diff options
| author | Sébastien Lesaint <sebastien.lesaint@sonarsource.com> | 2017-04-14 11:17:49 +0200 |
|---|---|---|
| committer | Sébastien Lesaint <sebastien.lesaint@sonarsource.com> | 2017-04-27 14:25:54 +0200 |
| commit | 4922497fcdc5f91575232f18e4d786a6d4691f4f (patch) | |
| tree | 0e6b405ec3d96043e593aa0f1035915c9e450d01 | |
| parent | 1e25a6cbef88d51a74690a3c4b11b52c8503a9f7 (diff) | |
| download | sonarqube-4922497fcdc5f91575232f18e4d786a6d4691f4f.tar.gz sonarqube-4922497fcdc5f91575232f18e4d786a6d4691f4f.zip | |
SONAR-9105 add GroupPermissionDao#deleteByRootComponentIdAndPermission
4 files changed, 123 insertions, 0 deletions
diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java index 97e77962499..cccf5a4d717 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java @@ -147,6 +147,13 @@ public class GroupPermissionDao implements Dao { } /** + * Delete the specified permission for the specified component for any group (including group AnyOne). + */ + public int deleteByRootComponentIdAndPermission(DbSession dbSession, long rootComponentId, String permission) { + return mapper(dbSession).deleteByRootComponentIdAndPermission(rootComponentId, permission); + } + + /** * Delete a single permission. It can be: * <ul> * <li>a global permission granted to a group</li> diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java index 00e58e1ab20..05439bd61e8 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java @@ -56,4 +56,6 @@ public interface GroupPermissionMapper { void deleteByRootComponentId(@Param("rootComponentId") long componentId); int deleteByRootComponentIdAndGroupId(@Param("rootComponentId") long rootComponentId, @Nullable @Param("groupId") Integer groupId); + + int deleteByRootComponentIdAndPermission(@Param("rootComponentId") long rootComponentId, @Param("permission") String permission); } diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml index ccd42f9360c..735a7fb5617 100644 --- a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml +++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml @@ -196,6 +196,14 @@ </choose> </delete> + <delete id="deleteByRootComponentIdAndPermission"> + delete from + group_roles + where + resource_id=#{rootComponentId,jdbcType=BIGINT} + and role=#{permission,jdbcType=VARCHAR} + </delete> + <delete id="delete" parameterType="map"> delete from group_roles where diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java index c2d43e87cc4..29dac03f989 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java @@ -20,15 +20,18 @@ package org.sonar.db.permission; import java.util.ArrayList; +import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Random; import java.util.stream.IntStream; +import java.util.stream.Stream; import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.sonar.api.utils.System2; import org.sonar.api.web.UserRole; +import org.sonar.core.util.stream.MoreCollectors; import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDto; @@ -823,6 +826,109 @@ public class GroupPermissionDaoTest { .containsOnly("p3"); } + @Test + public void deleteByRootComponentIdAndPermission_deletes_all_rows_for_specified_role_of_specified_component() { + OrganizationDto organization = db.organizations().insert(); + ComponentDto project = db.components().insertPublicProject(organization); + GroupDto group = db.users().insertGroup(organization); + Stream.of("p1", "p2").forEach(permission -> { + db.users().insertPermissionOnAnyone(organization, permission); + db.users().insertPermissionOnGroup(group, permission); + db.users().insertProjectPermissionOnGroup(group, permission, project); + db.users().insertProjectPermissionOnAnyone(permission, project); + }); + assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1", "p2"); + assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); + assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1", "p2"); + assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1", "p2"); + + int deletedRows = underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p1"); + + assertThat(deletedRows).isEqualTo(2); + assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1", "p2"); + assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); + assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p2"); + assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p2"); + + deletedRows = underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p2"); + + assertThat(deletedRows).isEqualTo(2); + assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1", "p2"); + assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1", "p2"); + assertThat(getProjectPermissionsForAnyOne(project)).isEmpty(); + assertThat(getProjectPermissionsForGroup(project, group)).isEmpty(); + } + + @Test + public void deleteByRootComponentIdAndPermission_has_no_effect_if_component_has_no_group_permission_at_all() { + OrganizationDto organization = db.organizations().insert(); + GroupDto group = db.users().insertGroup(organization); + ComponentDto project = randomPublicOrPrivateProject(organization); + db.users().insertPermissionOnAnyone(organization, "p1"); + db.users().insertPermissionOnGroup(group, "p1"); + + assertThat(underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p1")).isEqualTo(0); + + assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1"); + assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1"); + assertThat(getProjectPermissionsForAnyOne(project)).isEmpty(); + assertThat(getProjectPermissionsForGroup(project, group)).isEmpty(); + } + + @Test + public void deleteByRootComponentIdAndPermission_has_no_effect_if_component_does_not_exist() { + OrganizationDto organization = db.organizations().insert(); + ComponentDto project = randomPublicOrPrivateProject(organization); + GroupDto group = db.users().insertGroup(organization); + db.users().insertPermissionOnAnyone(organization, "p1"); + db.users().insertPermissionOnGroup(group, "p1"); + db.users().insertProjectPermissionOnGroup(group, "p1", project); + db.users().insertProjectPermissionOnAnyone("p1", project); + + assertThat(underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p2")).isEqualTo(0); + + assertThat(getGlobalPermissionsForAnyone(organization)).containsOnly("p1"); + assertThat(getGlobalPermissionsForGroup(group)).containsOnly("p1"); + assertThat(getProjectPermissionsForAnyOne(project)).containsOnly("p1"); + assertThat(getProjectPermissionsForGroup(project, group)).containsOnly("p1"); + } + + @Test + public void deleteByRootComponentIdAndPermission_has_no_effect_if_component_does_not_have_specified_permission() { + OrganizationDto organization = db.organizations().insert(); + GroupDto group = db.users().insertGroup(organization); + ComponentDto project = randomPublicOrPrivateProject(organization); + db.users().insertPermissionOnAnyone(organization, "p1"); + db.users().insertPermissionOnGroup(group, "p1"); + + assertThat(underTest.deleteByRootComponentIdAndPermission(dbSession, project.getId(), "p1")).isEqualTo(0); + } + + private Collection<String> getGlobalPermissionsForAnyone(OrganizationDto organization) { + return getPermissions("organization_uuid = '" + organization.getUuid() + "' and group_id is null and resource_id is null"); + } + + private Collection<String> getGlobalPermissionsForGroup(GroupDto groupDto) { + return getPermissions("organization_uuid = '" + groupDto.getOrganizationUuid() + "' and group_id = " + groupDto.getId() + " and resource_id is null"); + } + + private Collection<String> getProjectPermissionsForAnyOne(ComponentDto project) { + return getPermissions("organization_uuid = '" + project.getOrganizationUuid() + "' and group_id is null and resource_id = " + project.getId()); + } + + private Collection<String> getProjectPermissionsForGroup(ComponentDto project, GroupDto group) { + return getPermissions("organization_uuid = '" + project.getOrganizationUuid() + "' and group_id = " + group.getId() + " and resource_id = " + project.getId()); + } + + private Collection<String> getPermissions(String whereClauses) { + return db + .select(dbSession, "select role from group_roles where " + whereClauses) + .stream() + .flatMap(map -> map.entrySet().stream()) + .map(entry -> (String) entry.getValue()) + .collect(MoreCollectors.toList()); + } + private ComponentDto randomPublicOrPrivateProject(OrganizationDto organization) { return new Random().nextBoolean() ? db.components().insertPublicProject(organization) : db.components().insertPrivateProject(organization); } |