SONAR-20532 Add isBaseRole flag in /api/v2/github-permission-mappings

author: Aurelien Poscia <aurelien.poscia@sonarsource.com> 2023-09-26 09:54:48 +0200
committer: sonartech <sonartech@sonarsource.com> 2023-09-28 20:03:11 +0000
commit: 162c2341904ae9b9a675f7287162a02201ec32aa (patch)
tree: 0117c6cdf83193cc9db4b64d7fd7205b99ab689e /server/sonar-webserver-common
parent: 360a4b93d39f94b9fc8aea2aff7dfd37203b5a1b (diff)
download: sonarqube-162c2341904ae9b9a675f7287162a02201ec32aa.tar.gz
sonarqube-162c2341904ae9b9a675f7287162a02201ec32aa.zip
3 files changed, 72 insertions, 26 deletions
diff --git a/server/sonar-webserver-common/src/it/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingServiceIT.java b/server/sonar-webserver-common/src/it/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingServiceIT.java
index 711683b1055..a2480a3728a 100644
--- a/server/sonar-webserver-common/src/it/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingServiceIT.java
+++ b/server/sonar-webserver-common/src/it/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingServiceIT.java
@@ -43,7 +43,10 @@ import static org.sonar.server.common.github.permissions.GithubPermissionsMappin
 
 public class GithubPermissionsMappingServiceIT {
 
+  private static final String CUSTOM_ROLE_NAME = "customRole1";
+
   private static final SonarqubePermissions NO_SQ_PERMISSIONS = new SonarqubePermissions(false, false, false, false, false, false);
+
   @Rule
   public DbTester db = DbTester.create();
   private final DbSession dbSession = db.getSession();
@@ -60,11 +63,11 @@ public class GithubPermissionsMappingServiceIT {
     List<GithubPermissionsMapping> actualPermissionsMapping = underTest.getPermissionsMapping();
 
     List<GithubPermissionsMapping> expectedPermissionsMapping = List.of(
-      new GithubPermissionsMapping(READ_GITHUB_ROLE, NO_SQ_PERMISSIONS),
-      new GithubPermissionsMapping(TRIAGE_GITHUB_ROLE, NO_SQ_PERMISSIONS),
-      new GithubPermissionsMapping(WRITE_GITHUB_ROLE, NO_SQ_PERMISSIONS),
-      new GithubPermissionsMapping(MAINTAIN_GITHUB_ROLE, NO_SQ_PERMISSIONS),
-      new GithubPermissionsMapping(ADMIN_GITHUB_ROLE, NO_SQ_PERMISSIONS));
+      new GithubPermissionsMapping(READ_GITHUB_ROLE, true, NO_SQ_PERMISSIONS),
+      new GithubPermissionsMapping(TRIAGE_GITHUB_ROLE, true, NO_SQ_PERMISSIONS),
+      new GithubPermissionsMapping(WRITE_GITHUB_ROLE, true, NO_SQ_PERMISSIONS),
+      new GithubPermissionsMapping(MAINTAIN_GITHUB_ROLE, true, NO_SQ_PERMISSIONS),
+      new GithubPermissionsMapping(ADMIN_GITHUB_ROLE, true, NO_SQ_PERMISSIONS));
 
     assertThat(actualPermissionsMapping).containsAll(expectedPermissionsMapping);
   }
@@ -72,6 +75,7 @@ public class GithubPermissionsMappingServiceIT {
   @Test
   public void getPermissionsMapping_whenMappingDefined_returnMapping() {
     Map<String, Set<String>> githubRolesToSqPermissions = Map.of(
+      CUSTOM_ROLE_NAME, Set.of("user"),
       READ_GITHUB_ROLE, Set.of("user", "codeviewer"),
       WRITE_GITHUB_ROLE, Set.of("user", "codeviewer", "issueadmin", "securityhotspotadmin", "admin", "scan"));
     persistGithubPermissionsMapping(githubRolesToSqPermissions);
@@ -79,11 +83,12 @@ public class GithubPermissionsMappingServiceIT {
     List<GithubPermissionsMapping> actualPermissionsMapping = underTest.getPermissionsMapping();
 
     List<GithubPermissionsMapping> expectedPermissionsMapping = List.of(
-      new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(true, true, false, false, false, false)),
-      new GithubPermissionsMapping(TRIAGE_GITHUB_ROLE, NO_SQ_PERMISSIONS),
-      new GithubPermissionsMapping(WRITE_GITHUB_ROLE, new SonarqubePermissions(true, true, true, true, true, true)),
-      new GithubPermissionsMapping(MAINTAIN_GITHUB_ROLE, NO_SQ_PERMISSIONS),
-      new GithubPermissionsMapping(ADMIN_GITHUB_ROLE, NO_SQ_PERMISSIONS));
+      new GithubPermissionsMapping(CUSTOM_ROLE_NAME, false, new SonarqubePermissions(true, false, false, false, false, false)),
+      new GithubPermissionsMapping(READ_GITHUB_ROLE, true, new SonarqubePermissions(true, true, false, false, false, false)),
+      new GithubPermissionsMapping(TRIAGE_GITHUB_ROLE, true, NO_SQ_PERMISSIONS),
+      new GithubPermissionsMapping(WRITE_GITHUB_ROLE, true, new SonarqubePermissions(true, true, true, true, true, true)),
+      new GithubPermissionsMapping(MAINTAIN_GITHUB_ROLE, true, NO_SQ_PERMISSIONS),
+      new GithubPermissionsMapping(ADMIN_GITHUB_ROLE, true, NO_SQ_PERMISSIONS));
 
     assertThat(actualPermissionsMapping).containsAll(expectedPermissionsMapping);
   }
@@ -100,7 +105,7 @@ public class GithubPermissionsMappingServiceIT {
   }
 
   @Test
-  public void updatePermissionsMappings_shouldAddAndRemovePermissions() {
+  public void updatePermissionsMappings_onBaseRole_shouldAddAndRemovePermissions() {
     Map<String, Set<String>> githubRolesToSqPermissions = Map.of(READ_GITHUB_ROLE, Set.of("user", "codeviewer"));
     persistGithubPermissionsMapping(githubRolesToSqPermissions);
 
@@ -113,7 +118,25 @@ public class GithubPermissionsMappingServiceIT {
 
     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
 
-    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(false, false, true, false, false, true));
+    SonarqubePermissions expectedSqPermissions = new SonarqubePermissions(false, false, true, false, false, true);
+    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, true, expectedSqPermissions);
+    assertThat(updatedPermissionsMapping).isEqualTo(expectedPermissionsMapping);
+  }
+
+  @Test
+  public void updatePermissionsMappings_onCustomRole_shouldAddAndRemovePermissions() {
+    Map<String, Set<String>> githubRolesToSqPermissions = Map.of(CUSTOM_ROLE_NAME, Set.of("user", "codeviewer"));
+    persistGithubPermissionsMapping(githubRolesToSqPermissions);
+
+    PermissionMappingChange permToAdd1 = new PermissionMappingChange(CUSTOM_ROLE_NAME, "issueadmin", Operation.ADD);
+    PermissionMappingChange permToRemove1 = new PermissionMappingChange(CUSTOM_ROLE_NAME, "user", Operation.REMOVE);
+
+    underTest.updatePermissionsMappings(Set.of(permToAdd1, permToRemove1));
+
+    GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(CUSTOM_ROLE_NAME);
+
+    SonarqubePermissions expectedSqPermissions = new SonarqubePermissions(false, true, true, false, false, false);
+    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(CUSTOM_ROLE_NAME, false, expectedSqPermissions);
     assertThat(updatedPermissionsMapping).isEqualTo(expectedPermissionsMapping);
   }
 
@@ -125,7 +148,7 @@ public class GithubPermissionsMappingServiceIT {
 
     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
 
-    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, NO_SQ_PERMISSIONS);
+    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, true, NO_SQ_PERMISSIONS);
     assertThat(updatedPermissionsMapping).isEqualTo(expectedPermissionsMapping);
   }
 
@@ -139,7 +162,8 @@ public class GithubPermissionsMappingServiceIT {
 
     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
 
-    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(true, true, false, false, false, false));
+    SonarqubePermissions expectedSqPermissions = new SonarqubePermissions(true, true, false, false, false, false);
+    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, true, expectedSqPermissions);
     assertThat(updatedPermissionsMapping).isEqualTo(expectedPermissionsMapping);
   }
 
@@ -153,14 +177,14 @@ public class GithubPermissionsMappingServiceIT {
     SonarqubePermissions userOnlySqPermission = new SonarqubePermissions(true, false, false, false, false, false);
 
     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
-    assertThat(updatedPermissionsMapping).isEqualTo(new GithubPermissionsMapping(READ_GITHUB_ROLE, userOnlySqPermission));
+    assertThat(updatedPermissionsMapping).isEqualTo(new GithubPermissionsMapping(READ_GITHUB_ROLE, true, userOnlySqPermission));
 
     updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(WRITE_GITHUB_ROLE);
-    assertThat(updatedPermissionsMapping).isEqualTo(new GithubPermissionsMapping(WRITE_GITHUB_ROLE, userOnlySqPermission));
+    assertThat(updatedPermissionsMapping).isEqualTo(new GithubPermissionsMapping(WRITE_GITHUB_ROLE, true, userOnlySqPermission));
   }
 
   @Test
-  public void getPermissionsMappingForGithubRole_shouldReturnMappingOnlyForRole() {
+  public void getPermissionsMappingForGithubRole_onBaseRole_shouldReturnMappingOnlyForRole() {
     Map<String, Set<String>> githubRolesToSqPermissions = Map.of(
       READ_GITHUB_ROLE, Set.of("user", "codeviewer"),
       WRITE_GITHUB_ROLE, Set.of("user", "codeviewer", "issueadmin", "securityhotspotadmin", "admin", "scan"));
@@ -168,7 +192,23 @@ public class GithubPermissionsMappingServiceIT {
 
     GithubPermissionsMapping actualPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
 
-    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(true, true, false, false, false, false));
+    SonarqubePermissions expectedSqPermissions = new SonarqubePermissions(true, true, false, false, false, false);
+    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, true, expectedSqPermissions);
+
+    assertThat(actualPermissionsMapping).isEqualTo(expectedPermissionsMapping);
+  }
+
+  @Test
+  public void getPermissionsMappingForGithubRole_onCustomRole_shouldReturnMappingOnlyForRole() {
+    Map<String, Set<String>> githubRolesToSqPermissions = Map.of(
+      CUSTOM_ROLE_NAME, Set.of("admin"),
+      WRITE_GITHUB_ROLE, Set.of("user", "codeviewer", "issueadmin", "securityhotspotadmin", "admin", "scan"));
+    persistGithubPermissionsMapping(githubRolesToSqPermissions);
+
+    GithubPermissionsMapping actualPermissionsMapping = underTest.getPermissionsMappingForGithubRole(CUSTOM_ROLE_NAME);
+
+    SonarqubePermissions expectedSqPermissions = new SonarqubePermissions(false, false, false, false, true, false);
+    GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(CUSTOM_ROLE_NAME, false, expectedSqPermissions);
 
     assertThat(actualPermissionsMapping).isEqualTo(expectedPermissionsMapping);
   }
diff --git a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMapping.java b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMapping.java
index a8e8ac0bee4..449ee3333e4 100644
--- a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMapping.java
+++ b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMapping.java
@@ -19,5 +19,5 @@
  */
 package org.sonar.server.common.github.permissions;
 
-public record GithubPermissionsMapping(String roleName, SonarqubePermissions permissions) {
+public record GithubPermissionsMapping(String roleName, boolean isBaseRole, SonarqubePermissions permissions) {
 }
diff --git a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingService.java b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingService.java
index c5b48cb0f61..ed338fb00dd 100644
--- a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingService.java
+++ b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/github/permissions/GithubPermissionsMappingService.java
@@ -19,6 +19,7 @@
  */
 package org.sonar.server.common.github.permissions;
 
+import com.google.common.collect.Sets;
 import java.util.List;
 import java.util.Map;
 import java.util.Set;
@@ -42,7 +43,7 @@ public class GithubPermissionsMappingService {
   public static final String MAINTAIN_GITHUB_ROLE = "maintain";
   public static final String ADMIN_GITHUB_ROLE = "admin";
 
-  private static final Set<String> GITHUB_BASE_ROLE = Set.of(
+  private static final Set<String> GITHUB_BASE_ROLES = Set.of(
     READ_GITHUB_ROLE,
     TRIAGE_GITHUB_ROLE,
     WRITE_GITHUB_ROLE,
@@ -70,7 +71,8 @@ public class GithubPermissionsMappingService {
 
   public GithubPermissionsMapping getPermissionsMappingForGithubRole(String githubRole) {
     try (DbSession dbSession = dbClient.openSession(false)) {
-      return toGithubPermissionsMapping(getPermissionsMappingForGithubRole(dbSession, githubRole), githubRole);
+      Set<GithubPermissionsMappingDto> permissionsMappingForGithubRole = getPermissionsMappingForGithubRole(dbSession, githubRole);
+      return toGithubPermissionsMapping(permissionsMappingForGithubRole, githubRole);
     }
   }
 
@@ -80,18 +82,22 @@ public class GithubPermissionsMappingService {
     }
   }
 
-  private static GithubPermissionsMapping toGithubPermissionsMapping(Set<GithubPermissionsMappingDto> githubPermissionsMappingDtos, String githubRole) {
-    return new GithubPermissionsMapping(githubRole, getSonarqubePermissions(githubPermissionsMappingDtos));
-  }
-
   private static List<GithubPermissionsMapping> toGithubPermissionsMappings(Set<GithubPermissionsMappingDto> githubPermissionsMappingDtos) {
     Map<String, Set<GithubPermissionsMappingDto>> githubRoleToGithubPermissionsMappingDto = githubPermissionsMappingDtos.stream()
       .collect(groupingBy(GithubPermissionsMappingDto::githubRole, toSet()));
-    return GITHUB_BASE_ROLE.stream()
+
+    Set<String> allRoles = Sets.union(GITHUB_BASE_ROLES, githubRoleToGithubPermissionsMappingDto.keySet());
+    return allRoles.stream()
       .map(githubRole -> toGithubPermissionsMapping(githubRoleToGithubPermissionsMappingDto.getOrDefault(githubRole, Set.of()), githubRole))
       .toList();
   }
 
+  private static GithubPermissionsMapping toGithubPermissionsMapping(Set<GithubPermissionsMappingDto> githubPermissionsMappingDtos, String githubRole) {
+    boolean isBaseRole = GITHUB_BASE_ROLES.contains(githubRole);
+    SonarqubePermissions sonarqubePermissions = getSonarqubePermissions(githubPermissionsMappingDtos);
+    return new GithubPermissionsMapping(githubRole, isBaseRole, sonarqubePermissions);
+  }
+
   public void updatePermissionsMappings(Set<PermissionMappingChange> permissionChanges) {
     try (DbSession dbSession = dbClient.openSession(false)) {
       Map<String, List<PermissionMappingChange>> githubRolesToChanges = permissionChanges.stream()
author	Aurelien Poscia <aurelien.poscia@sonarsource.com>	2023-09-26 09:54:48 +0200
committer	sonartech <sonartech@sonarsource.com>	2023-09-28 20:03:11 +0000
commit	162c2341904ae9b9a675f7287162a02201ec32aa (patch)
tree	0117c6cdf83193cc9db4b64d7fd7205b99ab689e /server/sonar-webserver-common
parent	360a4b93d39f94b9fc8aea2aff7dfd37203b5a1b (diff)
download	sonarqube-162c2341904ae9b9a675f7287162a02201ec32aa.tar.gz sonarqube-162c2341904ae9b9a675f7287162a02201ec32aa.zip