SONAR-4412 Completed users and groups roles management WS backend

4 files changed, 146 insertions, 4 deletions

diff --git a/sonar-core/src/main/java/org/sonar/core/user/Permissions.java b/sonar-core/src/main/java/org/sonar/core/user/Permissions.java
new file mode 100644
index 00000000000..ebed6f1ea15
--- /dev/null
+++ b/sonar-core/src/main/java/org/sonar/core/user/Permissions.java
@@ -0,0 +1,36 @@
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2013 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+package org.sonar.core.user;
+
+/**
+ *
+ * Holds the constants representing the various permissions that can be assigned to users & groups
+ *
+ * Since 3.7
+ */
+public interface Permissions {
+
+  public static final String SYSTEM_ADMIN = "admin";
+  public static final String QUALITY_PROFILE_ADMIN = "profileadmin";
+  public static final String DASHBOARD_SHARING = "sharedashboard";
+  public static final String SCAN_EXECUTION = "scan";
+  public static final String DRY_RUN_EXECUTION = "dryrun";
+}
diff --git a/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java b/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
index 6a3a08eba8f..d76d7620615 100644
--- a/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
@@ -25,6 +25,8 @@ import org.sonar.api.ServerExtension;
 import org.sonar.api.task.TaskExtension;
 import org.sonar.core.persistence.MyBatis;
 
+import java.util.List;
+
 public class RoleDao implements TaskExtension, ServerExtension {
 
   private final MyBatis mybatis;
@@ -33,21 +35,81 @@ public class RoleDao implements TaskExtension, ServerExtension {
     this.mybatis = mybatis;
   }
 
+  public List<String> selectUserPermissions(String userLogin) {
+    SqlSession session = mybatis.openSession();
+    RoleMapper mapper = session.getMapper(RoleMapper.class);
+    try {
+      return mapper.selectUserPermissions(userLogin);
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
+  public List<String> selectGroupPermissions(String groupName) {
+    SqlSession session = mybatis.openSession();
+    RoleMapper mapper = session.getMapper(RoleMapper.class);
+    try {
+      return mapper.selectGroupPermissions(groupName);
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
+  public void insertGroupRole(GroupRoleDto groupRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      insertGroupRole(groupRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void insertGroupRole(GroupRoleDto groupRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.insertGroupRole(groupRole);
   }
 
+  public void insertUserRole(UserRoleDto userRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      insertUserRole(userRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void insertUserRole(UserRoleDto userRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.insertUserRole(userRole);
   }
 
+  public void deleteUserRole(UserRoleDto userRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      deleteUserRole(userRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void deleteUserRole(UserRoleDto userRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.deleteUserRole(userRole);
   }
 
+  public void deleteGroupRole(GroupRoleDto groupRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      deleteGroupRole(groupRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void deleteGroupRole(GroupRoleDto groupRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.deleteGroupRole(groupRole);
diff --git a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
index 579f8ae4ee7..efc51764ab5 100644
--- a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
@@ -19,11 +19,17 @@
  */
 package org.sonar.core.user;
 
+import java.util.List;
+
 /**
  * @since 3.2
  */
 public interface RoleMapper {
 
+  List<String> selectUserPermissions(String userLogin);
+
+  List<String> selectGroupPermissions(String groupName);
+
   void insertGroupRole(GroupRoleDto groupRole);
 
   void insertUserRole(UserRoleDto userRole);
diff --git a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
index d230d2899a8..95d12186b2c 100644
--- a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
+++ b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
@@ -3,6 +3,22 @@
 
 <mapper namespace="org.sonar.core.user.RoleMapper">
 
+  <select id="selectUserPermissions" parameterType="String" resultType="String">
+    SELECT ur.role
+    FROM user_roles ur
+    INNER JOIN users u ON u.id = ur.user_id
+    WHERE u.login = #{userLogin}
+      AND ur.resource_id IS NULL
+  </select>
+
+  <select id="selectGroupPermissions" parameterType="String" resultType="String">
+    SELECT gr.role
+    FROM group_roles gr
+    INNER JOIN groups g ON g.id = gr.group_id
+    WHERE g.name = #{groupName}
+      AND gr.resource_id IS NULL
+  </select>
+
   <insert id="insertGroupRole" parameterType="GroupRole" keyColumn="id" useGeneratedKeys="true" keyProperty="id">
     INSERT INTO group_roles (group_id, resource_id, role)
     VALUES (#{groupId}, #{resourceId}, #{role})
@@ -14,19 +30,41 @@
   </insert>
 
   <delete id="deleteGroupRole" parameterType="map">
-    delete from group_roles where resource_id=#{resourceId} and role=#{role}
+    DELETE FROM group_roles
+    WHERE role=#{role}
+    AND
+    <choose>
+      <when test="resourceId != null">
+        resource_id=#{resourceId}
+      </when>
+      <otherwise>
+        resource_id IS NULL
+      </otherwise>
+    </choose>
+    AND
     <choose>
       <when test="groupId != null">
-        and group_id=#{groupId}
+        group_id=#{groupId}
       </when>
       <otherwise>
-        and group_id is null
+        group_id IS NULL
       </otherwise>
     </choose>
   </delete>
 
   <delete id="deleteUserRole" parameterType="map">
-    delete from user_roles where resource_id=#{resourceId} and user_id=#{userId} and role=#{role}
+    DELETE FROM user_roles
+    WHERE user_id=#{userId}
+    AND role=#{role}
+    AND
+    <choose>
+      <when test="resourceId != null">
+        resource_id=#{resourceId}
+      </when>
+      <otherwise>
+        resource_id IS NULL
+      </otherwise>
+    </choose>
   </delete>
 
   <delete id="deleteGroupRolesByResourceId" parameterType="long">