diff options
| author | Julien Lancelot <julien.lancelot@sonarsource.com> | 2016-04-19 08:17:14 +0200 |
|---|---|---|
| committer | Julien Lancelot <julien.lancelot@sonarsource.com> | 2016-04-19 08:17:14 +0200 |
| commit | 2db16d6c36f6e1355353042027fbdefa281e9de1 (patch) | |
| tree | a10dabeaa75a96ec0f15ecbfcd11b01ba5830c77 | |
| parent | ef69f43f8fb80f9952ff568dae1f6fce3fc97e06 (diff) | |
| download | sonarqube-2db16d6c36f6e1355353042027fbdefa281e9de1.tar.gz sonarqube-2db16d6c36f6e1355353042027fbdefa281e9de1.zip | |
Add comment on query to keep authorized users for a project and a role
Anyone permission cannot be taking into by this method
4 files changed, 15 insertions, 37 deletions
diff --git a/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java b/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java index 446f810af85..41774598a70 100644 --- a/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java +++ b/sonar-db/src/main/java/org/sonar/db/user/AuthorizationDao.java @@ -60,6 +60,10 @@ public class AuthorizationDao implements Dao { }); } + /** + * Keep only authorized user that have the given permission on a given project. + * Please Note that if the permission is 'Anyone' is NOT taking into account by thie method. + */ public Collection<Long> keepAuthorizedUsersForRoleAndProject(final DbSession session, final Collection<Long> userIds, final String role, final long projectId) { return DatabaseUtils.executeLargeInputs(userIds, new SelectUsersByPermissionAndProject(session.getMapper(AuthorizationMapper.class), role, projectId)); } diff --git a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java index 328eb7c58dc..ed1a5747d14 100644 --- a/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java +++ b/sonar-db/src/test/java/org/sonar/db/user/AuthorizationDaoTest.java @@ -313,12 +313,12 @@ public class AuthorizationDaoTest { } @Test - public void keep_authorized_users_for_role_and_project_for_anonymous() { + public void keep_authorized_users_returns_empty_list_for_role_and_project_for_anonymous() { dbTester.prepareDbUnit(getClass(), "keep_authorized_users_for_role_and_project_for_anonymous.xml"); assertThat(authorization.keepAuthorizedUsersForRoleAndProject(dbTester.getSession(), // Only 100 and 101 has 'user' role on project - newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).containsOnly(100L, 101L); + newHashSet(100L, 101L, 102L), "user", PROJECT_ID)).isEmpty(); } } diff --git a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml deleted file mode 100644 index 4de4f328925..00000000000 --- a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anomymous.xml +++ /dev/null @@ -1,18 +0,0 @@ -<dataset> - - <!-- users 100 and 101 have no direct grant access, but are in the group 200 that has the role "user" on the project 300 --> - <user_roles id="1" user_id="100" resource_id="999" role="user"/> - <user_roles id="2" user_id="101" resource_id="999" role="user"/> - <user_roles id="3" user_id="102" resource_id="999" role="user"/> - - <groups_users user_id="100" group_id="200"/> - <groups_users user_id="101" group_id="200"/> - <groups_users user_id="102" group_id="201"/> - - <group_roles id="1" group_id="[null]" resource_id="300" role="user"/> - <group_roles id="2" group_id="201" resource_id="400" role="user"/> - - <projects id="300" kee="pj-w-snapshot" uuid="DEFG" module_uuid="[null]"/> - <projects id="400" kee="pj-wo-snapshot" uuid="EFGH" module_uuid="[null]"/> - -</dataset> diff --git a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml index 491e1f8405d..4de4f328925 100644 --- a/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml +++ b/sonar-db/src/test/resources/org/sonar/db/user/AuthorizationDaoTest/keep_authorized_users_for_role_and_project_for_anonymous.xml @@ -1,26 +1,18 @@ <dataset> - <!-- Users 100 and 101 are 'user' on project 300 --> - <user_roles id="1" user_id="100" resource_id="300" role="user"/> - <user_roles id="2" user_id="101" resource_id="300" role="user"/> - <user_roles id="3" user_id="102" resource_id="300" role="admin"/> - <!-- User 100 is 'user' on project 400 --> - <user_roles id="4" user_id="100" resource_id="400" role="user"/> + <!-- users 100 and 101 have no direct grant access, but are in the group 200 that has the role "user" on the project 300 --> + <user_roles id="1" user_id="100" resource_id="999" role="user"/> + <user_roles id="2" user_id="101" resource_id="999" role="user"/> + <user_roles id="3" user_id="102" resource_id="999" role="user"/> <groups_users user_id="100" group_id="200"/> - <group_roles id="1" group_id="200" resource_id="400" role="user"/> + <groups_users user_id="101" group_id="200"/> + <groups_users user_id="102" group_id="201"/> + + <group_roles id="1" group_id="[null]" resource_id="300" role="user"/> + <group_roles id="2" group_id="201" resource_id="400" role="user"/> <projects id="300" kee="pj-w-snapshot" uuid="DEFG" module_uuid="[null]"/> <projects id="400" kee="pj-wo-snapshot" uuid="EFGH" module_uuid="[null]"/> - - <!-- user 100 has no direct grant access, but is in the group 200 that has the role "user" - on the project 300 --> - <!--<user_roles id="1" user_id="100" resource_id="999" role="user"/>--> - - <!--<groups_users user_id="100" group_id="200"/>--> - - <!--<group_roles id="1" group_id="200" resource_id="300" role="user"/>--> - <!--<group_roles id="2" group_id="200" resource_id="400" role="user"/>--> - </dataset> |