SONAR-9140 support public projects in keepAuthorizedProjectIds

author: Sébastien Lesaint <sebastien.lesaint@sonarsource.com> 2017-04-19 20:22:44 +0200
committer: Sébastien Lesaint <sebastien.lesaint@sonarsource.com> 2017-04-27 14:25:54 +0200
commit: e8c50d90ea83a7dbec73e9b2bed7158478e61bc6 (patch)
tree: 7d12430b0f141176cd3ef59dd2e1bdbf0422f4fc
parent: b70dba2a8352e26ede505f813a8af2d8e15c6130 (diff)
download: sonarqube-e8c50d90ea83a7dbec73e9b2bed7158478e61bc6.tar.gz
sonarqube-e8c50d90ea83a7dbec73e9b2bed7158478e61bc6.zip
3 files changed, 278 insertions, 102 deletions
diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml
index 1578d5582df..8bb72b6a63d 100644
--- a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml
+++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml
@@ -179,7 +179,9 @@
       and <foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
             gr.resource_id=#{element,jdbcType=BIGINT}
           </foreach>
+
     union
+
     select
       p.id
     from
@@ -192,6 +194,10 @@
       and <foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
         p.id=#{element,jdbcType=BIGINT}
       </foreach>
+
+    union
+
+    <include refid="sqlSelectPublicProjectsIfRole"/>
   </select>
 
   <select id="keepAuthorizedProjectIdsForAnonymous" parameterType="map" resultType="long">
@@ -205,8 +211,25 @@
       and <foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
             gr.resource_id=#{element,jdbcType=BIGINT}
           </foreach>
+
+    union
+
+    <include refid="sqlSelectPublicProjectsIfRole"/>
   </select>
 
+  <sql id="sqlSelectPublicProjectsIfRole">
+    select
+      p.id
+    from
+      projects p
+    where
+      <foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
+        p.id=#{element,jdbcType=BIGINT}
+      </foreach>
+      and p.private = ${_false}
+      and #{role,jdbcType=VARCHAR} in ('user','codeviewer')
+  </sql>
+
   <select id="keepAuthorizedUsersForRoleAndProject" parameterType="map" resultType="int">
     select
       gu.user_id
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java
index 00fa84d8657..897681039b5 100644
--- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java
@@ -38,6 +38,7 @@ import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 
 import static com.google.common.collect.Sets.newHashSet;
+import static java.util.Collections.singleton;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
 import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
@@ -61,6 +62,8 @@ public class AuthorizationDaoTest {
   private UserDto user;
   private GroupDto group1;
   private GroupDto group2;
+  private Set<Long> randomPublicProjectIds;
+  private Set<Long> randomPrivateProjectIds;
   private Set<Integer> randomExistingUserIds;
   private String randomPermission = "p" + new Random().nextInt();
 
@@ -74,6 +77,14 @@ public class AuthorizationDaoTest {
       .map(i -> db.users().insertUser().getId())
       .boxed()
       .collect(MoreCollectors.toSet());
+    randomPublicProjectIds = IntStream.range(0, 1 + Math.abs(new Random().nextInt(5)))
+      .mapToLong(i -> db.components().insertPublicProject(organization).getId())
+      .boxed()
+      .collect(MoreCollectors.toSet());
+    randomPrivateProjectIds = IntStream.range(0, 1 + Math.abs(new Random().nextInt(5)))
+      .mapToLong(i -> db.components().insertPrivateProject(organization).getId())
+      .boxed()
+      .collect(MoreCollectors.toSet());
   }
 
   /**
@@ -117,29 +128,6 @@ public class AuthorizationDaoTest {
   }
 
   @Test
-  public void user_should_be_authorized() {
-    ComponentDto project1 = db.components().insertPublicProject(organization);
-    ComponentDto project2 = db.components().insertPublicProject(organization);
-    ComponentDto project3 = db.components().insertPublicProject(organization);
-    UserDto user = db.users().insertUser("u1");
-    GroupDto group = db.users().insertGroup(organization);
-    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2);
-    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project3);
-    db.users().insertMember(group, user);
-    db.users().insertProjectPermissionOnGroup(group, UserRole.USER, project1);
-
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project2.getId(), project3.getId()), user.getId(), UserRole.USER))
-      .containsOnly(project2.getId(), project3.getId());
-
-    // user does not have the role "admin"
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project2.getId()), user.getId(), UserRole.ADMIN))
-      .isEmpty();
-
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, Collections.emptySet(), user.getId(), UserRole.ADMIN))
-      .isEmpty();
-  }
-
-  @Test
   public void countUsersWithGlobalPermissionExcludingGroup() {
     // users with global permission "perm1" :
     // - "u1" and "u2" through group "g1"
@@ -233,64 +221,225 @@ public class AuthorizationDaoTest {
   }
 
   @Test
-  public void keep_authorized_project_ids_for_user() {
-    ComponentDto project1 = db.components().insertPublicProject(organization);
-    ComponentDto project2 = db.components().insertPublicProject(organization);
-    UserDto user1 = db.users().insertUser("u1");
-    db.users().insertProjectPermissionOnUser(user1, UserRole.USER, project1);
-    db.users().insertProjectPermissionOnUser(user1, UserRole.CODEVIEWER, project2);
+  public void keepAuthorizedProjectIds_returns_empty_for_group_AnyOne_if_project_set_is_empty_on_public_project() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, Collections.emptySet(), null, UserRole.USER))
+      .isEmpty();
+  }
 
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId(), project2.getId()), user1.getId(), UserRole.USER))
-      .containsOnly(project1.getId());
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_user_if_project_set_is_empty_on_public_project() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, Collections.emptySet(), user.getId(), UserRole.USER))
+      .isEmpty();
+  }
 
-    // user does not have the role "admin"
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId()), user1.getId(), UserRole.ADMIN)).isEmpty();
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_group_AnyOne_for_non_existent_projects() {
+    Set<Long> randomNonProjectsSet = IntStream.range(0, 1 + Math.abs(new Random().nextInt(5)))
+      .mapToLong(i -> 3_562 + i)
+      .boxed()
+      .collect(MoreCollectors.toSet());
 
-    // Empty list
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, Collections.emptySet(), user1.getId(), UserRole.ADMIN)).isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomNonProjectsSet, null, UserRole.USER))
+      .isEmpty();
   }
 
   @Test
-  public void keep_authorized_project_ids_for_group() {
-    ComponentDto project1 = db.components().insertPublicProject(organization);
-    ComponentDto project2 = db.components().insertPublicProject(organization);
-    UserDto user1 = db.users().insertUser("u1");
-    GroupDto group = db.users().insertGroup(organization);
-    db.users().insertMembers(group, user1);
-    db.users().insertProjectPermissionOnGroup(group, UserRole.USER, project1);
-    db.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, project2);
+  public void keepAuthorizedProjectIds_returns_empty_for_user_for_non_existent_projects() {
+    Set<Long> randomNonProjectsSet = IntStream.range(0, 1 + Math.abs(new Random().nextInt(5)))
+      .mapToLong(i -> 9_666 + i)
+      .boxed()
+      .collect(MoreCollectors.toSet());
 
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId(), project2.getId()), user1.getId(), UserRole.USER))
-      .containsOnly(project1.getId());
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomNonProjectsSet, user.getId(), UserRole.USER))
+      .isEmpty();
+  }
 
-    // user does not have the role "admin"
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId()), user1.getId(), UserRole.ADMIN))
+  @Test
+  public void keepAuthorizedProjectIds_returns_any_public_project_for_group_AnyOne_without_any_permission_in_DB_and_permission_USER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPublicProjectIds, null, UserRole.USER))
+      .containsAll(randomPublicProjectIds);
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_any_public_project_for_user_without_any_permission_in_DB_and_permission_USER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPublicProjectIds, user.getId(), UserRole.USER))
+      .containsAll(randomPublicProjectIds);
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_any_public_project_for_group_AnyOne_without_any_permission_in_DB_and_permission_CODEVIEWER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPublicProjectIds, null, UserRole.CODEVIEWER))
+      .containsAll(randomPublicProjectIds);
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_any_public_project_for_user_without_any_permission_in_DB_and_permission_CODEVIEWER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPublicProjectIds, user.getId(), UserRole.CODEVIEWER))
+      .containsAll(randomPublicProjectIds);
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_other_permission_for_group_AnyOne_on_public_project_without_any_permission_in_DB() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPublicProjectIds, null, randomPermission))
       .isEmpty();
+  }
 
-    // Empty list
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, Collections.emptySet(), user1.getId(), UserRole.ADMIN))
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_any_permission_for_user_on_public_project_without_any_permission_in_DB() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPublicProjectIds, user.getId(), randomPermission))
       .isEmpty();
   }
 
   @Test
-  public void keep_authorized_project_ids_for_anonymous() {
+  public void keepAuthorizedProjectIds_returns_public_project_if_user_is_granted_project_permission_directly() {
+    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    UserDto otherUser = db.users().insertUser();
+    db.users().insertProjectPermissionOnUser(user, randomPermission, project);
+
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), otherUser.getId(), randomPermission))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(otherProject.getId()), user.getId(), randomPermission))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), randomPermission))
+      .containsOnly(project.getId());
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), "another perm"))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_public_project_if_user_is_granted_project_permission_by_group() {
+    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    UserDto otherUser = db.users().insertUser();
+    db.users().insertMember(group1, user);
+    db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
+
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), randomPermission))
+      .containsOnly(project.getId());
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(otherProject.getId()), user.getId(), randomPermission))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), otherUser.getId(), randomPermission))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), "another perm"))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_public_project_if_group_AnyOne_is_granted_project_permission_directly() {
+    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    db.users().insertProjectPermissionOnAnyone(randomPermission, project);
+
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), null, randomPermission))
+      .containsOnly(project.getId());
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), null, "another perm"))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(otherProject.getId()), null, randomPermission))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_user_on_private_project_without_any_permission_in_DB_and_permission_USER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, user.getId(), UserRole.USER))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_group_AnyOne_on_private_project_without_any_permission_in_DB_and_permission_USER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, null, UserRole.USER))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_user_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, user.getId(), UserRole.CODEVIEWER))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_group_AnyOne_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() {
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, null, UserRole.CODEVIEWER))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_user_and_any_permission_on_private_project_without_any_permission_in_DB() {
+    ProjectPermissions.ALL
+      .forEach(perm -> {
+        assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, user.getId(), perm))
+          .isEmpty();
+      });
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, user.getId(), randomPermission))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_empty_for_group_AnyOne_and_any_permission_on_private_project_without_any_permission_in_DB() {
+    ProjectPermissions.ALL
+      .forEach(perm -> {
+        assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, null, perm))
+          .isEmpty();
+      });
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, randomPrivateProjectIds, null, randomPermission))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_private_project_if_user_is_granted_project_permission_directly() {
+    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto otherProject = db.components().insertPrivateProject(organization);
+    UserDto otherUser = db.users().insertUser();
+    db.users().insertProjectPermissionOnUser(user, randomPermission, project);
+
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), randomPermission))
+      .containsOnly(project.getId());
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), "another perm"))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(otherProject.getId()), user.getId(), randomPermission))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), otherUser.getId(), randomPermission))
+      .isEmpty();
+  }
+
+  @Test
+  public void keepAuthorizedProjectIds_returns_private_project_if_user_is_granted_project_permission_by_group() {
+    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto otherProject = db.components().insertPrivateProject(organization);
+    UserDto otherUser = db.users().insertUser();
+    db.users().insertMember(group1, user);
+    db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
+
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), randomPermission))
+      .containsOnly(project.getId());
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), user.getId(), "another perm"))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(otherProject.getId()), user.getId(), randomPermission))
+      .isEmpty();
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, singleton(project.getId()), otherUser.getId(), randomPermission))
+      .isEmpty();
+  }
+
+  @Test
+  public void user_should_be_authorized() {
     ComponentDto project1 = db.components().insertPublicProject(organization);
     ComponentDto project2 = db.components().insertPublicProject(organization);
-    UserDto user1 = db.users().insertUser("u1");
+    ComponentDto project3 = db.components().insertPublicProject(organization);
+    UserDto user = db.users().insertUser("u1");
     GroupDto group = db.users().insertGroup(organization);
-    db.users().insertMembers(group, user1);
-    db.users().insertProjectPermissionOnAnyone(UserRole.USER, project1);
-    db.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, project2);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project3);
+    db.users().insertMember(group, user);
+    db.users().insertProjectPermissionOnGroup(group, UserRole.USER, project1);
 
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId(), project2.getId()), null, UserRole.USER))
-      .containsOnly(project1.getId());
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project2.getId(), project3.getId()), user.getId(), UserRole.USER))
+      .containsOnly(project2.getId(), project3.getId());
 
     // user does not have the role "admin"
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId()), null, UserRole.ADMIN))
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project2.getId()), user.getId(), UserRole.ADMIN))
       .isEmpty();
 
-    // Empty list
-    assertThat(underTest.keepAuthorizedProjectIds(dbSession, Collections.emptySet(), null, UserRole.ADMIN))
+    assertThat(underTest.keepAuthorizedProjectIds(dbSession, Collections.emptySet(), user.getId(), UserRole.ADMIN))
       .isEmpty();
   }
 
@@ -384,13 +533,13 @@ public class AuthorizationDaoTest {
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnUser(user, randomPermission, project);
 
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, project.getId()))
       .containsOnly(user.getId());
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), "another perm", project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), "another perm", project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(otherUser.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getId()), randomPermission, project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, otherProject.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, otherProject.getId()))
       .isEmpty();
   }
 
@@ -402,13 +551,13 @@ public class AuthorizationDaoTest {
     db.users().insertMember(group1, user);
     db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
 
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, project.getId()))
       .containsOnly(user.getId());
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), "another perm", project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), "another perm", project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, otherProject.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, otherProject.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(otherUser.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getId()), randomPermission, project.getId()))
       .isEmpty();
   }
 
@@ -419,13 +568,13 @@ public class AuthorizationDaoTest {
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnAnyone(randomPermission, project);
 
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), "another perm", project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), "another perm", project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, otherProject.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, otherProject.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(otherUser.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getId()), randomPermission, project.getId()))
       .isEmpty();
   }
 
@@ -465,13 +614,13 @@ public class AuthorizationDaoTest {
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnUser(user, randomPermission, project);
 
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, project.getId()))
       .containsOnly(user.getId());
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), "another perm", project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), "another perm", project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(otherUser.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getId()), randomPermission, project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, otherProject.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, otherProject.getId()))
       .isEmpty();
   }
 
@@ -483,13 +632,13 @@ public class AuthorizationDaoTest {
     db.users().insertMember(group1, user);
     db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
 
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, project.getId()))
       .containsOnly(user.getId());
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), "another perm", project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), "another perm", project.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(user.getId()), randomPermission, otherProject.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(user.getId()), randomPermission, otherProject.getId()))
       .isEmpty();
-    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.singleton(otherUser.getId()), randomPermission, project.getId()))
+    assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, singleton(otherUser.getId()), randomPermission, project.getId()))
       .isEmpty();
   }
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ProjectsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ProjectsActionTest.java
index a2b292d80d1..822fb57d9eb 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ProjectsActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ProjectsActionTest.java
@@ -75,8 +75,8 @@ public class ProjectsActionTest {
 
   @Test
   public void should_list_authorized_projects_only() throws Exception {
-    project1 = newProject("ABCD", "Project One");
-    project2 = newProject("BCDE", "Project Two");
+    project1 = newPrivateProject("ABCD", "Project One");
+    project2 = newPrivateProject("BCDE", "Project Two");
     db.components().insertComponents(project1, project2);
 
     // user only sees project1
@@ -91,10 +91,10 @@ public class ProjectsActionTest {
 
   @Test
   public void should_paginate() throws Exception {
-    project1 = newProject("ABCD", "Project One");
-    project2 = newProject("BCDE", "Project Two");
-    project3 = newProject("CDEF", "Project Three");
-    project4 = newProject("DEFA", "Project Four");
+    project1 = newPublicProject("ABCD", "Project One");
+    project2 = newPublicProject("BCDE", "Project Two");
+    project3 = newPublicProject("CDEF", "Project Three");
+    project4 = newPublicProject("DEFA", "Project Four");
     dbClient.componentDao().insert(dbSession, project1, project2, project3, project4);
 
     addBrowsePermissionToAnyone(project1, project2, project3, project4);
@@ -122,10 +122,10 @@ public class ProjectsActionTest {
 
   @Test
   public void should_show_unselected() throws Exception {
-    project1 = newProject("ABCD", "Project One");
-    project2 = newProject("BCDE", "Project Two");
-    project3 = newProject("CDEF", "Project Three");
-    project4 = newProject("DEFA", "Project Four");
+    project1 = newPublicProject("ABCD", "Project One");
+    project2 = newPublicProject("BCDE", "Project Two");
+    project3 = newPublicProject("CDEF", "Project Three");
+    project4 = newPublicProject("DEFA", "Project Four");
     dbClient.componentDao().insert(dbSession, project1, project2, project3, project4);
 
     addBrowsePermissionToAnyone(project1, project2, project3, project4);
@@ -139,10 +139,10 @@ public class ProjectsActionTest {
 
   @Test
   public void should_show_all() throws Exception {
-    project1 = newProject("ABCD", "Project One");
-    project2 = newProject("BCDE", "Project Two");
-    project3 = newProject("CDEF", "Project Three");
-    project4 = newProject("DEFA", "Project Four");
+    project1 = newPublicProject("ABCD", "Project One");
+    project2 = newPublicProject("BCDE", "Project Two");
+    project3 = newPublicProject("CDEF", "Project Three");
+    project4 = newPublicProject("DEFA", "Project Four");
     dbClient.componentDao().insert(dbSession, project1, project2, project3, project4);
 
     addBrowsePermissionToAnyone(project1, project2, project3, project4);
@@ -158,10 +158,10 @@ public class ProjectsActionTest {
 
   @Test
   public void should_filter_on_name() throws Exception {
-    project1 = newProject("ABCD", "Project One");
-    project2 = newProject("BCDE", "Project Two");
-    project3 = newProject("CDEF", "Project Three");
-    project4 = newProject("DEFA", "Project Four");
+    project1 = newPublicProject("ABCD", "Project One");
+    project2 = newPublicProject("BCDE", "Project Two");
+    project3 = newPublicProject("CDEF", "Project Three");
+    project4 = newPublicProject("DEFA", "Project Four");
     dbClient.componentDao().insert(dbSession, project1, project2, project3, project4);
 
     addBrowsePermissionToAnyone(project1, project2, project3, project4);
@@ -180,10 +180,10 @@ public class ProjectsActionTest {
 
   @Test
   public void return_deprecated_uuid_field() throws Exception {
-    project1 = newProject("ABCD", "Project One");
-    project2 = newProject("BCDE", "Project Two");
-    project3 = newProject("CDEF", "Project Three");
-    project4 = newProject("DEFA", "Project Four");
+    project1 = newPublicProject("ABCD", "Project One");
+    project2 = newPublicProject("BCDE", "Project Two");
+    project3 = newPublicProject("CDEF", "Project Three");
+    project4 = newPublicProject("DEFA", "Project Four");
     dbClient.componentDao().insert(dbSession, project1, project2, project3, project4);
 
     addBrowsePermissionToAnyone(project1, project2, project3, project4);
@@ -207,10 +207,14 @@ public class ProjectsActionTest {
     return wsTester.newGetRequest("api/qualityprofiles", "projects");
   }
 
-  private ComponentDto newProject(String uuid, String name) {
+  private ComponentDto newPublicProject(String uuid, String name) {
     return ComponentTesting.newPublicProjectDto(organizationDto, uuid).setName(name);
   }
 
+  private ComponentDto newPrivateProject(String uuid, String name) {
+    return ComponentTesting.newPrivateProjectDto(organizationDto, uuid).setName(name);
+  }
+
   private void addBrowsePermissionToAnyone(ComponentDto... projects) {
     for (ComponentDto project : projects) {
       db.users().insertProjectPermissionOnAnyone(UserRole.USER, project);
author	Sébastien Lesaint <sebastien.lesaint@sonarsource.com>	2017-04-19 20:22:44 +0200
committer	Sébastien Lesaint <sebastien.lesaint@sonarsource.com>	2017-04-27 14:25:54 +0200
commit	e8c50d90ea83a7dbec73e9b2bed7158478e61bc6 (patch)
tree	7d12430b0f141176cd3ef59dd2e1bdbf0422f4fc
parent	b70dba2a8352e26ede505f813a8af2d8e15c6130 (diff)
download	sonarqube-e8c50d90ea83a7dbec73e9b2bed7158478e61bc6.tar.gz sonarqube-e8c50d90ea83a7dbec73e9b2bed7158478e61bc6.zip