | |||
assertThat(underTest.checkChildProjectsPermission(USER, application)).isSameAs(underTest); | |||
assertThat(underTest.checkChildProjectsPermission(UserRole.USER, application)).isSameAs(underTest); | |||
} | |||
@Test | |||
@@ -168,7 +161,7 @@ public class ServerUserSessionTest { | |||
UserSession underTest = newUserSession(user); | |||
assertThat(underTest.checkChildProjectsPermission(USER, project)).isSameAs(underTest); | |||
assertThat(underTest.checkChildProjectsPermission(UserRole.USER, project)).isSameAs(underTest); | |||
} | |||
@Test | |||
@@ -182,76 +175,76 @@ public class ServerUserSessionTest { | |||
UserSession underTest = newUserSession(user); | |||
assertThatForbiddenExceptionIsThrown(() -> underTest.checkChildProjectsPermission(USER, application)); | |||
assertThatForbiddenExceptionIsThrown(() -> underTest.checkChildProjectsPermission(UserRole.USER, application)); | |||
} | |||
@Test | |||
public void checkPermission_throws_ForbiddenException_when_user_doesnt_have_the_specified_permission() { | |||
UserDto user = db.users().insertUser(); | |||
assertThatForbiddenExceptionIsThrown(() -> newUserSession(user).checkPermission(PROVISION_PROJECTS)); | |||
assertThatForbiddenExceptionIsThrown(() -> newUserSession(user).checkPermission(GlobalPermission.PROVISION_PROJECTS)); | |||
} | |||
@Test | |||
public void checkPermission_succeeds_when_user_has_the_specified_permission() { | |||
UserDto adminUser = db.users().insertAdminByUserPermission(); | |||
db.users().insertPermissionOnUser(adminUser, PROVISIONING); | |||
db.users().insertGlobalPermissionOnUser(adminUser, GlobalPermission.PROVISION_PROJECTS); | |||
newUserSession(adminUser).checkPermission(PROVISION_PROJECTS); | |||
newUserSession(adminUser).checkPermission(GlobalPermission.PROVISION_PROJECTS); | |||
} | |||
@Test | |||
public void test_hasPermission_for_logged_in_user() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); | |||
db.users().insertProjectPermissionOnUser(user, ADMIN, project); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); | |||
UserSession session = newUserSession(user); | |||
assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(ADMINISTER)).isFalse(); | |||
assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse(); | |||
} | |||
@Test | |||
public void test_hasPermission_for_anonymous_user() { | |||
db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); | |||
UserSession session = newAnonymousSession(); | |||
assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(ADMINISTER)).isFalse(); | |||
assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse(); | |||
} | |||
@Test | |||
public void hasPermission_keeps_cache_of_permissions_of_logged_in_user() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, PROVISIONING); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
UserSession session = newUserSession(user); | |||
// feed the cache | |||
assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); | |||
// change permissions without updating the cache | |||
db.users().deletePermissionFromUser(user, PROVISION_PROJECTS); | |||
db.users().insertPermissionOnUser(user, SCAN); | |||
assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(ADMINISTER)).isFalse(); | |||
assertThat(session.hasPermission(SCAN)).isFalse(); | |||
db.users().deletePermissionFromUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse(); | |||
assertThat(session.hasPermission(GlobalPermission.SCAN)).isFalse(); | |||
} | |||
@Test | |||
public void hasPermission_keeps_cache_of_permissions_of_anonymous_user() { | |||
db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); | |||
UserSession session = newAnonymousSession(); | |||
// feed the cache | |||
assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); | |||
// change permissions without updating the cache | |||
db.users().insertPermissionOnAnyone(SCAN); | |||
assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(SCAN)).isFalse(); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); | |||
assertThat(session.hasPermission(GlobalPermission.SCAN)).isFalse(); | |||
} | |||
@Test | |||
@@ -259,7 +252,7 @@ public class ServerUserSessionTest { | |||
ComponentDto project1 = db.components().insertPrivateProject(); | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertProjectPermissionOnUser(user, USER, project1); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project1); | |||
ComponentDto application = db.components().insertPrivateApplication(); | |||
db.components().addApplicationProject(application, project1); | |||
@@ -267,30 +260,30 @@ public class ServerUserSessionTest { | |||
db.components().insertComponent(newProjectCopy(project1, application)); | |||
UserSession session = newUserSession(user); | |||
assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue(); | |||
db.components().addApplicationProject(application, project2); | |||
db.components().insertComponent(newProjectCopy(project2, application)); | |||
assertThat(session.hasChildProjectsPermission(USER, application)).isFalse(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isFalse(); | |||
} | |||
@Test | |||
public void test_hasChildProjectsPermission_for_anonymous_user() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnAnyone(USER); | |||
db.users().insertPermissionOnAnyone(UserRole.USER); | |||
ComponentDto application = db.components().insertPrivateApplication(); | |||
db.components().addApplicationProject(application, project); | |||
// add computed project | |||
db.components().insertComponent(newProjectCopy(project, application)); | |||
UserSession session = newAnonymousSession(); | |||
assertThat(session.hasChildProjectsPermission(USER, application)).isFalse(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isFalse(); | |||
} | |||
@Test | |||
public void hasChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() { | |||
db.users().insertPermissionOnAnyone(USER); | |||
db.users().insertPermissionOnAnyone(UserRole.USER); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
ComponentDto application = db.components().insertPublicApplication(); | |||
@@ -299,11 +292,11 @@ public class ServerUserSessionTest { | |||
UserSession session = newAnonymousSession(); | |||
// feed the cache | |||
assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue(); | |||
// change privacy of the project without updating the cache | |||
db.getDbClient().componentDao().setPrivateForBranchUuidWithoutAudit(db.getSession(), project.uuid(), true); | |||
assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue(); | |||
} | |||
@Test | |||
@@ -324,44 +317,44 @@ public class ServerUserSessionTest { | |||
db.components().addPortfolioProject(portfolio, project1); | |||
db.components().insertComponent(newProjectCopy(project1, portfolio)); | |||
assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); | |||
// Add private project2 with USER permissions to private portfolio | |||
db.users().insertProjectPermissionOnUser(user, USER, project2); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2); | |||
db.components().addPortfolioProject(portfolio, project2); | |||
db.components().insertComponent(newProjectCopy(project2, portfolio)); | |||
assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); | |||
// Add private project4 with USER permissions to sub-portfolio | |||
db.users().insertProjectPermissionOnUser(user, USER, project4); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project4); | |||
db.components().addPortfolioProject(subPortfolio, project4); | |||
db.components().insertComponent(newProjectCopy(project4, subPortfolio)); | |||
db.components().addPortfolioReference(portfolio, subPortfolio.uuid()); | |||
// The predicate should work both on view and subview components | |||
assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(USER, subPortfolio)).isTrue(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, subPortfolio)).isTrue(); | |||
// Add private project3 without permissions to private portfolio | |||
db.components().addPortfolioProject(portfolio, project3); | |||
db.components().insertComponent(newProjectCopy(project3, portfolio)); | |||
assertThat(session.hasChildProjectsPermission(USER, portfolio)).isFalse(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isFalse(); | |||
// Add private project5 without permissions to sub-portfolio | |||
db.components().addPortfolioProject(subPortfolio, project5); | |||
db.components().insertComponent(newProjectCopy(project5, subPortfolio)); | |||
assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(USER, subPortfolio)).isFalse(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isFalse(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, subPortfolio)).isFalse(); | |||
} | |||
@Test | |||
public void test_hasPortfolioChildProjectsPermission_for_anonymous_user() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnAnyone(USER); | |||
db.users().insertPermissionOnAnyone(UserRole.USER); | |||
ComponentDto portfolio = db.components().insertPrivatePortfolio(); | |||
@@ -370,12 +363,12 @@ public class ServerUserSessionTest { | |||
db.components().insertComponent(newProjectCopy(project, portfolio)); | |||
UserSession session = newAnonymousSession(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse(); | |||
assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isFalse(); | |||
} | |||
@Test | |||
public void hasPortfolioChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() { | |||
db.users().insertPermissionOnAnyone(USER); | |||
db.users().insertPermissionOnAnyone(UserRole.USER); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
ComponentDto portfolio = db.components().insertPublicPortfolio(); | |||
@@ -384,11 +377,11 @@ public class ServerUserSessionTest { | |||
UserSession session = newAnonymousSession(); | |||
// feed the cache | |||
assertThat(session.hasChildProjectsPermission(USER, portfolio)).isTrue(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); | |||
// change privacy of the project without updating the cache | |||
db.getDbClient().componentDao().setPrivateForBranchUuidWithoutAudit(db.getSession(), project.uuid(), true); | |||
assertThat(session.hasChildProjectsPermission(USER, portfolio)).isTrue(); | |||
assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); | |||
} | |||
@Test | |||
@@ -397,8 +390,8 @@ public class ServerUserSessionTest { | |||
ServerUserSession underTest = newAnonymousSession(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); | |||
} | |||
@Test | |||
@@ -408,8 +401,8 @@ public class ServerUserSessionTest { | |||
ServerUserSession underTest = newAnonymousSession(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); | |||
} | |||
@Test | |||
@@ -419,8 +412,8 @@ public class ServerUserSessionTest { | |||
ServerUserSession underTest = newAnonymousSession(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); | |||
} | |||
@Test | |||
@@ -430,8 +423,8 @@ public class ServerUserSessionTest { | |||
ServerUserSession underTest = newAnonymousSession(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); | |||
} | |||
@Test | |||
@@ -441,8 +434,8 @@ public class ServerUserSessionTest { | |||
ServerUserSession underTest = newUserSession(user); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse(); | |||
} | |||
@Test | |||
@@ -453,8 +446,8 @@ public class ServerUserSessionTest { | |||
ServerUserSession underTest = newUserSession(user); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse(); | |||
} | |||
@Test | |||
@@ -465,8 +458,8 @@ public class ServerUserSessionTest { | |||
ServerUserSession underTest = newUserSession(user); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse(); | |||
} | |||
@Test | |||
@@ -527,35 +520,35 @@ public class ServerUserSessionTest { | |||
public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_logged_in_user() { | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto publicProject = db.components().insertPublicProject(); | |||
db.users().insertProjectPermissionOnUser(user, ADMIN, publicProject); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, publicProject); | |||
UserSession underTest = newUserSession(user); | |||
// feed the cache | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); | |||
// change permissions without updating the cache | |||
db.users().deletePermissionFromUser(publicProject, user, ADMIN); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, publicProject); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, ISSUE_ADMIN, publicProject)).isFalse(); | |||
db.users().deletePermissionFromUser(publicProject, user, UserRole.ADMIN); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, publicProject); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ISSUE_ADMIN, publicProject)).isFalse(); | |||
} | |||
@Test | |||
public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_anonymous_user() { | |||
ComponentDto publicProject = db.components().insertPublicProject(); | |||
db.users().insertProjectPermissionOnAnyone(ADMIN, publicProject); | |||
db.users().insertProjectPermissionOnAnyone(UserRole.ADMIN, publicProject); | |||
UserSession underTest = newAnonymousSession(); | |||
// feed the cache | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); | |||
// change permissions without updating the cache | |||
db.users().deleteProjectPermissionFromAnyone(publicProject, ADMIN); | |||
db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, publicProject); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, ISSUE_ADMIN, publicProject)).isFalse(); | |||
db.users().deleteProjectPermissionFromAnyone(publicProject, UserRole.ADMIN); | |||
db.users().insertProjectPermissionOnAnyone(UserRole.ISSUE_ADMIN, publicProject); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); | |||
assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ISSUE_ADMIN, publicProject)).isFalse(); | |||
} | |||
private boolean hasComponentPermissionByDtoOrUuid(UserSession underTest, String permission, ComponentDto component) { | |||
@@ -572,31 +565,31 @@ public class ServerUserSessionTest { | |||
UserSession underTest = newAnonymousSession(); | |||
assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); | |||
} | |||
@Test | |||
public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_anonymous() { | |||
ComponentDto publicProject = db.components().insertPublicProject(); | |||
ComponentDto privateProject = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, publicProject); | |||
db.users().insertProjectPermissionOnAnyone(UserRole.ISSUE_ADMIN, publicProject); | |||
UserSession underTest = newAnonymousSession(); | |||
assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(ISSUE_ADMIN, Arrays.asList(privateProject, publicProject))).containsExactly(publicProject); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.ISSUE_ADMIN, Arrays.asList(privateProject, publicProject))).containsExactly(publicProject); | |||
} | |||
@Test | |||
public void keepAuthorizedComponents_on_branches() { | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto privateProject = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, ADMIN, privateProject); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, privateProject); | |||
ComponentDto privateBranchProject = db.components().insertProjectBranch(privateProject); | |||
UserSession underTest = newUserSession(user); | |||
assertThat(underTest.keepAuthorizedComponents(ADMIN, asList(privateProject, privateBranchProject))) | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, asList(privateProject, privateBranchProject))) | |||
.containsExactlyInAnyOrder(privateProject, privateBranchProject); | |||
} | |||
@@ -613,13 +606,13 @@ public class ServerUserSessionTest { | |||
UserSession underTest = newUserSession(user); | |||
ComponentDto portfolio = db.components().insertPrivatePortfolio(); | |||
db.users().insertProjectPermissionOnUser(user, USER, portfolio); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, portfolio); | |||
ComponentDto subPortfolio = db.components().insertComponent(newSubPortfolio(portfolio)); | |||
db.users().insertProjectPermissionOnUser(user, USER, subPortfolio); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, subPortfolio); | |||
ComponentDto app = db.components().insertPrivateApplication(); | |||
db.users().insertProjectPermissionOnUser(user, USER, app); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, app); | |||
ComponentDto app2 = db.components().insertPrivateApplication(); | |||
@@ -628,12 +621,12 @@ public class ServerUserSessionTest { | |||
var copyProject1 = db.components().insertComponent(newProjectCopy(project1, portfolio)); | |||
// Add private project2 with USER permissions to private portfolio | |||
db.users().insertProjectPermissionOnUser(user, USER, project2); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2); | |||
db.components().addPortfolioProject(portfolio, project2); | |||
var copyProject2 = db.components().insertComponent(newProjectCopy(project2, portfolio)); | |||
// Add private project4 with USER permissions to sub-portfolio | |||
db.users().insertProjectPermissionOnUser(user, USER, project4); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project4); | |||
db.components().addPortfolioProject(subPortfolio, project4); | |||
var copyProject4 = db.components().insertComponent(newProjectCopy(project4, subPortfolio)); | |||
db.components().addPortfolioReference(portfolio, subPortfolio.uuid()); | |||
@@ -643,7 +636,7 @@ public class ServerUserSessionTest { | |||
var copyProject3 = db.components().insertComponent(newProjectCopy(project3, portfolio)); | |||
// Add private project5 with USER permissions to app | |||
db.users().insertProjectPermissionOnUser(user, USER, project5); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project5); | |||
db.components().addApplicationProject(app, project5); | |||
var copyProject5 = db.components().insertComponent(newProjectCopy(project5, app)); | |||
db.components().addPortfolioReference(portfolio, app.uuid()); | |||
@@ -653,16 +646,16 @@ public class ServerUserSessionTest { | |||
var copyProject6 = db.components().insertComponent(newProjectCopy(project6, app2)); | |||
db.components().addPortfolioReference(portfolio, app2.uuid()); | |||
assertThat(underTest.keepAuthorizedComponents(ADMIN, List.of(portfolio))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(USER, List.of(portfolio))).containsExactly(portfolio); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, List.of(portfolio))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.USER, List.of(portfolio))).containsExactly(portfolio); | |||
assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio); | |||
assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty(); | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5); | |||
assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(copyProject1, copyProject2, copyProject3, copyProject4, copyProject5, copyProject6))) | |||
assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(copyProject1, copyProject2, copyProject3, copyProject4, copyProject5, copyProject6))) | |||
.containsExactly(copyProject1, copyProject2, copyProject4, copyProject5); | |||
} | |||
@@ -678,7 +671,7 @@ public class ServerUserSessionTest { | |||
@Test | |||
public void isSystemAdministrator_returns_true_if_user_is_administrator() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, SYSTEM_ADMIN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
UserSession session = newUserSession(user); | |||
@@ -688,7 +681,7 @@ public class ServerUserSessionTest { | |||
@Test | |||
public void isSystemAdministrator_returns_false_if_user_is_not_administrator() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, PROVISIONING); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
UserSession session = newUserSession(user); | |||
@@ -698,7 +691,7 @@ public class ServerUserSessionTest { | |||
@Test | |||
public void keep_isSystemAdministrator_flag_in_cache() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, SYSTEM_ADMIN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
UserSession session = newUserSession(user); | |||
@@ -745,7 +738,7 @@ public class ServerUserSessionTest { | |||
ComponentDto privateProject = db.components().insertPrivateProject(); | |||
Set<ProjectDto> projectDto = Set.of(getProjectDto(publicProject), getProjectDto(privateProject)); | |||
List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(USER, projectDto); | |||
List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(UserRole.USER, projectDto); | |||
assertThat(projectDtos).containsExactly(db.components().getProjectDto(publicProject)); | |||
} | |||
@@ -757,7 +750,7 @@ public class ServerUserSessionTest { | |||
ComponentDto privateProject = db.components().insertPrivateProject(); | |||
Set<ProjectDto> projectDto = Set.of(getProjectDto(publicProject), getProjectDto(privateProject)); | |||
List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(USER, projectDto); | |||
List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(UserRole.USER, projectDto); | |||
assertThat(projectDtos).containsExactly(db.components().getProjectDto(publicProject)); | |||
} |
@@ -95,7 +95,7 @@ public class TokenUserSessionTest { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1); | |||
@@ -106,7 +106,7 @@ public class TokenUserSessionTest { | |||
@Test | |||
public void test_hasGlobalPermission_for_UserToken() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
TokenUserSession userSession = mockTokenUserSession(user); | |||
@@ -123,7 +123,7 @@ public class TokenUserSessionTest { | |||
db.users().insertProjectPermissionOnUser(user, SCAN, project1); | |||
db.users().insertProjectPermissionOnUser(user, SCAN, project2); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1); | |||
@@ -136,7 +136,7 @@ public class TokenUserSessionTest { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); | |||
@@ -148,8 +148,8 @@ public class TokenUserSessionTest { | |||
public void test_hasProvisionProjectsGlobalPermission_for_GlobalAnalysisToken_returnsTrueIfUserIsGranted() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); | |||
@@ -160,7 +160,7 @@ public class TokenUserSessionTest { | |||
public void test_hasProvisionProjectsGlobalPermission_for_GlobalAnalysisToken_returnsFalseIfUserIsNotGranted() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); | |||
@@ -171,7 +171,7 @@ public class TokenUserSessionTest { | |||
public void test_hasAdministerGlobalPermission_for_GlobalAnalysisToken_returnsFalse() { | |||
UserDto user = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); | |||
@@ -21,18 +21,17 @@ package org.sonar.server.permission; | |||
import java.util.List; | |||
import java.util.Optional; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.UuidFactory; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.user.GroupDto; | |||
import static com.google.common.base.Preconditions.checkNotNull; | |||
import static java.lang.String.format; | |||
import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.server.exceptions.BadRequestException.checkRequest; | |||
import static org.sonar.server.permission.PermissionChange.Operation.ADD; | |||
import static org.sonar.server.permission.PermissionChange.Operation.REMOVE; | |||
@@ -78,7 +77,7 @@ public class GroupPermissionChanger { | |||
private static boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, ComponentDto project) { | |||
return !project.isPrivate() | |||
&& change.getOperation() == ADD | |||
&& PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
} | |||
private static boolean isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(GroupPermissionChange change, ComponentDto project) { | |||
@@ -108,7 +107,7 @@ public class GroupPermissionChanger { | |||
private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, ComponentDto project) { | |||
return !project.isPrivate() | |||
&& change.getOperation() == REMOVE | |||
&& PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
} | |||
private boolean addPermission(DbSession dbSession, GroupPermissionChange change) { | |||
@@ -136,7 +135,7 @@ public class GroupPermissionChanger { | |||
} | |||
private static void validateNotAnyoneAndAdminPermission(String permission, GroupUuidOrAnyone group) { | |||
checkRequest(!GlobalPermissions.SYSTEM_ADMIN.equals(permission) || !group.isAnyone(), | |||
checkRequest(!GlobalPermission.ADMINISTER.getKey().equals(permission) || !group.isAnyone(), | |||
format("It is not possible to add the '%s' permission to group 'Anyone'.", permission)); | |||
} | |||
@@ -173,13 +172,13 @@ public class GroupPermissionChanger { | |||
private void checkIfRemainingGlobalAdministrators(DbSession dbSession, GroupPermissionChange change) { | |||
GroupUuidOrAnyone groupUuidOrAnyone = change.getGroupUuidOrAnyone(); | |||
if (SYSTEM_ADMIN.equals(change.getPermission()) && | |||
if (GlobalPermission.ADMINISTER.getKey().equals(change.getPermission()) && | |||
!groupUuidOrAnyone.isAnyone() && | |||
change.getProjectUuid() == null) { | |||
String groupUuid = checkNotNull(groupUuidOrAnyone.getUuid()); | |||
// removing global admin permission from group | |||
int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, SYSTEM_ADMIN, groupUuid); | |||
checkRequest(remaining > 0, "Last group with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); | |||
int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, GlobalPermission.ADMINISTER.getKey(), groupUuid); | |||
checkRequest(remaining > 0, "Last group with permission '%s'. Permission cannot be removed.", GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
} | |||
@@ -21,8 +21,8 @@ package org.sonar.server.permission; | |||
import javax.annotation.CheckForNull; | |||
import javax.annotation.Nullable; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.component.ComponentDto; | |||
import static java.util.Objects.requireNonNull; | |||
import static org.sonar.core.util.stream.MoreCollectors.toList; |
@@ -27,7 +27,7 @@ import java.util.stream.Collectors; | |||
import javax.annotation.Nullable; | |||
import org.sonar.api.resources.ResourceType; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import static com.google.common.base.Strings.isNullOrEmpty; | |||
@@ -55,8 +55,8 @@ public class RequestValidator { | |||
} | |||
public static void validateGlobalPermission(String permission) { | |||
checkRequest(GlobalPermissions.ALL.contains(permission), | |||
format("The '%s' parameter for global permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION, GlobalPermissions.ALL_ON_ONE_LINE, permission)); | |||
checkRequest(GlobalPermission.contains(permission), | |||
format("The '%s' parameter for global permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION, GlobalPermission.ALL_ON_ONE_LINE, permission)); | |||
} | |||
public static void validateQualifier(@Nullable String qualifier, ResourceTypes resourceTypes) { |
@@ -20,14 +20,14 @@ | |||
package org.sonar.server.permission; | |||
import java.util.List; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.UuidFactory; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.UserPermissionDto; | |||
import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.server.exceptions.BadRequestException.checkRequest; | |||
import static org.sonar.server.permission.PermissionChange.Operation.ADD; | |||
import static org.sonar.server.permission.PermissionChange.Operation.REMOVE; | |||
@@ -75,7 +75,7 @@ public class UserPermissionChanger { | |||
private static boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, ComponentDto project) { | |||
return !project.isPrivate() | |||
&& change.getOperation() == ADD | |||
&& PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
} | |||
private static void ensureConsistencyWithVisibility(UserPermissionChange change) { | |||
@@ -89,7 +89,7 @@ public class UserPermissionChanger { | |||
private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, ComponentDto projectUuid) { | |||
return !projectUuid.isPrivate() | |||
&& change.getOperation() == REMOVE | |||
&& PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
&& UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); | |||
} | |||
private boolean addPermission(DbSession dbSession, UserPermissionChange change) { | |||
@@ -125,9 +125,9 @@ public class UserPermissionChanger { | |||
} | |||
private void checkOtherAdminsExist(DbSession dbSession, UserPermissionChange change) { | |||
if (SYSTEM_ADMIN.equals(change.getPermission()) && change.getProjectUuid() == null) { | |||
if (GlobalPermission.ADMINISTER.getKey().equals(change.getPermission()) && change.getProjectUuid() == null) { | |||
int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUserPermission(dbSession, change.getPermission(), change.getUserId().getUuid()); | |||
checkRequest(remaining > 0, "Last user with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); | |||
checkRequest(remaining > 0, "Last user with permission '%s'. Permission cannot be removed.", GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
} | |||
} |
@@ -21,7 +21,7 @@ package org.sonar.server.permission.ws; | |||
import com.google.common.base.Joiner; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.permission.PermissionService; | |||
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; | |||
@@ -50,7 +50,7 @@ public class WsParameters { | |||
"<li>Possible values for global permissions: %s</li>" + | |||
"<li>Possible values for project permissions %s</li>" + | |||
"</ul>", | |||
GlobalPermissions.ALL_ON_ONE_LINE, | |||
GlobalPermission.ALL_ON_ONE_LINE, | |||
allProjectsPermissionsOnOneLine); | |||
projectPermissionParamDescription = String.format("Permission" + | |||
"<ul>" + |
@@ -33,7 +33,7 @@ import org.sonar.server.permission.ws.WsParameters; | |||
import org.sonar.server.user.UserSession; | |||
import static java.lang.String.format; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.exceptions.BadRequestException.checkRequest; | |||
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; | |||
import static org.sonar.server.permission.ws.WsParameters.createGroupNameParameter; | |||
@@ -79,7 +79,7 @@ public class AddGroupToTemplateAction implements PermissionsWsAction { | |||
try (DbSession dbSession = dbClient.openSession(false)) { | |||
String permission = request.mandatoryParam(PARAM_PERMISSION); | |||
GroupUuidOrAnyone group = support.findGroup(dbSession, request); | |||
checkRequest(!SYSTEM_ADMIN.equals(permission) || !group.isAnyone(), | |||
checkRequest(!ADMINISTER.getKey().equals(permission) || !group.isAnyone(), | |||
format("It is not possible to add the '%s' permission to the group 'Anyone'.", permission)); | |||
PermissionTemplateDto template = support.findTemplate(dbSession, fromRequest(request)); |
@@ -24,13 +24,13 @@ import java.net.SocketException; | |||
import java.net.UnknownHostException; | |||
import okhttp3.HttpUrl; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.server.user.UserSession; | |||
import static org.sonar.api.CoreProperties.SONAR_VALIDATE_WEBHOOKS_DEFAULT_VALUE; | |||
import static org.sonar.api.CoreProperties.SONAR_VALIDATE_WEBHOOKS_PROPERTY; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
public class WebhookSupport { | |||
@@ -45,11 +45,11 @@ public class WebhookSupport { | |||
} | |||
void checkPermission(ProjectDto projectDto) { | |||
userSession.checkProjectPermission(ADMIN, projectDto); | |||
userSession.checkProjectPermission(UserRole.ADMIN, projectDto); | |||
} | |||
void checkPermission() { | |||
userSession.checkPermission(ADMINISTER); | |||
userSession.checkPermission(GlobalPermission.ADMINISTER); | |||
} | |||
void checkUrlPattern(String url, String message, Object... messageArguments) { |
@@ -23,7 +23,6 @@ import java.util.Collection; | |||
import java.util.Collections; | |||
import java.util.List; | |||
import java.util.Optional; | |||
import java.util.stream.Collectors; | |||
import org.junit.Before; | |||
import org.junit.BeforeClass; | |||
import org.junit.Rule; |
@@ -21,7 +21,6 @@ package org.sonar.server.batch; | |||
import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.api.config.internal.MapSettings; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.Scopes; | |||
import org.sonar.core.util.Uuids; | |||
@@ -43,8 +42,8 @@ import static com.google.common.collect.ImmutableList.of; | |||
import static java.lang.String.format; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class ProjectDataLoaderTest { | |||
@Rule | |||
@@ -54,15 +53,13 @@ public class ProjectDataLoaderTest { | |||
private DbClient dbClient = db.getDbClient(); | |||
private DbSession dbSession = db.getSession(); | |||
private int uuidCounter = 0; | |||
private ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); | |||
private MapSettings settings = new MapSettings(); | |||
private ProjectDataLoader underTest = new ProjectDataLoader(dbClient, userSession, new ComponentFinder(dbClient, resourceTypes)); | |||
@Test | |||
public void throws_NotFoundException_when_branch_does_not_exist() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn().addProjectPermission(SCAN.getKey(), project); | |||
assertThatThrownBy(() -> { | |||
underTest.load(ProjectDataQuery.create() | |||
@@ -76,7 +73,7 @@ public class ProjectDataLoaderTest { | |||
@Test | |||
public void return_file_data_from_single_project() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn().addProjectPermission(SCAN.getKey(), project); | |||
ComponentDto file = db.components().insertComponent(newFileDto(project)); | |||
dbClient.fileSourceDao().insert(dbSession, newFileSourceDto(file).setSrcHash("123456")); | |||
db.commit(); | |||
@@ -92,7 +89,7 @@ public class ProjectDataLoaderTest { | |||
public void return_file_data_from_branch() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto branch = db.components().insertProjectBranch(project, b -> b.setKey("my_branch")); | |||
userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn().addProjectPermission(SCAN.getKey(), project); | |||
// File on branch | |||
ComponentDto projectFile = db.components().insertComponent(newFileDto(branch)); | |||
dbClient.fileSourceDao().insert(dbSession, newFileSourceDto(projectFile).setSrcHash("123456")); |
@@ -56,10 +56,10 @@ import static org.sonar.api.rules.RuleType.BUG; | |||
import static org.sonar.api.utils.DateUtils.dateToLong; | |||
import static org.sonar.api.utils.DateUtils.parseDateTime; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.component.BranchDto.DEFAULT_MAIN_BRANCH_NAME; | |||
import static org.sonar.db.component.BranchType.BRANCH; | |||
import static org.sonar.db.component.SnapshotTesting.newAnalysis; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
public class ListActionTest { | |||
@@ -141,7 +141,7 @@ public class ListActionTest { | |||
db.issues().insert(rule, branch, branch, i -> i.setType(BUG).setResolution(null)); | |||
indexIssues(); | |||
userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn().addProjectPermission(SCAN.getKey(), project); | |||
String json = ws.newRequest() | |||
.setParam("project", project.getKey()) |
@@ -69,7 +69,6 @@ import static org.mockito.Mockito.verify; | |||
import static org.mockito.Mockito.verifyNoInteractions; | |||
import static org.mockito.Mockito.verifyNoMoreInteractions; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.component.ComponentTesting.newBranchDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
@@ -108,7 +107,7 @@ public class BranchReportSubmitterTest { | |||
public void submit_does_not_use_delegate_if_characteristics_are_empty() { | |||
ComponentDto project = db.components().insertPublicProject(); | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); | |||
mockSuccessfulPrepareSubmitCall(); | |||
InputStream reportInput = IOUtils.toInputStream("{binary}", StandardCharsets.UTF_8); | |||
@@ -122,7 +121,7 @@ public class BranchReportSubmitterTest { | |||
ComponentDto project = db.components().insertPublicProject(); | |||
ComponentDto branch = db.components().insertProjectBranch(project, b -> b.setKey("branch1")); | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); | |||
Map<String, String> randomCharacteristics = randomNonEmptyMap(); | |||
BranchSupport.ComponentKey componentKey = createComponentKeyOfBranch(project.getKey(), "branch1"); | |||
when(branchSupportDelegate.createComponentKey(project.getKey(), randomCharacteristics)).thenReturn(componentKey); | |||
@@ -145,7 +144,7 @@ public class BranchReportSubmitterTest { | |||
ComponentDto existingProject = db.components().insertPublicProject(); | |||
BranchDto exitingProjectMainBranch = db.getDbClient().branchDao().selectByUuid(db.getSession(), existingProject.uuid()).get(); | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, existingProject); | |||
userSession.logIn(user).addProjectPermission(SCAN.getKey(), existingProject); | |||
Map<String, String> randomCharacteristics = randomNonEmptyMap(); | |||
ComponentDto createdBranch = createButDoNotInsertBranch(existingProject); | |||
BranchSupport.ComponentKey componentKey = createComponentKeyOfBranch(existingProject.getKey(), "branch1"); | |||
@@ -200,7 +199,7 @@ public class BranchReportSubmitterTest { | |||
public void submit_fails_if_branch_support_delegate_createComponentKey_throws_an_exception() { | |||
ComponentDto project = db.components().insertPublicProject(); | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); | |||
Map<String, String> randomCharacteristics = randomNonEmptyMap(); | |||
InputStream reportInput = IOUtils.toInputStream("{binary}", StandardCharsets.UTF_8); | |||
RuntimeException expected = new RuntimeException("Faking an exception thrown by branchSupportDelegate"); | |||
@@ -218,7 +217,7 @@ public class BranchReportSubmitterTest { | |||
public void submit_report_on_missing_branch_of_missing_project_fails_with_ForbiddenException_if_only_scan_permission() { | |||
ComponentDto nonExistingProject = newPrivateProjectDto(); | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, nonExistingProject); | |||
userSession.logIn(user).addProjectPermission(SCAN.getKey(), nonExistingProject); | |||
Map<String, String> randomCharacteristics = randomNonEmptyMap(); | |||
ComponentDto createdBranch = createButDoNotInsertBranch(nonExistingProject); | |||
BranchSupport.ComponentKey componentKey = createComponentKeyOfBranch(nonExistingProject.getKey()); |
@@ -65,7 +65,6 @@ import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.verify; | |||
import static org.mockito.Mockito.verifyNoInteractions; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; | |||
import static org.sonar.db.component.BranchDto.DEFAULT_MAIN_BRANCH_NAME; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
@@ -140,7 +139,7 @@ public class ReportSubmitterTest { | |||
public void submit_a_report_on_existing_project() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); | |||
mockSuccessfulPrepareSubmitCall(); | |||
underTest.submit(project.getKey(), project.name(), emptyMap(), IOUtils.toInputStream("{binary}", StandardCharsets.UTF_8)); | |||
@@ -250,7 +249,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void submit_a_report_on_existing_project_with_project_scan_permission() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
userSession.addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.addProjectPermission(SCAN.getKey(), project); | |||
mockSuccessfulPrepareSubmitCall(); | |||
underTest.submit(project.getKey(), project.name(), emptyMap(), IOUtils.toInputStream("{binary}")); | |||
@@ -261,7 +260,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void fail_if_component_is_not_a_project() { | |||
ComponentDto component = db.components().insertPublicPortfolio(); | |||
userSession.logIn().addProjectPermission(SCAN_EXECUTION, component); | |||
userSession.logIn().addProjectPermission(SCAN.getKey(), component); | |||
mockSuccessfulPrepareSubmitCall(); | |||
String dbKey = component.getKey(); | |||
@@ -277,7 +276,7 @@ public class ReportSubmitterTest { | |||
public void fail_if_project_key_already_exists_as_other_component() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
ComponentDto dir = db.components().insertComponent(newDirectory(project, "path")); | |||
userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); | |||
userSession.logIn().addProjectPermission(SCAN.getKey(), project); | |||
mockSuccessfulPrepareSubmitCall(); | |||
String dirDbKey = dir.getKey(); | |||
@@ -304,7 +303,7 @@ public class ReportSubmitterTest { | |||
@Test | |||
public void fail_with_forbidden_exception_on_new_project_when_only_project_scan_permission() { | |||
ComponentDto component = db.components().insertPrivateProject(PROJECT_UUID); | |||
userSession.addProjectPermission(SCAN_EXECUTION, component); | |||
userSession.addProjectPermission(SCAN.getKey(), component); | |||
mockSuccessfulPrepareSubmitCall(); | |||
Map<String, String> emptyMap = emptyMap(); |
@@ -28,7 +28,6 @@ import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.core.util.CloseableIterator; | |||
import org.sonar.core.util.UuidFactoryFast; | |||
import org.sonar.core.util.Uuids; | |||
@@ -56,7 +55,6 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.SCAN; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.ce.CeTaskCharacteristicDto.BRANCH_KEY; | |||
import static org.sonar.db.ce.CeTaskCharacteristicDto.BRANCH_TYPE_KEY; | |||
import static org.sonar.db.component.BranchType.BRANCH; | |||
@@ -300,7 +298,7 @@ public class TaskActionTest { | |||
@Test | |||
public void get_project_queue_task_with_scan_permission_on_project() { | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(GlobalPermissions.SCAN_EXECUTION, privateProject); | |||
userSession.logIn(user).addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); | |||
CeQueueDto task = createAndPersistQueueTask(privateProject, user); | |||
call(task.getUuid()); | |||
@@ -331,7 +329,7 @@ public class TaskActionTest { | |||
@Test | |||
public void get_project_queue_task_on_public_project() { | |||
UserDto user = db.users().insertUser(); | |||
userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, privateProject); | |||
userSession.logIn(user).addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); | |||
CeQueueDto task = createAndPersistQueueTask(privateProject, user); | |||
call(task.getUuid()); | |||
@@ -379,7 +377,7 @@ public class TaskActionTest { | |||
@Test | |||
public void get_project_archived_task_with_scan_permission_on_project() { | |||
userSession.logIn().addProjectPermission(GlobalPermissions.SCAN_EXECUTION, privateProject); | |||
userSession.logIn().addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); | |||
CeActivityDto task = createAndPersistArchivedTask(privateProject); | |||
call(task.getUuid()); | |||
@@ -458,7 +456,7 @@ public class TaskActionTest { | |||
@Test | |||
public void get_warnings_on_private_project_archived_task_if_scan() { | |||
userSession.logIn().addProjectPermission(SCAN_EXECUTION, privateProject); | |||
userSession.logIn().addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); | |||
getWarningsImpl(createAndPersistArchivedTask(privateProject)); | |||
} |
@@ -27,7 +27,6 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.core.util.Uuids; | |||
import org.sonar.db.DbTester; | |||
@@ -44,6 +43,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.Assertions.fail; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
public class GroupPermissionChangerTest { | |||
@@ -69,18 +69,18 @@ public class GroupPermissionChangerTest { | |||
public void apply_adds_global_permission_to_group() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, ADMINISTER_QUALITY_PROFILES.getKey(), null, groupUuid, permissionService)); | |||
assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(ADMINISTER_QUALITY_PROFILES.getKey()); | |||
} | |||
@Test | |||
public void apply_adds_global_permission_to_group_AnyOne() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, ADMINISTER_QUALITY_PROFILES.getKey(), null, groupUuid, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
assertThat(db.users().selectAnyonePermissions(null)).containsOnly(ADMINISTER_QUALITY_PROFILES.getKey()); | |||
} | |||
@Test | |||
@@ -134,7 +134,7 @@ public class GroupPermissionChangerTest { | |||
@Test | |||
public void apply_adds_permission_SCAN_EXECUTION_to_group_on_private_project() { | |||
applyAddsPermissionToGroupOnPrivateProject(GlobalPermissions.SCAN_EXECUTION); | |||
applyAddsPermissionToGroupOnPrivateProject(GlobalPermission.SCAN.getKey()); | |||
} | |||
private void applyAddsPermissionToGroupOnPrivateProject(String permission) { | |||
@@ -168,7 +168,7 @@ public class GroupPermissionChangerTest { | |||
@Test | |||
public void apply_removes_permission_SCAN_EXECUTION_from_on_private_project() { | |||
applyRemovesPermissionFromGroupOnPrivateProject(GlobalPermissions.SCAN_EXECUTION); | |||
applyRemovesPermissionFromGroupOnPrivateProject(GlobalPermission.SCAN.getKey()); | |||
} | |||
private void applyRemovesPermissionFromGroupOnPrivateProject(String permission) { | |||
@@ -220,9 +220,9 @@ public class GroupPermissionChangerTest { | |||
public void apply_adds_permission_SCAN_EXECUTION_to_group_AnyOne_on_a_public_project() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.SCAN_EXECUTION, publicProject, groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermission.SCAN.getKey(), publicProject, groupUuid, permissionService)); | |||
assertThat(db.users().selectAnyonePermissions(publicProject)).containsOnly(GlobalPermissions.SCAN_EXECUTION); | |||
assertThat(db.users().selectAnyonePermissions(publicProject)).containsOnly(GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -255,7 +255,7 @@ public class GroupPermissionChangerTest { | |||
@Test | |||
public void apply_removes_SCAN_EXECUTION_permission_from_group_AnyOne_on_a_public_project() { | |||
applyRemovesPermissionFromGroupAnyOneOnAPublicProject(GlobalPermissions.SCAN_EXECUTION); | |||
applyRemovesPermissionFromGroupAnyOneOnAPublicProject(GlobalPermission.SCAN.getKey()); | |||
} | |||
private void applyRemovesPermissionFromGroupAnyOneOnAPublicProject(String permission) { | |||
@@ -289,10 +289,10 @@ public class GroupPermissionChangerTest { | |||
public void add_permission_to_anyone() { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.ADD, ADMINISTER_QUALITY_PROFILES.getKey(), null, groupUuid, permissionService)); | |||
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
assertThat(db.users().selectAnyonePermissions(null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); | |||
assertThat(db.users().selectAnyonePermissions(null)).containsOnly(ADMINISTER_QUALITY_PROFILES.getKey()); | |||
} | |||
@Test | |||
@@ -311,7 +311,7 @@ public class GroupPermissionChangerTest { | |||
permissionService.getGlobalPermissions().stream() | |||
.map(GlobalPermission::getKey) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) | |||
.forEach(perm -> { | |||
try { | |||
new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject, groupUuid, permissionService); | |||
@@ -329,7 +329,7 @@ public class GroupPermissionChangerTest { | |||
permissionService.getGlobalPermissions().stream() | |||
.map(GlobalPermission::getKey) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) | |||
.filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) | |||
.forEach(perm -> { | |||
try { | |||
new GroupPermissionChange(PermissionChange.Operation.ADD, perm, publicProject, groupUuid, permissionService); | |||
@@ -347,7 +347,7 @@ public class GroupPermissionChangerTest { | |||
permissionService.getAllProjectPermissions() | |||
.stream() | |||
.filter(perm -> !GlobalPermissions.SCAN_EXECUTION.equals(perm) && !GlobalPermission.ADMINISTER.getKey().equals(perm)) | |||
.filter(perm -> !GlobalPermission.SCAN.getKey().equals(perm) && !GlobalPermission.ADMINISTER.getKey().equals(perm)) | |||
.forEach(permission -> { | |||
try { | |||
new GroupPermissionChange(PermissionChange.Operation.ADD, permission, null, groupUuid, permissionService); | |||
@@ -407,7 +407,7 @@ public class GroupPermissionChangerTest { | |||
GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); | |||
db.users().insertPermissionOnGroup(group, ADMINISTER); | |||
UserDto admin = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(admin, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(admin, ADMINISTER); | |||
apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, ADMINISTER.getKey(), null, groupUuid, permissionService)); | |||
@@ -31,6 +31,7 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.template.PermissionTemplateDbTester; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.user.GroupDto; | |||
@@ -46,9 +47,6 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.resources.Qualifiers.APP; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.resources.Qualifiers.VIEW; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
public class PermissionTemplateServiceTest { | |||
@@ -101,7 +99,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
assertThat(selectProjectPermissionsOfGroup(null, publicProject)) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -116,7 +114,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
assertThat(selectProjectPermissionsOfGroup(null, publicProject)) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -131,7 +129,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
assertThat(selectProjectPermissionsOfGroup(group, privateProject)) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -147,7 +145,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyDefaultToNewComponent(session, privateProject, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, privateProject)) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -162,7 +160,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
assertThat(selectProjectPermissionsOfGroup(group, publicProject)) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -178,7 +176,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, publicProject)) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -193,7 +191,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -209,7 +207,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyDefaultToNewComponent(session, publicProject, null); | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -224,7 +222,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -240,7 +238,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyDefaultToNewComponent(session, privateProject, null); | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -256,7 +254,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyDefaultToNewComponent(session, publicProject, user.getUuid()); | |||
assertThat(selectProjectPermissionsOfUser(user, publicProject)) | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -272,7 +270,7 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyDefaultToNewComponent(session, privateProject, user.getUuid()); | |||
assertThat(selectProjectPermissionsOfUser(user, privateProject)) | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); | |||
.containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); | |||
} | |||
@Test | |||
@@ -280,14 +278,14 @@ public class PermissionTemplateServiceTest { | |||
ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null); | |||
underTest.applyDefaultToNewComponent(session, portfolio, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, portfolio)) | |||
.containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
@@ -296,14 +294,14 @@ public class PermissionTemplateServiceTest { | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, null); | |||
underTest.applyDefaultToNewComponent(session, view, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, view)) | |||
.containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
@@ -312,14 +310,14 @@ public class PermissionTemplateServiceTest { | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, portPermissionTemplate); | |||
underTest.applyDefaultToNewComponent(session, view, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, view)) | |||
.containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
@@ -327,12 +325,12 @@ public class PermissionTemplateServiceTest { | |||
ComponentDto view = dbTester.components().insertPrivatePortfolio(); | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null); | |||
underTest.applyDefaultToNewComponent(session, view, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, view)).containsOnly(PROVISION_PROJECTS.getKey()); | |||
assertThat(selectProjectPermissionsOfGroup(group, view)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
@@ -340,14 +338,14 @@ public class PermissionTemplateServiceTest { | |||
ComponentDto application = dbTester.components().insertPublicApplication(); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null); | |||
underTest.applyDefaultToNewComponent(session, application, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, application)) | |||
.containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
@@ -357,14 +355,14 @@ public class PermissionTemplateServiceTest { | |||
PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, portPermissionTemplate); | |||
underTest.applyDefaultToNewComponent(session, application, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, application)) | |||
.containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); | |||
.containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
@@ -372,12 +370,12 @@ public class PermissionTemplateServiceTest { | |||
ComponentDto application = dbTester.components().insertPublicApplication(); | |||
PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
GroupDto group = dbTester.users().insertGroup(); | |||
dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null); | |||
underTest.applyDefaultToNewComponent(session, application, null); | |||
assertThat(selectProjectPermissionsOfGroup(group, application)).containsOnly(PROVISION_PROJECTS.getKey()); | |||
assertThat(selectProjectPermissionsOfGroup(group, application)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); | |||
} | |||
@Test | |||
@@ -386,17 +384,17 @@ public class PermissionTemplateServiceTest { | |||
ComponentDto project = dbTester.components().insertPrivateProject(); | |||
GroupDto adminGroup = dbTester.users().insertGroup(); | |||
GroupDto userGroup = dbTester.users().insertGroup(); | |||
dbTester.users().insertPermissionOnGroup(adminGroup, "admin"); | |||
dbTester.users().insertPermissionOnGroup(userGroup, "user"); | |||
dbTester.users().insertPermissionOnUser(user, "admin"); | |||
dbTester.users().insertPermissionOnGroup(adminGroup, GlobalPermission.ADMINISTER.getKey()); | |||
dbTester.users().insertPermissionOnGroup(userGroup, UserRole.USER); | |||
dbTester.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, "admin"); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, "issueadmin"); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, "user"); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, "codeviewer"); | |||
dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "user"); | |||
dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "codeviewer"); | |||
dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, "admin"); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, GlobalPermission.ADMINISTER.getKey()); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, UserRole.ISSUE_ADMIN); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, UserRole.USER); | |||
dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, UserRole.CODEVIEWER); | |||
dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, UserRole.USER); | |||
dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, UserRole.CODEVIEWER); | |||
dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfGroup(userGroup, project)).isEmpty(); | |||
@@ -405,10 +403,10 @@ public class PermissionTemplateServiceTest { | |||
underTest.applyAndCommit(session, permissionTemplate, singletonList(project)); | |||
assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).containsOnly("admin", "issueadmin"); | |||
assertThat(selectProjectPermissionsOfGroup(userGroup, project)).containsOnly("user", "codeviewer"); | |||
assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).containsOnly(GlobalPermission.ADMINISTER.getKey(), UserRole.ISSUE_ADMIN); | |||
assertThat(selectProjectPermissionsOfGroup(userGroup, project)).containsOnly(UserRole.USER, UserRole.CODEVIEWER); | |||
assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty(); | |||
assertThat(selectProjectPermissionsOfUser(user, project)).containsOnly("admin"); | |||
assertThat(selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
private List<String> selectProjectPermissionsOfGroup(@Nullable GroupDto groupDto, ComponentDto project) { | |||
@@ -427,7 +425,7 @@ public class PermissionTemplateServiceTest { | |||
dbTester.users().insertMember(group, user); | |||
PermissionTemplateDto template = templateDb.insertTemplate(); | |||
dbTester.permissionTemplates().setDefaultTemplates(template, null, null); | |||
templateDb.addProjectCreatorToTemplate(template.getUuid(), SCAN.getKey(), template.getName()); | |||
templateDb.addProjectCreatorToTemplate(template.getUuid(), GlobalPermission.SCAN.getKey(), template.getName()); | |||
templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin()); | |||
templateDb.addGroupToTemplate(template.getUuid(), group.getUuid(), UserRole.CODEVIEWER, template.getName(), group.getName()); | |||
templateDb.addGroupToTemplate(template.getUuid(), null, UserRole.ISSUE_ADMIN, template.getName(), null); |
@@ -26,6 +26,7 @@ import org.junit.Test; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.SequenceUuidFactory; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
@@ -38,16 +39,6 @@ import org.sonar.server.exceptions.BadRequestException; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.server.permission.PermissionChange.Operation.ADD; | |||
import static org.sonar.server.permission.PermissionChange.Operation.REMOVE; | |||
@@ -87,9 +78,9 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void apply_removes_any_global_permission_to_user() { | |||
// give ADMIN perm to user2 so that user1 is not the only one with this permission and it can be removed from user1 | |||
db.users().insertPermissionOnUser(user2, GlobalPermission.ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.ADMINISTER); | |||
permissionService.getGlobalPermissions() | |||
.forEach(perm -> db.users().insertPermissionOnUser(user1, perm)); | |||
.forEach(perm -> db.users().insertGlobalPermissionOnUser(user1, perm)); | |||
assertThat(db.users().selectPermissionsOfUser(user1)) | |||
.containsOnly(permissionService.getGlobalPermissions().toArray(new GlobalPermission[0])); | |||
@@ -105,35 +96,35 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void apply_has_no_effect_when_adding_permission_USER_on_a_public_project() { | |||
UserPermissionChange change = new UserPermissionChange(ADD, USER, publicProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(ADD, UserRole.USER, publicProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(USER); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.USER); | |||
} | |||
@Test | |||
public void apply_has_no_effect_when_adding_permission_CODEVIEWER_on_a_public_project() { | |||
UserPermissionChange change = new UserPermissionChange(ADD, CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(ADD, UserRole.CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(CODEVIEWER); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
public void apply_adds_permission_ADMIN_on_a_public_project() { | |||
applyAddsPermissionOnAPublicProject(ADMIN); | |||
applyAddsPermissionOnAPublicProject(UserRole.ADMIN); | |||
} | |||
@Test | |||
public void apply_adds_permission_ISSUE_ADMIN_on_a_public_project() { | |||
applyAddsPermissionOnAPublicProject(ISSUE_ADMIN); | |||
applyAddsPermissionOnAPublicProject(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void apply_adds_permission_SCAN_EXECUTION_on_a_public_project() { | |||
applyAddsPermissionOnAPublicProject(SCAN_EXECUTION); | |||
applyAddsPermissionOnAPublicProject(GlobalPermission.SCAN.getKey()); | |||
} | |||
private void applyAddsPermissionOnAPublicProject(String permission) { | |||
@@ -146,7 +137,7 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void apply_fails_with_BadRequestException_when_removing_permission_USER_from_a_public_project() { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, USER, publicProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.USER, publicProject, UserIdDto.from(user1), permissionService); | |||
assertThatThrownBy(() -> apply(change)) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -155,7 +146,7 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void apply_fails_with_BadRequestException_when_removing_permission_CODEVIEWER_from_a_public_project() { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); | |||
assertThatThrownBy(() -> apply(change)) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -164,17 +155,17 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void apply_removes_permission_ADMIN_from_a_public_project() { | |||
applyRemovesPermissionFromPublicProject(ADMIN); | |||
applyRemovesPermissionFromPublicProject(UserRole.ADMIN); | |||
} | |||
@Test | |||
public void apply_removes_permission_ISSUE_ADMIN_from_a_public_project() { | |||
applyRemovesPermissionFromPublicProject(ISSUE_ADMIN); | |||
applyRemovesPermissionFromPublicProject(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void apply_removes_permission_SCAN_EXECUTION_from_a_public_project() { | |||
applyRemovesPermissionFromPublicProject(SCAN_EXECUTION); | |||
applyRemovesPermissionFromPublicProject(GlobalPermission.SCAN.getKey()); | |||
} | |||
private void applyRemovesPermissionFromPublicProject(String permission) { | |||
@@ -215,11 +206,11 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void add_global_permission_to_user() { | |||
UserPermissionChange change = new UserPermissionChange(ADD, SCAN_EXECUTION, null, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(ADD, GlobalPermission.SCAN.getKey(), null, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(SCAN); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); | |||
assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); | |||
@@ -227,29 +218,29 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void add_project_permission_to_user() { | |||
UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(ADD, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(ISSUE_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); | |||
} | |||
@Test | |||
public void do_nothing_when_adding_global_permission_that_already_exists() { | |||
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(ADD, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), null, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(ADMINISTER_QUALITY_GATES); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
} | |||
@Test | |||
public void fail_to_add_global_permission_on_project() { | |||
assertThatThrownBy(() -> { | |||
UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(ADD, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), privateProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -259,7 +250,7 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void fail_to_add_project_permission() { | |||
assertThatThrownBy(() -> { | |||
UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, null, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(ADD, UserRole.ISSUE_ADMIN, null, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -268,39 +259,39 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void remove_global_permission_from_user() { | |||
db.users().insertPermissionOnUser(user1, QUALITY_GATE_ADMIN); | |||
db.users().insertPermissionOnUser(user1, SCAN_EXECUTION); | |||
db.users().insertPermissionOnUser(user2, QUALITY_GATE_ADMIN); | |||
db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, privateProject); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, privateProject); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), null, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(SCAN); | |||
assertThat(db.users().selectPermissionsOfUser(user2)).containsOnly(ADMINISTER_QUALITY_GATES); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); | |||
assertThat(db.users().selectPermissionsOfUser(user2)).containsOnly(GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void remove_project_permission_from_user() { | |||
ComponentDto project2 = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES); | |||
db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, privateProject); | |||
db.users().insertProjectPermissionOnUser(user1, USER, privateProject); | |||
db.users().insertProjectPermissionOnUser(user2, ISSUE_ADMIN, privateProject); | |||
db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project2); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, privateProject); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.USER, privateProject); | |||
db.users().insertProjectPermissionOnUser(user2, UserRole.ISSUE_ADMIN, privateProject); | |||
db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, project2); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(USER); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, project2)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.USER); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, project2)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void do_not_fail_if_removing_a_global_permission_that_does_not_exist() { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), null, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); | |||
@@ -308,7 +299,7 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void do_not_fail_if_removing_a_project_permission_that_does_not_exist() { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); | |||
apply(change); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); | |||
@@ -316,10 +307,10 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void fail_to_remove_admin_global_permission_if_no_more_admins() { | |||
db.users().insertPermissionOnUser(user1, SYSTEM_ADMIN); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); | |||
assertThatThrownBy(() -> { | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, SYSTEM_ADMIN, null, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER.getKey(), null, UserIdDto.from(user1), permissionService); | |||
underTest.apply(db.getSession(), change); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -328,12 +319,12 @@ public class UserPermissionChangerTest { | |||
@Test | |||
public void remove_admin_user_if_still_other_admins() { | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); | |||
GroupDto admins = db.users().insertGroup("admins"); | |||
db.users().insertMember(admins, user2); | |||
db.users().insertPermissionOnGroup(admins, ADMINISTER); | |||
db.users().insertPermissionOnGroup(admins, GlobalPermission.ADMINISTER); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, ADMINISTER.getKey(), null, UserIdDto.from(user1), permissionService); | |||
UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER.getKey(), null, UserIdDto.from(user1), permissionService); | |||
underTest.apply(db.getSession(), change); | |||
assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); |
@@ -28,6 +28,7 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -41,17 +42,10 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.Assertions.fail; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubPortfolio; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
@@ -90,7 +84,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "sonar-administrators") | |||
.setParam(PARAM_PERMISSION, ADMINISTER.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(group, null)).containsOnly("admin"); | |||
@@ -103,7 +97,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, PROVISION_PROJECTS.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(group, null)).containsOnly("provisioning"); | |||
@@ -119,11 +113,11 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, A_PROJECT_UUID) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(SYSTEM_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
@@ -135,11 +129,11 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_KEY, A_PROJECT_KEY) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(SYSTEM_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
@@ -151,11 +145,11 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, portfolio.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); | |||
assertThat(db.users().selectGroupPermissions(group, portfolio)).containsOnly(SYSTEM_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(group, portfolio)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
@@ -167,7 +161,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, "not-found") | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class); | |||
@@ -205,7 +199,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -234,7 +228,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class); | |||
@@ -248,7 +242,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setMethod("GET") | |||
.setParam(PARAM_GROUP_NAME, "sonar-administrators") | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ServerException.class); | |||
@@ -260,7 +254,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(IllegalArgumentException.class) | |||
@@ -302,7 +296,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
@@ -314,12 +308,12 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
@Test | |||
public void adding_global_permission_fails_if_not_administrator() { | |||
GroupDto group = db.users().insertGroup("sonar-administrators"); | |||
userSession.logIn().addPermission(SCAN); | |||
userSession.logIn().addPermission(GlobalPermission.SCAN); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, PROVISION_PROJECTS.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ForbiddenException.class); | |||
@@ -334,7 +328,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, PROVISION_PROJECTS.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
}) | |||
@@ -353,10 +347,10 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
@@ -387,7 +381,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, USER) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
@@ -401,7 +395,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
@@ -416,7 +410,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, USER) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
@@ -431,7 +425,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
@@ -448,7 +442,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { | |||
newRequest() | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class) |
@@ -28,6 +28,7 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -41,14 +42,9 @@ import static java.lang.String.format; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.mockito.Mockito.mock; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubPortfolio; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
@@ -78,10 +74,10 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(ADMINISTER); | |||
assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(GlobalPermission.ADMINISTER); | |||
} | |||
@Test | |||
@@ -92,11 +88,11 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(SYSTEM_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
@@ -107,11 +103,11 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(SYSTEM_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
@@ -122,11 +118,11 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, view.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(SYSTEM_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
@@ -137,7 +133,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, "unknown-project-uuid") | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class); | |||
@@ -174,7 +170,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -204,7 +200,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, "file-uuid") | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class); | |||
@@ -218,7 +214,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setMethod("GET") | |||
.setParam(PARAM_USER_LOGIN, "george.orwell") | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ServerException.class); | |||
@@ -230,7 +226,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
@@ -255,7 +251,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, "project-uuid") | |||
.setParam(PARAM_PROJECT_KEY, "project-key") | |||
@@ -272,7 +268,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ForbiddenException.class); | |||
@@ -285,7 +281,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
TestRequest request = newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
@@ -299,7 +295,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
TestRequest request = newRequest() | |||
.setParam(PARAM_USER_LOGIN, "unknown") | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
.isInstanceOf(ForbiddenException.class); | |||
@@ -311,7 +307,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
userSession.logIn(); | |||
TestRequest request = newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
@@ -333,7 +329,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
@@ -344,7 +340,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, USER) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
@@ -358,7 +354,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); | |||
@@ -373,7 +369,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { | |||
TestRequest request = newRequest() | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN); | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
.isInstanceOf(NotFoundException.class) |
@@ -26,9 +26,11 @@ import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.security.DefaultGroups; | |||
import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -44,12 +46,7 @@ import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.api.server.ws.WebService.Param.PAGE; | |||
import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; | |||
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
@@ -76,10 +73,10 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
group1 = db.users().insertGroup("group-1-name"); | |||
group2 = db.users().insertGroup("group-2-name"); | |||
GroupDto group3 = db.users().insertGroup("group-3-name"); | |||
db.users().insertPermissionOnGroup(group1, SCAN); | |||
db.users().insertPermissionOnGroup(group2, SCAN); | |||
db.users().insertPermissionOnGroup(group3, ADMINISTER); | |||
db.users().insertPermissionOnAnyone(SCAN); | |||
db.users().insertPermissionOnGroup(group1, GlobalPermission.SCAN); | |||
db.users().insertPermissionOnGroup(group2, GlobalPermission.SCAN); | |||
db.users().insertPermissionOnGroup(group3, GlobalPermission.ADMINISTER); | |||
db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); | |||
db.commit(); | |||
} | |||
@@ -100,7 +97,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
loginAsAdmin(); | |||
String json = newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) | |||
.execute() | |||
.getInput(); | |||
assertJson(json).isSimilarTo("{\n" + | |||
@@ -138,7 +135,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void search_with_selection() { | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) | |||
.execute() | |||
.getInput(); | |||
@@ -149,7 +146,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void search_groups_with_pagination() { | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) | |||
.setParam(PAGE_SIZE, "1") | |||
.setParam(PAGE, "3") | |||
.execute() | |||
@@ -164,7 +161,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void search_groups_with_query() { | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) | |||
.setParam(TEXT_QUERY, "group-") | |||
.execute() | |||
.getInput(); | |||
@@ -178,17 +175,17 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void search_groups_with_project_permissions() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
GroupDto group = db.users().insertGroup("project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); | |||
ComponentDto anotherProject = db.components().insertPrivateProject(); | |||
GroupDto anotherGroup = db.users().insertGroup("another-project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(anotherGroup, ISSUE_ADMIN, anotherProject); | |||
db.users().insertProjectPermissionOnGroup(anotherGroup, UserRole.ISSUE_ADMIN, anotherProject); | |||
GroupDto groupWithoutPermission = db.users().insertGroup("group-without-permission"); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.execute() | |||
.getInput(); | |||
@@ -202,14 +199,14 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void return_also_groups_without_permission_when_search_query() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
GroupDto group = db.users().insertGroup("group-with-permission"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); | |||
GroupDto groupWithoutPermission = db.users().insertGroup("group-without-permission"); | |||
GroupDto anotherGroup = db.users().insertGroup("another-group"); | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(TEXT_QUERY, "group-with") | |||
.execute() | |||
@@ -224,13 +221,13 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void return_only_groups_with_permission_when_no_search_query() { | |||
ComponentDto project = db.components().insertComponent(newPrivateProjectDto("project-uuid")); | |||
GroupDto group = db.users().insertGroup("project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); | |||
GroupDto groupWithoutPermission = db.users().insertGroup("group-without-permission"); | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.execute() | |||
.getInput(); | |||
@@ -243,7 +240,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void return_anyone_group_when_search_query_and_no_param_permission() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
GroupDto group = db.users().insertGroup("group-with-permission"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
@@ -259,11 +256,11 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
public void search_groups_on_views() { | |||
ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); | |||
GroupDto group = db.users().insertGroup("project-group-name"); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, view); | |||
loginAsAdmin(); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, "view-uuid") | |||
.execute() | |||
.getInput(); | |||
@@ -280,7 +277,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
userSession.anonymous(); | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(UnauthorizedException.class); | |||
@@ -291,7 +288,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
assertThatThrownBy(() -> { | |||
userSession.logIn("login"); | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ForbiddenException.class); | |||
@@ -304,7 +301,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
assertThatThrownBy(() -> { | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SCAN_EXECUTION) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
@@ -317,12 +314,12 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { | |||
ComponentDto project = db.components().insertPublicProject(); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
GroupDto group = db.users().insertGroup(); | |||
db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.execute(); | |||
}) |
@@ -29,6 +29,7 @@ import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.Uuids; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.GroupPermissionDto; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
@@ -41,17 +42,9 @@ import static java.lang.String.format; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubPortfolio; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
@@ -88,80 +81,80 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void remove_permission_using_group_name() { | |||
db.users().insertPermissionOnGroup(aGroup, ADMINISTER); | |||
db.users().insertPermissionOnGroup(aGroup, PROVISION_PROJECTS); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.PROVISION_PROJECTS); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PERMISSION, PROVISIONING) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
} | |||
@Test | |||
public void remove_project_permission() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnGroup(aGroup, ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, project); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void remove_with_view_uuid() { | |||
ComponentDto view = db.components().insertPrivatePortfolio(); | |||
db.users().insertPermissionOnGroup(aGroup, ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, view); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, view); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, view); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, view.uuid()) | |||
.setParam(PARAM_PERMISSION, ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, view)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, view)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void remove_with_project_key() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnGroup(aGroup, ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, project); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.setParam(PARAM_PERMISSION, ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); | |||
assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void fail_to_remove_last_admin_permission() { | |||
db.users().insertPermissionOnGroup(aGroup, ADMINISTER); | |||
db.users().insertPermissionOnGroup(aGroup, PROVISION_PROJECTS); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); | |||
db.users().insertPermissionOnGroup(aGroup, GlobalPermission.PROVISION_PROJECTS); | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
executeRequest(aGroup, SYSTEM_ADMIN); | |||
executeRequest(aGroup, GlobalPermission.ADMINISTER.getKey()); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Last group with permission 'admin'. Permission cannot be removed."); | |||
@@ -175,7 +168,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, "unknown-project-uuid") | |||
.setParam(PARAM_PERMISSION, ADMINISTER.getKey()) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class) | |||
@@ -186,7 +179,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
public void fail_when_project_project_permission_without_project() { | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> executeRequest(aGroup, ISSUE_ADMIN)) | |||
assertThatThrownBy(() -> executeRequest(aGroup, UserRole.ISSUE_ADMIN)) | |||
.isInstanceOf(BadRequestException.class) | |||
.hasMessage("Invalid global permission 'issueadmin'. Valid values are [admin, gateadmin, profileadmin, provisioning, scan]"); | |||
} | |||
@@ -222,7 +215,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -235,7 +228,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(IllegalArgumentException.class) | |||
@@ -263,7 +256,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
@@ -286,7 +279,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PERMISSION, PROVISIONING) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ForbiddenException.class); | |||
@@ -300,7 +293,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PERMISSION, PROVISIONING) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
}) | |||
@@ -313,17 +306,17 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
@Test | |||
public void removing_project_permission_is_allowed_to_project_administrators() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnGroup(aGroup, CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, aGroup.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(CODEVIEWER); | |||
assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
@@ -354,7 +347,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, USER) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -370,7 +363,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, "anyone") | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -387,7 +380,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, USER) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -404,7 +397,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -422,7 +415,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio | |||
newRequest() | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_GROUP_NAME, group.getName()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class) |
@@ -26,6 +26,7 @@ import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -38,19 +39,9 @@ import org.sonar.server.ws.TestRequest; | |||
import static java.lang.String.format; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.component.ComponentTesting.newDirectory; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.component.ComponentTesting.newSubPortfolio; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; | |||
@@ -79,28 +70,28 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void remove_permission_from_user() { | |||
db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); | |||
db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, QUALITY_GATE_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey()) | |||
.execute(); | |||
assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(PROVISION_PROJECTS); | |||
assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(GlobalPermission.PROVISION_PROJECTS); | |||
} | |||
@Test | |||
public void admin_can_not_remove_his_global_admin_right() { | |||
db.users().insertPermissionOnUser(user, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
loginAsAdmin(); | |||
UserDto admin = db.users().insertUser(userSession.getLogin()); | |||
db.users().insertPermissionOnUser(admin, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(admin, GlobalPermission.ADMINISTER); | |||
TestRequest request = newRequest() | |||
.setParam(PARAM_USER_LOGIN, userSession.getLogin()) | |||
.setParam(PARAM_PERMISSION, ADMINISTER.getKey()); | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -112,12 +103,12 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
loginAsAdmin(); | |||
UserDto admin = db.users().insertUser(userSession.getLogin()); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(admin, ADMINISTER.getKey(), project); | |||
db.users().insertProjectPermissionOnUser(admin, GlobalPermission.ADMINISTER.getKey(), project); | |||
TestRequest request = newRequest() | |||
.setParam(PARAM_USER_LOGIN, userSession.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, ADMINISTER.getKey()); | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); | |||
assertThatThrownBy(() -> request.execute()) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -126,13 +117,13 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void fail_to_remove_admin_permission_if_last_admin() { | |||
db.users().insertPermissionOnUser(user, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ADMIN) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -142,49 +133,49 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void remove_permission_from_project() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(ISSUE_ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); | |||
} | |||
@Test | |||
public void remove_with_project_key() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(CODEVIEWER); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
public void remove_with_view_uuid() { | |||
ComponentDto view = db.components().insertPrivatePortfolio(); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnUser(user, ADMIN, view); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, view); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, view); | |||
loginAsAdmin(); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_KEY, view.getKey()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(ADMIN); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(UserRole.ADMIN); | |||
} | |||
@Test | |||
@@ -195,7 +186,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, "unknown-project-uuid") | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class); | |||
@@ -208,7 +199,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class); | |||
@@ -245,7 +236,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, file.uuid()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -260,7 +251,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
newRequest() | |||
.setMethod("GET") | |||
.setParam(PARAM_USER_LOGIN, "george.orwell") | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ServerException.class); | |||
@@ -272,7 +263,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
@@ -297,7 +288,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
@@ -314,7 +305,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, PROVISIONING) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ForbiddenException.class); | |||
@@ -328,7 +319,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
}) | |||
@@ -341,17 +332,17 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
@Test | |||
public void removing_project_permission_is_allowed_to_project_administrators() { | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.execute(); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(CODEVIEWER); | |||
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); | |||
} | |||
@Test | |||
@@ -363,7 +354,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, USER) | |||
.setParam(PARAM_PERMISSION, UserRole.USER) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -380,7 +371,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
newRequest() | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PERMISSION, CODEVIEWER) | |||
.setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) | |||
.execute(); | |||
}) | |||
.isInstanceOf(BadRequestException.class) | |||
@@ -397,7 +388,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> | |||
newRequest() | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class) |
@@ -27,6 +27,7 @@ import org.sonar.api.server.ws.WebService.SelectionMode; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.server.exceptions.BadRequestException; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
@@ -44,13 +45,6 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.server.ws.WebService.Param.PAGE; | |||
import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; | |||
import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.user.UserTesting.newUserDto; | |||
import static org.sonar.test.JsonAssert.assertJson; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -75,10 +69,10 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
UserDto user1 = db.users().insertUser(newUserDto().setLogin("admin").setName("Administrator").setEmail("admin@admin.com")); | |||
UserDto user2 = db.users().insertUser(newUserDto().setLogin("adam.west").setName("Adam West").setEmail("adamwest@adamwest.com")); | |||
UserDto user3 = db.users().insertUser(newUserDto().setLogin("george.orwell").setName("George Orwell").setEmail("george.orwell@1984.net")); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER); | |||
db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES); | |||
db.users().insertPermissionOnUser(user3, SCAN); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
db.users().insertGlobalPermissionOnUser(user3, GlobalPermission.SCAN); | |||
loginAsAdmin(); | |||
String result = newRequest().execute().getInput(); | |||
@@ -101,19 +95,19 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
// User has permission on project | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto()); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
// User has permission on another project | |||
ComponentDto anotherProject = db.components().insertPrivateProject(); | |||
UserDto userHavePermissionOnAnotherProject = db.users().insertUser(newUserDto()); | |||
db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, ISSUE_ADMIN, anotherProject); | |||
db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, UserRole.ISSUE_ADMIN, anotherProject); | |||
// User has no permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto()); | |||
userSession.logIn().addProjectPermission(SYSTEM_ADMIN, project); | |||
userSession.logIn().addProjectPermission(GlobalPermission.ADMINISTER.getKey(), project); | |||
String result = newRequest() | |||
.setParam(PARAM_PERMISSION, ISSUE_ADMIN) | |||
.setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.execute() | |||
.getInput(); | |||
@@ -128,7 +122,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
// User without permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); | |||
@@ -149,7 +143,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
// User without permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); | |||
@@ -166,7 +160,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
// User with permission on project | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
// User without permission | |||
UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); | |||
@@ -210,8 +204,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
public void search_for_users_is_paginated() { | |||
for (int i = 9; i >= 0; i--) { | |||
UserDto user = db.users().insertUser(newUserDto().setName("user-" + i)); | |||
db.users().insertPermissionOnUser(user, ADMINISTER); | |||
db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER_QUALITY_GATES); | |||
} | |||
loginAsAdmin(); | |||
@@ -252,8 +246,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
loginAsAdmin(); | |||
for (int i = 0; i < 30; i++) { | |||
UserDto user = db.users().insertUser(newUserDto().setLogin("user-" + i)); | |||
db.users().insertPermissionOnUser(user, SCAN); | |||
db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); | |||
} | |||
String result = newRequest() | |||
@@ -283,7 +277,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam("permission", SYSTEM_ADMIN) | |||
.setParam("permission", GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(ForbiddenException.class); | |||
@@ -295,7 +289,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam("permission", SYSTEM_ADMIN) | |||
.setParam("permission", GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(UnauthorizedException.class); | |||
@@ -308,7 +302,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.setParam(PARAM_PROJECT_ID, project.uuid()) | |||
.setParam(PARAM_PROJECT_KEY, project.getKey()) | |||
.execute(); | |||
@@ -331,14 +325,14 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
UserDto user = db.users().insertUser(newUserDto()); | |||
ComponentDto project = db.components().insertPublicProject(); | |||
ComponentDto branch = db.components().insertProjectBranch(project); | |||
db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PROJECT_ID, branch.uuid()) | |||
.setParam(PARAM_USER_LOGIN, user.getLogin()) | |||
.setParam(PARAM_PERMISSION, SYSTEM_ADMIN) | |||
.setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) | |||
.execute(); | |||
}) | |||
.isInstanceOf(NotFoundException.class) | |||
@@ -349,9 +343,9 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { | |||
UserDto user1 = db.users().insertUser(newUserDto("login-1", "name-1", "email-1")); | |||
UserDto user2 = db.users().insertUser(newUserDto("login-2", "name-2", "email-2")); | |||
UserDto user3 = db.users().insertUser(newUserDto("login-3", "name-3", "email-3")); | |||
db.users().insertPermissionOnUser(user1, SCAN); | |||
db.users().insertPermissionOnUser(user2, SCAN); | |||
db.users().insertPermissionOnUser(user3, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user3, GlobalPermission.ADMINISTER); | |||
} | |||
} |
@@ -28,7 +28,6 @@ import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
@@ -49,6 +48,7 @@ import static org.sonar.api.security.DefaultGroups.ANYONE; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
@@ -139,7 +139,7 @@ public class AddGroupToTemplateActionTest extends BasePermissionWsTest<AddGroupT | |||
public void fail_if_not_a_project_permission() { | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), GlobalPermissions.PROVISIONING)) | |||
assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), PROVISION_PROJECTS.getKey())) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
} | |||
@@ -42,7 +42,6 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.mockito.Mockito.spy; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
@@ -125,7 +124,7 @@ public class AddProjectCreatorToTemplateActionTest extends BasePermissionWsTest< | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, QUALITY_GATE_ADMIN) | |||
.setParam(PARAM_PERMISSION, ADMINISTER_QUALITY_GATES.getKey()) | |||
.setParam(PARAM_TEMPLATE_ID, template.getUuid()) | |||
.execute(); | |||
}) |
@@ -25,7 +25,6 @@ import org.junit.Before; | |||
import org.junit.Test; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
@@ -44,6 +43,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -105,7 +105,7 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest(user.getLogin(), permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING); | |||
newRequest(user.getLogin(), permissionTemplate.getUuid(), PROVISION_PROJECTS.getKey()); | |||
}) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
} |
@@ -27,7 +27,6 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
@@ -47,6 +46,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.api.security.DefaultGroups.ANYONE; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
@@ -126,7 +126,7 @@ public class RemoveGroupFromTemplateActionTest extends BasePermissionWsTest<Remo | |||
@Test | |||
public void fail_if_not_a_project_permission() { | |||
assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), GlobalPermissions.PROVISIONING)) | |||
assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), PROVISION_PROJECTS.getKey())) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
} | |||
@@ -26,7 +26,6 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.core.util.Uuids; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto; | |||
@@ -44,6 +43,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.when; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -119,7 +119,7 @@ public class RemoveProjectCreatorFromTemplateActionTest extends BasePermissionWs | |||
public void fail_if_permission_is_not_a_project_permission() { | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) | |||
.setParam(PARAM_PERMISSION, ADMINISTER_QUALITY_GATES.getKey()) | |||
.setParam(PARAM_TEMPLATE_ID, template.getUuid()) | |||
.execute(); | |||
}) |
@@ -25,7 +25,6 @@ import org.junit.Before; | |||
import org.junit.Test; | |||
import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.PermissionQuery; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
@@ -45,6 +44,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; | |||
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; | |||
@@ -129,7 +129,7 @@ public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<Remov | |||
loginAsAdmin(); | |||
assertThatThrownBy(() -> { | |||
newRequest(user.getLogin(), template.getUuid(), GlobalPermissions.PROVISIONING); | |||
newRequest(user.getLogin(), template.getUuid(), PROVISION_PROJECTS.getKey()); | |||
}) | |||
.isInstanceOf(IllegalArgumentException.class); | |||
} |
@@ -26,7 +26,6 @@ import org.sonar.api.resources.Qualifiers; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.component.ResourceTypesRule; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.permission.template.PermissionTemplateGroupDto; | |||
@@ -51,6 +50,7 @@ import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.ISSUE_ADMIN; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; | |||
import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; | |||
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto; | |||
import static org.sonar.db.user.GroupTesting.newGroupDto; | |||
@@ -362,7 +362,7 @@ public class TemplateGroupsActionTest extends BasePermissionWsTest<TemplateGroup | |||
assertThatThrownBy(() -> { | |||
newRequest() | |||
.setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) | |||
.setParam(PARAM_PERMISSION, ADMINISTER_QUALITY_GATES.getKey()) | |||
.setParam(PARAM_TEMPLATE_ID, template1.getUuid()) | |||
.execute(); | |||
}) |
@@ -31,6 +31,7 @@ import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.user.UserDto; | |||
import org.sonar.db.webhook.WebhookDbTester; | |||
@@ -38,7 +39,6 @@ import org.sonar.db.webhook.WebhookDto; | |||
import org.sonar.server.component.ComponentCleanerService; | |||
import org.sonar.server.es.TestProjectIndexers; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.exceptions.NotFoundException; | |||
import org.sonar.server.exceptions.UnauthorizedException; | |||
import org.sonar.server.project.Project; | |||
import org.sonar.server.project.ProjectLifeCycleListeners; | |||
@@ -53,8 +53,6 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.mockito.ArgumentMatchers.any; | |||
import static org.mockito.Mockito.mock; | |||
import static org.mockito.Mockito.verify; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.user.UserTesting.newUserDto; | |||
import static org.sonar.server.component.TestComponentFinder.from; | |||
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT; | |||
@@ -85,7 +83,7 @@ public class DeleteActionTest { | |||
@Test | |||
public void global_administrator_deletes_project_by_key() { | |||
ComponentDto project = componentDbTester.insertPrivateProject(); | |||
userSessionRule.logIn().addPermission(ADMINISTER); | |||
userSessionRule.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
call(tester.newRequest().setParam(PARAM_PROJECT, project.getKey())); | |||
@@ -96,7 +94,7 @@ public class DeleteActionTest { | |||
@Test | |||
public void project_administrator_deletes_the_project_by_key() { | |||
ComponentDto project = componentDbTester.insertPrivateProject(); | |||
userSessionRule.logIn().addProjectPermission(ADMIN, project); | |||
userSessionRule.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
call(tester.newRequest().setParam(PARAM_PROJECT, project.getKey())); | |||
@@ -110,7 +108,7 @@ public class DeleteActionTest { | |||
UserDto insert = dbClient.userDao().insert(dbSession, | |||
newUserDto().setHomepageType("PROJECT").setHomepageParameter(project.uuid())); | |||
dbSession.commit(); | |||
userSessionRule.logIn().addProjectPermission(ADMIN, project); | |||
userSessionRule.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
DeleteAction underTest = new DeleteAction( | |||
new ComponentCleanerService(dbClient, mockResourceTypes, new TestProjectIndexers()), | |||
from(db), dbClient, userSessionRule, projectLifeCycleListeners); | |||
@@ -133,7 +131,7 @@ public class DeleteActionTest { | |||
webhookDbTester.insertWebhook(project); | |||
webhookDbTester.insertWebhook(project); | |||
userSessionRule.logIn().addProjectPermission(ADMIN, project); | |||
userSessionRule.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
DeleteAction underTest = new DeleteAction( | |||
new ComponentCleanerService(dbClient, mockResourceTypes, new TestProjectIndexers()), | |||
from(db), dbClient, userSessionRule, projectLifeCycleListeners); |
@@ -575,7 +575,7 @@ public class UpdateVisibilityActionTest { | |||
.forEach(globalPermission -> { | |||
dbTester.users().insertPermissionOnAnyone(globalPermission); | |||
dbTester.users().insertPermissionOnGroup(group, globalPermission); | |||
dbTester.users().insertPermissionOnUser(user, globalPermission); | |||
dbTester.users().insertGlobalPermissionOnUser(user, globalPermission); | |||
}); | |||
permissionService.getAllProjectPermissions() | |||
.forEach(permission -> { |
@@ -30,11 +30,13 @@ import org.sonar.api.config.PropertyFieldDefinition; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.server.ws.WebService.Param; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.component.ComponentTesting; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.server.component.TestComponentFinder; | |||
import org.sonar.server.exceptions.ForbiddenException; | |||
import org.sonar.server.exceptions.NotFoundException; | |||
@@ -51,11 +53,6 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.groups.Tuple.tuple; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonarqube.ws.MediaTypes.JSON; | |||
import static org.sonarqube.ws.Settings.Definition.CategoryOneOfCase.CATEGORYONEOF_NOT_SET; | |||
import static org.sonarqube.ws.Settings.Definition.DefaultValueOneOfCase.DEFAULTVALUEONEOF_NOT_SET; | |||
@@ -348,7 +345,7 @@ public class ListDefinitionsActionTest { | |||
@Test | |||
public void return_secured_settings_when_not_authenticated_but_with_scan_permission() { | |||
userSession.anonymous().addPermission(SCAN); | |||
userSession.anonymous().addPermission(GlobalPermission.SCAN); | |||
propertyDefinitions.addComponents(asList( | |||
PropertyDefinition.builder("foo").build(), | |||
PropertyDefinition.builder("secret.secured").build())); | |||
@@ -384,7 +381,7 @@ public class ListDefinitionsActionTest { | |||
@Test | |||
public void fail_when_user_has_not_project_browse_permission() { | |||
userSession.logIn("project-admin").addProjectPermission(CODEVIEWER, project); | |||
userSession.logIn("project-admin").addProjectPermission(UserRole.CODEVIEWER, project); | |||
propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build()); | |||
assertThatThrownBy(() -> executeRequest(project.getKey())) | |||
@@ -480,17 +477,17 @@ public class ListDefinitionsActionTest { | |||
} | |||
private void logInAsProjectUser() { | |||
userSession.logIn().addProjectPermission(USER, project); | |||
userSession.logIn().addProjectPermission(UserRole.USER, project); | |||
} | |||
private void logInAsAdmin() { | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
} | |||
private void logInAsProjectAdmin() { | |||
userSession.logIn() | |||
.addProjectPermission(ADMIN, project) | |||
.addProjectPermission(USER, project); | |||
.addProjectPermission(UserRole.ADMIN, project) | |||
.addProjectPermission(UserRole.USER, project); | |||
} | |||
} |
@@ -56,12 +56,10 @@ import static java.util.Comparator.comparing; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.groups.Tuple.tuple; | |||
import static org.sonar.api.resources.Qualifiers.FILE; | |||
import static org.sonar.api.resources.Qualifiers.PROJECT; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; | |||
import static org.sonar.db.component.ComponentTesting.newFileDto; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.property.PropertyTesting.newComponentPropertyDto; | |||
@@ -522,7 +520,7 @@ public class ValuesActionTest { | |||
public void return_component_secured_settings_when_not_authenticated_but_with_project_scan_permission() { | |||
userSession | |||
.addProjectPermission(USER, project) | |||
.addProjectPermission(SCAN_EXECUTION, project); | |||
.addProjectPermission(SCAN.getKey(), project); | |||
definitions.addComponents(asList( | |||
PropertyDefinition.builder("foo").onQualifiers(PROJECT).build(), | |||
PropertyDefinition.builder("global.secret.secured").build(), | |||
@@ -543,7 +541,7 @@ public class ValuesActionTest { | |||
public void return_component_secured_settings_even_if_not_defined_when_not_authenticated_but_with_scan_permission() { | |||
userSession | |||
.addProjectPermission(USER, project) | |||
.addProjectPermission(SCAN_EXECUTION, project); | |||
.addProjectPermission(SCAN.getKey(), project); | |||
db.properties().insertProperties(null, project.getKey(), project.name(), project.qualifier(), | |||
newComponentPropertyDto(project).setKey("not-defined.secured").setValue("123")); | |||
@@ -201,7 +201,7 @@ public class AnonymizeActionTest { | |||
private UserDto createAdminUser() { | |||
UserDto admin = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(admin, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(admin, ADMINISTER); | |||
db.commit(); | |||
return admin; | |||
} |
@@ -26,12 +26,14 @@ import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.api.impl.utils.AlwaysIncreasingSystem2; | |||
import org.sonar.api.utils.System2; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.alm.setting.AlmSettingDto; | |||
import org.sonar.db.ce.CeTaskMessageType; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.permission.template.PermissionTemplateDto; | |||
import org.sonar.db.permission.template.PermissionTemplateUserDto; | |||
import org.sonar.db.project.ProjectDto; | |||
@@ -62,11 +64,6 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.elasticsearch.index.query.QueryBuilders.boolQuery; | |||
import static org.elasticsearch.index.query.QueryBuilders.termQuery; | |||
import static org.sonar.api.web.UserRole.CODEVIEWER; | |||
import static org.sonar.api.web.UserRole.USER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; | |||
import static org.sonar.db.permission.GlobalPermission.SCAN; | |||
import static org.sonar.db.property.PropertyTesting.newUserPropertyDto; | |||
import static org.sonar.server.user.index.UserIndexDefinition.FIELD_ACTIVE; | |||
import static org.sonar.server.user.index.UserIndexDefinition.FIELD_UUID; | |||
@@ -184,10 +181,10 @@ public class DeactivateActionTest { | |||
logInAsSystemAdministrator(); | |||
UserDto user = db.users().insertUser(); | |||
ComponentDto project = db.components().insertPrivateProject(); | |||
db.users().insertPermissionOnUser(user, SCAN); | |||
db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertProjectPermissionOnUser(user, USER, project); | |||
db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); | |||
db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER_QUALITY_PROFILES); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.USER, project); | |||
db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); | |||
deactivate(user.getLogin()); | |||
@@ -202,8 +199,8 @@ public class DeactivateActionTest { | |||
UserDto user = db.users().insertUser(); | |||
PermissionTemplateDto template = db.permissionTemplates().insertTemplate(); | |||
PermissionTemplateDto anotherTemplate = db.permissionTemplates().insertTemplate(); | |||
db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), USER, template.getName(), user.getLogin()); | |||
db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), CODEVIEWER, anotherTemplate.getName(), user.getLogin()); | |||
db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin()); | |||
db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), UserRole.CODEVIEWER, anotherTemplate.getName(), user.getLogin()); | |||
deactivate(user.getLogin()); | |||
@@ -392,7 +389,7 @@ public class DeactivateActionTest { | |||
@Test | |||
public void fail_to_deactivate_last_administrator() { | |||
UserDto admin = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(admin, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(admin, GlobalPermission.ADMINISTER); | |||
logInAsSystemAdministrator(); | |||
assertThatThrownBy(() -> { | |||
@@ -496,7 +493,7 @@ public class DeactivateActionTest { | |||
private UserDto createAdminUser() { | |||
UserDto admin = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(admin, ADMINISTER); | |||
db.users().insertGlobalPermissionOnUser(admin, GlobalPermission.ADMINISTER); | |||
db.commit(); | |||
return admin; | |||
} |
@@ -43,7 +43,6 @@ import org.sonar.server.ws.WsActionTester; | |||
import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.Assertions.tuple; | |||
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME; | |||
@@ -200,7 +199,7 @@ public class DeleteActionTest { | |||
public void cannot_delete_last_system_admin_group() { | |||
insertDefaultGroup(); | |||
GroupDto group = db.users().insertGroup(); | |||
db.users().insertPermissionOnGroup(group, SYSTEM_ADMIN); | |||
db.users().insertPermissionOnGroup(group, ADMINISTER.getKey()); | |||
loginAsAdmin(); | |||
TestRequest request = newRequest() | |||
.setParam(PARAM_GROUP_NAME, group.getName()); | |||
@@ -215,7 +214,7 @@ public class DeleteActionTest { | |||
// admin users are part of the group to be deleted | |||
db.users().insertDefaultGroup(); | |||
GroupDto adminGroup = db.users().insertGroup("admins"); | |||
db.users().insertPermissionOnGroup(adminGroup, SYSTEM_ADMIN); | |||
db.users().insertPermissionOnGroup(adminGroup, ADMINISTER.getKey()); | |||
UserDto bigBoss = db.users().insertUser(); | |||
db.users().insertMember(adminGroup, bigBoss); | |||
loginAsAdmin(); | |||
@@ -231,9 +230,9 @@ public class DeleteActionTest { | |||
public void delete_admin_group_succeeds_if_other_groups_have_administrators() { | |||
db.users().insertDefaultGroup(); | |||
GroupDto adminGroup1 = db.users().insertGroup("admins"); | |||
db.users().insertPermissionOnGroup(adminGroup1, SYSTEM_ADMIN); | |||
db.users().insertPermissionOnGroup(adminGroup1, ADMINISTER.getKey()); | |||
GroupDto adminGroup2 = db.users().insertGroup("admins2"); | |||
db.users().insertPermissionOnGroup(adminGroup2, SYSTEM_ADMIN); | |||
db.users().insertPermissionOnGroup(adminGroup2, ADMINISTER.getKey()); | |||
UserDto bigBoss = db.users().insertUser(); | |||
db.users().insertMember(adminGroup2, bigBoss); | |||
loginAsAdmin(); | |||
@@ -251,7 +250,7 @@ public class DeleteActionTest { | |||
private void addAdmin() { | |||
UserDto admin = db.users().insertUser(); | |||
db.users().insertPermissionOnUser(admin, SYSTEM_ADMIN); | |||
db.users().insertGlobalPermissionOnUser(admin, ADMINISTER); | |||
} | |||
private void loginAsAdmin() { |
@@ -24,7 +24,6 @@ import org.junit.Test; | |||
import org.sonar.api.impl.utils.AlwaysIncreasingSystem2; | |||
import org.sonar.api.server.ws.Change; | |||
import org.sonar.api.server.ws.WebService.Action; | |||
import org.sonar.core.permission.GlobalPermissions; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.user.GroupDto; | |||
import org.sonar.db.user.UserDto; | |||
@@ -185,7 +184,7 @@ public class RemoveUserActionTest { | |||
public void fail_to_remove_the_last_administrator() { | |||
db.users().insertDefaultGroup(); | |||
GroupDto adminGroup = db.users().insertGroup("sonar-admins"); | |||
db.users().insertPermissionOnGroup(adminGroup, GlobalPermissions.SYSTEM_ADMIN); | |||
db.users().insertPermissionOnGroup(adminGroup, ADMINISTER); | |||
UserDto adminUser = db.users().insertUser("the-single-admin"); | |||
db.users().insertMember(adminGroup, adminUser); | |||
loginAsAdmin(); |
@@ -24,12 +24,14 @@ import org.junit.Test; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.core.util.UuidFactory; | |||
import org.sonar.core.util.UuidFactoryFast; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.webhook.WebhookDbTester; | |||
import org.sonar.server.component.ComponentFinder; | |||
@@ -46,9 +48,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.AssertionsForClassTypes.tuple; | |||
import static org.mockito.Mockito.mock; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.DbTester.create; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.tester.UserSessionRule.standalone; | |||
import static org.sonar.server.webhook.ws.WebhooksWsParameters.NAME_PARAM; | |||
import static org.sonar.server.webhook.ws.WebhooksWsParameters.PROJECT_KEY_PARAM; | |||
@@ -98,7 +98,7 @@ public class CreateActionTest { | |||
String longProjectKey = generateStringWithLength(400); | |||
ComponentDto project = componentDbTester.insertPrivateProject(componentDto -> componentDto.setKey(longProjectKey)); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
CreateWsResponse response = wsActionTester.newRequest() | |||
.setParam("project", longProjectKey) | |||
@@ -116,7 +116,7 @@ public class CreateActionTest { | |||
@Test | |||
public void create_a_webhook_with_secret() { | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
CreateWsResponse response = wsActionTester.newRequest() | |||
.setParam("name", NAME_WEBHOOK_EXAMPLE_001) | |||
@@ -133,7 +133,7 @@ public class CreateActionTest { | |||
@Test | |||
public void create_a_global_webhook() { | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
CreateWsResponse response = wsActionTester.newRequest() | |||
.setParam("name", NAME_WEBHOOK_EXAMPLE_001) | |||
@@ -151,7 +151,7 @@ public class CreateActionTest { | |||
public void create_a_webhook_on_project() { | |||
ComponentDto project = componentDbTester.insertPrivateProject(); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
CreateWsResponse response = wsActionTester.newRequest() | |||
.setParam("project", project.getKey()) | |||
@@ -185,7 +185,7 @@ public class CreateActionTest { | |||
for (int i = 0; i < 10; i++) { | |||
webhookDbTester.insertWebhook(project); | |||
} | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam(PROJECT_KEY_PARAM, project.getKey()) | |||
.setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) | |||
@@ -201,7 +201,7 @@ public class CreateActionTest { | |||
for (int i = 0; i < 10; i++) { | |||
webhookDbTester.insertGlobalWebhook(); | |||
} | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) | |||
.setParam(URL_PARAM, URL_WEBHOOK_EXAMPLE_001); | |||
@@ -213,7 +213,7 @@ public class CreateActionTest { | |||
@Test | |||
public void fail_if_url_is_not_valid() { | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) | |||
.setParam(URL_PARAM, "htp://www.wrong-protocol.com/"); | |||
@@ -224,7 +224,7 @@ public class CreateActionTest { | |||
@Test | |||
public void fail_if_credential_in_url_is_have_a_wrong_format() { | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) | |||
.setParam(URL_PARAM, "http://:www.wrong-protocol.com/"); | |||
@@ -272,7 +272,7 @@ public class CreateActionTest { | |||
@Test | |||
public void throw_IllegalArgumentException_if_project_key_greater_than_400() { | |||
String longProjectKey = generateStringWithLength(401); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam("project", longProjectKey) | |||
.setParam("name", NAME_WEBHOOK_EXAMPLE_001) |
@@ -24,10 +24,12 @@ import org.junit.Rule; | |||
import org.junit.Test; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbSession; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.webhook.WebhookDbTester; | |||
import org.sonar.db.webhook.WebhookDeliveryDao; | |||
@@ -46,9 +48,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.AssertionsForClassTypes.tuple; | |||
import static org.mockito.Mockito.mock; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.DbTester.create; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.webhook.WebhookDeliveryTesting.newDto; | |||
import static org.sonar.server.tester.UserSessionRule.standalone; | |||
import static org.sonar.server.webhook.ws.WebhooksWsParameters.KEY_PARAM; | |||
@@ -94,7 +94,7 @@ public class DeleteActionTest { | |||
webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); | |||
webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestResponse response = wsActionTester.newRequest() | |||
.setParam(KEY_PARAM, dto.getUuid()) | |||
@@ -114,7 +114,7 @@ public class DeleteActionTest { | |||
WebhookDto dto = webhookDbTester.insertGlobalWebhook(); | |||
webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); | |||
webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestResponse response = wsActionTester.newRequest() | |||
.setParam(KEY_PARAM, dto.getUuid()) | |||
.execute(); | |||
@@ -129,7 +129,7 @@ public class DeleteActionTest { | |||
@Test | |||
public void fail_if_webhook_does_not_exist() { | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam(KEY_PARAM, "inexistent-webhook-uuid"); | |||
@@ -26,10 +26,12 @@ import org.sonar.api.config.Configuration; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.server.ws.WebService.Param; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
import org.sonar.db.component.ComponentDto; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.webhook.WebhookDbTester; | |||
import org.sonar.db.webhook.WebhookDeliveryDbTester; | |||
@@ -48,9 +50,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.AssertionsForClassTypes.tuple; | |||
import static org.mockito.Mockito.mock; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.DbTester.create; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.db.webhook.WebhookDeliveryTesting.newDto; | |||
import static org.sonar.db.webhook.WebhookTesting.newGlobalWebhook; | |||
import static org.sonar.server.tester.UserSessionRule.standalone; | |||
@@ -105,7 +105,7 @@ public class ListActionTest { | |||
webhookDeliveryDbTester.insert(newDto("WH2-DELIVERY-1-UUID", webhook2.getUuid(), "COMPONENT_1", "TASK_1").setCreatedAt(BEFORE)); | |||
webhookDeliveryDbTester.insert(newDto("WH2-DELIVERY-2-UUID", webhook2.getUuid(), "COMPONENT_1", "TASK_2").setCreatedAt(NOW)); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
ListResponse response = wsActionTester.newRequest().executeProtobuf(ListResponse.class); | |||
@@ -128,7 +128,7 @@ public class ListActionTest { | |||
WebhookDto webhook1 = webhookDbTester.insert(newGlobalWebhook("aaa"), null, null); | |||
WebhookDto webhook2 = webhookDbTester.insert(newGlobalWebhook("bbb"), null, null); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
ListResponse response = wsActionTester.newRequest().executeProtobuf(ListResponse.class); | |||
@@ -153,7 +153,7 @@ public class ListActionTest { | |||
webhookDeliveryDbTester.insert(newDto("WH1-DELIVERY-2-UUID", webhook1.getUuid(), "COMPONENT_1", "TASK_2").setCreatedAt(NOW)); | |||
webhookDbTester.insert(newGlobalWebhook("bbb", t -> t.setUrl(url)), null, null); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
ListResponse response = wsActionTester.newRequest().executeProtobuf(ListResponse.class); | |||
@@ -171,7 +171,7 @@ public class ListActionTest { | |||
// insert a project-specific webhook, that should not be returned when listing global webhooks | |||
webhookDbTester.insertWebhook(componentDbTester.insertPrivateProjectDto()); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
ListResponse response = wsActionTester.newRequest() | |||
.executeProtobuf(ListResponse.class); | |||
@@ -186,7 +186,7 @@ public class ListActionTest { | |||
@Test | |||
public void list_project_webhooks_when_project_key_param_is_provided() { | |||
ProjectDto project1 = componentDbTester.insertPrivateProjectDto(); | |||
userSession.logIn().addProjectPermission(ADMIN, project1); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project1); | |||
WebhookDto dto1 = webhookDbTester.insertWebhook(project1); | |||
WebhookDto dto2 = webhookDbTester.insertWebhook(project1); | |||
@@ -206,7 +206,7 @@ public class ListActionTest { | |||
public void list_global_webhooks_if_project_key_param_missing() { | |||
WebhookDto dto1 = webhookDbTester.insertGlobalWebhook(); | |||
WebhookDto dto2 = webhookDbTester.insertGlobalWebhook(); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
ListResponse response = wsActionTester.newRequest() | |||
.executeProtobuf(ListResponse.class); |
@@ -25,9 +25,11 @@ import org.junit.Test; | |||
import org.sonar.api.config.Configuration; | |||
import org.sonar.api.resources.ResourceTypes; | |||
import org.sonar.api.server.ws.WebService; | |||
import org.sonar.api.web.UserRole; | |||
import org.sonar.db.DbClient; | |||
import org.sonar.db.DbTester; | |||
import org.sonar.db.component.ComponentDbTester; | |||
import org.sonar.db.permission.GlobalPermission; | |||
import org.sonar.db.project.ProjectDto; | |||
import org.sonar.db.webhook.WebhookDbTester; | |||
import org.sonar.db.webhook.WebhookDto; | |||
@@ -45,9 +47,7 @@ import static org.assertj.core.api.Assertions.assertThat; | |||
import static org.assertj.core.api.Assertions.assertThatThrownBy; | |||
import static org.assertj.core.api.AssertionsForClassTypes.tuple; | |||
import static org.mockito.Mockito.mock; | |||
import static org.sonar.api.web.UserRole.ADMIN; | |||
import static org.sonar.db.DbTester.create; | |||
import static org.sonar.db.permission.GlobalPermission.ADMINISTER; | |||
import static org.sonar.server.tester.UserSessionRule.standalone; | |||
import static org.sonar.server.ws.KeyExamples.NAME_WEBHOOK_EXAMPLE_001; | |||
import static org.sonar.server.ws.KeyExamples.URL_WEBHOOK_EXAMPLE_001; | |||
@@ -90,7 +90,7 @@ public class UpdateActionTest { | |||
public void update_a_project_webhook_with_required_fields() { | |||
ProjectDto project = componentDbTester.insertPrivateProjectDto(); | |||
WebhookDto dto = webhookDbTester.insertWebhook(project); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestResponse response = wsActionTester.newRequest() | |||
.setParam("webhook", dto.getUuid()) | |||
@@ -111,7 +111,7 @@ public class UpdateActionTest { | |||
public void update_a_project_webhook_with_all_fields() { | |||
ProjectDto project = componentDbTester.insertPrivateProjectDto(); | |||
WebhookDto dto = webhookDbTester.insertWebhook(project); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestResponse response = wsActionTester.newRequest() | |||
.setParam("webhook", dto.getUuid()) | |||
@@ -132,7 +132,7 @@ public class UpdateActionTest { | |||
@Test | |||
public void update_a_global_webhook() { | |||
WebhookDto dto = webhookDbTester.insertGlobalWebhook(); | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestResponse response = wsActionTester.newRequest() | |||
.setParam("webhook", dto.getUuid()) | |||
@@ -152,7 +152,7 @@ public class UpdateActionTest { | |||
@Test | |||
public void fail_if_webhook_does_not_exist() { | |||
userSession.logIn().addPermission(ADMINISTER); | |||
userSession.logIn().addPermission(GlobalPermission.ADMINISTER); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam("webhook", "inexistent-webhook-uuid") | |||
.setParam("name", NAME_WEBHOOK_EXAMPLE_001) | |||
@@ -209,7 +209,7 @@ public class UpdateActionTest { | |||
public void fail_if_url_is_not_valid() { | |||
ProjectDto project = componentDbTester.insertPrivateProjectDto(); | |||
WebhookDto dto = webhookDbTester.insertWebhook(project); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam("webhook", dto.getUuid()) | |||
.setParam("name", NAME_WEBHOOK_EXAMPLE_001) | |||
@@ -223,7 +223,7 @@ public class UpdateActionTest { | |||
public void fail_if_credential_in_url_is_have_a_wrong_format() { | |||
ProjectDto project = componentDbTester.insertPrivateProjectDto(); | |||
WebhookDto dto = webhookDbTester.insertWebhook(project); | |||
userSession.logIn().addProjectPermission(ADMIN, project); | |||
userSession.logIn().addProjectPermission(UserRole.ADMIN, project); | |||
TestRequest request = wsActionTester.newRequest() | |||
.setParam("webhook", dto.getUuid()) | |||
.setParam("name", NAME_WEBHOOK_EXAMPLE_001) |