SONAR-8710 add SCAN permission to template of new organizations6.3.0.18587

author: Sébastien Lesaint <sebastien.lesaint@sonarsource.com> 2017-02-16 17:38:40 +0100
committer: Sébastien Lesaint <sebastien.lesaint@sonarsource.com> 2017-02-17 15:47:10 +0100
commit: 3b673b37f88fc38b84244bd541d20ee9ac510486 (patch)
tree: 941efc4cf682f891918f5a1596c8f2ce7722c1c6
parent: 011c3e3ae0bbf9ed9e9d0f75ce6d09da696c94fb (diff)
download: sonarqube-6.3.0.18587.tar.gz
sonarqube-6.3.0.18587.zip
4 files changed, 43 insertions, 37 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreation.java b/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreation.java
index 017ca85465b..f1a67078ede 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreation.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreation.java
@@ -44,16 +44,21 @@ public interface OrganizationCreation {
    * This method does several operations at once:
    * <ol>
    *   <li>create an ungarded organization with the specified details</li>
-   *   <li>create a group called {@link #OWNERS_GROUP_NAME Owners} with Administer Organization permission</li>
+   *   <li>create a group called {@link #OWNERS_GROUP_NAME Owners} with all organization wide permissions</li>
    *   <li>make the specified user a member of this group</li>
-   *   <li>create a default template for the organization (which name and description will follow patterns
-   *       {@link #OWNERS_GROUP_NAME} and {@link #OWNERS_GROUP_DESCRIPTION_PATTERN} based on the organization name)</li>
-   *   <li>this group defines the specified permissions (which effectively makes projects public):
+   *   <li>create a default template for the organization
+   *       <ul>
+   *         <li>name is {@link #PERM_TEMPLATE_NAME Default template}</li>
+   *         <li>description follows pattern {@link #PERM_TEMPLATE_DESCRIPTION_PATTERN} based on the organization name</li>
+   *       </ul>
+   *   </li>
+   *   <li>this permission template defines the specified permissions (which effectively makes projects public):
    *     <ul>
    *       <li>group {@link #OWNERS_GROUP_NAME Owners} : {@link UserRole#ADMIN ADMIN}</li>
    *       <li>group {@link #OWNERS_GROUP_NAME Owners} : {@link UserRole#ISSUE_ADMIN ISSUE_ADMIN}</li>
-   *       <li>any one : {@link UserRole#USER USER}</li>
-   *       <li>any one : {@link UserRole#CODEVIEWER CODEVIEWER}</li>
+   *       <li>group {@link #OWNERS_GROUP_NAME Owners} : {@link GlobalPermissions#SCAN_EXECUTION SCAN_EXECUTION}</li>
+   *       <li>anyone : {@link UserRole#USER USER}</li>
+   *       <li>anyone : {@link UserRole#CODEVIEWER CODEVIEWER}</li>
    *     </ul>
    *   </li>
    * </ol>
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java b/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java
index 849ebf69f4b..c87d394ffd9 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/OrganizationCreationImpl.java
@@ -168,6 +168,7 @@ public class OrganizationCreationImpl implements OrganizationCreation {
 
     insertGroupPermission(dbSession, permissionTemplateDto, UserRole.ADMIN, group);
     insertGroupPermission(dbSession, permissionTemplateDto, UserRole.ISSUE_ADMIN, group);
+    insertGroupPermission(dbSession, permissionTemplateDto, GlobalPermissions.SCAN_EXECUTION, group);
     insertGroupPermission(dbSession, permissionTemplateDto, UserRole.USER, null);
     insertGroupPermission(dbSession, permissionTemplateDto, UserRole.CODEVIEWER, null);
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java
index 5afe163a4da..390532f1c84 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/OrganizationCreationImplTest.java
@@ -61,12 +61,12 @@ public class OrganizationCreationImplTest {
   private static final long ANYONE_GROUP_ID = 0L;
 
   private OrganizationCreation.NewOrganization FULL_POPULATED_NEW_ORGANIZATION = newOrganizationBuilder()
-      .setName("a-name")
-      .setKey("a-key")
-      .setDescription("a-description")
-      .setUrl("a-url")
-      .setAvatarUrl("a-avatar")
-      .build();
+    .setName("a-name")
+    .setKey("a-key")
+    .setDescription("a-description")
+    .setUrl("a-url")
+    .setAvatarUrl("a-avatar")
+    .build();
 
   private System2 system2 = mock(System2.class);
 
@@ -96,7 +96,7 @@ public class OrganizationCreationImplTest {
   @Test
   public void create_throws_exception_thrown_by_checkValidKey() throws OrganizationCreation.KeyConflictException {
     when(organizationValidation.checkKey(FULL_POPULATED_NEW_ORGANIZATION.getKey()))
-        .thenThrow(exceptionThrownByOrganizationValidation);
+      .thenThrow(exceptionThrownByOrganizationValidation);
 
     createThrowsExceptionThrownByOrganizationValidation();
   }
@@ -176,9 +176,9 @@ public class OrganizationCreationImplTest {
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     underTest.create(dbSession, SOME_USER_ID, newOrganizationBuilder()
-        .setKey("key")
-        .setName("name")
-        .build());
+      .setKey("key")
+      .setName("name")
+      .build());
 
     OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, "key").get();
     assertThat(organization.getKey()).isEqualTo("key");
@@ -205,10 +205,10 @@ public class OrganizationCreationImplTest {
     assertThat(defaultTemplates.getProjectUuid()).isEqualTo(defaultTemplate.getUuid());
     assertThat(defaultTemplates.getViewUuid()).isNull();
     assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, defaultTemplate.getId()))
-        .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
-        .containsOnly(
-            tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN),
-            tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER));
+      .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
+      .containsOnly(
+        tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN), tuple(ownersGroup.getId(), GlobalPermissions.SCAN_EXECUTION),
+        tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER));
   }
 
   @Test
@@ -272,7 +272,7 @@ public class OrganizationCreationImplTest {
 
     expectedException.expect(IllegalStateException.class);
     expectedException.expectMessage("Can't create organization with key '" + SLUG_OF_A_LOGIN + "' for new user '" + A_LOGIN
-        + "' because an organization with this key already exists");
+      + "' because an organization with this key already exists");
 
     underTest.createForUser(dbSession, user);
   }
@@ -288,7 +288,7 @@ public class OrganizationCreationImplTest {
 
     OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, SLUG_OF_A_LOGIN).get();
     assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid()))
-        .containsOnly(GlobalPermissions.ALL.toArray(new String[GlobalPermissions.ALL.size()]));
+      .containsOnly(GlobalPermissions.ALL.toArray(new String[GlobalPermissions.ALL.size()]));
   }
 
   @Test
@@ -308,18 +308,18 @@ public class OrganizationCreationImplTest {
     OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, organizationKey).get();
     List<GroupDto> groups = dbClient.groupDao().selectByOrganizationUuid(dbSession, organization.getUuid());
     assertThat(groups)
-        .extracting(GroupDto::getName)
-        .containsOnly("Owners");
+      .extracting(GroupDto::getName)
+      .containsOnly("Owners");
     GroupDto groupDto = groups.iterator().next();
     assertThat(groupDto.getDescription()).isEqualTo("Owners of organization " + organizationName);
     assertThat(dbClient.groupPermissionDao().selectGlobalPermissionsOfGroup(dbSession, groupDto.getOrganizationUuid(), groupDto.getId()))
-        .containsOnly(GlobalPermissions.ALL.toArray(new String[GlobalPermissions.ALL.size()]));
+      .containsOnly(GlobalPermissions.ALL.toArray(new String[GlobalPermissions.ALL.size()]));
     List<UserMembershipDto> members = dbClient.groupMembershipDao().selectMembers(
-        dbSession,
-        UserMembershipQuery.builder().groupId(groupDto.getId()).membership(UserMembershipQuery.IN).build(), 0, Integer.MAX_VALUE);
+      dbSession,
+      UserMembershipQuery.builder().groupId(groupDto.getId()).membership(UserMembershipQuery.IN).build(), 0, Integer.MAX_VALUE);
     assertThat(members)
-        .extracting(UserMembershipDto::getLogin)
-        .containsOnly(user.getLogin());
+      .extracting(UserMembershipDto::getLogin)
+      .containsOnly(user.getLogin());
   }
 
   @Test
@@ -339,12 +339,12 @@ public class OrganizationCreationImplTest {
     assertThat(defaultTemplates.getProjectUuid()).isEqualTo(defaultTemplate.getUuid());
     assertThat(defaultTemplates.getViewUuid()).isNull();
     assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, defaultTemplate.getId()))
-        .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
-        .containsOnly(tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER));
+      .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
+      .containsOnly(tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER));
     assertThat(dbClient.permissionTemplateCharacteristicDao().selectByTemplateIds(dbSession, Collections.singletonList(defaultTemplate.getId())))
-        .extracting(PermissionTemplateCharacteristicDto::getWithProjectCreator, PermissionTemplateCharacteristicDto::getPermission)
-        .containsOnly(
-            tuple(true, UserRole.ADMIN), tuple(true, UserRole.ISSUE_ADMIN), tuple(true, GlobalPermissions.SCAN_EXECUTION));
+      .extracting(PermissionTemplateCharacteristicDto::getWithProjectCreator, PermissionTemplateCharacteristicDto::getPermission)
+      .containsOnly(
+        tuple(true, UserRole.ADMIN), tuple(true, UserRole.ISSUE_ADMIN), tuple(true, GlobalPermissions.SCAN_EXECUTION));
   }
 
   @Test
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java
index 96f8cb318bd..7060bca6362 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java
@@ -32,7 +32,6 @@ import org.sonar.api.config.MapSettings;
 import org.sonar.api.config.Settings;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.utils.System2;
-import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
 import org.sonar.api.web.UserRole;
 import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.core.util.UuidFactory;
@@ -92,7 +91,8 @@ public class CreateActionTest {
   private OrganizationValidation organizationValidation = new OrganizationValidationImpl();
   private OrganizationCreation organizationCreation = new OrganizationCreationImpl(dbClient, system2, uuidFactory, organizationValidation, settings);
   private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone().setEnabled(true);
-  private CreateAction underTest = new CreateAction(settings, userSession, dbClient, new OrganizationsWsSupport(organizationValidation), organizationValidation, organizationCreation, organizationFlags);
+  private CreateAction underTest = new CreateAction(settings, userSession, dbClient, new OrganizationsWsSupport(organizationValidation), organizationValidation,
+    organizationCreation, organizationFlags);
   private WsActionTester wsTester = new WsActionTester(underTest);
 
   @Test
@@ -487,7 +487,7 @@ public class CreateActionTest {
     assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, defaultTemplate.getId()))
       .extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission)
       .containsOnly(
-        tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN),
+        tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN), tuple(ownersGroup.getId(), GlobalPermissions.SCAN_EXECUTION),
         tuple(0L, UserRole.USER), tuple(0L, UserRole.CODEVIEWER));
   }
author	Sébastien Lesaint <sebastien.lesaint@sonarsource.com>	2017-02-16 17:38:40 +0100
committer	Sébastien Lesaint <sebastien.lesaint@sonarsource.com>	2017-02-17 15:47:10 +0100
commit	3b673b37f88fc38b84244bd541d20ee9ac510486 (patch)
tree	941efc4cf682f891918f5a1596c8f2ce7722c1c6
parent	011c3e3ae0bbf9ed9e9d0f75ce6d09da696c94fb (diff)
download	sonarqube-6.3.0.18587.tar.gz sonarqube-6.3.0.18587.zip