aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAurelien Poscia <aurelien.poscia@sonarsource.com>2022-06-02 14:45:42 +0200
committersonartech <sonartech@sonarsource.com>2022-06-02 20:03:18 +0000
commit3afbbf51939d4bdd898cbcb7ccc8e7a5c19e5883 (patch)
tree7ad3768212760c1fa04215255d5d170616d61ec5
parentc0bbac0bced00b12f6fddf6bdcd73510a08ca4e5 (diff)
downloadsonarqube-3afbbf51939d4bdd898cbcb7ccc8e7a5c19e5883.tar.gz
sonarqube-3afbbf51939d4bdd898cbcb7ccc8e7a5c19e5883.zip
SONAR-16246 Fix incorrect warning in portfolio view when user has relevant permissions
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java46
1 files changed, 25 insertions, 21 deletions
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
index 1809f5a4938..914b2a985f6 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
@@ -59,10 +59,11 @@ public class ServerUserSession extends AbstractUserSession {
private final UserDto userDto;
private final DbClient dbClient;
private final Map<String, String> projectUuidByComponentUuid = new HashMap<>();
+ private final Map<String, Set<String>> permissionsByProjectUuid = new HashMap<>();
+
private Collection<GroupDto> groups;
private Boolean isSystemAdministrator;
private Set<GlobalPermission> permissions;
- private Map<String, Set<String>> permissionsByProjectUuid;
public ServerUserSession(DbClient dbClient, @Nullable UserDto userDto) {
this.dbClient = dbClient;
@@ -164,41 +165,44 @@ public class ServerUserSession extends AbstractUserSession {
@Override
protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
- if (permissionsByProjectUuid == null) {
- permissionsByProjectUuid = new HashMap<>();
- }
return hasPermission(permission, projectUuid);
}
@Override
protected boolean hasChildProjectsPermission(String permission, String applicationUuid) {
- if (permissionsByProjectUuid == null) {
- permissionsByProjectUuid = new HashMap<>();
- }
-
Set<String> childProjectUuids = loadChildProjectUuids(applicationUuid);
-
- return childProjectUuids
- .stream()
- .map(uuid -> hasPermission(permission, uuid))
- .allMatch(Boolean::valueOf);
+ return childProjectUuids.stream()
+ .allMatch(uuid -> hasPermission(permission, uuid));
}
@Override
protected boolean hasPortfolioChildProjectsPermission(String permission, String portfolioUuid) {
- if (permissionsByProjectUuid == null) {
- permissionsByProjectUuid = new HashMap<>();
- }
-
Set<ComponentDto> portfolioHierarchyComponents = resolvePortfolioHierarchyComponents(portfolioUuid);
+ Set<String> branchUuids = findBranchUuids(portfolioHierarchyComponents);
+ Set<String> projectUuids = findProjectUuids(branchUuids);
- Set<String> portfolioHierarchyComponentUuids = portfolioHierarchyComponents.stream().map(ComponentDto::getCopyComponentUuid).collect(Collectors.toSet());
-
- return portfolioHierarchyComponentUuids
- .stream()
+ return projectUuids.stream()
.allMatch(uuid -> hasPermission(permission, uuid));
}
+ private static Set<String> findBranchUuids(Set<ComponentDto> portfolioHierarchyComponents) {
+ return portfolioHierarchyComponents.stream()
+ .map(ComponentDto::getCopyComponentUuid)
+ .collect(Collectors.toSet());
+ }
+
+ private Set<String> findProjectUuids(Set<String> branchesComponents) {
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ return dbClient.componentDao().selectByUuids(dbSession, branchesComponents).stream()
+ .map(ServerUserSession::getProjectId)
+ .collect(toSet());
+ }
+ }
+
+ private static String getProjectId(ComponentDto branchComponent) {
+ return Optional.ofNullable(branchComponent.getMainBranchProjectUuid()).orElse(branchComponent.uuid());
+ }
+
private boolean hasPermission(String permission, String projectUuid) {
Set<String> projectPermissions = permissionsByProjectUuid.computeIfAbsent(projectUuid, this::loadProjectPermissions);
return projectPermissions.contains(permission);