mirrors
/
sonarqube
miroir de https://github.com/SonarSource/sonarqube.git
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Versions 237 Wiki Activité
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
27452 Révisions
59 Branches
Aborescence: d195a425db
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de 'd195a425db'
${ noResults }
sonarqube/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationUpdaterImpl.java

OrganizationUpdaterImpl.java 16KB
Brut Annotations Historique

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2018 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.organization;

  21. 

  22. import java.util.ArrayList;

  23. import java.util.Arrays;

  24. import java.util.Date;

  25. import java.util.List;

  26. import java.util.Map;

  27. import java.util.Optional;

  28. import java.util.function.Consumer;

  29. import javax.annotation.Nullable;

  30. import org.sonar.api.config.Configuration;

  31. import org.sonar.api.utils.System2;

  32. import org.sonar.core.config.CorePropertyDefinitions;

  33. import org.sonar.core.util.UuidFactory;

  34. import org.sonar.db.DbClient;

  35. import org.sonar.db.DbSession;

  36. import org.sonar.db.organization.DefaultTemplates;

  37. import org.sonar.db.organization.OrganizationDto;

  38. import org.sonar.db.organization.OrganizationMemberDto;

  39. import org.sonar.db.permission.GroupPermissionDto;

  40. import org.sonar.db.permission.OrganizationPermission;

  41. import org.sonar.db.permission.UserPermissionDto;

  42. import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;

  43. import org.sonar.db.permission.template.PermissionTemplateDto;

  44. import org.sonar.db.qualitygate.QualityGateDto;

  45. import org.sonar.db.qualityprofile.DefaultQProfileDto;

  46. import org.sonar.db.qualityprofile.OrgQProfileDto;

  47. import org.sonar.db.user.GroupDto;

  48. import org.sonar.db.user.UserDto;

  49. import org.sonar.db.user.UserGroupDto;

  50. import org.sonar.server.permission.PermissionService;

  51. import org.sonar.server.qualityprofile.BuiltInQProfile;

  52. import org.sonar.server.qualityprofile.BuiltInQProfileRepository;

  53. import org.sonar.server.qualityprofile.QProfileName;

  54. import org.sonar.server.user.index.UserIndexer;

  55. import org.sonar.server.usergroups.DefaultGroupCreator;

  56. 

  57. import static com.google.common.base.Preconditions.checkState;

  58. import static java.lang.String.format;

  59. import static java.util.Objects.requireNonNull;

  60. import static org.sonar.api.web.UserRole.ADMIN;

  61. import static org.sonar.api.web.UserRole.CODEVIEWER;

  62. import static org.sonar.api.web.UserRole.ISSUE_ADMIN;

  63. import static org.sonar.api.web.UserRole.SECURITYHOTSPOT_ADMIN;

  64. import static org.sonar.api.web.UserRole.USER;

  65. import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex;

  66. import static org.sonar.db.organization.OrganizationDto.Subscription.FREE;

  67. import static org.sonar.db.permission.OrganizationPermission.SCAN;

  68. import static org.sonar.server.organization.OrganizationUpdater.NewOrganization.newOrganizationBuilder;

  69. 

  70. public class OrganizationUpdaterImpl implements OrganizationUpdater {

  71. 

  72.   private final DbClient dbClient;

  73.   private final System2 system2;

  74.   private final UuidFactory uuidFactory;

  75.   private final OrganizationValidation organizationValidation;

  76.   private final Configuration config;

  77.   private final BuiltInQProfileRepository builtInQProfileRepository;

  78.   private final DefaultGroupCreator defaultGroupCreator;

  79.   private final UserIndexer userIndexer;

  80.   private final PermissionService permissionService;

  81. 

  82.   public OrganizationUpdaterImpl(DbClient dbClient, System2 system2, UuidFactory uuidFactory,

  83.     OrganizationValidation organizationValidation, Configuration config, UserIndexer userIndexer,

  84.     BuiltInQProfileRepository builtInQProfileRepository, DefaultGroupCreator defaultGroupCreator, PermissionService permissionService) {

  85.     this.dbClient = dbClient;

  86.     this.system2 = system2;

  87.     this.uuidFactory = uuidFactory;

  88.     this.organizationValidation = organizationValidation;

  89.     this.config = config;

  90.     this.userIndexer = userIndexer;

  91.     this.builtInQProfileRepository = builtInQProfileRepository;

  92.     this.defaultGroupCreator = defaultGroupCreator;

  93.     this.permissionService = permissionService;

  94.   }

  95. 

  96.   @Override

  97.   public OrganizationDto create(DbSession dbSession, UserDto userCreator, NewOrganization newOrganization, Consumer<OrganizationDto> beforeCommit) throws KeyConflictException {

  98.     validate(newOrganization);

  99.     String key = newOrganization.getKey();

  100.     if (organizationKeyIsUsed(dbSession, key)) {

  101.       throw new KeyConflictException(format("Organization key '%s' is already used", key));

  102.     }

  103. 

  104.     QualityGateDto builtInQualityGate = dbClient.qualityGateDao().selectBuiltIn(dbSession);

  105.     OrganizationDto organization = insertOrganization(dbSession, newOrganization, builtInQualityGate);

  106.     beforeCommit.accept(organization);

  107.     insertOrganizationMember(dbSession, organization, userCreator.getId());

  108.     dbClient.qualityGateDao().associate(dbSession, uuidFactory.create(), organization, builtInQualityGate);

  109.     GroupDto ownerGroup = insertOwnersGroup(dbSession, organization);

  110.     GroupDto defaultGroup = defaultGroupCreator.create(dbSession, organization.getUuid());

  111.     insertDefaultTemplateOnGroups(dbSession, organization, ownerGroup, defaultGroup);

  112.     addCurrentUserToGroup(dbSession, ownerGroup, userCreator.getId());

  113.     addCurrentUserToGroup(dbSession, defaultGroup, userCreator.getId());

  114.     try (DbSession batchDbSession = dbClient.openSession(true)) {

  115.       insertQualityProfiles(dbSession, batchDbSession, organization);

  116.       batchDbSession.commit();

  117. 

  118.       // Elasticsearch is updated when DB session is committed

  119.       userIndexer.commitAndIndex(dbSession, userCreator);

  120. 

  121.       return organization;

  122.     }

  123.   }

  124. 

  125.   @Override

  126.   public Optional<OrganizationDto> createForUser(DbSession dbSession, UserDto newUser) {

  127.     if (!isCreatePersonalOrgEnabled()) {

  128.       return Optional.empty();

  129.     }

  130. 

  131.     String nameOrLogin = nameOrLogin(newUser);

  132.     NewOrganization newOrganization = newOrganizationBuilder()

  133.       .setKey(organizationValidation.generateKeyFrom(newUser.getLogin()))

  134.       .setName(toName(nameOrLogin))

  135.       .setDescription(format(PERSONAL_ORGANIZATION_DESCRIPTION_PATTERN, nameOrLogin))

  136.       .build();

  137.     checkKey(dbSession, newOrganization.getKey());

  138. 

  139.     QualityGateDto builtInQualityGate = dbClient.qualityGateDao().selectBuiltIn(dbSession);

  140.     OrganizationDto organization = insertOrganization(dbSession, newOrganization, builtInQualityGate,

  141.       dto -> dto.setGuarded(true));

  142.     dbClient.userDao().update(dbSession, newUser.setOrganizationUuid(organization.getUuid()));

  143.     insertOrganizationMember(dbSession, organization, newUser.getId());

  144.     GroupDto defaultGroup = defaultGroupCreator.create(dbSession, organization.getUuid());

  145.     dbClient.qualityGateDao().associate(dbSession, uuidFactory.create(), organization, builtInQualityGate);

  146.     permissionService.getAllOrganizationPermissions()

  147.       .forEach(p -> insertUserPermissions(dbSession, newUser, organization, p));

  148.     insertPersonalOrgDefaultTemplate(dbSession, organization, defaultGroup);

  149.     try (DbSession batchDbSession = dbClient.openSession(true)) {

  150.       insertQualityProfiles(dbSession, batchDbSession, organization);

  151.       addCurrentUserToGroup(dbSession, defaultGroup, newUser.getId());

  152. 

  153.       batchDbSession.commit();

  154. 

  155.       // Elasticsearch is updated when DB session is committed

  156.       userIndexer.commitAndIndex(dbSession, newUser);

  157. 

  158.       return Optional.of(organization);

  159.     }

  160.   }

  161. 

  162.   @Override

  163.   public void updateOrganizationKey(DbSession dbSession, OrganizationDto organization, String newKey) {

  164.     String sanitizedKey = organizationValidation.generateKeyFrom(newKey);

  165.     if (organization.getKey().equals(sanitizedKey)) {

  166.       return;

  167.     }

  168.     checkKey(dbSession, sanitizedKey);

  169.     dbClient.organizationDao().update(dbSession, organization.setKey(sanitizedKey));

  170.   }

  171. 

  172.   private void checkKey(DbSession dbSession, String key) {

  173.     checkState(!organizationKeyIsUsed(dbSession, key),

  174.       "Can't create organization with key '%s' because an organization with this key already exists", key);

  175.   }

  176. 

  177.   private static String nameOrLogin(UserDto newUser) {

  178.     String name = newUser.getName();

  179.     if (name == null || name.isEmpty()) {

  180.       return newUser.getLogin();

  181.     }

  182.     return name;

  183.   }

  184. 

  185.   private String toName(String login) {

  186.     String name = login.substring(0, Math.min(login.length(), OrganizationValidation.NAME_MAX_LENGTH));

  187.     // should not happen has login can't be less than 2 chars, but we call it for safety

  188.     organizationValidation.checkName(name);

  189.     return name;

  190.   }

  191. 

  192.   private boolean isCreatePersonalOrgEnabled() {

  193.     return config.getBoolean(CorePropertyDefinitions.ORGANIZATIONS_CREATE_PERSONAL_ORG).orElse(false);

  194.   }

  195. 

  196.   private void validate(NewOrganization newOrganization) {

  197.     requireNonNull(newOrganization, "newOrganization can't be null");

  198.     organizationValidation.checkName(newOrganization.getName());

  199.     organizationValidation.checkKey(newOrganization.getKey());

  200.     organizationValidation.checkDescription(newOrganization.getDescription());

  201.     organizationValidation.checkUrl(newOrganization.getUrl());

  202.     organizationValidation.checkAvatar(newOrganization.getAvatar());

  203.   }

  204. 

  205.   private OrganizationDto insertOrganization(DbSession dbSession, NewOrganization newOrganization, QualityGateDto builtInQualityGate, Consumer<OrganizationDto>... extendCreation) {

  206.     OrganizationDto res = new OrganizationDto()

  207.       .setUuid(uuidFactory.create())

  208.       .setName(newOrganization.getName())

  209.       .setKey(newOrganization.getKey())

  210.       .setDescription(newOrganization.getDescription())

  211.       .setUrl(newOrganization.getUrl())

  212.       .setDefaultQualityGateUuid(builtInQualityGate.getUuid())

  213.       .setAvatarUrl(newOrganization.getAvatar())

  214.       .setSubscription(FREE);

  215.     Arrays.stream(extendCreation).forEach(c -> c.accept(res));

  216.     dbClient.organizationDao().insert(dbSession, res, false);

  217.     return res;

  218.   }

  219. 

  220.   private boolean organizationKeyIsUsed(DbSession dbSession, String key) {

  221.     return dbClient.organizationDao().selectByKey(dbSession, key).isPresent();

  222.   }

  223. 

  224.   private void insertDefaultTemplateOnGroups(DbSession dbSession, OrganizationDto organizationDto, GroupDto ownerGroup, GroupDto defaultGroup) {

  225.     Date now = new Date(system2.now());

  226.     PermissionTemplateDto permissionTemplateDto = dbClient.permissionTemplateDao().insert(

  227.       dbSession,

  228.       new PermissionTemplateDto()

  229.         .setOrganizationUuid(organizationDto.getUuid())

  230.         .setUuid(uuidFactory.create())

  231.         .setName(PERM_TEMPLATE_NAME)

  232.         .setDescription(format(PERM_TEMPLATE_DESCRIPTION_PATTERN, organizationDto.getName()))

  233.         .setCreatedAt(now)

  234.         .setUpdatedAt(now));

  235. 

  236.     insertGroupPermission(dbSession, permissionTemplateDto, ADMIN, ownerGroup);

  237.     insertGroupPermission(dbSession, permissionTemplateDto, ISSUE_ADMIN, ownerGroup);

  238.     insertGroupPermission(dbSession, permissionTemplateDto, SECURITYHOTSPOT_ADMIN, ownerGroup);

  239.     insertGroupPermission(dbSession, permissionTemplateDto, SCAN.getKey(), ownerGroup);

  240.     insertGroupPermission(dbSession, permissionTemplateDto, USER, defaultGroup);

  241.     insertGroupPermission(dbSession, permissionTemplateDto, CODEVIEWER, defaultGroup);

  242. 

  243.     dbClient.organizationDao().setDefaultTemplates(

  244.       dbSession,

  245.       organizationDto.getUuid(),

  246.       new DefaultTemplates().setProjectUuid(permissionTemplateDto.getUuid()));

  247.   }

  248. 

  249.   private void insertPersonalOrgDefaultTemplate(DbSession dbSession, OrganizationDto organizationDto, GroupDto defaultGroup) {

  250.     long now = system2.now();

  251.     Date dateNow = new Date(now);

  252.     PermissionTemplateDto permissionTemplateDto = dbClient.permissionTemplateDao().insert(

  253.       dbSession,

  254.       new PermissionTemplateDto()

  255.         .setOrganizationUuid(organizationDto.getUuid())

  256.         .setUuid(uuidFactory.create())

  257.         .setName("Default template")

  258.         .setDescription(format(PERM_TEMPLATE_DESCRIPTION_PATTERN, organizationDto.getName()))

  259.         .setCreatedAt(dateNow)

  260.         .setUpdatedAt(dateNow));

  261. 

  262.     insertProjectCreatorPermission(dbSession, permissionTemplateDto, ADMIN, now);

  263.     insertProjectCreatorPermission(dbSession, permissionTemplateDto, ISSUE_ADMIN, now);

  264.     insertProjectCreatorPermission(dbSession, permissionTemplateDto, SECURITYHOTSPOT_ADMIN, now);

  265.     insertProjectCreatorPermission(dbSession, permissionTemplateDto, SCAN.getKey(), now);

  266.     insertGroupPermission(dbSession, permissionTemplateDto, USER, defaultGroup);

  267.     insertGroupPermission(dbSession, permissionTemplateDto, CODEVIEWER, defaultGroup);

  268. 

  269.     dbClient.organizationDao().setDefaultTemplates(

  270.       dbSession,

  271.       organizationDto.getUuid(),

  272.       new DefaultTemplates().setProjectUuid(permissionTemplateDto.getUuid()));

  273.   }

  274. 

  275.   private void insertProjectCreatorPermission(DbSession dbSession, PermissionTemplateDto permissionTemplateDto, String permission, long now) {

  276.     dbClient.permissionTemplateCharacteristicDao().insert(

  277.       dbSession,

  278.       new PermissionTemplateCharacteristicDto()

  279.         .setTemplateId(permissionTemplateDto.getId())

  280.         .setWithProjectCreator(true)

  281.         .setPermission(permission)

  282.         .setCreatedAt(now)

  283.         .setUpdatedAt(now));

  284.   }

  285. 

  286.   private void insertGroupPermission(DbSession dbSession, PermissionTemplateDto template, String permission, @Nullable GroupDto group) {

  287.     dbClient.permissionTemplateDao().insertGroupPermission(dbSession, template.getId(), group == null ? null : group.getId(), permission);

  288.   }

  289. 

  290.   private void insertQualityProfiles(DbSession dbSession, DbSession batchDbSession, OrganizationDto organization) {

  291.     Map<QProfileName, BuiltInQProfile> builtInsPerName = builtInQProfileRepository.get().stream()

  292.       .collect(uniqueIndex(BuiltInQProfile::getQProfileName));

  293. 

  294.     List<DefaultQProfileDto> defaults = new ArrayList<>();

  295.     dbClient.qualityProfileDao().selectBuiltInRuleProfiles(dbSession).forEach(rulesProfile -> {

  296.       OrgQProfileDto dto = new OrgQProfileDto()

  297.         .setOrganizationUuid(organization.getUuid())

  298.         .setRulesProfileUuid(rulesProfile.getKee())

  299.         .setUuid(uuidFactory.create());

  300. 

  301.       QProfileName name = new QProfileName(rulesProfile.getLanguage(), rulesProfile.getName());

  302.       BuiltInQProfile builtIn = builtInsPerName.get(name);

  303.       if (builtIn == null || builtIn.isDefault()) {

  304.         // If builtIn == null, the plugin has been removed

  305.         // rows of table default_qprofiles must be inserted after org_qprofiles

  306.         // in order to benefit from batch SQL inserts

  307.         defaults.add(new DefaultQProfileDto()

  308.           .setQProfileUuid(dto.getUuid())

  309.           .setOrganizationUuid(organization.getUuid())

  310.           .setLanguage(rulesProfile.getLanguage()));

  311.       }

  312. 

  313.       dbClient.qualityProfileDao().insert(batchDbSession, dto);

  314.     });

  315. 

  316.     defaults.forEach(defaultQProfileDto -> dbClient.defaultQProfileDao().insertOrUpdate(dbSession, defaultQProfileDto));

  317.   }

  318. 

  319.   /**

  320.    * Owners group has an hard coded name, a description based on the organization's name and has all global permissions.

  321.    */

  322.   private GroupDto insertOwnersGroup(DbSession dbSession, OrganizationDto organization) {

  323.     GroupDto group = dbClient.groupDao().insert(dbSession, new GroupDto()

  324.       .setOrganizationUuid(organization.getUuid())

  325.       .setName(OWNERS_GROUP_NAME)

  326.       .setDescription(format(OWNERS_GROUP_DESCRIPTION_PATTERN, organization.getName())));

  327.     permissionService.getAllOrganizationPermissions().forEach(p -> addPermissionToGroup(dbSession, group, p));

  328.     return group;

  329.   }

  330. 

  331.   private void addPermissionToGroup(DbSession dbSession, GroupDto group, OrganizationPermission permission) {

  332.     dbClient.groupPermissionDao().insert(

  333.       dbSession,

  334.       new GroupPermissionDto()

  335.         .setOrganizationUuid(group.getOrganizationUuid())

  336.         .setGroupId(group.getId())

  337.         .setRole(permission.getKey()));

  338.   }

  339. 

  340.   private void insertUserPermissions(DbSession dbSession, UserDto userDto, OrganizationDto organization, OrganizationPermission permission) {

  341.     dbClient.userPermissionDao().insert(

  342.       dbSession,

  343.       new UserPermissionDto(organization.getUuid(), permission.getKey(), userDto.getId(), null));

  344.   }

  345. 

  346.   private void addCurrentUserToGroup(DbSession dbSession, GroupDto group, int createUserId) {

  347.     dbClient.userGroupDao().insert(

  348.       dbSession,

  349.       new UserGroupDto().setGroupId(group.getId()).setUserId(createUserId));

  350.   }

  351. 

  352.   private void insertOrganizationMember(DbSession dbSession, OrganizationDto organizationDto, int userId) {

  353.     dbClient.organizationMemberDao().insert(dbSession, new OrganizationMemberDto()

  354.       .setOrganizationUuid(organizationDto.getUuid())

  355.       .setUserId(userId));

  356.   }

  357. }