SONAR-18628 Drop GlobalPermissions class and replace with GlobalPermission enum.

author: Dimitris Kavvathas <dimitris.kavvathas@sonarsource.com> 2023-03-06 15:38:50 +0100
committer: sonartech <sonartech@sonarsource.com> 2023-03-07 20:02:54 +0000
commit: fade3151895d6c553798d14e4b697caf8e78f622 (patch)
tree: 0793f739ce22afc3d17522f2930224fd1c0948d7 /server/sonar-webserver-auth
parent: b2458a2688f81e8370f672757640af32b23c8648 (diff)
download: sonarqube-fade3151895d6c553798d14e4b697caf8e78f622.tar.gz
sonarqube-fade3151895d6c553798d14e4b697caf8e78f622.zip
3 files changed, 112 insertions, 119 deletions
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java
index 2b334d5f8a9..f10f6b81659 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java
@@ -61,8 +61,8 @@ public class DefaultAdminCredentialsVerifierNotificationHandlerTest {
     // Users granted admin permission directly
     UserDto admin1 = db.users().insertUser(u -> u.setEmail("admin1"));
     UserDto adminWithNoEmail = db.users().insertUser(u -> u.setEmail(null));
-    db.users().insertPermissionOnUser(admin1, ADMINISTER);
-    db.users().insertPermissionOnUser(adminWithNoEmail, ADMINISTER);
+    db.users().insertGlobalPermissionOnUser(admin1, ADMINISTER);
+    db.users().insertGlobalPermissionOnUser(adminWithNoEmail, ADMINISTER);
     // User granted admin permission by group membership
     UserDto admin2 = db.users().insertUser(u -> u.setEmail("admin2"));
     GroupDto adminGroup = db.users().insertGroup();
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
index a5feb662795..fb5d2047ae3 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
@@ -27,9 +27,11 @@ import org.assertj.core.api.ThrowableAssert.ThrowingCallable;
 import org.junit.Rule;
 import org.junit.Test;
 import org.sonar.api.utils.System2;
+import org.sonar.api.web.UserRole;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDto;
+import org.sonar.db.permission.GlobalPermission;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
@@ -39,18 +41,9 @@ import static com.google.common.base.Preconditions.checkState;
 import static java.util.Arrays.asList;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.assertThatThrownBy;
-import static org.sonar.api.web.UserRole.ADMIN;
-import static org.sonar.api.web.UserRole.CODEVIEWER;
-import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
-import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.db.component.ComponentTesting.newChildComponent;
 import static org.sonar.db.component.ComponentTesting.newProjectCopy;
 import static org.sonar.db.component.ComponentTesting.newSubPortfolio;
-import static org.sonar.db.permission.GlobalPermission.ADMINISTER;
-import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS;
-import static org.sonar.db.permission.GlobalPermission.SCAN;
 
 public class ServerUserSessionTest {
 
@@ -142,23 +135,23 @@ public class ServerUserSessionTest {
   public void checkComponentUuidPermission_fails_with_FE_when_user_has_not_permission_for_specified_uuid_in_db() {
     UserDto user = db.users().insertUser();
     ComponentDto project = db.components().insertPrivateProject();
-    db.users().insertProjectPermissionOnUser(user, USER, project);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project);
     UserSession session = newUserSession(user);
 
-    assertThatForbiddenExceptionIsThrown(() -> session.checkComponentUuidPermission(USER, "another-uuid"));
+    assertThatForbiddenExceptionIsThrown(() -> session.checkComponentUuidPermission(UserRole.USER, "another-uuid"));
   }
 
   @Test
   public void checkChildProjectsPermission_succeeds_if_user_has_permissions_on_all_application_child_projects() {
     UserDto user = db.users().insertUser();
     ComponentDto project = db.components().insertPrivateProject();
-    db.users().insertProjectPermissionOnUser(user, USER, project);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project);
     ComponentDto application = db.components().insertPrivateApplication();
     db.components().addApplicationProject(application, project);
 
     UserSession underTest = newUserSession(user);
 
-    assertThat(underTest.checkChildProjectsPermission(USER, application)).isSameAs(underTest);
+    assertThat(underTest.checkChildProjectsPermission(UserRole.USER, application)).isSameAs(underTest);
   }
 
   @Test
@@ -168,7 +161,7 @@ public class ServerUserSessionTest {
 
     UserSession underTest = newUserSession(user);
 
-    assertThat(underTest.checkChildProjectsPermission(USER, project)).isSameAs(underTest);
+    assertThat(underTest.checkChildProjectsPermission(UserRole.USER, project)).isSameAs(underTest);
   }
 
   @Test
@@ -182,76 +175,76 @@ public class ServerUserSessionTest {
 
     UserSession underTest = newUserSession(user);
 
-    assertThatForbiddenExceptionIsThrown(() -> underTest.checkChildProjectsPermission(USER, application));
+    assertThatForbiddenExceptionIsThrown(() -> underTest.checkChildProjectsPermission(UserRole.USER, application));
   }
 
   @Test
   public void checkPermission_throws_ForbiddenException_when_user_doesnt_have_the_specified_permission() {
     UserDto user = db.users().insertUser();
 
-    assertThatForbiddenExceptionIsThrown(() -> newUserSession(user).checkPermission(PROVISION_PROJECTS));
+    assertThatForbiddenExceptionIsThrown(() -> newUserSession(user).checkPermission(GlobalPermission.PROVISION_PROJECTS));
   }
 
   @Test
   public void checkPermission_succeeds_when_user_has_the_specified_permission() {
     UserDto adminUser = db.users().insertAdminByUserPermission();
-    db.users().insertPermissionOnUser(adminUser, PROVISIONING);
+    db.users().insertGlobalPermissionOnUser(adminUser, GlobalPermission.PROVISION_PROJECTS);
 
-    newUserSession(adminUser).checkPermission(PROVISION_PROJECTS);
+    newUserSession(adminUser).checkPermission(GlobalPermission.PROVISION_PROJECTS);
   }
 
   @Test
   public void test_hasPermission_for_logged_in_user() {
     ComponentDto project = db.components().insertPrivateProject();
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(user, PROVISION_PROJECTS);
-    db.users().insertProjectPermissionOnUser(user, ADMIN, project);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS);
+    db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project);
 
     UserSession session = newUserSession(user);
-    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
-    assertThat(session.hasPermission(ADMINISTER)).isFalse();
+    assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse();
   }
 
   @Test
   public void test_hasPermission_for_anonymous_user() {
-    db.users().insertPermissionOnAnyone(PROVISION_PROJECTS);
+    db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS);
 
     UserSession session = newAnonymousSession();
-    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
-    assertThat(session.hasPermission(ADMINISTER)).isFalse();
+    assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse();
   }
 
   @Test
   public void hasPermission_keeps_cache_of_permissions_of_logged_in_user() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(user, PROVISIONING);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS);
 
     UserSession session = newUserSession(user);
 
     // feed the cache
-    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue();
 
     // change permissions without updating the cache
-    db.users().deletePermissionFromUser(user, PROVISION_PROJECTS);
-    db.users().insertPermissionOnUser(user, SCAN);
-    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
-    assertThat(session.hasPermission(ADMINISTER)).isFalse();
-    assertThat(session.hasPermission(SCAN)).isFalse();
+    db.users().deletePermissionFromUser(user, GlobalPermission.PROVISION_PROJECTS);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN);
+    assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse();
+    assertThat(session.hasPermission(GlobalPermission.SCAN)).isFalse();
   }
 
   @Test
   public void hasPermission_keeps_cache_of_permissions_of_anonymous_user() {
-    db.users().insertPermissionOnAnyone(PROVISION_PROJECTS);
+    db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS);
 
     UserSession session = newAnonymousSession();
 
     // feed the cache
-    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue();
 
     // change permissions without updating the cache
-    db.users().insertPermissionOnAnyone(SCAN);
-    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
-    assertThat(session.hasPermission(SCAN)).isFalse();
+    db.users().insertPermissionOnAnyone(GlobalPermission.SCAN);
+    assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(GlobalPermission.SCAN)).isFalse();
   }
 
   @Test
@@ -259,7 +252,7 @@ public class ServerUserSessionTest {
     ComponentDto project1 = db.components().insertPrivateProject();
     ComponentDto project2 = db.components().insertPrivateProject();
     UserDto user = db.users().insertUser();
-    db.users().insertProjectPermissionOnUser(user, USER, project1);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project1);
 
     ComponentDto application = db.components().insertPrivateApplication();
     db.components().addApplicationProject(application, project1);
@@ -267,30 +260,30 @@ public class ServerUserSessionTest {
     db.components().insertComponent(newProjectCopy(project1, application));
 
     UserSession session = newUserSession(user);
-    assertThat(session.hasChildProjectsPermission(USER, application)).isTrue();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue();
 
     db.components().addApplicationProject(application, project2);
     db.components().insertComponent(newProjectCopy(project2, application));
 
-    assertThat(session.hasChildProjectsPermission(USER, application)).isFalse();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isFalse();
   }
 
   @Test
   public void test_hasChildProjectsPermission_for_anonymous_user() {
     ComponentDto project = db.components().insertPrivateProject();
-    db.users().insertPermissionOnAnyone(USER);
+    db.users().insertPermissionOnAnyone(UserRole.USER);
     ComponentDto application = db.components().insertPrivateApplication();
     db.components().addApplicationProject(application, project);
     // add computed project
     db.components().insertComponent(newProjectCopy(project, application));
 
     UserSession session = newAnonymousSession();
-    assertThat(session.hasChildProjectsPermission(USER, application)).isFalse();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isFalse();
   }
 
   @Test
   public void hasChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() {
-    db.users().insertPermissionOnAnyone(USER);
+    db.users().insertPermissionOnAnyone(UserRole.USER);
 
     ComponentDto project = db.components().insertPublicProject();
     ComponentDto application = db.components().insertPublicApplication();
@@ -299,11 +292,11 @@ public class ServerUserSessionTest {
     UserSession session = newAnonymousSession();
 
     // feed the cache
-    assertThat(session.hasChildProjectsPermission(USER, application)).isTrue();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue();
 
     // change privacy of the project without updating the cache
     db.getDbClient().componentDao().setPrivateForBranchUuidWithoutAudit(db.getSession(), project.uuid(), true);
-    assertThat(session.hasChildProjectsPermission(USER, application)).isTrue();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue();
   }
 
   @Test
@@ -324,44 +317,44 @@ public class ServerUserSessionTest {
     db.components().addPortfolioProject(portfolio, project1);
     db.components().insertComponent(newProjectCopy(project1, portfolio));
 
-    assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue();
+    assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue();
 
     // Add private project2 with USER permissions to private portfolio
-    db.users().insertProjectPermissionOnUser(user, USER, project2);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2);
     db.components().addPortfolioProject(portfolio, project2);
     db.components().insertComponent(newProjectCopy(project2, portfolio));
 
-    assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue();
+    assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue();
 
     // Add private project4 with USER permissions to sub-portfolio
-    db.users().insertProjectPermissionOnUser(user, USER, project4);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project4);
     db.components().addPortfolioProject(subPortfolio, project4);
     db.components().insertComponent(newProjectCopy(project4, subPortfolio));
     db.components().addPortfolioReference(portfolio, subPortfolio.uuid());
 
     // The predicate should work both on view and subview components
-    assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue();
-    assertThat(session.hasPortfolioChildProjectsPermission(USER, subPortfolio)).isTrue();
+    assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue();
+    assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, subPortfolio)).isTrue();
 
     // Add private project3 without permissions to private portfolio
     db.components().addPortfolioProject(portfolio, project3);
     db.components().insertComponent(newProjectCopy(project3, portfolio));
 
-    assertThat(session.hasChildProjectsPermission(USER, portfolio)).isFalse();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isFalse();
 
     // Add private project5 without permissions to sub-portfolio
     db.components().addPortfolioProject(subPortfolio, project5);
     db.components().insertComponent(newProjectCopy(project5, subPortfolio));
 
-    assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse();
-    assertThat(session.hasPortfolioChildProjectsPermission(USER, subPortfolio)).isFalse();
+    assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isFalse();
+    assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, subPortfolio)).isFalse();
   }
 
   @Test
   public void test_hasPortfolioChildProjectsPermission_for_anonymous_user() {
     ComponentDto project = db.components().insertPrivateProject();
 
-    db.users().insertPermissionOnAnyone(USER);
+    db.users().insertPermissionOnAnyone(UserRole.USER);
 
     ComponentDto portfolio = db.components().insertPrivatePortfolio();
 
@@ -370,12 +363,12 @@ public class ServerUserSessionTest {
     db.components().insertComponent(newProjectCopy(project, portfolio));
 
     UserSession session = newAnonymousSession();
-    assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse();
+    assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isFalse();
   }
 
   @Test
   public void hasPortfolioChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() {
-    db.users().insertPermissionOnAnyone(USER);
+    db.users().insertPermissionOnAnyone(UserRole.USER);
 
     ComponentDto project = db.components().insertPublicProject();
     ComponentDto portfolio = db.components().insertPublicPortfolio();
@@ -384,11 +377,11 @@ public class ServerUserSessionTest {
     UserSession session = newAnonymousSession();
 
     // feed the cache
-    assertThat(session.hasChildProjectsPermission(USER, portfolio)).isTrue();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isTrue();
 
     // change privacy of the project without updating the cache
     db.getDbClient().componentDao().setPrivateForBranchUuidWithoutAudit(db.getSession(), project.uuid(), true);
-    assertThat(session.hasChildProjectsPermission(USER, portfolio)).isTrue();
+    assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isTrue();
   }
 
   @Test
@@ -397,8 +390,8 @@ public class ServerUserSessionTest {
 
     ServerUserSession underTest = newAnonymousSession();
 
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue();
   }
 
   @Test
@@ -408,8 +401,8 @@ public class ServerUserSessionTest {
 
     ServerUserSession underTest = newAnonymousSession();
 
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue();
   }
 
   @Test
@@ -419,8 +412,8 @@ public class ServerUserSessionTest {
 
     ServerUserSession underTest = newAnonymousSession();
 
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue();
   }
 
   @Test
@@ -430,8 +423,8 @@ public class ServerUserSessionTest {
 
     ServerUserSession underTest = newAnonymousSession();
 
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue();
   }
 
   @Test
@@ -441,8 +434,8 @@ public class ServerUserSessionTest {
 
     ServerUserSession underTest = newUserSession(user);
 
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse();
   }
 
   @Test
@@ -453,8 +446,8 @@ public class ServerUserSessionTest {
 
     ServerUserSession underTest = newUserSession(user);
 
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse();
   }
 
   @Test
@@ -465,8 +458,8 @@ public class ServerUserSessionTest {
 
     ServerUserSession underTest = newUserSession(user);
 
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse();
   }
 
   @Test
@@ -527,35 +520,35 @@ public class ServerUserSessionTest {
   public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_logged_in_user() {
     UserDto user = db.users().insertUser();
     ComponentDto publicProject = db.components().insertPublicProject();
-    db.users().insertProjectPermissionOnUser(user, ADMIN, publicProject);
+    db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, publicProject);
 
     UserSession underTest = newUserSession(user);
 
     // feed the cache
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue();
 
     // change permissions without updating the cache
-    db.users().deletePermissionFromUser(publicProject, user, ADMIN);
-    db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, publicProject);
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, ISSUE_ADMIN, publicProject)).isFalse();
+    db.users().deletePermissionFromUser(publicProject, user, UserRole.ADMIN);
+    db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, publicProject);
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ISSUE_ADMIN, publicProject)).isFalse();
   }
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_anonymous_user() {
     ComponentDto publicProject = db.components().insertPublicProject();
-    db.users().insertProjectPermissionOnAnyone(ADMIN, publicProject);
+    db.users().insertProjectPermissionOnAnyone(UserRole.ADMIN, publicProject);
 
     UserSession underTest = newAnonymousSession();
 
     // feed the cache
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue();
 
     // change permissions without updating the cache
-    db.users().deleteProjectPermissionFromAnyone(publicProject, ADMIN);
-    db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, publicProject);
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue();
-    assertThat(hasComponentPermissionByDtoOrUuid(underTest, ISSUE_ADMIN, publicProject)).isFalse();
+    db.users().deleteProjectPermissionFromAnyone(publicProject, UserRole.ADMIN);
+    db.users().insertProjectPermissionOnAnyone(UserRole.ISSUE_ADMIN, publicProject);
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue();
+    assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ISSUE_ADMIN, publicProject)).isFalse();
   }
 
   private boolean hasComponentPermissionByDtoOrUuid(UserSession underTest, String permission, ComponentDto component) {
@@ -572,31 +565,31 @@ public class ServerUserSessionTest {
 
     UserSession underTest = newAnonymousSession();
 
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty();
   }
 
   @Test
   public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_anonymous() {
     ComponentDto publicProject = db.components().insertPublicProject();
     ComponentDto privateProject = db.components().insertPrivateProject();
-    db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, publicProject);
+    db.users().insertProjectPermissionOnAnyone(UserRole.ISSUE_ADMIN, publicProject);
 
     UserSession underTest = newAnonymousSession();
 
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty();
-    assertThat(underTest.keepAuthorizedComponents(ISSUE_ADMIN, Arrays.asList(privateProject, publicProject))).containsExactly(publicProject);
+    assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(UserRole.ISSUE_ADMIN, Arrays.asList(privateProject, publicProject))).containsExactly(publicProject);
   }
 
   @Test
   public void keepAuthorizedComponents_on_branches() {
     UserDto user = db.users().insertUser();
     ComponentDto privateProject = db.components().insertPrivateProject();
-    db.users().insertProjectPermissionOnUser(user, ADMIN, privateProject);
+    db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, privateProject);
     ComponentDto privateBranchProject = db.components().insertProjectBranch(privateProject);
 
     UserSession underTest = newUserSession(user);
 
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, asList(privateProject, privateBranchProject)))
+    assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, asList(privateProject, privateBranchProject)))
       .containsExactlyInAnyOrder(privateProject, privateBranchProject);
   }
 
@@ -613,13 +606,13 @@ public class ServerUserSessionTest {
     UserSession underTest = newUserSession(user);
 
     ComponentDto portfolio = db.components().insertPrivatePortfolio();
-    db.users().insertProjectPermissionOnUser(user, USER, portfolio);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, portfolio);
 
     ComponentDto subPortfolio = db.components().insertComponent(newSubPortfolio(portfolio));
-    db.users().insertProjectPermissionOnUser(user, USER, subPortfolio);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, subPortfolio);
 
     ComponentDto app = db.components().insertPrivateApplication();
-    db.users().insertProjectPermissionOnUser(user, USER, app);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, app);
 
     ComponentDto app2 = db.components().insertPrivateApplication();
 
@@ -628,12 +621,12 @@ public class ServerUserSessionTest {
     var copyProject1 = db.components().insertComponent(newProjectCopy(project1, portfolio));
 
     // Add private project2 with USER permissions to private portfolio
-    db.users().insertProjectPermissionOnUser(user, USER, project2);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2);
     db.components().addPortfolioProject(portfolio, project2);
     var copyProject2 = db.components().insertComponent(newProjectCopy(project2, portfolio));
 
     // Add private project4 with USER permissions to sub-portfolio
-    db.users().insertProjectPermissionOnUser(user, USER, project4);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project4);
     db.components().addPortfolioProject(subPortfolio, project4);
     var copyProject4 = db.components().insertComponent(newProjectCopy(project4, subPortfolio));
     db.components().addPortfolioReference(portfolio, subPortfolio.uuid());
@@ -643,7 +636,7 @@ public class ServerUserSessionTest {
     var copyProject3 = db.components().insertComponent(newProjectCopy(project3, portfolio));
 
     // Add private project5 with USER permissions to app
-    db.users().insertProjectPermissionOnUser(user, USER, project5);
+    db.users().insertProjectPermissionOnUser(user, UserRole.USER, project5);
     db.components().addApplicationProject(app, project5);
     var copyProject5 = db.components().insertComponent(newProjectCopy(project5, app));
     db.components().addPortfolioReference(portfolio, app.uuid());
@@ -653,16 +646,16 @@ public class ServerUserSessionTest {
     var copyProject6 = db.components().insertComponent(newProjectCopy(project6, app2));
     db.components().addPortfolioReference(portfolio, app2.uuid());
 
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, List.of(portfolio))).isEmpty();
-    assertThat(underTest.keepAuthorizedComponents(USER, List.of(portfolio))).containsExactly(portfolio);
+    assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, List.of(portfolio))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(UserRole.USER, List.of(portfolio))).containsExactly(portfolio);
 
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty();
-    assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio);
+    assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio);
 
-    assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty();
-    assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5);
+    assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty();
+    assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5);
 
-    assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(copyProject1, copyProject2, copyProject3, copyProject4, copyProject5, copyProject6)))
+    assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(copyProject1, copyProject2, copyProject3, copyProject4, copyProject5, copyProject6)))
         .containsExactly(copyProject1, copyProject2, copyProject4, copyProject5);
   }
 
@@ -678,7 +671,7 @@ public class ServerUserSessionTest {
   @Test
   public void isSystemAdministrator_returns_true_if_user_is_administrator() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(user, SYSTEM_ADMIN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER);
 
     UserSession session = newUserSession(user);
 
@@ -688,7 +681,7 @@ public class ServerUserSessionTest {
   @Test
   public void isSystemAdministrator_returns_false_if_user_is_not_administrator() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(user, PROVISIONING);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS);
 
     UserSession session = newUserSession(user);
 
@@ -698,7 +691,7 @@ public class ServerUserSessionTest {
   @Test
   public void keep_isSystemAdministrator_flag_in_cache() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(user, SYSTEM_ADMIN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER);
 
     UserSession session = newUserSession(user);
 
@@ -745,7 +738,7 @@ public class ServerUserSessionTest {
     ComponentDto privateProject = db.components().insertPrivateProject();
 
     Set<ProjectDto> projectDto = Set.of(getProjectDto(publicProject), getProjectDto(privateProject));
-    List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(USER, projectDto);
+    List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(UserRole.USER, projectDto);
 
     assertThat(projectDtos).containsExactly(db.components().getProjectDto(publicProject));
   }
@@ -757,7 +750,7 @@ public class ServerUserSessionTest {
     ComponentDto privateProject = db.components().insertPrivateProject();
 
     Set<ProjectDto> projectDto = Set.of(getProjectDto(publicProject), getProjectDto(privateProject));
-    List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(USER, projectDto);
+    List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(UserRole.USER, projectDto);
 
     assertThat(projectDtos).containsExactly(db.components().getProjectDto(publicProject));
   }
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java
index 2e9d8c420e4..4afcfb50829 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java
@@ -95,7 +95,7 @@ public class TokenUserSessionTest {
 
     UserDto user = db.users().insertUser();
 
-    db.users().insertPermissionOnUser(user, GlobalPermission.SCAN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN);
 
     TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1);
 
@@ -106,7 +106,7 @@ public class TokenUserSessionTest {
   @Test
   public void test_hasGlobalPermission_for_UserToken() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(user, GlobalPermission.SCAN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN);
 
     TokenUserSession userSession = mockTokenUserSession(user);
 
@@ -123,7 +123,7 @@ public class TokenUserSessionTest {
     db.users().insertProjectPermissionOnUser(user, SCAN, project1);
     db.users().insertProjectPermissionOnUser(user, SCAN, project2);
 
-    db.users().insertPermissionOnUser(user, GlobalPermission.SCAN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN);
 
     TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1);
 
@@ -136,7 +136,7 @@ public class TokenUserSessionTest {
 
     UserDto user = db.users().insertUser();
 
-    db.users().insertPermissionOnUser(user, GlobalPermission.SCAN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN);
 
     TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user);
 
@@ -148,8 +148,8 @@ public class TokenUserSessionTest {
   public void test_hasProvisionProjectsGlobalPermission_for_GlobalAnalysisToken_returnsTrueIfUserIsGranted() {
     UserDto user = db.users().insertUser();
 
-    db.users().insertPermissionOnUser(user, GlobalPermission.SCAN);
-    db.users().insertPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS);
 
     TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user);
 
@@ -160,7 +160,7 @@ public class TokenUserSessionTest {
   public void test_hasProvisionProjectsGlobalPermission_for_GlobalAnalysisToken_returnsFalseIfUserIsNotGranted() {
     UserDto user = db.users().insertUser();
 
-    db.users().insertPermissionOnUser(user, GlobalPermission.SCAN);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN);
 
     TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user);
 
@@ -171,7 +171,7 @@ public class TokenUserSessionTest {
   public void test_hasAdministerGlobalPermission_for_GlobalAnalysisToken_returnsFalse() {
     UserDto user = db.users().insertUser();
 
-    db.users().insertPermissionOnUser(user, GlobalPermission.ADMINISTER);
+    db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER);
 
     TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user);
author	Dimitris Kavvathas <dimitris.kavvathas@sonarsource.com>	2023-03-06 15:38:50 +0100
committer	sonartech <sonartech@sonarsource.com>	2023-03-07 20:02:54 +0000
commit	fade3151895d6c553798d14e4b697caf8e78f622 (patch)
tree	0793f739ce22afc3d17522f2930224fd1c0948d7 /server/sonar-webserver-auth
parent	b2458a2688f81e8370f672757640af32b23c8648 (diff)
download	sonarqube-fade3151895d6c553798d14e4b697caf8e78f622.tar.gz sonarqube-fade3151895d6c553798d14e4b697caf8e78f622.zip