mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30152 Commits
59 Branches
Tree: 7de02f77f4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '7de02f77f4'
${ noResults }
sonarqube/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml

AuthorizationMapper.xml 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377 
  1. <?xml version="1.0" encoding="UTF-8" ?>

  2. <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "mybatis-3-mapper.dtd">

  3. 

  4. <mapper namespace="org.sonar.db.permission.AuthorizationMapper">

  5. 

  6.   <select id="selectGlobalPermissions" parameterType="map" resultType="string">

  7.     select gr.role

  8.     from group_roles gr

  9.     inner join groups_users gu on gr.group_uuid=gu.group_uuid

  10.     where

  11.     gr.component_uuid is null and

  12.     gu.user_uuid=#{userUuid, jdbcType=VARCHAR}

  13. 

  14.     union

  15. 

  16.     select gr.role

  17.     from group_roles gr

  18.     where

  19.     gr.group_uuid is null and

  20.     gr.component_uuid is null

  21. 

  22.     union

  23. 

  24.     select ur.role

  25.     from user_roles ur

  26.     where

  27.     ur.user_uuid=#{userUuid, jdbcType=VARCHAR}

  28.     and ur.component_uuid is null

  29.   </select>

  30. 

  31.     <select id="selectGlobalPermissionsOfAnonymous" parameterType="map" resultType="string">

  32.     select gr.role

  33.     from group_roles gr

  34.     where

  35.     gr.component_uuid is null and

  36.     gr.group_uuid is null

  37.   </select>

  38. 

  39.   <select id="countUsersWithGlobalPermissionExcludingGroup" parameterType="map" resultType="int">

  40.     select count(1) from

  41.     (

  42.       select gu.user_uuid

  43.       from groups_users gu

  44.       inner join group_roles gr on gr.group_uuid = gu.group_uuid

  45.       where

  46.       gr.role = #{permission, jdbcType=VARCHAR} and

  47.       gr.component_uuid is null and

  48.       gr.group_uuid is not null and

  49.       gr.group_uuid != #{excludedGroupUuid, jdbcType=VARCHAR}

  50. 

  51.       union

  52. 

  53.       select ur.user_uuid

  54.       from user_roles ur

  55.       where

  56.       ur.component_uuid is null and

  57.       ur.role = #{permission, jdbcType=VARCHAR}

  58.     ) remaining

  59.   </select>

  60. 

  61.   <select id="countUsersWithGlobalPermissionExcludingUser" parameterType="map" resultType="int">

  62.     select count(1) from

  63.     (

  64.     select gu.user_uuid

  65.     from groups_users gu

  66.     inner join group_roles gr on gr.group_uuid = gu.group_uuid

  67.     where

  68.     gr.role = #{permission, jdbcType=VARCHAR} and

  69.     gr.component_uuid is null and

  70.     gr.group_uuid is not null and

  71.     gu.user_uuid != #{excludedUserUuid, jdbcType=VARCHAR}

  72. 

  73.     union

  74. 

  75.     select ur.user_uuid

  76.     from user_roles ur

  77.     where

  78.     ur.component_uuid is null and

  79.     ur.role = #{permission, jdbcType=VARCHAR} and

  80.     ur.user_uuid != #{excludedUserUuid, jdbcType=VARCHAR}

  81.     ) remaining

  82.   </select>

  83. 

  84.   <select id="selectUserUuidsWithGlobalPermission" parameterType="map" resultType="String">

  85.     select gu.user_uuid

  86.     from groups_users gu

  87.     inner join group_roles gr on gr.group_uuid = gu.group_uuid

  88.     where

  89.     gr.role = #{permission, jdbcType=VARCHAR} and

  90.     gr.component_uuid is null and

  91.     gr.group_uuid is not null

  92. 

  93.     union

  94. 

  95.     select ur.user_uuid

  96.     from user_roles ur

  97.     where

  98.     ur.component_uuid is null and

  99.     ur.role = #{permission, jdbcType=VARCHAR}

  100.   </select>

  101. 

  102.   <select id="countUsersWithGlobalPermissionExcludingGroupMember" parameterType="map" resultType="int">

  103.     select count(1) from

  104.     (

  105.     select gu.user_uuid

  106.     from groups_users gu

  107.     inner join group_roles gr on gr.group_uuid = gu.group_uuid

  108.     where

  109.     gr.role = #{permission, jdbcType=VARCHAR} and

  110.     gr.component_uuid is null and

  111.     gr.group_uuid is not null and

  112.     (gu.group_uuid != #{groupUuid, jdbcType=VARCHAR} or gu.user_uuid != #{userUuid, jdbcType=VARCHAR})

  113. 

  114.     union

  115. 

  116.     select ur.user_uuid

  117.     from user_roles ur

  118.     where

  119.     ur.component_uuid is null and

  120.     ur.role = #{permission, jdbcType=VARCHAR}

  121.     ) remaining

  122.   </select>

  123. 

  124.   <select id="countUsersWithGlobalPermissionExcludingUserPermission" parameterType="map" resultType="int">

  125.     select count(1) from

  126.     (

  127.     select gu.user_uuid

  128.     from groups_users gu

  129.     inner join group_roles gr on gr.group_uuid = gu.group_uuid

  130.     where

  131.     gr.role = #{permission, jdbcType=VARCHAR} and

  132.     gr.component_uuid is null and

  133.     gr.group_uuid is not null

  134. 

  135.     union

  136. 

  137.     select ur.user_uuid

  138.     from user_roles ur

  139.     where

  140.     ur.component_uuid is null and

  141.     ur.role = #{permission, jdbcType=VARCHAR} and

  142.     ur.user_uuid != #{userUuid, jdbcType=VARCHAR}

  143.     ) remaining

  144.   </select>

  145. 

  146.   <select id="keepAuthorizedProjectUuidsForUser" parameterType="map" resultType="String">

  147.     select

  148.       gr.component_uuid

  149.     from

  150.       group_roles gr

  151.     where

  152.       gr.role=#{role, jdbcType=VARCHAR}

  153.       and (

  154.         gr.group_uuid is null

  155.         or exists (

  156.           select

  157.             1

  158.           from

  159.             groups_users gu

  160.           where

  161.             gu.user_uuid = #{userUuid, jdbcType=VARCHAR}

  162.             and gr.group_uuid = gu.group_uuid

  163.         )

  164.       )

  165.       and <foreach collection="projectUuids" open="(" close=")" item="element" index="index" separator=" or ">

  166.             gr.component_uuid=#{element, jdbcType=VARCHAR}

  167.           </foreach>

  168. 

  169.     union

  170. 

  171.     select

  172.       p.uuid

  173.     from

  174.       user_roles ur

  175.     inner join components p on

  176.       p.uuid = ur.component_uuid

  177.     where

  178.       ur.role=#{role, jdbcType=VARCHAR}

  179.       and ur.user_uuid=#{userUuid, jdbcType=INTEGER}

  180.       and <foreach collection="projectUuids" open="(" close=")" item="element" index="index" separator=" or ">

  181.         p.uuid=#{element, jdbcType=VARCHAR}

  182.       </foreach>

  183. 

  184.     union

  185. 

  186.     <include refid="sqlSelectPublicProjectsIfRole"/>

  187.   </select>

  188. 

  189.   <sql id="sqlSelectPublicProjectsIfRole">

  190.     select

  191.     p.uuid

  192.     from

  193.     components p

  194.     where

  195.     <foreach collection="projectUuids" open="(" close=")" item="element" index="index" separator=" or ">

  196.       p.uuid=#{element ,jdbcType=VARCHAR}

  197.     </foreach>

  198.     and p.private = ${_false}

  199.     and #{role, jdbcType=VARCHAR} in ('user','codeviewer')

  200.   </sql>

  201. 

  202.     <select id="keepAuthorizedProjectUuidsForAnonymous" parameterType="map" resultType="String">

  203.     select

  204.       gr.component_uuid

  205.     from

  206.       group_roles gr

  207.     where

  208.       gr.role=#{role, jdbcType=VARCHAR}

  209.       and gr.group_uuid is null

  210.       and <foreach collection="projectUuids" open="(" close=")" item="element" index="index" separator=" or ">

  211.             gr.component_uuid=#{element, jdbcType=VARCHAR}

  212.           </foreach>

  213. 

  214.     union

  215. 

  216.     <include refid="sqlSelectPublicProjectsIfRole"/>

  217.   </select>

  218. 

  219.   <select id="keepAuthorizedUsersForRoleAndProject" parameterType="map" resultType="String">

  220.     select

  221.       gu.user_uuid

  222.     from

  223.       groups_users gu

  224.     inner join group_roles gr on

  225.       gr.group_uuid=gu.group_uuid

  226.     where

  227.       gr.component_uuid=#{componentUuid, jdbcType=VARCHAR}

  228.       and gr.role=#{role, jdbcType=VARCHAR}

  229.       and gu.user_uuid in

  230.         <foreach collection="userUuids" open="(" close=")" item="uuid" separator=",">

  231.           #{uuid, jdbcType=VARCHAR}

  232.         </foreach>

  233. 

  234.     union

  235. 

  236.     select

  237.       ur.user_uuid

  238.     from

  239.       user_roles ur

  240.     where

  241.       ur.component_uuid=#{componentUuid, jdbcType=VARCHAR}

  242.       and ur.role=#{role, jdbcType=VARCHAR}

  243.       and ur.user_uuid IN

  244.         <foreach collection="userUuids" open="(" close=")" item="uuid" separator=",">

  245.           #{uuid, jdbcType=VARCHAR}

  246.         </foreach>

  247. 

  248.     union

  249. 

  250.     select

  251.       u.uuid

  252.     from

  253.       users u

  254.     where

  255.       u.uuid in

  256.         <foreach collection="userUuids" open="(" close=")" item="uuid" separator=",">

  257.           #{uuid, jdbcType=VARCHAR}

  258.         </foreach>

  259.       and exists (

  260.         select

  261.           1

  262.         from

  263.           components p

  264.         where

  265.           p.uuid =#{componentUuid, jdbcType=VARCHAR}

  266.           and p.private = ${_false}

  267.           and #{role, jdbcType=VARCHAR} in ('user','codeviewer')

  268.       )

  269.   </select>

  270. 

  271.   <select id="selectProjectPermissions" parameterType="map" resultType="String">

  272.     select ur.role

  273.     from user_roles ur

  274.     inner join components p on p.uuid = ur.component_uuid

  275.     where

  276.       p.uuid = #{projectUuid, jdbcType=VARCHAR} and

  277.       ur.user_uuid = #{userUuid, jdbcType=VARCHAR}

  278. 

  279.     union

  280. 

  281.     select gr.role

  282.     from group_roles gr

  283.     inner join groups_users gu on gr.group_uuid = gu.group_uuid

  284.     inner join components p on p.uuid = gr.component_uuid

  285.     where

  286.       p.uuid = #{projectUuid, jdbcType=VARCHAR} and

  287.       gu.user_uuid = #{userUuid, jdbcType=VARCHAR}

  288. 

  289.     union

  290. 

  291.     <include refid="sql_selectProjectPermissionsOfAnonymous"/>

  292.   </select>

  293. 

  294.   <select id="selectProjectPermissionsOfAnonymous" parameterType="map" resultType="String">

  295.     <include refid="sql_selectProjectPermissionsOfAnonymous"/>

  296.   </select>

  297. 

  298.   <sql id="sql_selectProjectPermissionsOfAnonymous">

  299.     select

  300.       gr.role

  301.     from

  302.       group_roles gr

  303.     inner join components p on

  304.       p.uuid = gr.component_uuid

  305.     where

  306.       p.uuid = #{projectUuid, jdbcType=VARCHAR}

  307.       and gr.group_uuid is null

  308.   </sql>

  309. 

  310.   <select id="selectEmailSubscribersWithGlobalPermission" parameterType="map" resultType="org.sonar.db.EmailSubscriberDto">

  311.     select

  312.       u.login as "login",

  313.       ${_true} as "global",

  314.       u.email as "email"

  315.     from

  316.       users u

  317.     inner join user_roles ur on

  318.       ur.user_uuid = u.uuid

  319.       and ur.role=#{permission, jdbcType=VARCHAR}

  320.       and ur.component_uuid is null

  321.     where

  322.       u.email is not null

  323. 

  324.     union

  325. 

  326.     select

  327.       u.login as "login",

  328.       ${_true} as "global",

  329.       u.email as "email"

  330.     from users u

  331.     inner join groups_users gu on

  332.       u.uuid=gu.user_uuid

  333.     inner join group_roles gr on

  334.       gr.group_uuid = gu.group_uuid

  335.       and gr.role = #{permission, jdbcType=VARCHAR}

  336.       and gr.component_uuid is null

  337.     where

  338.       u.email is not null

  339. 

  340.   </select>

  341. 

  342.   <select id="keepAuthorizedLoginsOnProject" parameterType="map" resultType="String">

  343.     select u.login

  344.     from users u

  345.     where

  346.       u.login in <foreach collection="logins" open="(" close=")" item="login" separator=",">#{login, jdbcType=VARCHAR}</foreach>

  347.       and (

  348.         exists (

  349.           select 1

  350.           from user_roles ur

  351.           inner join components p on p.uuid = ur.component_uuid

  352.           where

  353.             p.kee =  #{projectKey, jdbcType=VARCHAR}

  354.             and ur.role = #{permission, jdbcType=VARCHAR}

  355.             and ur.user_uuid = u.uuid

  356.         ) or exists (

  357.           select 1

  358.           from components p

  359.           inner join group_roles gr on gr.component_uuid = p.uuid

  360.           inner join groups_users gu on gu.group_uuid = gr.group_uuid

  361.           where

  362.             p.kee  =  #{projectKey, jdbcType=VARCHAR}

  363.             and gu.user_uuid = u.uuid

  364.             and gr.role = #{permission, jdbcType=VARCHAR}

  365.         )

  366.         <if test="permission == 'user' or permission == 'codeviewer'">

  367.           or exists (

  368.             select 1

  369.             from components p

  370.             where

  371.               p.kee =  #{projectKey, jdbcType=VARCHAR}

  372.               and p.private = ${_false}

  373.           )

  374.         </if>

  375.       )

  376.   </select>

  377. </mapper>