SONAR-19445 Remove unnecessary methods using projectDto in AbstractUserSession and descendant

author: Léo Geoffroy <leo.geoffroy@sonarsource.com> 2023-06-05 15:20:26 +0200
committer: sonartech <sonartech@sonarsource.com> 2023-06-19 20:03:13 +0000
commit: 4e8da91a409ec61fcf48e8180e810bea7f37f09f (patch)
tree: 31273fca91155e16a17c1f630ff2bf5acace8540 /server/sonar-webserver-auth/src
parent: afc9bd0a4d312b693c3fb0c3fe416f2b22be0924 (diff)
download: sonarqube-4e8da91a409ec61fcf48e8180e810bea7f37f09f.tar.gz
sonarqube-4e8da91a409ec61fcf48e8180e810bea7f37f09f.zip
16 files changed, 82 insertions, 163 deletions
diff --git a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java
index 5473b10727a..292ae6d3fd1 100644
--- a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java
+++ b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java
@@ -756,7 +756,7 @@ public class ServerUserSessionIT {
     ProjectData privateProject = db.components().insertPrivateProject();
 
     Set<ProjectDto> projectDto = Set.of(publicProject.getProjectDto(), privateProject.getProjectDto());
-    List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(UserRole.USER, projectDto);
+    List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedEntities(UserRole.USER, projectDto);
 
     assertThat(projectDtos).containsExactly(publicProject.getProjectDto());
   }
@@ -768,7 +768,7 @@ public class ServerUserSessionIT {
     ProjectData privateProject = db.components().insertPrivateProject();
 
     Set<ProjectDto> projectDto = Set.of(publicProject.getProjectDto(), privateProject.getProjectDto());
-    List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(UserRole.USER, projectDto);
+    List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedEntities(UserRole.USER, projectDto);
 
     assertThat(projectDtos).containsExactly(publicProject.getProjectDto());
   }
@@ -783,7 +783,7 @@ public class ServerUserSessionIT {
     ProjectDto privateProjectWithoutPermission = db.components().insertPrivateProject().getProjectDto();
 
     Set<ProjectDto> projectDto = Set.of(publicProject, privateProject, privateProjectWithoutPermission);
-    List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(permission, projectDto);
+    List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedEntities(permission, projectDto);
 
     assertThat(projectDtos).containsExactly(privateProject);
   }
@@ -798,7 +798,7 @@ public class ServerUserSessionIT {
     ProjectDto privateProjectWithoutPermission = db.components().insertPrivateProject().getProjectDto();
 
     Set<ProjectDto> projectDto = Set.of(publicProject, privateProject, privateProjectWithoutPermission);
-    List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(permission, projectDto);
+    List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedEntities(permission, projectDto);
 
     assertThat(projectDtos).isEmpty();
   }
diff --git a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java
index f98745f84b6..abc8142eb2a 100644
--- a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java
+++ b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java
@@ -68,8 +68,8 @@ public class TokenUserSessionIT {
 
     TokenUserSession userSession = mockTokenUserSession(user);
 
-    assertThat(userSession.hasProjectUuidPermission(SCAN, project1.getUuid())).isTrue();
-    assertThat(userSession.hasProjectUuidPermission(SCAN, project2.getUuid())).isFalse();
+    assertThat(userSession.hasEntityUuidPermission(SCAN, project1.getUuid())).isTrue();
+    assertThat(userSession.hasEntityUuidPermission(SCAN, project2.getUuid())).isFalse();
   }
 
   @Test
@@ -84,8 +84,8 @@ public class TokenUserSessionIT {
 
     TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1);
 
-    assertThat(userSession.hasProjectUuidPermission(SCAN, project1.getUuid())).isTrue();
-    assertThat(userSession.hasProjectUuidPermission(SCAN, project2.getUuid())).isFalse();
+    assertThat(userSession.hasEntityUuidPermission(SCAN, project1.getUuid())).isTrue();
+    assertThat(userSession.hasEntityUuidPermission(SCAN, project2.getUuid())).isFalse();
   }
 
   @Test
@@ -99,8 +99,8 @@ public class TokenUserSessionIT {
 
     TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1);
 
-    assertThat(userSession.hasProjectUuidPermission(SCAN, project1.getUuid())).isTrue();
-    assertThat(userSession.hasProjectUuidPermission(SCAN, project2.getUuid())).isFalse();
+    assertThat(userSession.hasEntityUuidPermission(SCAN, project1.getUuid())).isTrue();
+    assertThat(userSession.hasEntityUuidPermission(SCAN, project2.getUuid())).isFalse();
   }
 
   @Test
@@ -140,7 +140,7 @@ public class TokenUserSessionIT {
 
     TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user);
 
-    assertThat(userSession.hasProjectUuidPermission(SCAN, project1.getUuid())).isFalse();
+    assertThat(userSession.hasEntityUuidPermission(SCAN, project1.getUuid())).isFalse();
     assertThat(userSession.hasPermission(GlobalPermission.SCAN)).isTrue();
   }
 
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java
index ae33273673c..574241488ea 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java
@@ -37,12 +37,12 @@ public class SafeModeUserSession extends AbstractUserSession {
   }
 
   @Override
-  protected Optional<String> componentUuidToProjectUuid(String componentUuid) {
+  protected Optional<String> componentUuidToEntityUuid(String componentUuid) {
     return Optional.empty();
   }
 
   @Override
-  protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
+  protected boolean hasEntityUuidPermission(String permission, String entityUuid) {
     return false;
   }
 
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java
index 040f7c1c2fa..e34ca857a73 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java
@@ -89,31 +89,26 @@ public abstract class AbstractUserSession implements UserSession {
 
   @Override
   public boolean hasComponentPermission(String permission, ComponentDto component) {
-    Optional<String> projectUuid1 = componentUuidToProjectUuid(component.uuid());
+    Optional<String> projectUuid1 = componentUuidToEntityUuid(component.uuid());
 
     return projectUuid1
-      .map(projectUuid -> hasProjectUuidPermission(permission, projectUuid))
+      .map(projectUuid -> hasEntityUuidPermission(permission, projectUuid))
       .orElse(false);
   }
 
   @Override
-  public final boolean hasProjectPermission(String permission, ProjectDto project) {
-    return hasProjectUuidPermission(permission, project.getUuid());
-  }
-
-  @Override
   public final boolean hasEntityPermission(String permission, EntityDto entity) {
-    return hasProjectUuidPermission(permission, entity.getAuthUuid());
+    return hasEntityUuidPermission(permission, entity.getAuthUuid());
   }
 
   @Override
-  public final boolean hasProjectPermission(String permission, String projectUuid) {
-    return hasProjectUuidPermission(permission, projectUuid);
+  public final boolean hasEntityPermission(String permission, String entityUuid) {
+    return hasEntityUuidPermission(permission, entityUuid);
   }
 
   @Override
   public final boolean hasChildProjectsPermission(String permission, ComponentDto component) {
-    return componentUuidToProjectUuid(component.uuid())
+    return componentUuidToEntityUuid(component.uuid())
       .map(applicationUuid -> hasChildProjectsPermission(permission, applicationUuid)).orElse(false);
   }
 
@@ -129,15 +124,15 @@ public abstract class AbstractUserSession implements UserSession {
 
   @Override
   public boolean hasComponentUuidPermission(String permission, String componentUuid) {
-    Optional<String> projectUuid = componentUuidToProjectUuid(componentUuid);
-    return projectUuid
-      .map(s -> hasProjectUuidPermission(permission, s))
+    Optional<String> entityUuid = componentUuidToEntityUuid(componentUuid);
+    return entityUuid
+      .map(s -> hasEntityUuidPermission(permission, s))
       .orElse(false);
   }
 
-  protected abstract Optional<String> componentUuidToProjectUuid(String componentUuid);
+  protected abstract Optional<String> componentUuidToEntityUuid(String componentUuid);
 
-  protected abstract boolean hasProjectUuidPermission(String permission, String projectUuid);
+  protected abstract boolean hasEntityUuidPermission(String permission, String entityUuid);
 
   protected abstract boolean hasChildProjectsPermission(String permission, String applicationUuid);
 
@@ -149,11 +144,6 @@ public abstract class AbstractUserSession implements UserSession {
   }
 
   @Override
-  public List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects) {
-    return doKeepAuthorizedProjects(permission, projects);
-  }
-
-  @Override
   public  <T extends EntityDto>  List<T> keepAuthorizedEntities(String permission, Collection<T> projects) {
     return doKeepAuthorizedEntities(permission, projects);
   }
@@ -164,23 +154,13 @@ public abstract class AbstractUserSession implements UserSession {
   protected  <T extends EntityDto> List<T> doKeepAuthorizedEntities(String permission, Collection<T> entities) {
     boolean allowPublicComponent = PUBLIC_PERMISSIONS.contains(permission);
     return entities.stream()
-      .filter(c -> (allowPublicComponent && !c.isPrivate()) || hasProjectPermission(permission, c.getUuid()))
+      .filter(c -> (allowPublicComponent && !c.isPrivate()) || hasEntityPermission(permission, c.getUuid()))
       .toList();
   }
 
   /**
    * Naive implementation, to be overridden if needed
    */
-  protected List<ProjectDto> doKeepAuthorizedProjects(String permission, Collection<ProjectDto> projects) {
-    boolean allowPublicComponent = PUBLIC_PERMISSIONS.contains(permission);
-    return projects.stream()
-      .filter(c -> (allowPublicComponent && !c.isPrivate()) || hasProjectPermission(permission, c))
-      .collect(MoreCollectors.toList());
-  }
-
-  /**
-   * Naive implementation, to be overridden if needed
-   */
   protected List<ComponentDto> doKeepAuthorizedComponents(String permission, Collection<ComponentDto> components) {
     boolean allowPublicComponent = PUBLIC_PERMISSIONS.contains(permission);
     return components.stream()
@@ -213,15 +193,6 @@ public abstract class AbstractUserSession implements UserSession {
   }
 
   @Override
-  public UserSession checkProjectPermission(String projectPermission, ProjectDto project) {
-    if (hasProjectUuidPermission(projectPermission, project.getUuid())) {
-      return this;
-    }
-
-    throw new ForbiddenException(INSUFFICIENT_PRIVILEGES_MESSAGE);
-  }
-
-  @Override
   public UserSession checkEntityPermission(String projectPermission, EntityDto entity) {
     if (hasEntityPermission(projectPermission, entity)) {
       return this;
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java
index 790bbed0692..b7c9b3b8fb9 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java
@@ -118,13 +118,13 @@ public final class DoPrivileged {
       }
 
       @Override
-      protected Optional<String> componentUuidToProjectUuid(String componentUuid) {
+      protected Optional<String> componentUuidToEntityUuid(String componentUuid) {
         // always root
         return Optional.of(componentUuid);
       }
 
       @Override
-      protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
+      protected boolean hasEntityUuidPermission(String permission, String entityUuid) {
         return true;
       }
 
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java
index 6ee86d49961..a145e270002 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java
@@ -86,12 +86,12 @@ public class GithubWebhookUserSession extends AbstractUserSession {
   }
 
   @Override
-  protected Optional<String> componentUuidToProjectUuid(String componentUuid) {
+  protected Optional<String> componentUuidToEntityUuid(String componentUuid) {
     return Optional.empty();
   }
 
   @Override
-  protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
+  protected boolean hasEntityUuidPermission(String permission, String entityUuid) {
     return false;
   }
 
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
index da340435d9c..3c01fb2923e 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
@@ -43,7 +43,6 @@ import org.sonar.db.component.ComponentTreeQuery;
 import org.sonar.db.component.ComponentTreeQuery.Strategy;
 import org.sonar.db.entity.EntityDto;
 import org.sonar.db.permission.GlobalPermission;
-import org.sonar.db.project.ProjectDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 
@@ -65,8 +64,8 @@ public class ServerUserSession extends AbstractUserSession {
   @CheckForNull
   private final UserDto userDto;
   private final DbClient dbClient;
-  private final Map<String, String> projectUuidByComponentUuid = new HashMap<>();
-  private final Map<String, Set<String>> permissionsByProjectUuid = new HashMap<>();
+  private final Map<String, String> entityUuidByComponentUuid = new HashMap<>();
+  private final Map<String, Set<String>> permissionsByEntityUuid = new HashMap<>();
 
   private Collection<GroupDto> groups;
   private Boolean isSystemAdministrator;
@@ -147,10 +146,10 @@ public class ServerUserSession extends AbstractUserSession {
   }
 
   @Override
-  protected Optional<String> componentUuidToProjectUuid(String componentUuid) {
-    String projectUuid = projectUuidByComponentUuid.get(componentUuid);
-    if (projectUuid != null) {
-      return of(projectUuid);
+  protected Optional<String> componentUuidToEntityUuid(String componentUuid) {
+    String entityUuid = entityUuidByComponentUuid.get(componentUuid);
+    if (entityUuid != null) {
+      return of(entityUuid);
     }
     try (DbSession dbSession = dbClient.openSession(false)) {
       Optional<ComponentDto> component = dbClient.componentDao().selectByUuid(dbSession, componentUuid);
@@ -158,21 +157,21 @@ public class ServerUserSession extends AbstractUserSession {
         return Optional.empty();
       }
       // permissions must be checked on the project
-      projectUuid = getProjectUuid(dbSession, component.get());
-      projectUuidByComponentUuid.put(componentUuid, projectUuid);
-      return of(projectUuid);
+      entityUuid = getEntityUuid(dbSession, component.get());
+      entityUuidByComponentUuid.put(componentUuid, entityUuid);
+      return of(entityUuid);
     }
   }
 
   @Override
-  protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
-    return hasPermission(permission, projectUuid);
+  protected boolean hasEntityUuidPermission(String permission, String entityUuid) {
+    return hasPermission(permission, entityUuid);
   }
 
   @Override
   protected boolean hasChildProjectsPermission(String permission, String applicationUuid) {
     Set<String> childProjectUuids = loadChildProjectUuids(applicationUuid);
-    Set<String> projectsWithPermission = keepProjectsUuidsByPermission(permission, childProjectUuids);
+    Set<String> projectsWithPermission = keepEntitiesUuidsByPermission(permission, childProjectUuids);
     return projectsWithPermission.containsAll(childProjectUuids);
   }
 
@@ -182,35 +181,25 @@ public class ServerUserSession extends AbstractUserSession {
     Set<String> branchUuids = findBranchUuids(portfolioHierarchyComponents);
     Set<String> projectUuids = findProjectUuids(branchUuids);
 
-    Set<String> projectsWithPermission = keepProjectsUuidsByPermission(permission, projectUuids);
+    Set<String> projectsWithPermission = keepEntitiesUuidsByPermission(permission, projectUuids);
     return projectsWithPermission.containsAll(projectUuids);
   }
 
   @Override
-  public List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects) {
-    Set<String> projectsUuids = projects.stream().map(ProjectDto::getUuid).collect(Collectors.toSet());
-    Set<String> authorizedProjectsUuids = keepProjectsUuidsByPermission(permission, projectsUuids);
-
-    return projects.stream()
-      .filter(project -> authorizedProjectsUuids.contains(project.getUuid()))
-      .toList();
-  }
-
-  @Override
-  public <T extends EntityDto> List<T> keepAuthorizedEntities(String permission, Collection<T> projects) {
-    Set<String> projectsUuids = projects.stream().map(EntityDto::getUuid).collect(Collectors.toSet());
+  public <T extends EntityDto> List<T> keepAuthorizedEntities(String permission, Collection<T> entities) {
+    Set<String> projectsUuids = entities.stream().map(EntityDto::getUuid).collect(Collectors.toSet());
     // TODO in SONAR-19445
-    Set<String> authorizedProjectsUuids = keepProjectsUuidsByPermission(permission, projectsUuids);
+    Set<String> authorizedEntitiesUuids = keepEntitiesUuidsByPermission(permission, projectsUuids);
 
-    return projects.stream()
-      .filter(project -> authorizedProjectsUuids.contains(project.getUuid()))
+    return entities.stream()
+      .filter(project -> authorizedEntitiesUuids.contains(project.getUuid()))
       .toList();
   }
 
-  private Set<String> keepProjectsUuidsByPermission(String permission, Collection<String> projectsUuids) {
+  private Set<String> keepEntitiesUuidsByPermission(String permission, Collection<String> entityUuids) {
     try (DbSession dbSession = dbClient.openSession(false)) {
       String userUuid = userDto == null ? null : userDto.getUuid();
-      return dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, projectsUuids, userUuid, permission);
+      return dbClient.authorizationDao().keepAuthorizedProjectUuids(dbSession, entityUuids, userUuid, permission);
     }
   }
 
@@ -227,7 +216,7 @@ public class ServerUserSession extends AbstractUserSession {
     }
   }
 
-  private String getProjectUuid(DbSession dbSession, ComponentDto componentDto) {
+  private String getEntityUuid(DbSession dbSession, ComponentDto componentDto) {
     // Portfolio & subPortfolio don't have branch, so branchUuid represents the portfolio uuid.
     // technical project store root portfolio uuid in branchUuid
     if (isPortfolioOrSubPortfolio(componentDto) || isTechnicalProject(componentDto)) {
@@ -265,26 +254,23 @@ public class ServerUserSession extends AbstractUserSession {
     return !Objects.isNull(componentDto.qualifier()) && QUALIFIERS.contains(componentDto.qualifier());
   }
 
-  private boolean hasPermission(String permission, String projectUuid) {
-    Set<String> projectPermissions = permissionsByProjectUuid.computeIfAbsent(projectUuid, this::loadProjectPermissions);
-    return projectPermissions.contains(permission);
+  private boolean hasPermission(String permission, String entityUuid) {
+    Set<String> entityPermissions = permissionsByEntityUuid.computeIfAbsent(entityUuid, this::loadEntityPermissions);
+    return entityPermissions.contains(permission);
   }
 
-  /**
-   * Also applies to views
-   */
-  private Set<String> loadProjectPermissions(String projectUuid) {
+  private Set<String> loadEntityPermissions(String entityUuid) {
     try (DbSession dbSession = dbClient.openSession(false)) {
-      Optional<EntityDto> entity = dbClient.entityDao().selectByUuid(dbSession, projectUuid);
+      Optional<EntityDto> entity = dbClient.entityDao().selectByUuid(dbSession, entityUuid);
       if (entity.isEmpty()) {
         return Collections.emptySet();
       }
       if (entity.get().isPrivate()) {
-        return loadDbPermissions(dbSession, projectUuid);
+        return loadDbPermissions(dbSession, entityUuid);
       }
       Set<String> projectPermissions = new HashSet<>();
       projectPermissions.addAll(PUBLIC_PERMISSIONS);
-      projectPermissions.addAll(loadDbPermissions(dbSession, projectUuid));
+      projectPermissions.addAll(loadDbPermissions(dbSession, entityUuid));
       return Collections.unmodifiableSet(projectPermissions);
     }
   }
@@ -383,11 +369,11 @@ public class ServerUserSession extends AbstractUserSession {
         .filter(c -> {
           if (c.getCopyComponentUuid() != null) {
             var componentDto = originalComponents.get(c.getCopyComponentUuid());
-            return componentDto != null && authorizedProjectUuids.contains(getProjectUuid(dbSession, componentDto));
+            return componentDto != null && authorizedProjectUuids.contains(getEntityUuid(dbSession, componentDto));
           }
 
           return authorizedProjectUuids.contains(c.branchUuid()) || authorizedProjectUuids.contains(
-            getProjectUuid(dbSession, c));
+            getEntityUuid(dbSession, c));
         })
         .collect(MoreCollectors.toList(components.size()));
     }
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
index 66b3e060fe5..f5a3119f673 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
@@ -136,12 +136,6 @@ public class ThreadLocalUserSession implements UserSession {
   }
 
   @Override
-  public UserSession checkProjectPermission(String projectPermission, ProjectDto project) {
-    get().checkProjectPermission(projectPermission, project);
-    return this;
-  }
-
-  @Override
   public UserSession checkChildProjectsPermission(String projectPermission, ComponentDto component) {
     get().checkChildProjectsPermission(projectPermission, component);
     return this;
@@ -186,13 +180,8 @@ public class ThreadLocalUserSession implements UserSession {
   }
 
   @Override
-  public boolean hasProjectPermission(String permission, ProjectDto project) {
-    return get().hasProjectPermission(permission, project);
-  }
-
-  @Override
-  public boolean hasProjectPermission(String permission, String projectUuid) {
-    return get().hasProjectPermission(permission, projectUuid);
+  public boolean hasEntityPermission(String permission, String entityUuid) {
+    return get().hasEntityPermission(permission, entityUuid);
   }
 
   @Override
@@ -224,9 +213,4 @@ public class ThreadLocalUserSession implements UserSession {
   public <T extends EntityDto> List<T> keepAuthorizedEntities(String permission, Collection<T> entities) {
     return get().keepAuthorizedEntities(permission, entities);
   }
-
-  @Override
-  public List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects) {
-    return get().keepAuthorizedProjects(permission, projects);
-  }
 }
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java
index c1c21eddd2e..b33a5909a25 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java
@@ -39,15 +39,15 @@ public class TokenUserSession extends ServerUserSession {
   }
 
   @Override
-  protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
+  protected boolean hasEntityUuidPermission(String permission, String entityUuid) {
     TokenType tokenType = TokenType.valueOf(userToken.getType());
     switch (tokenType) {
       case USER_TOKEN:
-        return super.hasProjectUuidPermission(permission, projectUuid);
+        return super.hasEntityUuidPermission(permission, entityUuid);
       case PROJECT_ANALYSIS_TOKEN:
         return SCAN.equals(permission) &&
-          projectUuid.equals(userToken.getProjectUuid()) &&
-          (super.hasProjectUuidPermission(SCAN, projectUuid) || super.hasPermissionImpl(GlobalPermission.SCAN));
+               entityUuid.equals(userToken.getProjectUuid()) &&
+               (super.hasEntityUuidPermission(SCAN, entityUuid) || super.hasPermissionImpl(GlobalPermission.SCAN));
       case GLOBAL_ANALYSIS_TOKEN:
         //The case with a global analysis token has to return false always, since it is based on the assumption that the user
         // has global analysis privileges
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
index a2a943abbcc..4e4bdc05b2f 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
@@ -147,11 +147,9 @@ public interface UserSession {
    */
   boolean hasComponentPermission(String permission, ComponentDto component);
 
-  boolean hasProjectPermission(String permission, ProjectDto project);
-
   boolean hasEntityPermission(String permission, EntityDto entity);
 
-  boolean hasProjectPermission(String permission, String projectUuid);
+  boolean hasEntityPermission(String permission, String entityUuid);
 
   boolean hasChildProjectsPermission(String permission, ComponentDto component);
 
@@ -180,8 +178,6 @@ public interface UserSession {
 
   <T extends EntityDto> List<T> keepAuthorizedEntities(String permission, Collection<T> components);
 
-  List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects);
-
   /**
    * Ensures that {@link #hasComponentPermission(String, ComponentDto)} is {@code true},
    * otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}.
@@ -189,11 +185,9 @@ public interface UserSession {
   UserSession checkComponentPermission(String projectPermission, ComponentDto component);
 
   /**
-   * Ensures that {@link #hasProjectPermission(String, ProjectDto)} is {@code true},
+   * Ensures that {@link #hasEntityPermission(String, ProjectDto)} is {@code true},
    * otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}.
    */
-  UserSession checkProjectPermission(String projectPermission, ProjectDto project);
-
   UserSession checkEntityPermission(String projectPermission, EntityDto entity);
 
   /**
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java
index 1c97bd25fd8..86176b403b0 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java
@@ -45,7 +45,7 @@ public class SafeModeUserSessionTest {
     assertThat(underTest.shouldResetPassword()).isFalse();
     assertThat(underTest.isSystemAdministrator()).isFalse();
     assertThat(underTest.hasPermissionImpl(GlobalPermission.ADMINISTER)).isFalse();
-    assertThat(underTest.hasProjectUuidPermission(UserRole.USER, "foo")).isFalse();
+    assertThat(underTest.hasEntityUuidPermission(UserRole.USER, "foo")).isFalse();
     assertThat(underTest.hasChildProjectsPermission(UserRole.USER, "foo")).isFalse();
     assertThat(underTest.hasPortfolioChildProjectsPermission(UserRole.USER, "foo")).isFalse();
   }
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java
index ef600c4885a..f5471a5f84d 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java
@@ -91,12 +91,12 @@ public class GithubWebhookUserSessionTest {
 
   @Test
   public void componentUuidToProjectUuid() {
-    assertThat(githubWebhookUserSession.componentUuidToProjectUuid("test")).isEmpty();
+    assertThat(githubWebhookUserSession.componentUuidToEntityUuid("test")).isEmpty();
   }
 
   @Test
   public void hasProjectUuidPermission() {
-    assertThat(githubWebhookUserSession.hasProjectUuidPermission("perm", "project")).isFalse();
+    assertThat(githubWebhookUserSession.hasEntityUuidPermission("perm", "project")).isFalse();
   }
 
   @Test
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
index 22fe4013e52..74e3544caad 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
@@ -74,7 +74,7 @@ public class ThreadLocalUserSessionTest {
     assertThat(threadLocalUserSession.hasChildProjectsPermission(USER, new ComponentDto())).isFalse();
     assertThat(threadLocalUserSession.hasChildProjectsPermission(USER, new ProjectDto())).isFalse();
     assertThat(threadLocalUserSession.hasPortfolioChildProjectsPermission(USER, new ComponentDto())).isFalse();
-    assertThat(threadLocalUserSession.hasProjectPermission(USER, new ProjectDto().getUuid())).isFalse();
+    assertThat(threadLocalUserSession.hasEntityPermission(USER, new ProjectDto().getUuid())).isFalse();
   }
 
   @Test
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
index 88a0109539b..48c4ff0f4ff 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
@@ -195,24 +195,24 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
   }
 
   @Override
-  protected Optional<String> componentUuidToProjectUuid(String componentUuid) {
+  protected Optional<String> componentUuidToEntityUuid(String componentUuid) {
     return Optional.ofNullable(Optional.ofNullable(projectUuidByBranchUuid.get(componentUuid))
       .orElse(projectUuidByComponentUuid.get(componentUuid)));
   }
 
   @Override
   public boolean hasComponentPermission(String permission, ComponentDto component) {
-    return componentUuidToProjectUuid(component.uuid())
-      .or(() -> componentUuidToProjectUuid(component.branchUuid()))
-      .map(projectUuid -> hasProjectUuidPermission(permission, projectUuid)).orElseGet(() -> {
+    return componentUuidToEntityUuid(component.uuid())
+      .or(() -> componentUuidToEntityUuid(component.branchUuid()))
+      .map(projectUuid -> hasEntityUuidPermission(permission, projectUuid)).orElseGet(() -> {
         LOGGER.warn("No project uuid for branchUuid : {}", component.branchUuid());
         return false;
       });
   }
 
   @Override
-  protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
-    return projectPermissions.contains(permission) && projectUuidByPermission.get(permission).contains(projectUuid);
+  protected boolean hasEntityUuidPermission(String permission, String entityUuid) {
+    return projectPermissions.contains(permission) && projectUuidByPermission.get(permission).contains(entityUuid);
   }
 
   @Override
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
index 9623adc300c..946bf0f5f74 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
@@ -259,18 +259,13 @@ public class UserSessionRule implements TestRule, UserSession {
   }
 
   @Override
-  public boolean hasProjectPermission(String permission, ProjectDto project) {
-    return currentUserSession.hasProjectPermission(permission, project);
-  }
-
-  @Override
   public boolean hasEntityPermission(String permission, EntityDto entity) {
-    return currentUserSession.hasProjectPermission(permission, entity.getUuid());
+    return currentUserSession.hasEntityPermission(permission, entity.getUuid());
   }
 
   @Override
-  public boolean hasProjectPermission(String permission, String projectUuid) {
-    return currentUserSession.hasProjectPermission(permission, projectUuid);
+  public boolean hasEntityPermission(String permission, String entityUuid) {
+    return currentUserSession.hasEntityPermission(permission, entityUuid);
   }
 
   @Override
@@ -304,11 +299,6 @@ public class UserSessionRule implements TestRule, UserSession {
   }
 
   @Override
-  public List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects) {
-    return currentUserSession.keepAuthorizedProjects(permission, projects);
-  }
-
-  @Override
   @CheckForNull
   public String getLogin() {
     return currentUserSession.getLogin();
@@ -387,12 +377,6 @@ public class UserSessionRule implements TestRule, UserSession {
   }
 
   @Override
-  public UserSession checkProjectPermission(String projectPermission, ProjectDto project) {
-    currentUserSession.checkProjectPermission(projectPermission, project);
-    return this;
-  }
-
-  @Override
   public UserSession checkChildProjectsPermission(String projectPermission, ComponentDto component) {
     currentUserSession.checkChildProjectsPermission(projectPermission, component);
     return this;
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
index 0fa0215da9a..934d6390842 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
@@ -118,12 +118,12 @@ public class TestUserSessionFactory implements UserSessionFactory {
     }
 
     @Override
-    protected Optional<String> componentUuidToProjectUuid(String componentUuid) {
+    protected Optional<String> componentUuidToEntityUuid(String componentUuid) {
       throw notImplemented();
     }
 
     @Override
-    protected boolean hasProjectUuidPermission(String permission, String projectUuid) {
+    protected boolean hasEntityUuidPermission(String permission, String entityUuid) {
       throw notImplemented();
     }
author	Léo Geoffroy <leo.geoffroy@sonarsource.com>	2023-06-05 15:20:26 +0200
committer	sonartech <sonartech@sonarsource.com>	2023-06-19 20:03:13 +0000
commit	4e8da91a409ec61fcf48e8180e810bea7f37f09f (patch)
tree	31273fca91155e16a17c1f630ff2bf5acace8540 /server/sonar-webserver-auth/src
parent	afc9bd0a4d312b693c3fb0c3fe416f2b22be0924 (diff)
download	sonarqube-4e8da91a409ec61fcf48e8180e810bea7f37f09f.tar.gz sonarqube-4e8da91a409ec61fcf48e8180e810bea7f37f09f.zip