mirrors
/
sonarqube
огледало от https://github.com/SonarSource/sonarqube.git
Наблюдаван 1
Харесван 0
Разклонения 0
Код Задачи 0 Версии 237 Уики Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
16544 Ревизии
59 Клонове
ИН на ревизия: 966ceab832
Клонове Маркери
${ item.name }
Create branch ${ searchTerm }
от '966ceab832'
${ noResults }
sonarqube/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionFinder.java

PermissionFinder.java 8.3KB
Директен файл Blame История

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218 
  1. /*

  2.  * SonarQube, open source software quality management tool.

  3.  * Copyright (C) 2008-2014 SonarSource

  4.  * mailto:contact AT sonarsource DOT com

  5.  *

  6.  * SonarQube is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * SonarQube is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission;

  21. 

  22. import com.google.common.base.Predicate;

  23. import com.google.common.collect.Iterables;

  24. import java.util.Collection;

  25. import java.util.List;

  26. import javax.annotation.Nonnull;

  27. import javax.annotation.Nullable;

  28. import org.apache.commons.lang.StringUtils;

  29. import org.sonar.api.security.DefaultGroups;

  30. import org.sonar.api.server.ServerSide;

  31. import org.sonar.api.utils.Paging;

  32. import org.sonar.core.permission.GroupWithPermission;

  33. import org.sonar.core.permission.UserWithPermission;

  34. import org.sonar.db.DbClient;

  35. import org.sonar.db.DbSession;

  36. import org.sonar.db.component.ResourceDao;

  37. import org.sonar.db.component.ResourceDto;

  38. import org.sonar.db.component.ResourceQuery;

  39. import org.sonar.db.permission.GroupWithPermissionDto;

  40. import org.sonar.db.permission.PermissionDao;

  41. import org.sonar.db.permission.PermissionQuery;

  42. import org.sonar.db.permission.PermissionTemplateDao;

  43. import org.sonar.db.permission.PermissionTemplateDto;

  44. import org.sonar.db.permission.UserWithPermissionDto;

  45. import org.sonar.server.exceptions.NotFoundException;

  46. 

  47. import static com.google.common.collect.Lists.newArrayList;

  48. 

  49. @ServerSide

  50. public class PermissionFinder {

  51. 

  52.   private final DbClient dbClient;

  53. 

  54.   private final PermissionDao permissionDao;

  55.   private final ResourceDao resourceDao;

  56.   private final PermissionTemplateDao permissionTemplateDao;

  57. 

  58.   public PermissionFinder(DbClient dbClient) {

  59.     this.dbClient = dbClient;

  60.     this.resourceDao = dbClient.resourceDao();

  61.     this.permissionDao = dbClient.permissionDao();

  62.     this.permissionTemplateDao = dbClient.permissionTemplateDao();

  63.   }

  64. 

  65.   public UserWithPermissionQueryResult findUsersWithPermission(PermissionQuery query) {

  66.     Long componentId = componentId(query.component());

  67.     int limit = query.pageSize();

  68.     DbSession dbSession = dbClient.openSession(false);

  69.     try {

  70.       int total = permissionDao.countUsers(dbSession, query, componentId);

  71.       return toUserQueryResult(permissionDao.selectUsers(dbSession, query, componentId, offset(query), limit), total);

  72.     } finally {

  73.       dbClient.closeSession(dbSession);

  74.     }

  75.   }

  76. 

  77.   public UserWithPermissionQueryResult findUsersWithPermissionTemplate(PermissionQuery query) {

  78.     Long permissionTemplateId = templateId(query.template());

  79.     int limit = query.pageSize();

  80.     DbSession dbSession = dbClient.openSession(false);

  81.     try {

  82.       int total = permissionTemplateDao.countUsers(dbSession, query, permissionTemplateId);

  83.       return toUserQueryResult(permissionTemplateDao.selectUsers(dbSession, query, permissionTemplateId, offset(query), limit), total);

  84.     } finally {

  85.       dbClient.closeSession(dbSession);

  86.     }

  87.   }

  88. 

  89.   /**

  90.    * Paging for groups search is done in Java in order to correctly handle the 'Anyone' group

  91.    */

  92.   public GroupWithPermissionQueryResult findGroupsWithPermission(PermissionQuery query) {

  93.     Long componentId = componentId(query.component());

  94.     DbSession dbSession = dbClient.openSession(false);

  95.     try {

  96.       return toGroupQueryResult(permissionDao.selectGroups(dbSession, query, componentId), query);

  97.     } finally {

  98.       dbClient.closeSession(dbSession);

  99.     }

  100.   }

  101. 

  102.   /**

  103.    * Paging for groups search is done in Java in order to correctly handle the 'Anyone' group

  104.    */

  105.   public GroupWithPermissionQueryResult findGroupsWithPermissionTemplate(PermissionQuery query) {

  106.     Long permissionTemplateId = templateId(query.template());

  107.     DbSession dbSession = dbClient.openSession(false);

  108.     try {

  109.       return toGroupQueryResult(permissionTemplateDao.selectGroups(dbSession, query, permissionTemplateId), query);

  110.     } finally {

  111.       dbClient.closeSession(dbSession);

  112.     }

  113.   }

  114. 

  115.   private static UserWithPermissionQueryResult toUserQueryResult(List<UserWithPermissionDto> dtos, int total) {

  116.     return new UserWithPermissionQueryResult(toUserWithPermissionList(dtos), total);

  117.   }

  118. 

  119.   private static List<UserWithPermission> toUserWithPermissionList(List<UserWithPermissionDto> dtos) {

  120.     List<UserWithPermission> users = newArrayList();

  121.     for (UserWithPermissionDto dto : dtos) {

  122.       users.add(dto.toUserWithPermission());

  123.     }

  124.     return users;

  125.   }

  126. 

  127.   @Nullable

  128.   private Long componentId(@Nullable String componentKey) {

  129.     if (componentKey == null) {

  130.       return null;

  131.     } else {

  132.       ResourceDto resourceDto = resourceDao.selectResource(ResourceQuery.create().setKey(componentKey));

  133.       if (resourceDto == null) {

  134.         throw new NotFoundException(String.format("Component '%s' does not exist", componentKey));

  135.       }

  136.       return resourceDto.getId();

  137.     }

  138.   }

  139. 

  140.   private GroupWithPermissionQueryResult toGroupQueryResult(List<GroupWithPermissionDto> dtos, PermissionQuery query) {

  141.     addAnyoneGroup(dtos, query);

  142.     List<GroupWithPermissionDto> filteredDtos = filterMembership(dtos, query);

  143. 

  144.     Paging paging = Paging.create(query.pageSize(), query.pageIndex(), filteredDtos.size());

  145.     List<GroupWithPermission> pagedGroups = pagedGroups(filteredDtos, paging);

  146.     return new GroupWithPermissionQueryResult(pagedGroups, filteredDtos.size());

  147.   }

  148. 

  149.   private Long templateId(String templateKey) {

  150.     PermissionTemplateDto dto = permissionTemplateDao.selectTemplateByKey(templateKey);

  151.     if (dto == null) {

  152.       throw new NotFoundException(String.format("Template '%s' does not exist", templateKey));

  153.     }

  154.     return dto.getId();

  155.   }

  156. 

  157.   private static int offset(PermissionQuery query) {

  158.     int pageSize = query.pageSize();

  159.     int pageIndex = query.pageIndex();

  160.     return (pageIndex - 1) * pageSize;

  161.   }

  162. 

  163.   private List<GroupWithPermissionDto> filterMembership(List<GroupWithPermissionDto> dtos, PermissionQuery query) {

  164.     return newArrayList(Iterables.filter(dtos, new GroupWithPermissionMatchQuery(query)));

  165.   }

  166. 

  167.   /**

  168.    * As the anyone group does not exists in db, it's not returned when it has not the permission.

  169.    * We have to manually add it at the begin of the list, if it matched the search text

  170.    */

  171.   private void addAnyoneGroup(List<GroupWithPermissionDto> groups, PermissionQuery query) {

  172.     boolean hasAnyoneGroup = Iterables.any(groups, IsAnyoneGroup.INSTANCE);

  173.     if (!hasAnyoneGroup && (query.search() == null || StringUtils.containsIgnoreCase(DefaultGroups.ANYONE, query.search()))) {

  174.       groups.add(0, new GroupWithPermissionDto().setName(DefaultGroups.ANYONE));

  175.     }

  176.   }

  177. 

  178.   private static List<GroupWithPermission> pagedGroups(Collection<GroupWithPermissionDto> dtos, Paging paging) {

  179.     List<GroupWithPermission> groups = newArrayList();

  180.     int index = 0;

  181.     for (GroupWithPermissionDto dto : dtos) {

  182.       if (index >= paging.offset() && groups.size() < paging.pageSize()) {

  183.         groups.add(dto.toGroupWithPermission());

  184.       } else if (groups.size() >= paging.pageSize()) {

  185.         break;

  186.       }

  187.       index++;

  188.     }

  189.     return groups;

  190.   }

  191. 

  192.   private static class GroupWithPermissionMatchQuery implements Predicate<GroupWithPermissionDto> {

  193.     private final PermissionQuery query;

  194. 

  195.     public GroupWithPermissionMatchQuery(PermissionQuery query) {

  196.       this.query = query;

  197.     }

  198. 

  199.     @Override

  200.     public boolean apply(@Nonnull GroupWithPermissionDto dto) {

  201.       if (PermissionQuery.IN.equals(query.membership())) {

  202.         return dto.getPermission() != null;

  203.       } else if (PermissionQuery.OUT.equals(query.membership())) {

  204.         return dto.getPermission() == null;

  205.       }

  206.       return true;

  207.     }

  208.   }

  209. 

  210.   private enum IsAnyoneGroup implements Predicate<GroupWithPermissionDto> {

  211.     INSTANCE;

  212. 

  213.     @Override

  214.     public boolean apply(@Nonnull GroupWithPermissionDto group) {

  215.       return group.getName().equals(DefaultGroups.ANYONE);

  216.     }

  217.   }

  218. }