aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSébastien Lesaint <sebastien.lesaint@sonarsource.com>2016-01-11 12:52:50 +0100
committerSébastien Lesaint <sebastien.lesaint@sonarsource.com>2016-01-13 18:06:35 +0100
commit39465c751b903b57c140d6838b319190d80e9f1e (patch)
tree9800507ac6b0b798730b0f3eefc8d06c2d3c952f
parent2b881f44742dbb0ff5b8f651f81ced85e2bebed1 (diff)
downloadsonarqube-39465c751b903b57c140d6838b319190d80e9f1e.tar.gz
sonarqube-39465c751b903b57c140d6838b319190d80e9f1e.zip
SONAR-6283 migrate permission profileadmin to profileadmin+gateadmin
-rw-r--r--server/sonar-web/src/main/webapp/WEB-INF/db/migrate/1008_insert_gate_admin_permission_for_each_profile_admin.rb33
-rw-r--r--sonar-db/src/main/java/org/sonar/db/version/DatabaseVersion.java2
-rw-r--r--sonar-db/src/main/java/org/sonar/db/version/MigrationStepModule.java7
-rw-r--r--sonar-db/src/main/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdmin.java131
-rw-r--r--sonar-db/src/main/java/org/sonar/db/version/v54/package-info.java24
-rw-r--r--sonar-db/src/main/resources/org/sonar/db/version/rows-h2.sql14
-rw-r--r--sonar-db/src/test/java/org/sonar/db/version/MigrationStepModuleTest.java2
-rw-r--r--sonar-db/src/test/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest.java283
-rw-r--r--sonar-db/src/test/resources/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest/schema.sql13
9 files changed, 499 insertions, 10 deletions
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/1008_insert_gate_admin_permission_for_each_profile_admin.rb b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/1008_insert_gate_admin_permission_for_each_profile_admin.rb
new file mode 100644
index 00000000000..efa1c8ee034
--- /dev/null
+++ b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/1008_insert_gate_admin_permission_for_each_profile_admin.rb
@@ -0,0 +1,33 @@
+#
+# SonarQube, open source software quality management tool.
+# Copyright (C) 2008-2014 SonarSource
+# mailto:contact AT sonarsource DOT com
+#
+# SonarQube is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 3 of the License, or (at your option) any later version.
+#
+# SonarQube is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+#
+
+#
+# SonarQube 5.4
+# SONAR-6283
+#
+class InsertGateAdminPermissionForEachProfileAdmin < ActiveRecord::Migration
+
+ def self.up
+ execute_java_migration('org.sonar.db.version.v54.InsertGateAdminPermissionForEachProfileAdmin')
+ end
+
+end
+
+
diff --git a/sonar-db/src/main/java/org/sonar/db/version/DatabaseVersion.java b/sonar-db/src/main/java/org/sonar/db/version/DatabaseVersion.java
index 8dffaa48520..3a7ac8cbc38 100644
--- a/sonar-db/src/main/java/org/sonar/db/version/DatabaseVersion.java
+++ b/sonar-db/src/main/java/org/sonar/db/version/DatabaseVersion.java
@@ -29,7 +29,7 @@ import org.sonar.db.MyBatis;
public class DatabaseVersion {
- public static final int LAST_VERSION = 1007;
+ public static final int LAST_VERSION = 1008;
/**
* The minimum supported version which can be upgraded. Lower
diff --git a/sonar-db/src/main/java/org/sonar/db/version/MigrationStepModule.java b/sonar-db/src/main/java/org/sonar/db/version/MigrationStepModule.java
index a621501fbd1..c384fcba2fa 100644
--- a/sonar-db/src/main/java/org/sonar/db/version/MigrationStepModule.java
+++ b/sonar-db/src/main/java/org/sonar/db/version/MigrationStepModule.java
@@ -61,6 +61,7 @@ import org.sonar.db.version.v52.RemoveRuleMeasuresOnIssues;
import org.sonar.db.version.v52.RemoveSnapshotLibraries;
import org.sonar.db.version.v53.FixMsSqlCollation;
import org.sonar.db.version.v53.UpdateCustomDashboardInLoadedTemplates;
+import org.sonar.db.version.v54.InsertGateAdminPermissionForEachProfileAdmin;
public class MigrationStepModule extends Module {
@Override
@@ -115,7 +116,9 @@ public class MigrationStepModule extends Module {
// 5.3
FixMsSqlCollation.class,
- UpdateCustomDashboardInLoadedTemplates.class
- );
+ UpdateCustomDashboardInLoadedTemplates.class,
+
+ // 5.4
+ InsertGateAdminPermissionForEachProfileAdmin.class);
}
}
diff --git a/sonar-db/src/main/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdmin.java b/sonar-db/src/main/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdmin.java
new file mode 100644
index 00000000000..6681f4acf15
--- /dev/null
+++ b/sonar-db/src/main/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdmin.java
@@ -0,0 +1,131 @@
+/*
+ * SonarQube :: Database
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.version.v54;
+
+import java.sql.SQLException;
+import org.sonar.db.Database;
+import org.sonar.db.version.BaseDataChange;
+import org.sonar.db.version.MassUpdate;
+import org.sonar.db.version.Select;
+import org.sonar.db.version.SqlStatement;
+
+/**
+ * Global permission 'profileadmin' is split into 'profileadmin' and 'gateadmin' so for each permission in DB
+ * 'profileadmin', a permission 'gateadmin' must be inserted in DB to keep the same level as before this split is
+ * introduced in SQ.
+ */
+public class InsertGateAdminPermissionForEachProfileAdmin extends BaseDataChange {
+
+ public InsertGateAdminPermissionForEachProfileAdmin(Database db) {
+ super(db);
+ }
+
+ @Override
+ public void execute(Context context) throws SQLException {
+ updateGroupAnyOne(context);
+ updateOtherGroups(context);
+ updateUsers(context);
+ }
+
+ private void updateGroupAnyOne(Context context) throws SQLException {
+ MassUpdate update = context.prepareMassUpdate().rowPluralName("Group AnyOne");
+ update.select("select gr1.id from group_roles gr1 " +
+ "where gr1.role = 'profileadmin' " +
+ "and gr1.resource_id is null " +
+ "and gr1.group_id is null " +
+ "and not exists (" +
+ " select gr2.id from group_roles gr2 " +
+ " where gr2.group_id is null " +
+ " and gr2.resource_id is null " +
+ " and gr2.role='gateadmin'" +
+ ")");
+ update.update("insert into group_roles " +
+ "(group_id,resource_id,role) " +
+ "values " +
+ "(null, null, 'gateadmin')");
+ update.execute(GroupAnyOneHandler.INSTANCE);
+ }
+
+ private void updateOtherGroups(Context context) throws SQLException {
+ MassUpdate update = context.prepareMassUpdate().rowPluralName("Other groups");
+ update.select("select gr1.group_id from group_roles gr1 " +
+ "where gr1.role = 'profileadmin' " +
+ "and gr1.resource_id is null " +
+ "and gr1.group_id is not null " +
+ "and not exists (" +
+ " select gr2.id from group_roles gr2 " +
+ " where gr2.group_id=gr1.group_id " +
+ " and gr2.resource_id is null " +
+ " and gr2.role='gateadmin'" +
+ ")");
+ update.update("insert into group_roles " +
+ "(group_id,resource_id,role) " +
+ "values " +
+ "(?, null, 'gateadmin')");
+ update.execute(OtherGroupsHandler.INSTANCE);
+ }
+
+ private void updateUsers(Context context) throws SQLException {
+ MassUpdate update = context.prepareMassUpdate().rowPluralName("Users");
+ update.select("select ur1.user_id from user_roles ur1 " +
+ "where ur1.role = 'profileadmin' " +
+ "and ur1.resource_id is null " +
+ "and not exists (" +
+ " select ur2.id from user_roles ur2 " +
+ " where ur2.user_id=ur1.user_id " +
+ " and ur2.resource_id is null " +
+ " and ur2.role='gateadmin'" +
+ ")");
+ update.update("insert into user_roles " +
+ "(user_id,resource_id,role) " +
+ "values " +
+ "(?,null,'gateadmin')");
+ update.execute(UserRolesHandler.INSTANCE);
+ }
+
+ private enum GroupAnyOneHandler implements MassUpdate.Handler {
+ INSTANCE;
+
+ @Override
+ public boolean handle(Select.Row row, SqlStatement update) throws SQLException {
+ return true;
+ }
+ }
+
+ private enum OtherGroupsHandler implements MassUpdate.Handler {
+ INSTANCE;
+
+ @Override
+ public boolean handle(Select.Row row, SqlStatement update) throws SQLException {
+ update.setLong(1, row.getLong(1));
+ return true;
+ }
+ }
+
+ private enum UserRolesHandler implements MassUpdate.Handler {
+ INSTANCE;
+
+ @Override
+ public boolean handle(Select.Row row, SqlStatement update) throws SQLException {
+ update.setLong(1, row.getLong(1));
+ return true;
+ }
+ }
+}
diff --git a/sonar-db/src/main/java/org/sonar/db/version/v54/package-info.java b/sonar-db/src/main/java/org/sonar/db/version/v54/package-info.java
new file mode 100644
index 00000000000..078e36ffb5f
--- /dev/null
+++ b/sonar-db/src/main/java/org/sonar/db/version/v54/package-info.java
@@ -0,0 +1,24 @@
+/*
+ * SonarQube :: Database
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+@ParametersAreNonnullByDefault
+package org.sonar.db.version.v54;
+
+import javax.annotation.ParametersAreNonnullByDefault;
+
diff --git a/sonar-db/src/main/resources/org/sonar/db/version/rows-h2.sql b/sonar-db/src/main/resources/org/sonar/db/version/rows-h2.sql
index 4de613385f4..5c3f1dd41b5 100644
--- a/sonar-db/src/main/resources/org/sonar/db/version/rows-h2.sql
+++ b/sonar-db/src/main/resources/org/sonar/db/version/rows-h2.sql
@@ -6,12 +6,13 @@ ALTER TABLE GROUPS ALTER COLUMN ID RESTART WITH 3;
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (1, 1, null, 'admin');
INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (2, 1, null, 'profileadmin');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (3, 1, null, 'shareDashboard');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (4, null, null, 'scan');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (5, null, null, 'dryRunScan');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (6, null, null, 'provisioning');
-INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (7, 1, null, 'provisioning');
-ALTER TABLE GROUP_ROLES ALTER COLUMN ID RESTART WITH 8;
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (3, 1, null, 'gateadmin');
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (4, 1, null, 'shareDashboard');
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (5, null, null, 'scan');
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (6, null, null, 'dryRunScan');
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (7, null, null, 'provisioning');
+INSERT INTO GROUP_ROLES(ID, GROUP_ID, RESOURCE_ID, ROLE) VALUES (8, 1, null, 'provisioning');
+ALTER TABLE GROUP_ROLES ALTER COLUMN ID RESTART WITH 9;
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 1);
INSERT INTO GROUPS_USERS(USER_ID, GROUP_ID) VALUES (1, 2);
@@ -368,6 +369,7 @@ INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('1004');
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('1005');
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('1006');
INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('1007');
+INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('1008');
INSERT INTO USERS(ID, LOGIN, NAME, EMAIL, CRYPTED_PASSWORD, SALT, CREATED_AT, UPDATED_AT, REMEMBER_TOKEN, REMEMBER_TOKEN_EXPIRES_AT) VALUES (1, 'admin', 'Administrator', '', 'a373a0e667abb2604c1fd571eb4ad47fe8cc0878', '48bc4b0d93179b5103fd3885ea9119498e9d161b', '1418215735482', '1418215735482', null, null);
ALTER TABLE USERS ALTER COLUMN ID RESTART WITH 2;
diff --git a/sonar-db/src/test/java/org/sonar/db/version/MigrationStepModuleTest.java b/sonar-db/src/test/java/org/sonar/db/version/MigrationStepModuleTest.java
index ce63b469d5f..47262dffd83 100644
--- a/sonar-db/src/test/java/org/sonar/db/version/MigrationStepModuleTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/version/MigrationStepModuleTest.java
@@ -29,6 +29,6 @@ public class MigrationStepModuleTest {
public void verify_count_of_added_MigrationStep_types() {
ComponentContainer container = new ComponentContainer();
new MigrationStepModule().configure(container);
- assertThat(container.size()).isEqualTo(43);
+ assertThat(container.size()).isEqualTo(44);
}
}
diff --git a/sonar-db/src/test/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest.java b/sonar-db/src/test/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest.java
new file mode 100644
index 00000000000..7ea10f856a1
--- /dev/null
+++ b/sonar-db/src/test/java/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest.java
@@ -0,0 +1,283 @@
+/*
+ * SonarQube :: Database
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.db.version.v54;
+
+import javax.annotation.Nullable;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.sonar.api.utils.System2;
+import org.sonar.db.DbTester;
+import org.sonar.db.version.MigrationStep;
+
+import static java.lang.String.format;
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class InsertGateAdminPermissionForEachProfileAdminTest {
+
+ private static final String TABLE_GROUP_ROLES = "group_roles";
+ private static final String TABLE_USER_ROLES = "user_roles";
+ private static final int SOME_GROUP_ID = 964;
+ private static final int SOME_USER_ID = 112;
+ private static final Integer ANYONE_GROUP_ID = null;
+ private static final int SOME_RESOURCE_ID = 25;
+ private static final String PROFILEADMIN_ROLE = "profileadmin";
+ private static final String NOT_PROFILE_ADMIN_ROLE = "ProfileAdmin";
+ private static final String GATE_ADMIN_ROLE = "gateadmin";
+
+ @ClassRule
+ public static DbTester db = DbTester.createForSchema(System2.INSTANCE, InsertGateAdminPermissionForEachProfileAdminTest.class, "schema.sql");
+
+ MigrationStep migration;
+
+ @Before
+ public void setUp() {
+ truncate(TABLE_GROUP_ROLES);
+ truncate(TABLE_USER_ROLES);
+
+ migration = new InsertGateAdminPermissionForEachProfileAdmin(db.database());
+ }
+
+ @Test
+ public void migrate_without_error_on_empty_db() throws Exception {
+ migration.execute();
+
+ assertGroupRoleTableSize(0);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void migrate_group_AnyOne() throws Exception {
+ insertGroupRole(ANYONE_GROUP_ID, null, PROFILEADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(ANYONE_GROUP_ID, null, PROFILEADMIN_ROLE);
+ assertGroupRoleContainsRow(ANYONE_GROUP_ID, null, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(2);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_group_AnyOne_for_resource() throws Exception {
+ insertGroupRole(ANYONE_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(ANYONE_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ assertGroupRoleDoesNotContainRow(ANYONE_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(1);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_group_AnyOne_when_not_profileadmin() throws Exception {
+ insertGroupRole(ANYONE_GROUP_ID, SOME_RESOURCE_ID, NOT_PROFILE_ADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(ANYONE_GROUP_ID, SOME_RESOURCE_ID, NOT_PROFILE_ADMIN_ROLE);
+ assertGroupRoleDoesNotContainRow(ANYONE_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(1);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_group_AnyOne_already_has_role_gateadmin() throws Exception {
+ insertGroupRole(ANYONE_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ insertGroupRole(ANYONE_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(ANYONE_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ assertGroupRoleContainsRow(ANYONE_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(2);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void migrate_group() throws Exception {
+ insertGroupRole(SOME_GROUP_ID, null, PROFILEADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(SOME_GROUP_ID, null, PROFILEADMIN_ROLE);
+ assertGroupRoleContainsRow(SOME_GROUP_ID, null, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(2);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_group_for_resource() throws Exception {
+ insertGroupRole(SOME_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(SOME_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ assertGroupRoleDoesNotContainRow(SOME_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(1);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_group_when_not_profileadmin() throws Exception {
+ insertGroupRole(SOME_GROUP_ID, SOME_RESOURCE_ID, NOT_PROFILE_ADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(SOME_GROUP_ID, SOME_RESOURCE_ID, NOT_PROFILE_ADMIN_ROLE);
+ assertGroupRoleDoesNotContainRow(SOME_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(1);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_group_already_has_role_gateadmin() throws Exception {
+ insertGroupRole(SOME_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ insertGroupRole(SOME_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+
+ migration.execute();
+
+ assertGroupRoleContainsRow(SOME_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ assertGroupRoleContainsRow(SOME_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertGroupRoleTableSize(2);
+ assertUserRoleTableSize(0);
+ }
+
+ @Test
+ public void migrate_user() throws Exception {
+ insertUserRole(SOME_USER_ID, null, PROFILEADMIN_ROLE);
+
+ migration.execute();
+
+ assertUserRoleContainsRow(SOME_USER_ID, null, PROFILEADMIN_ROLE);
+ assertUserRoleContainsRow(SOME_USER_ID, null, GATE_ADMIN_ROLE);
+ assertUserRoleTableSize(2);
+ assertGroupRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_user_for_resource() throws Exception {
+ insertUserRole(SOME_USER_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+
+ migration.execute();
+
+ assertUserRoleContainsRow(SOME_USER_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ assertUserRoleDoesNotContainRow(SOME_USER_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertUserRoleTableSize(1);
+ assertGroupRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_user_when_not_profileadmin() throws Exception {
+ insertUserRole(SOME_GROUP_ID, SOME_RESOURCE_ID, NOT_PROFILE_ADMIN_ROLE);
+
+ migration.execute();
+
+ assertUserRoleContainsRow(SOME_GROUP_ID, SOME_RESOURCE_ID, NOT_PROFILE_ADMIN_ROLE);
+ assertUserRoleDoesNotContainRow(SOME_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertUserRoleTableSize(1);
+ assertGroupRoleTableSize(0);
+ }
+
+ @Test
+ public void do_not_migrate_user_already_has_role_gateadmin() throws Exception {
+ insertUserRole(SOME_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ insertUserRole(SOME_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+
+ migration.execute();
+
+ assertUserRoleContainsRow(SOME_GROUP_ID, SOME_RESOURCE_ID, PROFILEADMIN_ROLE);
+ assertUserRoleContainsRow(SOME_GROUP_ID, SOME_RESOURCE_ID, GATE_ADMIN_ROLE);
+ assertUserRoleTableSize(2);
+ assertGroupRoleTableSize(0);
+ }
+
+ private void assertGroupRoleTableSize(int expected) {
+ assertThat(db.countRowsOfTable(TABLE_GROUP_ROLES)).isEqualTo(expected);
+ }
+
+ private void assertUserRoleTableSize(int expected) {
+ assertThat(db.countRowsOfTable(TABLE_USER_ROLES)).isEqualTo(expected);
+ }
+
+ private void assertGroupRoleDoesNotContainRow(@Nullable Integer groupId, @Nullable Integer resourceId, String role) {
+ String sql = groupRoleRowSql(groupId, resourceId, role);
+ assertThat(db.countSql(sql)).isEqualTo(0);
+ }
+
+ private void assertGroupRoleContainsRow(@Nullable Integer groupId, @Nullable Integer resourceId, String role) {
+ String sql = groupRoleRowSql(groupId, resourceId, role);
+ assertThat(db.countSql(sql)).isEqualTo(1);
+ }
+
+ private static String groupRoleRowSql(@Nullable Integer groupId, @Nullable Integer resourceId, String role) {
+ return format(
+ "select count(*) from group_roles where group_id %s and resource_id %s and role = '%s'",
+ whereClauseFromInteger(groupId),
+ whereClauseFromInteger(resourceId),
+ role);
+ }
+
+ private void assertUserRoleDoesNotContainRow(@Nullable Integer groupId, @Nullable Integer resourceId, String role) {
+ String sql = userRoleRowSql(groupId, resourceId, role);
+ assertThat(db.countSql(sql)).isEqualTo(0);
+ }
+
+ private void assertUserRoleContainsRow(@Nullable Integer groupId, @Nullable Integer resourceId, String role) {
+ String sql = userRoleRowSql(groupId, resourceId, role);
+ assertThat(db.countSql(sql)).isEqualTo(1);
+ }
+
+ private static String userRoleRowSql(@Nullable Integer userId, @Nullable Integer resourceId, String role) {
+ return format(
+ "select count(*) from user_roles where user_id %s and resource_id %s and role = '%s'",
+ whereClauseFromInteger(userId),
+ whereClauseFromInteger(resourceId),
+ role);
+ }
+
+ private void insertGroupRole(@Nullable Integer groupId, @Nullable Integer resourceId, String role) {
+ db.executeUpdateSql(format("insert into group_roles (group_id,resource_id,role) values(%s,%s,'%s')", nullValueFromInteger(groupId), nullValueFromInteger(resourceId), role));
+ }
+
+ private void insertUserRole(@Nullable Integer userId, @Nullable Integer resourceId, String role) {
+ db.executeUpdateSql(format("insert into user_roles (user_id,resource_id,role) values(%s,%s,'%s')", nullValueFromInteger(userId), nullValueFromInteger(resourceId), role));
+ }
+
+ private static String whereClauseFromInteger(@Nullable Integer id) {
+ if (id == null) {
+ return "is null";
+ }
+ return "=" + id;
+ }
+
+ private String nullValueFromInteger(@Nullable Integer value) {
+ if (value == null) {
+ return "null";
+ }
+ return String.valueOf(value);
+ }
+
+ private void truncate(String tableName) {
+ db.executeUpdateSql("truncate table " + tableName);
+ }
+
+}
diff --git a/sonar-db/src/test/resources/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest/schema.sql b/sonar-db/src/test/resources/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest/schema.sql
new file mode 100644
index 00000000000..eca905e2c3d
--- /dev/null
+++ b/sonar-db/src/test/resources/org/sonar/db/version/v54/InsertGateAdminPermissionForEachProfileAdminTest/schema.sql
@@ -0,0 +1,13 @@
+CREATE TABLE "GROUP_ROLES" (
+ "ID" INTEGER NOT NULL GENERATED BY DEFAULT AS IDENTITY (START WITH 1, INCREMENT BY 1),
+ "GROUP_ID" INTEGER,
+ "RESOURCE_ID" INTEGER,
+ "ROLE" VARCHAR(64) NOT NULL
+);
+
+CREATE TABLE "USER_ROLES" (
+ "ID" INTEGER NOT NULL GENERATED BY DEFAULT AS IDENTITY (START WITH 1, INCREMENT BY 1),
+ "USER_ID" INTEGER,
+ "RESOURCE_ID" INTEGER,
+ "ROLE" VARCHAR(64) NOT NULL
+);