SONAR-4412 Completed users and groups roles management WS backend

author: Jean-Baptiste Vilain <jean-baptiste.vilain@sonarsource.com> 2013-06-27 17:20:33 +0200
committer: Jean-Baptiste Vilain <jean-baptiste.vilain@sonarsource.com> 2013-06-27 17:20:33 +0200
commit: 766b6a48c701bf6cba9aaedf978e54cf94864de9 (patch)
tree: 5bbc7c8ce23a0e7225cfeb012a89c92d3c7ffedb /sonar-core/src
parent: d4871cf6f13b2bbe86e1edbe596e32c236ef4c2c (diff)
download: sonarqube-766b6a48c701bf6cba9aaedf978e54cf94864de9.tar.gz
sonarqube-766b6a48c701bf6cba9aaedf978e54cf94864de9.zip
9 files changed, 232 insertions, 4 deletions
diff --git a/sonar-core/src/main/java/org/sonar/core/user/Permissions.java b/sonar-core/src/main/java/org/sonar/core/user/Permissions.java
new file mode 100644
index 00000000000..ebed6f1ea15
--- /dev/null
+++ b/sonar-core/src/main/java/org/sonar/core/user/Permissions.java
@@ -0,0 +1,36 @@
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2013 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+package org.sonar.core.user;
+
+/**
+ *
+ * Holds the constants representing the various permissions that can be assigned to users & groups
+ *
+ * Since 3.7
+ */
+public interface Permissions {
+
+  public static final String SYSTEM_ADMIN = "admin";
+  public static final String QUALITY_PROFILE_ADMIN = "profileadmin";
+  public static final String DASHBOARD_SHARING = "sharedashboard";
+  public static final String SCAN_EXECUTION = "scan";
+  public static final String DRY_RUN_EXECUTION = "dryrun";
+}
diff --git a/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java b/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
index 6a3a08eba8f..d76d7620615 100644
--- a/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
@@ -25,6 +25,8 @@ import org.sonar.api.ServerExtension;
 import org.sonar.api.task.TaskExtension;
 import org.sonar.core.persistence.MyBatis;
 
+import java.util.List;
+
 public class RoleDao implements TaskExtension, ServerExtension {
 
   private final MyBatis mybatis;
@@ -33,21 +35,81 @@ public class RoleDao implements TaskExtension, ServerExtension {
     this.mybatis = mybatis;
   }
 
+  public List<String> selectUserPermissions(String userLogin) {
+    SqlSession session = mybatis.openSession();
+    RoleMapper mapper = session.getMapper(RoleMapper.class);
+    try {
+      return mapper.selectUserPermissions(userLogin);
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
+  public List<String> selectGroupPermissions(String groupName) {
+    SqlSession session = mybatis.openSession();
+    RoleMapper mapper = session.getMapper(RoleMapper.class);
+    try {
+      return mapper.selectGroupPermissions(groupName);
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
+  public void insertGroupRole(GroupRoleDto groupRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      insertGroupRole(groupRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void insertGroupRole(GroupRoleDto groupRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.insertGroupRole(groupRole);
   }
 
+  public void insertUserRole(UserRoleDto userRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      insertUserRole(userRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void insertUserRole(UserRoleDto userRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.insertUserRole(userRole);
   }
 
+  public void deleteUserRole(UserRoleDto userRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      deleteUserRole(userRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void deleteUserRole(UserRoleDto userRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.deleteUserRole(userRole);
   }
 
+  public void deleteGroupRole(GroupRoleDto groupRole) {
+    SqlSession session = mybatis.openSession();
+    try {
+      deleteGroupRole(groupRole, session);
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
+  }
+
   public void deleteGroupRole(GroupRoleDto groupRole, SqlSession session) {
     RoleMapper mapper = session.getMapper(RoleMapper.class);
     mapper.deleteGroupRole(groupRole);
diff --git a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
index 579f8ae4ee7..efc51764ab5 100644
--- a/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/RoleMapper.java
@@ -19,11 +19,17 @@
  */
 package org.sonar.core.user;
 
+import java.util.List;
+
 /**
  * @since 3.2
  */
 public interface RoleMapper {
 
+  List<String> selectUserPermissions(String userLogin);
+
+  List<String> selectGroupPermissions(String groupName);
+
   void insertGroupRole(GroupRoleDto groupRole);
 
   void insertUserRole(UserRoleDto userRole);
diff --git a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
index d230d2899a8..95d12186b2c 100644
--- a/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
+++ b/sonar-core/src/main/resources/org/sonar/core/user/RoleMapper.xml
@@ -3,6 +3,22 @@
 
 <mapper namespace="org.sonar.core.user.RoleMapper">
 
+  <select id="selectUserPermissions" parameterType="String" resultType="String">
+    SELECT ur.role
+    FROM user_roles ur
+    INNER JOIN users u ON u.id = ur.user_id
+    WHERE u.login = #{userLogin}
+      AND ur.resource_id IS NULL
+  </select>
+
+  <select id="selectGroupPermissions" parameterType="String" resultType="String">
+    SELECT gr.role
+    FROM group_roles gr
+    INNER JOIN groups g ON g.id = gr.group_id
+    WHERE g.name = #{groupName}
+      AND gr.resource_id IS NULL
+  </select>
+
   <insert id="insertGroupRole" parameterType="GroupRole" keyColumn="id" useGeneratedKeys="true" keyProperty="id">
     INSERT INTO group_roles (group_id, resource_id, role)
     VALUES (#{groupId}, #{resourceId}, #{role})
@@ -14,19 +30,41 @@
   </insert>
 
   <delete id="deleteGroupRole" parameterType="map">
-    delete from group_roles where resource_id=#{resourceId} and role=#{role}
+    DELETE FROM group_roles
+    WHERE role=#{role}
+    AND
+    <choose>
+      <when test="resourceId != null">
+        resource_id=#{resourceId}
+      </when>
+      <otherwise>
+        resource_id IS NULL
+      </otherwise>
+    </choose>
+    AND
     <choose>
       <when test="groupId != null">
-        and group_id=#{groupId}
+        group_id=#{groupId}
       </when>
       <otherwise>
-        and group_id is null
+        group_id IS NULL
       </otherwise>
     </choose>
   </delete>
 
   <delete id="deleteUserRole" parameterType="map">
-    delete from user_roles where resource_id=#{resourceId} and user_id=#{userId} and role=#{role}
+    DELETE FROM user_roles
+    WHERE user_id=#{userId}
+    AND role=#{role}
+    AND
+    <choose>
+      <when test="resourceId != null">
+        resource_id=#{resourceId}
+      </when>
+      <otherwise>
+        resource_id IS NULL
+      </otherwise>
+    </choose>
   </delete>
 
   <delete id="deleteGroupRolesByResourceId" parameterType="long">
diff --git a/sonar-core/src/test/java/org/sonar/core/user/RoleDaoTest.java b/sonar-core/src/test/java/org/sonar/core/user/RoleDaoTest.java
index 1f803346a3d..b98510603dc 100644
--- a/sonar-core/src/test/java/org/sonar/core/user/RoleDaoTest.java
+++ b/sonar-core/src/test/java/org/sonar/core/user/RoleDaoTest.java
@@ -20,9 +20,55 @@
 
 package org.sonar.core.user;
 
+import org.junit.Test;
 import org.sonar.core.persistence.AbstractDaoTestCase;
 
+import static org.fest.assertions.Assertions.assertThat;
+
 public class RoleDaoTest extends AbstractDaoTestCase {
 
+  @Test
+  public void should_retrieve_user_permissions() throws Exception {
+    setupData("userPermissions");
+
+    RoleDao dao = new RoleDao(getMyBatis());
+
+    assertThat(dao.selectUserPermissions("admin_user")).containsOnly(Permissions.SYSTEM_ADMIN, Permissions.QUALITY_PROFILE_ADMIN);
+    assertThat(dao.selectUserPermissions("profile_admin_user")).containsOnly(Permissions.QUALITY_PROFILE_ADMIN);
+  }
+
+  @Test
+  public void should_retrieve_group_permissions() throws Exception {
+    setupData("groupPermissions");
+
+    RoleDao dao = new RoleDao(getMyBatis());
+
+    assertThat(dao.selectGroupPermissions("sonar-administrators")).containsOnly(Permissions.SYSTEM_ADMIN, Permissions.QUALITY_PROFILE_ADMIN,
+      Permissions.DASHBOARD_SHARING);
+    assertThat(dao.selectGroupPermissions("sonar-users")).containsOnly(Permissions.DASHBOARD_SHARING);
+  }
+
+  @Test
+  public void should_delete_user_global_permission() throws Exception {
+    setupData("userPermissions");
+
+    UserRoleDto userRoleToDelete = new UserRoleDto().setUserId(200L).setRole(Permissions.QUALITY_PROFILE_ADMIN);
+
+    RoleDao dao = new RoleDao(getMyBatis());
+    dao.deleteUserRole(userRoleToDelete);
+
+    checkTable("userPermissions", "user_roles", "user_id", "role");
+  }
+
+  @Test
+  public void should_delete_group_global_permission() throws Exception {
+    setupData("groupPermissions");
+
+    GroupRoleDto groupRoleToDelete = new GroupRoleDto().setGroupId(100L).setRole(Permissions.QUALITY_PROFILE_ADMIN);
+
+    RoleDao dao = new RoleDao(getMyBatis());
+    dao.deleteGroupRole(groupRoleToDelete);
 
+    checkTable("groupPermissions", "group_roles", "group_id", "role");
+  }
 }
diff --git a/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/groupPermissions-result.xml b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/groupPermissions-result.xml
new file mode 100644
index 00000000000..501273acb8f
--- /dev/null
+++ b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/groupPermissions-result.xml
@@ -0,0 +1,10 @@
+<dataset>
+
+  <groups id="100" name="sonar-administrators"/>
+  <groups id="101" name="sonar-users"/>
+
+  <group_roles id="1" group_id="100" role="admin"/>
+  <group_roles id="3" group_id="100" role="sharedashboard"/>
+  <group_roles id="4" group_id="101" role="sharedashboard"/>
+
+</dataset>
+\ No newline at end of file
diff --git a/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/groupPermissions.xml b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/groupPermissions.xml
new file mode 100644
index 00000000000..d3bb309cabb
--- /dev/null
+++ b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/groupPermissions.xml
@@ -0,0 +1,11 @@
+<dataset>
+
+  <groups id="100" name="sonar-administrators"/>
+  <groups id="101" name="sonar-users"/>
+
+  <group_roles id="1" group_id="100" role="admin"/>
+  <group_roles id="2" group_id="100" role="profileadmin"/>
+  <group_roles id="3" group_id="100" role="sharedashboard"/>
+  <group_roles id="4" group_id="101" role="sharedashboard"/>
+
+</dataset>
+\ No newline at end of file
diff --git a/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/userPermissions-result.xml b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/userPermissions-result.xml
new file mode 100644
index 00000000000..2373c8a6a7a
--- /dev/null
+++ b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/userPermissions-result.xml
@@ -0,0 +1,9 @@
+<dataset>
+
+  <users id="200" login="admin_user" name="admin_user" active="[true]"/>
+  <users id="201" login="profile_admin_user" name="profile_admin_user" active="[true]"/>
+
+  <user_roles id="1" user_id="200" role="admin"/>
+  <user_roles id="3" user_id="201" role="profileadmin"/>
+
+</dataset>
+\ No newline at end of file
diff --git a/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/userPermissions.xml b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/userPermissions.xml
new file mode 100644
index 00000000000..ff3ffd19a58
--- /dev/null
+++ b/sonar-core/src/test/resources/org/sonar/core/user/RoleDaoTest/userPermissions.xml
@@ -0,0 +1,10 @@
+<dataset>
+
+  <users id="200" login="admin_user" name="admin_user" active="[true]"/>
+  <users id="201" login="profile_admin_user" name="profile_admin_user" active="[true]"/>
+
+  <user_roles id="1" user_id="200" role="admin"/>
+  <user_roles id="2" user_id="200" role="profileadmin"/>
+  <user_roles id="3" user_id="201" role="profileadmin"/>
+
+</dataset>
+\ No newline at end of file
author	Jean-Baptiste Vilain <jean-baptiste.vilain@sonarsource.com>	2013-06-27 17:20:33 +0200
committer	Jean-Baptiste Vilain <jean-baptiste.vilain@sonarsource.com>	2013-06-27 17:20:33 +0200
commit	766b6a48c701bf6cba9aaedf978e54cf94864de9 (patch)
tree	5bbc7c8ce23a0e7225cfeb012a89c92d3c7ffedb /sonar-core/src
parent	d4871cf6f13b2bbe86e1edbe596e32c236ef4c2c (diff)
download	sonarqube-766b6a48c701bf6cba9aaedf978e54cf94864de9.tar.gz sonarqube-766b6a48c701bf6cba9aaedf978e54cf94864de9.zip