mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30421 Commits
59 Branches
Tree: 6789a2ec09
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '6789a2ec09'
${ noResults }
sonarqube/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java

GroupPermissionDaoTest.java 45KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2021 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.db.permission;

  21. 

  22. import java.util.ArrayList;

  23. import java.util.Collection;

  24. import java.util.Collections;

  25. import java.util.List;

  26. import java.util.Random;

  27. import java.util.stream.IntStream;

  28. import java.util.stream.Stream;

  29. import org.junit.Rule;

  30. import org.junit.Test;

  31. import org.sonar.api.utils.System2;

  32. import org.sonar.api.web.UserRole;

  33. import org.sonar.core.util.stream.MoreCollectors;

  34. import org.sonar.db.DbSession;

  35. import org.sonar.db.DbTester;

  36. import org.sonar.db.component.ComponentDto;

  37. import org.sonar.db.component.ComponentTesting;

  38. import org.sonar.db.user.GroupDto;

  39. 

  40. import static java.util.Arrays.asList;

  41. import static java.util.Collections.singletonList;

  42. import static org.assertj.core.api.Assertions.assertThat;

  43. import static org.assertj.core.api.Assertions.tuple;

  44. import static org.sonar.api.security.DefaultGroups.ANYONE;

  45. import static org.sonar.api.web.UserRole.ADMIN;

  46. import static org.sonar.api.web.UserRole.ISSUE_ADMIN;

  47. import static org.sonar.api.web.UserRole.USER;

  48. import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;

  49. import static org.sonar.db.permission.GlobalPermission.ADMINISTER;

  50. import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS;

  51. import static org.sonar.db.permission.GlobalPermission.SCAN;

  52. import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;

  53. 

  54. public class GroupPermissionDaoTest {

  55. 

  56.   private static final String ANYONE_UUID = "Anyone";

  57.   private static final String MISSING_UUID = "-1";

  58. 

  59.   @Rule

  60.   public DbTester db = DbTester.create(System2.INSTANCE);

  61. 

  62.   private final DbSession dbSession = db.getSession();

  63.   private final GroupPermissionDao underTest = new GroupPermissionDao();

  64. 

  65.   @Test

  66.   public void group_count_by_permission_and_component_id_on_private_projects() {

  67.     GroupDto group1 = db.users().insertGroup();

  68.     GroupDto group2 = db.users().insertGroup();

  69.     GroupDto group3 = db.users().insertGroup();

  70.     ComponentDto project1 = db.components().insertPrivateProject();

  71.     ComponentDto project2 = db.components().insertPrivateProject();

  72.     ComponentDto project3 = db.components().insertPrivateProject();

  73. 

  74.     db.users().insertProjectPermissionOnGroup(group1, ISSUE_ADMIN, project1);

  75.     db.users().insertProjectPermissionOnGroup(group1, ADMIN, project2);

  76.     db.users().insertProjectPermissionOnGroup(group2, ADMIN, project2);

  77.     db.users().insertProjectPermissionOnGroup(group3, ADMIN, project2);

  78.     db.users().insertProjectPermissionOnGroup(group1, USER, project2);

  79.     db.users().insertProjectPermissionOnGroup(group1, USER, project3);

  80. 

  81.     final List<CountPerProjectPermission> result = new ArrayList<>();

  82.     underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"),

  83.       context -> result.add(context.getResultObject()));

  84. 

  85.     assertThat(result).hasSize(3);

  86.     assertThat(result).extracting("permission").containsOnly(ADMIN, USER);

  87.     assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid());

  88.     assertThat(result).extracting("count").containsOnly(3, 1);

  89.   }

  90. 

  91.   @Test

  92.   public void group_count_by_permission_and_component_id_on_public_projects() {

  93.     GroupDto group1 = db.users().insertGroup();

  94.     GroupDto group2 = db.users().insertGroup();

  95.     GroupDto group3 = db.users().insertGroup();

  96.     ComponentDto project1 = db.components().insertPublicProject();

  97.     ComponentDto project2 = db.components().insertPublicProject();

  98.     ComponentDto project3 = db.components().insertPublicProject();

  99. 

  100.     db.users().insertProjectPermissionOnGroup(group1, "p1", project1);

  101.     db.users().insertProjectPermissionOnGroup(group1, "p2", project2);

  102.     db.users().insertProjectPermissionOnGroup(group2, "p2", project2);

  103.     db.users().insertProjectPermissionOnGroup(group3, "p2", project2);

  104.     // anyone group

  105.     db.users().insertProjectPermissionOnAnyone("p2", project2);

  106.     db.users().insertProjectPermissionOnGroup(group1, "p3", project2);

  107.     db.users().insertProjectPermissionOnGroup(group1, "p3", project3);

  108. 

  109.     final List<CountPerProjectPermission> result = new ArrayList<>();

  110.     underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"),

  111.       context -> result.add(context.getResultObject()));

  112. 

  113.     assertThat(result).hasSize(3);

  114.     assertThat(result).extracting("permission").containsOnly("p2", "p3");

  115.     assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid());

  116.     assertThat(result).extracting("count").containsOnly(4, 1);

  117.   }

  118. 

  119.   @Test

  120.   public void selectGroupNamesByQuery_is_ordered_by_permissions_then_by_group_names() {

  121.     GroupDto group2 = db.users().insertGroup("Group-2");

  122.     GroupDto group3 = db.users().insertGroup("Group-3");

  123.     GroupDto group1 = db.users().insertGroup("Group-1");

  124.     db.users().insertPermissionOnAnyone(SCAN);

  125.     db.users().insertPermissionOnGroup(group3, SCAN);

  126. 

  127.     assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery().build()))

  128.       .containsExactly(ANYONE, group3.getName(), group1.getName(), group2.getName());

  129.   }

  130. 

  131.   @Test

  132.   public void selectGroupNamesByQuery_is_ordered_by_permissions_then_by_group_when_many_groups_for_global_permissions() {

  133.     ComponentDto project = db.components().insertPrivateProject();

  134.     IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {

  135.       GroupDto group = db.users().insertGroup("Group-" + i);

  136.       // Add permission on project to be sure projects are excluded

  137.       db.users().insertProjectPermissionOnGroup(group, SCAN.getKey(), project);

  138.     });

  139.     String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1);

  140.     db.users().insertPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), SCAN);

  141. 

  142.     assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery().build()))

  143.       .hasSize(DEFAULT_PAGE_SIZE)

  144.       .startsWith(ANYONE, lastGroupName, "Group-1");

  145.   }

  146. 

  147.   @Test

  148.   public void selectGroupNamesByQuery_is_ordered_by_global_permissions_then_by_group_when_many_groups_for_project_permissions() {

  149.     IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {

  150.       GroupDto group = db.users().insertGroup("Group-" + i);

  151.       // Add global permission to be sure they are excluded

  152.       db.users().insertPermissionOnGroup(group, SCAN.getKey());

  153.     });

  154.     ComponentDto project = db.components().insertPrivateProject();

  155.     String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1);

  156.     db.users().insertProjectPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), SCAN.getKey(), project);

  157. 

  158.     assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery()

  159.       .setComponent(project)

  160.       .build()))

  161.       .hasSize(DEFAULT_PAGE_SIZE)

  162.       .startsWith(ANYONE, lastGroupName, "Group-1");

  163.   }

  164. 

  165.   @Test

  166.   public void countGroupsByQuery() {

  167.     GroupDto group1 = db.users().insertGroup("Group-1");

  168.     db.users().insertGroup("Group-2");

  169.     db.users().insertGroup("Group-3");

  170.     db.users().insertPermissionOnAnyone(SCAN);

  171.     db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS);

  172. 

  173.     assertThat(underTest.countGroupsByQuery(dbSession,

  174.       newQuery().build())).isEqualTo(4);

  175.     assertThat(underTest.countGroupsByQuery(dbSession,

  176.       newQuery().setPermission(PROVISION_PROJECTS.getKey()).build())).isEqualTo(1);

  177.     assertThat(underTest.countGroupsByQuery(dbSession,

  178.       newQuery().withAtLeastOnePermission().build())).isEqualTo(2);

  179.     assertThat(underTest.countGroupsByQuery(dbSession,

  180.       newQuery().setSearchQuery("Group-").build())).isEqualTo(3);

  181.     assertThat(underTest.countGroupsByQuery(dbSession,

  182.       newQuery().setSearchQuery("Any").build())).isEqualTo(1);

  183.   }

  184. 

  185.   @Test

  186.   public void selectGroupNamesByQuery_with_global_permission() {

  187.     GroupDto group1 = db.users().insertGroup("Group-1");

  188.     GroupDto group2 = db.users().insertGroup("Group-2");

  189.     GroupDto group3 = db.users().insertGroup("Group-3");

  190. 

  191.     ComponentDto project = db.components().insertPrivateProject();

  192. 

  193.     db.users().insertPermissionOnAnyone(SCAN);

  194.     db.users().insertPermissionOnAnyone(PROVISION_PROJECTS);

  195.     db.users().insertPermissionOnGroup(group1, SCAN);

  196.     db.users().insertPermissionOnGroup(group3, ADMINISTER);

  197.     db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);

  198. 

  199.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  200.       newQuery().setPermission(SCAN.getKey()).build())).containsExactly(ANYONE, group1.getName());

  201. 

  202.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  203.       newQuery().setPermission(ADMINISTER.getKey()).build())).containsExactly(group3.getName());

  204. 

  205.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  206.       newQuery().setPermission(PROVISION_PROJECTS.getKey()).build())).containsExactly(ANYONE);

  207.   }

  208. 

  209.   @Test

  210.   public void select_groups_by_query_with_project_permissions_on_public_projects() {

  211.     GroupDto group1 = db.users().insertGroup();

  212.     GroupDto group2 = db.users().insertGroup();

  213.     GroupDto group3 = db.users().insertGroup();

  214. 

  215.     ComponentDto project = db.components().insertPublicProject();

  216.     ComponentDto anotherProject = db.components().insertPublicProject();

  217. 

  218.     db.users().insertProjectPermissionOnGroup(group1, "p1", project);

  219.     db.users().insertProjectPermissionOnGroup(group1, "p2", project);

  220.     db.users().insertProjectPermissionOnAnyone("p3", project);

  221. 

  222.     db.users().insertProjectPermissionOnGroup(group1, "p4", anotherProject);

  223.     db.users().insertProjectPermissionOnAnyone("p4", anotherProject);

  224.     db.users().insertProjectPermissionOnGroup(group3, "p1", anotherProject);

  225.     db.users().insertPermissionOnGroup(group2, "p5");

  226. 

  227.     PermissionQuery.Builder builderOnComponent = newQuery()

  228.       .setComponent(project);

  229.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  230.       builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName());

  231.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  232.       builderOnComponent.setPermission("p1").build())).containsOnlyOnce(group1.getName());

  233.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  234.       builderOnComponent.setPermission("p3").build())).containsOnlyOnce(ANYONE);

  235.   }

  236. 

  237.   @Test

  238.   public void select_groups_by_query_with_project_permissions_on_private_projects() {

  239.     GroupDto group1 = db.users().insertGroup();

  240.     GroupDto group2 = db.users().insertGroup();

  241.     GroupDto group3 = db.users().insertGroup();

  242. 

  243.     ComponentDto project = db.components().insertPrivateProject();

  244.     ComponentDto anotherProject = db.components().insertPrivateProject();

  245. 

  246.     db.users().insertProjectPermissionOnGroup(group1, SCAN.getKey(), project);

  247.     db.users().insertProjectPermissionOnGroup(group1, PROVISION_PROJECTS.getKey(), project);

  248. 

  249.     db.users().insertProjectPermissionOnGroup(group1, ADMIN, anotherProject);

  250.     db.users().insertProjectPermissionOnGroup(group3, UserRole.SCAN, anotherProject);

  251.     db.users().insertPermissionOnGroup(group2, SCAN);

  252. 

  253.     PermissionQuery.Builder builderOnComponent = newQuery()

  254.       .setComponent(project);

  255.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  256.       builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName());

  257.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  258.       builderOnComponent.setPermission(SCAN_EXECUTION).build())).containsOnlyOnce(group1.getName());

  259.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  260.       builderOnComponent.setPermission(USER).build())).isEmpty();

  261.   }

  262. 

  263.   @Test

  264.   public void selectGroupNamesByQuery_is_paginated() {

  265.     IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(i + "-name"));

  266. 

  267.     List<String> groupNames = underTest.selectGroupNamesByQuery(dbSession,

  268.       newQuery().setPageIndex(2).setPageSize(3).build());

  269.     assertThat(groupNames).containsExactly("3-name", "4-name", "5-name");

  270.   }

  271. 

  272.   @Test

  273.   public void selectGroupNamesByQuery_with_search_query() {

  274.     GroupDto group = db.users().insertGroup("group-anyone");

  275.     db.users().insertGroup("unknown");

  276.     db.users().insertPermissionOnGroup(group, SCAN);

  277. 

  278.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  279.       newQuery().setSearchQuery("any").build())).containsOnlyOnce(ANYONE, group.getName());

  280.   }

  281. 

  282.   @Test

  283.   public void selectGroupNamesByQuery_does_not_return_anyone_when_group_roles_is_empty() {

  284.     GroupDto group = db.users().insertGroup();

  285. 

  286.     assertThat(underTest.selectGroupNamesByQuery(dbSession,

  287.       newQuery().build()))

  288.       .doesNotContain(ANYONE)

  289.       .containsExactly(group.getName());

  290.   }

  291. 

  292.   @Test

  293.   public void selectByGroupUuids_on_global_permissions() {

  294.     GroupDto group1 = db.users().insertGroup("Group-1");

  295.     db.users().insertPermissionOnGroup(group1, SCAN);

  296. 

  297.     GroupDto group2 = db.users().insertGroup("Group-2");

  298.     ComponentDto project = db.components().insertPrivateProject();

  299.     db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);

  300. 

  301.     GroupDto group3 = db.users().insertGroup("Group-3");

  302.     db.users().insertPermissionOnGroup(group3, ADMINISTER);

  303. 

  304.     // Anyone

  305.     db.users().insertPermissionOnAnyone(SCAN);

  306.     db.users().insertPermissionOnAnyone(PROVISION_PROJECTS);

  307. 

  308.     assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid()), null))

  309.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  310.       .containsOnly(tuple(group1.getUuid(), SCAN_EXECUTION, null));

  311. 

  312.     assertThat(underTest.selectByGroupUuids(dbSession, asList(group2.getUuid()), null)).isEmpty();

  313. 

  314.     assertThat(underTest.selectByGroupUuids(dbSession, asList(group3.getUuid()), null))

  315.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  316.       .containsOnly(tuple(group3.getUuid(), ADMINISTER.getKey(), null));

  317. 

  318.     assertThat(underTest.selectByGroupUuids(dbSession, asList(ANYONE_UUID), null))

  319.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  320.       .containsOnly(

  321.         tuple(ANYONE_UUID, SCAN.getKey(), null),

  322.         tuple(ANYONE_UUID, PROVISION_PROJECTS.getKey(), null));

  323. 

  324.     assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid(), group2.getUuid(), ANYONE_UUID), null)).hasSize(3);

  325.     assertThat(underTest.selectByGroupUuids(dbSession, asList(MISSING_UUID), null)).isEmpty();

  326.     assertThat(underTest.selectByGroupUuids(dbSession, Collections.emptyList(), null)).isEmpty();

  327.   }

  328. 

  329.   @Test

  330.   public void selectByGroupUuids_on_public_projects() {

  331.     GroupDto group1 = db.users().insertGroup("Group-1");

  332.     db.users().insertPermissionOnGroup(group1, "p1");

  333. 

  334.     GroupDto group2 = db.users().insertGroup("Group-2");

  335.     ComponentDto project = db.components().insertPublicProject();

  336.     db.users().insertProjectPermissionOnGroup(group2, "p2", project);

  337. 

  338.     GroupDto group3 = db.users().insertGroup("Group-3");

  339.     db.users().insertProjectPermissionOnGroup(group3, "p2", project);

  340. 

  341.     // Anyone group

  342.     db.users().insertPermissionOnAnyone("p3");

  343.     db.users().insertProjectPermissionOnAnyone("p4", project);

  344. 

  345.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group1.getUuid()), project.uuid())).isEmpty();

  346. 

  347.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group2.getUuid()), project.uuid()))

  348.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  349.       .containsOnly(tuple(group2.getUuid(), "p2", project.uuid()));

  350. 

  351.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group3.getUuid()), project.uuid()))

  352.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  353.       .containsOnly(tuple(group3.getUuid(), "p2", project.uuid()));

  354. 

  355.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(ANYONE_UUID), project.uuid()))

  356.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  357.       .containsOnly(tuple(ANYONE_UUID, "p4", project.uuid()));

  358. 

  359.     assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid(), group2.getUuid(), ANYONE_UUID), project.uuid())).hasSize(2);

  360.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(MISSING_UUID), project.uuid())).isEmpty();

  361.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group1.getUuid()), "123")).isEmpty();

  362.     assertThat(underTest.selectByGroupUuids(dbSession, Collections.emptyList(), project.uuid())).isEmpty();

  363.   }

  364. 

  365.   @Test

  366.   public void selectByGroupUuids_on_private_projects() {

  367.     GroupDto group1 = db.users().insertGroup("Group-1");

  368.     db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS);

  369. 

  370.     GroupDto group2 = db.users().insertGroup("Group-2");

  371.     ComponentDto project = db.components().insertPrivateProject();

  372.     db.users().insertProjectPermissionOnGroup(group2, USER, project);

  373. 

  374.     GroupDto group3 = db.users().insertGroup("Group-3");

  375.     db.users().insertProjectPermissionOnGroup(group3, USER, project);

  376. 

  377.     // Anyone group

  378.     db.users().insertPermissionOnAnyone(SCAN);

  379. 

  380.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group1.getUuid()), project.uuid())).isEmpty();

  381. 

  382.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group2.getUuid()), project.uuid()))

  383.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  384.       .containsOnly(tuple(group2.getUuid(), USER, project.uuid()));

  385. 

  386.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group3.getUuid()), project.uuid()))

  387.       .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid)

  388.       .containsOnly(tuple(group3.getUuid(), USER, project.uuid()));

  389. 

  390.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(ANYONE_UUID), project.uuid()))

  391.       .isEmpty();

  392. 

  393.     assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid(), group2.getUuid(), ANYONE_UUID), project.uuid())).hasSize(1);

  394.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(MISSING_UUID), project.uuid())).isEmpty();

  395.     assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group1.getUuid()), "123")).isEmpty();

  396.     assertThat(underTest.selectByGroupUuids(dbSession, Collections.emptyList(), project.uuid())).isEmpty();

  397.   }

  398. 

  399.   @Test

  400.   public void selectGlobalPermissionsOfGroup() {

  401.     GroupDto group1 = db.users().insertGroup("group1");

  402.     GroupDto group2 = db.users().insertGroup("group2");

  403.     ComponentDto project = db.components().insertPublicProject();

  404. 

  405.     db.users().insertPermissionOnAnyone("perm1");

  406.     db.users().insertPermissionOnGroup(group1, "perm2");

  407.     db.users().insertPermissionOnGroup(group1, "perm3");

  408.     db.users().insertPermissionOnGroup(group2, "perm4");

  409.     db.users().insertProjectPermissionOnGroup(group1, "perm5", project);

  410.     db.users().insertProjectPermissionOnAnyone("perm6", project);

  411. 

  412.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid())).containsOnly("perm2", "perm3");

  413.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid())).containsOnly("perm4");

  414.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null)).containsOnly("perm1");

  415.   }

  416. 

  417.   @Test

  418.   public void selectProjectPermissionsOfGroup_on_public_project() {

  419.     GroupDto group1 = db.users().insertGroup("group1");

  420.     ComponentDto project1 = db.components().insertPublicProject();

  421.     ComponentDto project2 = db.components().insertPublicProject();

  422. 

  423.     db.users().insertPermissionOnAnyone("perm1");

  424.     db.users().insertPermissionOnGroup(group1, "perm2");

  425.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  426.     db.users().insertProjectPermissionOnGroup(group1, "perm4", project1);

  427.     db.users().insertProjectPermissionOnGroup(group1, "perm5", project2);

  428.     db.users().insertProjectPermissionOnAnyone("perm6", project1);

  429. 

  430.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid()))

  431.       .containsOnly("perm3", "perm4");

  432.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid()))

  433.       .containsOnly("perm5");

  434.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project1.uuid()))

  435.       .containsOnly("perm6");

  436.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project2.uuid()))

  437.       .isEmpty();

  438.   }

  439. 

  440.   @Test

  441.   public void selectProjectPermissionsOfGroup_on_private_project() {

  442.     GroupDto group1 = db.users().insertGroup("group1");

  443.     ComponentDto project1 = db.components().insertPrivateProject();

  444.     ComponentDto project2 = db.components().insertPrivateProject();

  445. 

  446.     db.users().insertPermissionOnAnyone("perm1");

  447.     db.users().insertPermissionOnGroup(group1, "perm2");

  448.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  449.     db.users().insertProjectPermissionOnGroup(group1, "perm4", project1);

  450.     db.users().insertProjectPermissionOnGroup(group1, "perm5", project2);

  451. 

  452.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project1.uuid()))

  453.       .containsOnly("perm3", "perm4");

  454.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project2.uuid()))

  455.       .containsOnly("perm5");

  456.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project1.uuid()))

  457.       .isEmpty();

  458.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project2.uuid()))

  459.       .isEmpty();

  460.   }

  461. 

  462.   @Test

  463.   public void selectAllPermissionsByGroupUuid_on_public_project() {

  464.     GroupDto group1 = db.users().insertGroup("group1");

  465.     ComponentDto project1 = db.components().insertPublicProject();

  466.     ComponentDto project2 = db.components().insertPublicProject();

  467.     db.users().insertPermissionOnAnyone("perm1");

  468.     db.users().insertPermissionOnGroup(group1, "perm2");

  469.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  470.     db.users().insertProjectPermissionOnGroup(group1, "perm4", project1);

  471.     db.users().insertProjectPermissionOnGroup(group1, "perm5", project2);

  472.     db.users().insertProjectPermissionOnAnyone("perm6", project1);

  473. 

  474.     List<GroupPermissionDto> result = new ArrayList<>();

  475.     underTest.selectAllPermissionsByGroupUuid(dbSession, group1.getUuid(), context -> result.add(context.getResultObject()));

  476.     assertThat(result).extracting(GroupPermissionDto::getComponentUuid, GroupPermissionDto::getRole).containsOnly(

  477.       tuple(null, "perm2"),

  478.       tuple(project1.uuid(), "perm3"), tuple(project1.uuid(), "perm4"), tuple(project2.uuid(), "perm5"));

  479.   }

  480. 

  481.   @Test

  482.   public void selectAllPermissionsByGroupUuid_on_private_project() {

  483.     GroupDto group1 = db.users().insertGroup("group1");

  484.     ComponentDto project1 = db.components().insertPrivateProject();

  485.     ComponentDto project2 = db.components().insertPrivateProject();

  486.     db.users().insertPermissionOnAnyone("perm1");

  487.     db.users().insertPermissionOnGroup(group1, "perm2");

  488.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  489.     db.users().insertProjectPermissionOnGroup(group1, "perm4", project1);

  490.     db.users().insertProjectPermissionOnGroup(group1, "perm5", project2);

  491. 

  492.     List<GroupPermissionDto> result = new ArrayList<>();

  493.     underTest.selectAllPermissionsByGroupUuid(dbSession, group1.getUuid(), context -> result.add(context.getResultObject()));

  494.     assertThat(result).extracting(GroupPermissionDto::getComponentUuid, GroupPermissionDto::getRole).containsOnly(

  495.       tuple(null, "perm2"),

  496.       tuple(project1.uuid(), "perm3"), tuple(project1.uuid(), "perm4"), tuple(project2.uuid(), "perm5"));

  497.   }

  498. 

  499.   @Test

  500.   public void selectGroupUuidsWithPermissionOnProjectBut_returns_empty_if_project_does_not_exist() {

  501.     ComponentDto project = randomPublicOrPrivateProject();

  502.     GroupDto group = db.users().insertGroup();

  503.     db.users().insertProjectPermissionOnGroup(group, "foo", project);

  504. 

  505.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER))

  506.       .isEmpty();

  507.   }

  508. 

  509.   @Test

  510.   public void selectGroupUuidsWithPermissionOnProjectBut_returns_only_groups_of_project_which_do_not_have_permission() {

  511.     ComponentDto project = randomPublicOrPrivateProject();

  512.     GroupDto group1 = db.users().insertGroup();

  513.     GroupDto group2 = db.users().insertGroup();

  514.     db.users().insertProjectPermissionOnGroup(group1, "p1", project);

  515.     db.users().insertProjectPermissionOnGroup(group2, "p2", project);

  516. 

  517.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2"))

  518.       .containsOnly(group1.getUuid());

  519.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1"))

  520.       .containsOnly(group2.getUuid());

  521.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p3"))

  522.       .containsOnly(group1.getUuid(), group2.getUuid());

  523.   }

  524. 

  525.   @Test

  526.   public void selectGroupUuidsWithPermissionOnProjectBut_does_not_returns_group_AnyOne_of_project_when_it_does_not_have_permission() {

  527.     ComponentDto project = db.components().insertPublicProject();

  528.     GroupDto group1 = db.users().insertGroup();

  529.     GroupDto group2 = db.users().insertGroup();

  530.     db.users().insertProjectPermissionOnGroup(group1, "p1", project);

  531.     db.users().insertProjectPermissionOnGroup(group2, "p2", project);

  532.     db.users().insertProjectPermissionOnAnyone("p2", project);

  533. 

  534.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2"))

  535.       .containsOnly(group1.getUuid());

  536.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1"))

  537.       .containsOnly(group2.getUuid());

  538.   }

  539. 

  540.   @Test

  541.   public void selectGroupUuidsWithPermissionOnProjectBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() {

  542.     ComponentDto project = randomPublicOrPrivateProject();

  543.     GroupDto group1 = db.users().insertGroup();

  544.     GroupDto group2 = db.users().insertGroup();

  545.     GroupDto group3 = db.users().insertGroup();

  546.     db.users().insertProjectPermissionOnGroup(group1, "p1", project);

  547.     db.users().insertProjectPermissionOnGroup(group2, "p2", project);

  548. 

  549.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p2"))

  550.       .containsOnly(group1.getUuid());

  551.     assertThat(underTest.selectGroupUuidsWithPermissionOnProjectBut(dbSession, project.uuid(), "p1"))

  552.       .containsOnly(group2.getUuid());

  553.   }

  554. 

  555.   @Test

  556.   public void deleteByRootComponentUuid_on_private_project() {

  557.     GroupDto group1 = db.users().insertGroup();

  558.     GroupDto group2 = db.users().insertGroup();

  559.     ComponentDto project1 = db.components().insertPrivateProject();

  560.     ComponentDto project2 = db.components().insertPrivateProject();

  561.     db.users().insertPermissionOnGroup(group1, "perm1");

  562.     db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);

  563.     db.users().insertProjectPermissionOnGroup(group2, "perm3", project2);

  564. 

  565.     underTest.deleteByRootComponentUuid(dbSession, project1.uuid());

  566.     dbSession.commit();

  567. 

  568.     assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.uuid() + "'")).isZero();

  569.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2);

  570.   }

  571. 

  572.   @Test

  573.   public void deleteByRootComponentUuid_on_public_project() {

  574.     GroupDto group1 = db.users().insertGroup();

  575.     GroupDto group2 = db.users().insertGroup();

  576.     ComponentDto project1 = db.components().insertPublicProject();

  577.     ComponentDto project2 = db.components().insertPublicProject();

  578.     db.users().insertPermissionOnGroup(group1, "perm1");

  579.     db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);

  580.     db.users().insertProjectPermissionOnGroup(group2, "perm3", project2);

  581.     db.users().insertProjectPermissionOnAnyone("perm4", project1);

  582.     db.users().insertProjectPermissionOnAnyone("perm5", project2);

  583. 

  584.     underTest.deleteByRootComponentUuid(dbSession, project1.uuid());

  585.     dbSession.commit();

  586. 

  587.     assertThat(db.countSql("select count(uuid) from group_roles where component_uuid='" + project1.uuid() + "'")).isZero();

  588.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3);

  589.   }

  590. 

  591.   @Test

  592.   public void delete_global_permission_from_group_on_public_project() {

  593.     GroupDto group1 = db.users().insertGroup();

  594.     ComponentDto project1 = db.components().insertPublicProject();

  595.     db.users().insertPermissionOnAnyone("perm1");

  596.     db.users().insertPermissionOnGroup(group1, "perm2");

  597.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  598.     db.users().insertProjectPermissionOnAnyone("perm4", project1);

  599. 

  600.     underTest.delete(dbSession, "perm2", group1.getUuid(), null);

  601.     dbSession.commit();

  602. 

  603.     assertThatNoPermission("perm2");

  604.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3);

  605.   }

  606. 

  607.   @Test

  608.   public void delete_global_permission_from_group_on_private_project() {

  609.     GroupDto group1 = db.users().insertGroup();

  610.     ComponentDto project1 = db.components().insertPrivateProject();

  611.     db.users().insertPermissionOnAnyone("perm1");

  612.     db.users().insertPermissionOnGroup(group1, "perm2");

  613.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  614. 

  615.     underTest.delete(dbSession, "perm2", group1.getUuid(), null);

  616.     dbSession.commit();

  617. 

  618.     assertThatNoPermission("perm2");

  619.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2);

  620.   }

  621. 

  622.   @Test

  623.   public void delete_global_permission_from_anyone_on_public_project() {

  624.     GroupDto group1 = db.users().insertGroup();

  625.     ComponentDto project1 = db.components().insertPublicProject();

  626.     db.users().insertPermissionOnAnyone("perm1");

  627.     db.users().insertPermissionOnGroup(group1, "perm2");

  628.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  629.     db.users().insertProjectPermissionOnAnyone("perm4", project1);

  630. 

  631.     underTest.delete(dbSession, "perm1", null, null);

  632.     dbSession.commit();

  633. 

  634.     assertThatNoPermission("perm1");

  635.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3);

  636.   }

  637. 

  638.   @Test

  639.   public void delete_project_permission_from_group_on_private_project() {

  640.     GroupDto group1 = db.users().insertGroup();

  641.     ComponentDto project1 = db.components().insertPrivateProject();

  642.     db.users().insertPermissionOnAnyone("perm1");

  643.     db.users().insertPermissionOnGroup(group1, "perm2");

  644.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  645. 

  646.     underTest.delete(dbSession, "perm3", group1.getUuid(), project1.uuid());

  647.     dbSession.commit();

  648. 

  649.     assertThatNoPermission("perm3");

  650.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2);

  651.   }

  652. 

  653.   @Test

  654.   public void delete_project_permission_from_group_on_public_project() {

  655.     GroupDto group1 = db.users().insertGroup();

  656.     ComponentDto project1 = db.components().insertPublicProject();

  657.     db.users().insertPermissionOnAnyone("perm1");

  658.     db.users().insertPermissionOnGroup(group1, "perm2");

  659.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  660.     db.users().insertProjectPermissionOnAnyone("perm4", project1);

  661. 

  662.     underTest.delete(dbSession, "perm3", group1.getUuid(), project1.uuid());

  663.     dbSession.commit();

  664. 

  665.     assertThatNoPermission("perm3");

  666.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3);

  667.   }

  668. 

  669.   @Test

  670.   public void delete_project_permission_from_anybody_on_private_project() {

  671.     GroupDto group1 = db.users().insertGroup();

  672.     ComponentDto project1 = db.components().insertPublicProject();

  673.     db.users().insertPermissionOnAnyone("perm1");

  674.     db.users().insertPermissionOnGroup(group1, "perm2");

  675.     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);

  676.     db.users().insertProjectPermissionOnAnyone("perm4", project1);

  677. 

  678.     underTest.delete(dbSession, "perm4", null, project1.uuid());

  679.     dbSession.commit();

  680. 

  681.     assertThatNoPermission("perm4");

  682.     assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3);

  683.   }

  684. 

  685.   @Test

  686.   public void deleteByRootComponentUuidAndGroupUuid_deletes_all_permissions_of_group_AnyOne_of_specified_component_if_groupUuid_is_null() {

  687.     ComponentDto project = db.components().insertPublicProject();

  688.     GroupDto group = db.users().insertGroup();

  689.     db.users().insertProjectPermissionOnAnyone("p1", project);

  690.     db.users().insertProjectPermissionOnGroup(group, "p2", project);

  691.     db.users().insertPermissionOnAnyone("p3");

  692.     db.users().insertPermissionOnGroup(group, "p4");

  693.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid()))

  694.       .containsOnly("p1");

  695.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group.getUuid(), project.uuid()))

  696.       .containsOnly("p2");

  697.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null))

  698.       .containsOnly("p3");

  699.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group.getUuid()))

  700.       .containsOnly("p4");

  701. 

  702.     int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null);

  703. 

  704.     assertThat(deletedCount).isEqualTo(1);

  705.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid()))

  706.       .isEmpty();

  707.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group.getUuid(), project.uuid()))

  708.       .containsOnly("p2");

  709.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null))

  710.       .containsOnly("p3");

  711.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group.getUuid()))

  712.       .containsOnly("p4");

  713.   }

  714. 

  715.   @Test

  716.   public void deleteByRootComponentUuidAndGroupUuid_deletes_all_permissions_of_specified_group_of_specified_component_if_groupUuid_is_non_null() {

  717.     ComponentDto project = db.components().insertPublicProject();

  718.     GroupDto group1 = db.users().insertGroup();

  719.     GroupDto group2 = db.users().insertGroup();

  720.     db.users().insertProjectPermissionOnAnyone("p1", project);

  721.     db.users().insertProjectPermissionOnGroup(group1, "p2", project);

  722.     db.users().insertProjectPermissionOnGroup(group2, "p3", project);

  723.     db.users().insertProjectPermissionOnGroup(group2, "p4", project);

  724.     db.users().insertPermissionOnAnyone("p5");

  725.     db.users().insertPermissionOnGroup(group1, "p6");

  726.     db.users().insertPermissionOnGroup(group2, "p7");

  727.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid()))

  728.       .containsOnly("p1");

  729.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid()))

  730.       .containsOnly("p2");

  731.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid()))

  732.       .containsOnly("p3", "p4");

  733.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null))

  734.       .containsOnly("p5");

  735.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid()))

  736.       .containsOnly("p6");

  737.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid()))

  738.       .containsOnly("p7");

  739. 

  740.     int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group1.getUuid());

  741. 

  742.     assertThat(deletedCount).isEqualTo(1);

  743.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid()))

  744.       .containsOnly("p1");

  745.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid()))

  746.       .isEmpty();

  747.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid()))

  748.       .containsOnly("p3", "p4");

  749.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid()))

  750.       .containsOnly("p6");

  751.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid()))

  752.       .containsOnly("p7");

  753. 

  754.     deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group2.getUuid());

  755. 

  756.     assertThat(deletedCount).isEqualTo(2);

  757.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid()))

  758.       .containsOnly("p1");

  759.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid()))

  760.       .isEmpty();

  761.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid()))

  762.       .isEmpty();

  763.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid()))

  764.       .containsOnly("p6");

  765.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group2.getUuid()))

  766.       .containsOnly("p7");

  767.   }

  768. 

  769.   @Test

  770.   public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_does_not_exist() {

  771.     GroupDto group = db.users().insertGroup();

  772. 

  773.     assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "1234", null)).isZero();

  774.     assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, "1234", group.getUuid())).isZero();

  775.   }

  776. 

  777.   @Test

  778.   public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_at_all() {

  779.     ComponentDto project = randomPublicOrPrivateProject();

  780.     GroupDto group = db.users().insertGroup();

  781. 

  782.     assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null)).isZero();

  783.     assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group.getUuid())).isZero();

  784.   }

  785. 

  786.   @Test

  787.   public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_group_does_not_exist() {

  788.     ComponentDto project = randomPublicOrPrivateProject();

  789. 

  790.     assertThat(underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), "5678")).isZero();

  791.   }

  792. 

  793.   @Test

  794.   public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_group_AnyOne() {

  795.     ComponentDto project = db.components().insertPrivateProject();

  796.     GroupDto group1 = db.users().insertGroup();

  797.     db.users().insertProjectPermissionOnGroup(group1, "p1", project);

  798.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid()))

  799.       .isEmpty();

  800.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid()))

  801.       .containsOnly("p1");

  802.     db.users().insertPermissionOnAnyone("p2");

  803.     db.users().insertPermissionOnGroup(group1, "p3");

  804. 

  805.     int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), null);

  806. 

  807.     assertThat(deletedCount).isZero();

  808.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, null, project.uuid()))

  809.       .isEmpty();

  810.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid()))

  811.       .containsOnly("p1");

  812.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null))

  813.       .containsOnly("p2");

  814.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid()))

  815.       .containsOnly("p3");

  816.   }

  817. 

  818.   @Test

  819.   public void deleteByRootComponentUuidAndGroupUuid_has_no_effect_if_component_has_no_group_permission_for_specified_group() {

  820.     ComponentDto project = db.components().insertPrivateProject();

  821.     GroupDto group1 = db.users().insertGroup();

  822.     GroupDto group2 = db.users().insertGroup();

  823.     db.users().insertProjectPermissionOnGroup(group1, "p1", project);

  824.     db.users().insertPermissionOnAnyone("p2");

  825.     db.users().insertPermissionOnGroup(group1, "p3");

  826. 

  827.     int deletedCount = underTest.deleteByRootComponentUuidAndGroupUuid(dbSession, project.uuid(), group2.getUuid());

  828. 

  829.     assertThat(deletedCount).isZero();

  830.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group1.getUuid(), project.uuid()))

  831.       .containsOnly("p1");

  832.     assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, group2.getUuid(), project.uuid()))

  833.       .isEmpty();

  834.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, null))

  835.       .containsOnly("p2");

  836.     assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, group1.getUuid()))

  837.       .containsOnly("p3");

  838.   }

  839. 

  840.   @Test

  841.   public void deleteByRootComponentUuidAndPermission_deletes_all_rows_for_specified_role_of_specified_component() {

  842.     ComponentDto project = db.components().insertPublicProject();

  843.     GroupDto group = db.users().insertGroup();

  844.     Stream.of("p1", "p2").forEach(permission -> {

  845.       db.users().insertPermissionOnAnyone(permission);

  846.       db.users().insertPermissionOnGroup(group, permission);

  847.       db.users().insertProjectPermissionOnGroup(group, permission, project);

  848.       db.users().insertProjectPermissionOnAnyone(permission, project);

  849.     });

  850.     assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2");

  851.     assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2");

  852.     assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1", "p2");

  853.     assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1", "p2");

  854. 

  855.     int deletedRows = underTest.deleteByRootComponentUuidAndPermission(dbSession, project.uuid(), "p1");

  856. 

  857.     assertThat(deletedRows).isEqualTo(2);

  858.     assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2");

  859.     assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2");

  860.     assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p2");

  861.     assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p2");

  862. 

  863.     deletedRows = underTest.deleteByRootComponentUuidAndPermission(dbSession, project.uuid(), "p2");

  864. 

  865.     assertThat(deletedRows).isEqualTo(2);

  866.     assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1", "p2");

  867.     assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2");

  868.     assertThat(getProjectPermissionsForAnyOne(project)).isEmpty();

  869.     assertThat(getProjectPermissionsForGroup(project, group)).isEmpty();

  870.   }

  871. 

  872.   @Test

  873.   public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_has_no_group_permission_at_all() {

  874.     GroupDto group = db.users().insertGroup();

  875.     ComponentDto project = randomPublicOrPrivateProject();

  876.     db.users().insertPermissionOnAnyone("p1");

  877.     db.users().insertPermissionOnGroup(group, "p1");

  878. 

  879.     assertThat(underTest.deleteByRootComponentUuidAndPermission(dbSession, project.uuid(), "p1")).isZero();

  880. 

  881.     assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1");

  882.     assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1");

  883.     assertThat(getProjectPermissionsForAnyOne(project)).isEmpty();

  884.     assertThat(getProjectPermissionsForGroup(project, group)).isEmpty();

  885.   }

  886. 

  887.   @Test

  888.   public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_does_not_exist() {

  889.     ComponentDto project = db.components().insertPublicProject();

  890.     GroupDto group = db.users().insertGroup();

  891.     db.users().insertPermissionOnAnyone("p1");

  892.     db.users().insertPermissionOnGroup(group, "p1");

  893.     db.users().insertProjectPermissionOnGroup(group, "p1", project);

  894.     db.users().insertProjectPermissionOnAnyone("p1", project);

  895. 

  896.     assertThat(underTest.deleteByRootComponentUuidAndPermission(dbSession, "1324", "p1")).isZero();

  897. 

  898.     assertThat(getGlobalPermissionsForAnyone()).containsOnly("p1");

  899.     assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1");

  900.     assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1");

  901.     assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1");

  902.   }

  903. 

  904.   @Test

  905.   public void deleteByRootComponentUuidAndPermission_has_no_effect_if_component_does_not_have_specified_permission() {

  906.     GroupDto group = db.users().insertGroup();

  907.     ComponentDto project = randomPublicOrPrivateProject();

  908.     db.users().insertPermissionOnAnyone("p1");

  909.     db.users().insertPermissionOnGroup(group, "p1");

  910. 

  911.     assertThat(underTest.deleteByRootComponentUuidAndPermission(dbSession, project.uuid(), "p1")).isZero();

  912.   }

  913. 

  914.   private Collection<String> getGlobalPermissionsForAnyone() {

  915.     return getPermissions("group_uuid is null and component_uuid is null");

  916.   }

  917. 

  918.   private Collection<String> getGlobalPermissionsForGroup(GroupDto groupDto) {

  919.     return getPermissions("group_uuid = '" + groupDto.getUuid() + "' and component_uuid is null");

  920.   }

  921. 

  922.   private Collection<String> getProjectPermissionsForAnyOne(ComponentDto project) {

  923.     return getPermissions("group_uuid is null and component_uuid = '" + project.uuid() + "'");

  924.   }

  925. 

  926.   private Collection<String> getProjectPermissionsForGroup(ComponentDto project, GroupDto group) {

  927.     return getPermissions("group_uuid = '" + group.getUuid() + "' and component_uuid = '" + project.uuid() + "'");

  928.   }

  929. 

  930.   private Collection<String> getPermissions(String whereClauses) {

  931.     return db

  932.       .select(dbSession, "select role from group_roles where " + whereClauses)

  933.       .stream()

  934.       .flatMap(map -> map.entrySet().stream())

  935.       .map(entry -> (String) entry.getValue())

  936.       .collect(MoreCollectors.toList());

  937.   }

  938. 

  939.   private ComponentDto randomPublicOrPrivateProject() {

  940.     return new Random().nextBoolean() ? db.components().insertPublicProject() : db.components().insertPrivateProject();

  941.   }

  942. 

  943.   private PermissionQuery.Builder newQuery() {

  944.     return PermissionQuery.builder();

  945.   }

  946. 

  947.   private void assertThatNoPermission(String permission) {

  948.     assertThat(db.countSql("select count(uuid) from group_roles where role='" + permission + "'")).isZero();

  949.   }

  950. 

  951. }