SONAR-15741 - Centralized check for child projects permission

3 files changed, 45 insertions, 3 deletions

diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
index b46b99ffe27..9e040fb3a7c 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
@@ -27,6 +27,7 @@ import java.util.HashSet;
 import java.util.Map;
 import java.util.Optional;
 import java.util.Set;
+import java.util.stream.Collectors;
 import org.sonar.api.web.UserRole;
 import org.sonar.db.component.ComponentDto;
 import org.sonar.db.permission.GlobalPermission;
@@ -40,10 +41,11 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
   private static final Set<String> PUBLIC_PERMISSIONS = ImmutableSet.of(UserRole.USER, UserRole.CODEVIEWER); // FIXME to check with Simon
 
   private final Class<T> clazz;
-  private HashMultimap<String, String> projectUuidByPermission = HashMultimap.create();
+  private final HashMultimap<String, String> projectUuidByPermission = HashMultimap.create();
   private final Set<GlobalPermission> permissions = new HashSet<>();
-  private Map<String, String> projectUuidByComponentUuid = new HashMap<>();
-  private Set<String> projectPermissions = new HashSet<>();
+  private final Map<String, String> projectUuidByComponentUuid = new HashMap<>();
+  private final Map<String, Set<String>> applicationProjects = new HashMap<>();
+  private final Set<String> projectPermissions = new HashSet<>();
   private boolean systemAdministrator = false;
   private boolean resetPassword = false;
 
@@ -93,6 +95,18 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
     return clazz.cast(this);
   }
 
+  public T registerApplication(ProjectDto application, ProjectDto... appProjects) {
+    registerProjects(application);
+    registerProjects(appProjects);
+
+    var appProjectsUuid = Arrays.stream(appProjects)
+      .map(ProjectDto::getUuid)
+      .collect(Collectors.toSet());
+    this.applicationProjects.put(application.getUuid(), appProjectsUuid);
+
+    return clazz.cast(this);
+  }
+
   public T registerPortfolios(PortfolioDto... portfolios) {
     Arrays.stream(portfolios)
       .forEach(portfolio -> {
@@ -156,6 +170,13 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
     return projectPermissions.contains(permission) && projectUuidByPermission.get(permission).contains(projectUuid);
   }
 
+  @Override
+  protected boolean hasChildProjectsPermission(String permission, String applicationUuid) {
+    return applicationProjects.containsKey(applicationUuid) && applicationProjects.get(applicationUuid)
+      .stream()
+      .allMatch(projectUuid -> projectPermissions.contains(permission) && projectUuidByPermission.get(permission).contains(projectUuid));
+  }
+
   public T setSystemAdministrator(boolean b) {
     this.systemAdministrator = b;
     return clazz.cast(this);
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
index b0bdbce1cf2..4b33d0ff77c 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
@@ -193,6 +193,11 @@ public class UserSessionRule implements TestRule, UserSession {
     return this;
   }
 
+  public UserSessionRule registerApplication(ProjectDto application, ProjectDto... appProjects) {
+    ensureAbstractMockUserSession().registerApplication(application, appProjects);
+    return this;
+  }
+
   public UserSessionRule addProjectPermission(String projectPermission, ComponentDto... components) {
     ensureAbstractMockUserSession().addProjectPermission(projectPermission, components);
     return this;
@@ -252,6 +257,11 @@ public class UserSessionRule implements TestRule, UserSession {
   }
 
   @Override
+  public boolean hasChildProjectsPermission(String permission, ComponentDto component) {
+    return currentUserSession.hasChildProjectsPermission(permission, component);
+  }
+
+  @Override
   public boolean hasComponentUuidPermission(String permission, String componentUuid) {
     return currentUserSession.hasComponentUuidPermission(permission, componentUuid);
   }
@@ -355,6 +365,12 @@ public class UserSessionRule implements TestRule, UserSession {
   }
 
   @Override
+  public UserSession checkChildProjectsPermission(String projectPermission, ComponentDto component) {
+    currentUserSession.checkChildProjectsPermission(projectPermission, component);
+    return this;
+  }
+
+  @Override
   public UserSession checkComponentUuidPermission(String permission, String componentUuid) {
     currentUserSession.checkComponentUuidPermission(permission, componentUuid);
     return this;
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
index 97d3fe28b01..cf3a2336dff 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
@@ -122,6 +122,11 @@ public class TestUserSessionFactory implements UserSessionFactory {
     }
 
     @Override
+    protected boolean hasChildProjectsPermission(String permission, String applicationUuid) {
+      throw notImplemented();
+    }
+
+    @Override
     public boolean isSystemAdministrator() {
       throw notImplemented();
     }