SONAR-5566 When provisioning a project, changing the roles/permissions on a project, the issue_project_permissions index should be updated accordingly

author: Julien Lancelot <julien.lancelot@sonarsource.com> 2014-09-11 12:26:19 +0200
committer: Julien Lancelot <julien.lancelot@sonarsource.com> 2014-09-11 12:26:19 +0200
commit: 49bc20e4cd664c5f373f8d451bf636d1d880bf81 (patch)
tree: b8d53feb6a6c76eab445ce28a6e0dc9a12bfd786 /sonar-core
parent: eda451a6d41f87329c0c18c7f933330581c5308b (diff)
download: sonarqube-49bc20e4cd664c5f373f8d451bf636d1d880bf81.tar.gz
sonarqube-49bc20e4cd664c5f373f8d451bf636d1d880bf81.zip
9 files changed, 235 insertions, 247 deletions
diff --git a/sonar-core/src/main/java/org/sonar/core/permission/PermissionFacade.java b/sonar-core/src/main/java/org/sonar/core/permission/PermissionFacade.java
index f8956373d00..b2552d5043e 100644
--- a/sonar-core/src/main/java/org/sonar/core/permission/PermissionFacade.java
+++ b/sonar-core/src/main/java/org/sonar/core/permission/PermissionFacade.java
@@ -22,12 +22,11 @@ package org.sonar.core.permission;
 
 import com.google.common.annotations.VisibleForTesting;
 import org.apache.commons.lang.StringUtils;
-import org.apache.ibatis.session.SqlSession;
 import org.sonar.api.ServerComponent;
 import org.sonar.api.config.Settings;
 import org.sonar.api.security.DefaultGroups;
 import org.sonar.api.task.TaskComponent;
-import org.sonar.core.persistence.MyBatis;
+import org.sonar.core.persistence.DbSession;
 import org.sonar.core.resource.ResourceDao;
 import org.sonar.core.resource.ResourceDto;
 import org.sonar.core.user.*;
@@ -40,23 +39,19 @@ import java.util.Iterator;
 import java.util.List;
 
 /**
- * Internal use only
+ * This facade wraps db operations related to permissions
  *
- * @since 3.7
- *        <p/>
- *        This facade wraps db operations related to permissions
+ * Should be removed when batch will no more create permission, and be replaced by a new PermissionService in module server (probably be a merge with InternalPermissionService)
  */
 public class PermissionFacade implements TaskComponent, ServerComponent {
 
-  private final MyBatis myBatis;
   private final RoleDao roleDao;
   private final UserDao userDao;
   private final PermissionTemplateDao permissionTemplateDao;
   private final Settings settings;
   private final ResourceDao resourceDao;
 
-  public PermissionFacade(MyBatis myBatis, RoleDao roleDao, UserDao userDao, ResourceDao resourceDao, PermissionTemplateDao permissionTemplateDao, Settings settings) {
-    this.myBatis = myBatis;
+  public PermissionFacade(RoleDao roleDao, UserDao userDao, ResourceDao resourceDao, PermissionTemplateDao permissionTemplateDao, Settings settings) {
     this.roleDao = roleDao;
     this.userDao = userDao;
     this.resourceDao = resourceDao;
@@ -64,7 +59,10 @@ public class PermissionFacade implements TaskComponent, ServerComponent {
     this.settings = settings;
   }
 
-  private void insertUserPermission(@Nullable Long resourceId, Long userId, String permission, boolean updateProjectAuthorizationDate, @Nullable SqlSession session) {
+  /**
+   * @param updateProjectAuthorizationDate is false when doing bulk action in order to not update the same project multiple times for nothing
+   */
+  private void insertUserPermission(@Nullable Long resourceId, Long userId, String permission, boolean updateProjectAuthorizationDate, DbSession session) {
     UserRoleDto userRoleDto = new UserRoleDto()
       .setRole(permission)
       .setUserId(userId)
@@ -72,60 +70,36 @@ public class PermissionFacade implements TaskComponent, ServerComponent {
     if (updateProjectAuthorizationDate) {
       updateProjectAuthorizationDate(resourceId, session);
     }
-    if (session != null) {
-      roleDao.insertUserRole(userRoleDto, session);
-    } else {
-      roleDao.insertUserRole(userRoleDto);
-    }
+    roleDao.insertUserRole(userRoleDto, session);
   }
 
-  public void insertUserPermission(@Nullable Long resourceId, Long userId, String permission, @Nullable SqlSession session) {
+  public void insertUserPermission(@Nullable Long resourceId, Long userId, String permission, DbSession session) {
     insertUserPermission(resourceId, userId, permission, true, session);
   }
 
-  public void insertUserPermission(@Nullable Long resourceId, Long userId, String permission) {
-    insertUserPermission(resourceId, userId, permission, null);
-  }
-
-  public void deleteUserPermission(@Nullable Long resourceId, Long userId, String permission, @Nullable SqlSession session) {
+  public void deleteUserPermission(@Nullable Long resourceId, Long userId, String permission, DbSession session) {
     UserRoleDto userRoleDto = new UserRoleDto()
       .setRole(permission)
       .setUserId(userId)
       .setResourceId(resourceId);
     updateProjectAuthorizationDate(resourceId, session);
-    if (session != null) {
-      roleDao.deleteUserRole(userRoleDto, session);
-    } else {
-      roleDao.deleteUserRole(userRoleDto);
-    }
-  }
-
-  public void deleteUserPermission(@Nullable Long resourceId, Long userId, String permission) {
-    deleteUserPermission(resourceId, userId, permission, null);
+    roleDao.deleteUserRole(userRoleDto, session);
   }
 
-  private void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, boolean updateProjectAuthorizationDate, @Nullable SqlSession session) {
+  private void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, boolean updateProjectAuthorizationDate, DbSession session) {
     GroupRoleDto groupRole = new GroupRoleDto()
       .setRole(permission)
       .setGroupId(groupId)
       .setResourceId(resourceId);
     updateProjectAuthorizationDate(resourceId, session);
-    if (session != null) {
-      roleDao.insertGroupRole(groupRole, session);
-    } else {
-      roleDao.insertGroupRole(groupRole);
-    }
+    roleDao.insertGroupRole(groupRole, session);
   }
 
-  private void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, @Nullable SqlSession session) {
+  public void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, DbSession session) {
     insertGroupPermission(resourceId, groupId, permission, true, session);
   }
 
-  public void insertGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission) {
-    insertGroupPermission(resourceId, groupId, permission, null);
-  }
-
-  public void insertGroupPermission(@Nullable Long resourceId, String groupName, String permission, @Nullable SqlSession session) {
+  public void insertGroupPermission(@Nullable Long resourceId, String groupName, String permission, DbSession session) {
     if (DefaultGroups.isAnyone(groupName)) {
       insertGroupPermission(resourceId, (Long) null, permission, session);
     } else {
@@ -136,24 +110,16 @@ public class PermissionFacade implements TaskComponent, ServerComponent {
     }
   }
 
-  public void deleteGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, @Nullable SqlSession session) {
+  public void deleteGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission, DbSession session) {
     GroupRoleDto groupRole = new GroupRoleDto()
       .setRole(permission)
       .setGroupId(groupId)
       .setResourceId(resourceId);
     updateProjectAuthorizationDate(resourceId, session);
-    if (session != null) {
-      roleDao.deleteGroupRole(groupRole, session);
-    } else {
-      roleDao.deleteGroupRole(groupRole);
-    }
-  }
-
-  public void deleteGroupPermission(@Nullable Long resourceId, @Nullable Long groupId, String permission) {
-    deleteGroupPermission(resourceId, groupId, permission, null);
+    roleDao.deleteGroupRole(groupRole, session);
   }
 
-  public void deleteGroupPermission(@Nullable Long resourceId, String groupName, String permission, @Nullable SqlSession session) {
+  public void deleteGroupPermission(@Nullable Long resourceId, String groupName, String permission, DbSession session) {
     if (DefaultGroups.isAnyone(groupName)) {
       deleteGroupPermission(resourceId, (Long) null, permission, session);
     } else {
@@ -167,13 +133,9 @@ public class PermissionFacade implements TaskComponent, ServerComponent {
   /**
    * For each modification of permission on a project, update the authorization_updated_at to help ES reindex only relevant changes
    */
-  private void updateProjectAuthorizationDate(@Nullable Long projectId, @Nullable SqlSession session){
+  private void updateProjectAuthorizationDate(@Nullable Long projectId, DbSession session) {
     if (projectId != null) {
-      if (session != null) {
-        resourceDao.updateAuthorizationDate(projectId, session);
-      } else {
-        resourceDao.updateAuthorizationDate(projectId);
-      }
+      resourceDao.updateAuthorizationDate(projectId, session);
     }
   }
 
@@ -181,75 +143,69 @@ public class PermissionFacade implements TaskComponent, ServerComponent {
    * Load permission template and load associated collections of users and groups permissions
    */
   @VisibleForTesting
-  PermissionTemplateDto getPermissionTemplateWithPermissions(String templateKey) {
-    PermissionTemplateDto permissionTemplateDto = permissionTemplateDao.selectTemplateByKey(templateKey);
+  PermissionTemplateDto getPermissionTemplateWithPermissions(DbSession session, String templateKey) {
+    PermissionTemplateDto permissionTemplateDto = permissionTemplateDao.selectTemplateByKey(session, templateKey);
     if (permissionTemplateDto == null) {
       throw new IllegalArgumentException("Could not retrieve permission template with key " + templateKey);
     }
-    PermissionTemplateDto templateWithPermissions = permissionTemplateDao.selectPermissionTemplate(permissionTemplateDto.getKee());
+    PermissionTemplateDto templateWithPermissions = permissionTemplateDao.selectPermissionTemplate(session, permissionTemplateDto.getKee());
     if (templateWithPermissions == null) {
       throw new IllegalArgumentException("Could not retrieve permissions for template with key " + templateKey);
     }
     return templateWithPermissions;
   }
 
-  public void applyPermissionTemplate(String templateKey, Long resourceId) {
-    PermissionTemplateDto permissionTemplate = getPermissionTemplateWithPermissions(templateKey);
-    SqlSession session = myBatis.openSession(false);
-    try {
-      updateProjectAuthorizationDate(resourceId, session);
-      removeAllPermissions(resourceId, session);
-      List<PermissionTemplateUserDto> usersPermissions = permissionTemplate.getUsersPermissions();
-      if (usersPermissions != null) {
-        for (PermissionTemplateUserDto userPermission : usersPermissions) {
-          insertUserPermission(resourceId, userPermission.getUserId(), userPermission.getPermission(), false, session);
-        }
+  public void applyPermissionTemplate(DbSession session, String templateKey, Long resourceId) {
+    PermissionTemplateDto permissionTemplate = getPermissionTemplateWithPermissions(session, templateKey);
+    updateProjectAuthorizationDate(resourceId, session);
+    removeAllPermissions(resourceId, session);
+    List<PermissionTemplateUserDto> usersPermissions = permissionTemplate.getUsersPermissions();
+    if (usersPermissions != null) {
+      for (PermissionTemplateUserDto userPermission : usersPermissions) {
+        insertUserPermission(resourceId, userPermission.getUserId(), userPermission.getPermission(), false, session);
       }
-      List<PermissionTemplateGroupDto> groupsPermissions = permissionTemplate.getGroupsPermissions();
-      if (groupsPermissions != null) {
-        for (PermissionTemplateGroupDto groupPermission : groupsPermissions) {
-          Long groupId = groupPermission.getGroupId() == null ? null : groupPermission.getGroupId();
-          insertGroupPermission(resourceId, groupId, groupPermission.getPermission(), false, session);
-        }
+    }
+    List<PermissionTemplateGroupDto> groupsPermissions = permissionTemplate.getGroupsPermissions();
+    if (groupsPermissions != null) {
+      for (PermissionTemplateGroupDto groupPermission : groupsPermissions) {
+        Long groupId = groupPermission.getGroupId() == null ? null : groupPermission.getGroupId();
+        insertGroupPermission(resourceId, groupId, groupPermission.getPermission(), false, session);
       }
-      session.commit();
-    } finally {
-      MyBatis.closeQuietly(session);
     }
   }
 
-  public int countComponentPermissions(Long resourceId) {
-    return roleDao.countResourceGroupRoles(resourceId) + roleDao.countResourceUserRoles(resourceId);
+  public int countComponentPermissions(DbSession session, Long resourceId) {
+    return roleDao.countResourceGroupRoles(session, resourceId) + roleDao.countResourceUserRoles(session, resourceId);
   }
 
-  protected void removeAllPermissions(Long resourceId, SqlSession session) {
+  protected void removeAllPermissions(Long resourceId, DbSession session) {
     roleDao.deleteGroupRolesByResourceId(resourceId, session);
     roleDao.deleteUserRolesByResourceId(resourceId, session);
   }
 
-  public List<String> selectGroupPermissions(String group, Long componentId) {
-    return roleDao.selectGroupPermissions(group, componentId);
+  public List<String> selectGroupPermissions(DbSession session, String group, Long componentId) {
+    return roleDao.selectGroupPermissions(session, group, componentId);
   }
 
-  public List<String> selectUserPermissions(String user, Long componentId) {
-    return roleDao.selectUserPermissions(user, componentId);
+  public List<String> selectUserPermissions(DbSession session, String user, Long componentId) {
+    return roleDao.selectUserPermissions(session, user, componentId);
   }
 
-  public void grantDefaultRoles(Long componentId, String qualifier) {
-    ResourceDto resource = resourceDao.getResource(componentId);
+  public void grantDefaultRoles(DbSession session, Long componentId, String qualifier) {
+    ResourceDto resource = resourceDao.getResource(componentId, session);
     if (resource == null) {
       throw new IllegalStateException("Unable to find resource with id " + componentId);
     }
-    String applicablePermissionTemplateKey = getApplicablePermissionTemplateKey(resource.getKey(), qualifier);
-    applyPermissionTemplate(applicablePermissionTemplateKey, componentId);
+    String applicablePermissionTemplateKey = getApplicablePermissionTemplateKey(session, resource.getKey(), qualifier);
+    applyPermissionTemplate(session, applicablePermissionTemplateKey, componentId);
   }
 
   /**
    * Return the permission template for the given componentKey. If no template key pattern match then consider default
    * permission template for the resource qualifier.
    */
-  private String getApplicablePermissionTemplateKey(final String componentKey, String qualifier) {
-    List<PermissionTemplateDto> allPermissionTemplates = permissionTemplateDao.selectAllPermissionTemplates();
+  private String getApplicablePermissionTemplateKey(DbSession session, final String componentKey, String qualifier) {
+    List<PermissionTemplateDto> allPermissionTemplates = permissionTemplateDao.selectAllPermissionTemplates(session);
     List<PermissionTemplateDto> matchingTemplates = new ArrayList<PermissionTemplateDto>();
     for (PermissionTemplateDto permissionTemplateDto : allPermissionTemplates) {
       String keyPattern = permissionTemplateDto.getKeyPattern();
diff --git a/sonar-core/src/main/java/org/sonar/core/permission/PermissionTemplateDao.java b/sonar-core/src/main/java/org/sonar/core/permission/PermissionTemplateDao.java
index fccb4fa09f4..34165a634ca 100644
--- a/sonar-core/src/main/java/org/sonar/core/permission/PermissionTemplateDao.java
+++ b/sonar-core/src/main/java/org/sonar/core/permission/PermissionTemplateDao.java
@@ -28,6 +28,7 @@ import org.sonar.api.ServerComponent;
 import org.sonar.api.security.DefaultGroups;
 import org.sonar.api.task.TaskComponent;
 import org.sonar.api.utils.System2;
+import org.sonar.core.persistence.DbSession;
 import org.sonar.core.persistence.MyBatis;
 
 import javax.annotation.CheckForNull;
@@ -91,41 +92,54 @@ public class PermissionTemplateDao implements TaskComponent, ServerComponent {
   }
 
   @CheckForNull
+  public PermissionTemplateDto selectTemplateByKey(DbSession session, String templateKey) {
+    return session.getMapper(PermissionTemplateMapper.class).selectByKey(templateKey);
+  }
+
+  @CheckForNull
   public PermissionTemplateDto selectTemplateByKey(String templateKey) {
-    SqlSession session = myBatis.openSession(false);
+    DbSession session = myBatis.openSession(false);
     try {
-      PermissionTemplateMapper mapper = session.getMapper(PermissionTemplateMapper.class);
-      return mapper.selectByKey(templateKey);
+      return selectTemplateByKey(session, templateKey);
     } finally {
       MyBatis.closeQuietly(session);
     }
   }
 
   @CheckForNull
-  public PermissionTemplateDto selectPermissionTemplate(String templateKey) {
+  public PermissionTemplateDto selectPermissionTemplate(DbSession session, String templateKey) {
     PermissionTemplateDto permissionTemplate = null;
-    SqlSession session = myBatis.openSession(false);
+    PermissionTemplateMapper mapper = session.getMapper(PermissionTemplateMapper.class);
+    permissionTemplate = mapper.selectByKey(templateKey);
+    PermissionTemplateDto templateUsersPermissions = mapper.selectTemplateUsersPermissions(templateKey);
+    if (templateUsersPermissions != null) {
+      permissionTemplate.setUsersPermissions(templateUsersPermissions.getUsersPermissions());
+    }
+    PermissionTemplateDto templateGroupsPermissions = mapper.selectTemplateGroupsPermissions(templateKey);
+    if (templateGroupsPermissions != null) {
+      permissionTemplate.setGroupsByPermission(templateGroupsPermissions.getGroupsPermissions());
+    }
+    return permissionTemplate;
+  }
+
+  @CheckForNull
+  public PermissionTemplateDto selectPermissionTemplate(String templateKey) {
+    DbSession session = myBatis.openSession(false);
     try {
-      PermissionTemplateMapper mapper = session.getMapper(PermissionTemplateMapper.class);
-      permissionTemplate = mapper.selectByKey(templateKey);
-      PermissionTemplateDto templateUsersPermissions = mapper.selectTemplateUsersPermissions(templateKey);
-      if (templateUsersPermissions != null) {
-        permissionTemplate.setUsersPermissions(templateUsersPermissions.getUsersPermissions());
-      }
-      PermissionTemplateDto templateGroupsPermissions = mapper.selectTemplateGroupsPermissions(templateKey);
-      if (templateGroupsPermissions != null) {
-        permissionTemplate.setGroupsByPermission(templateGroupsPermissions.getGroupsPermissions());
-      }
+      return selectPermissionTemplate(session, templateKey);
     } finally {
       MyBatis.closeQuietly(session);
     }
-    return permissionTemplate;
+  }
+
+  public List<PermissionTemplateDto> selectAllPermissionTemplates(DbSession session) {
+    return session.selectList("selectAllPermissionTemplates");
   }
 
   public List<PermissionTemplateDto> selectAllPermissionTemplates() {
-    SqlSession session = myBatis.openSession(false);
+    DbSession session = myBatis.openSession(false);
     try {
-      return session.selectList("selectAllPermissionTemplates");
+      return selectAllPermissionTemplates(session);
     } finally {
       MyBatis.closeQuietly(session);
     }
diff --git a/sonar-core/src/main/java/org/sonar/core/resource/DefaultResourcePermissions.java b/sonar-core/src/main/java/org/sonar/core/resource/DefaultResourcePermissions.java
index 0b167cfe728..c0e7b7cf71b 100644
--- a/sonar-core/src/main/java/org/sonar/core/resource/DefaultResourcePermissions.java
+++ b/sonar-core/src/main/java/org/sonar/core/resource/DefaultResourcePermissions.java
@@ -19,10 +19,10 @@
  */
 package org.sonar.core.resource;
 
-import org.apache.ibatis.session.SqlSession;
 import org.sonar.api.resources.Resource;
 import org.sonar.api.security.ResourcePermissions;
 import org.sonar.core.permission.PermissionFacade;
+import org.sonar.core.persistence.DbSession;
 import org.sonar.core.persistence.MyBatis;
 import org.sonar.core.user.UserDto;
 import org.sonar.core.user.UserMapper;
@@ -41,16 +41,21 @@ public class DefaultResourcePermissions implements ResourcePermissions {
   }
 
   public boolean hasRoles(Resource resource) {
-    if (resource.getId() != null) {
-      Long resourceId = Long.valueOf(resource.getId());
-      return permissionFacade.countComponentPermissions(resourceId) > 0;
+    DbSession session = myBatis.openSession(false);
+    try {
+      if (resource.getId() != null) {
+        Long resourceId = Long.valueOf(resource.getId());
+        return permissionFacade.countComponentPermissions(session, resourceId) > 0;
+      }
+    } finally {
+      MyBatis.closeQuietly(session);
     }
     return false;
   }
 
   public void grantUserRole(Resource resource, String login, String role) {
     if (resource.getId() != null) {
-      SqlSession session = myBatis.openSession(false);
+      DbSession session = myBatis.openSession(false);
       try {
         UserDto user = session.getMapper(UserMapper.class).selectUserByLogin(login);
         if (user != null) {
@@ -66,7 +71,7 @@ public class DefaultResourcePermissions implements ResourcePermissions {
 
   public void grantGroupRole(Resource resource, String groupName, String role) {
     if (resource.getId() != null) {
-      SqlSession session = myBatis.openSession(false);
+      DbSession session = myBatis.openSession(false);
       try {
         permissionFacade.deleteGroupPermission(Long.valueOf(resource.getId()), groupName, role, session);
         permissionFacade.insertGroupPermission(Long.valueOf(resource.getId()), groupName, role, session);
@@ -78,6 +83,12 @@ public class DefaultResourcePermissions implements ResourcePermissions {
   }
 
   public void grantDefaultRoles(Resource resource) {
-    permissionFacade.grantDefaultRoles(Long.valueOf(resource.getId()), resource.getQualifier());
+    DbSession session = myBatis.openSession(false);
+    try {
+      permissionFacade.grantDefaultRoles(session, Long.valueOf(resource.getId()), resource.getQualifier());
+      session.commit();
+    } finally {
+      MyBatis.closeQuietly(session);
+    }
   }
 }
diff --git a/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java b/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java
index 901bf3a1507..acb2746d0cc 100644
--- a/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java
+++ b/sonar-core/src/main/java/org/sonar/core/resource/ResourceDao.java
@@ -68,7 +68,7 @@ public class ResourceDao implements DaoComponent {
    */
   @CheckForNull
   public ResourceDto getResource(ResourceQuery query) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
       return getResource(query, session);
     } finally {
@@ -77,7 +77,7 @@ public class ResourceDao implements DaoComponent {
   }
 
   @CheckForNull
-  public ResourceDto getResource(ResourceQuery query, SqlSession session) {
+  public ResourceDto getResource(ResourceQuery query, DbSession session) {
     List<ResourceDto> resources = getResources(query, session);
     if (!resources.isEmpty()) {
       return resources.get(0);
@@ -162,21 +162,11 @@ public class ResourceDao implements DaoComponent {
     return this;
   }
 
-  public void updateAuthorizationDate(Long projectId, SqlSession session) {
-    session.getMapper(ResourceMapper.class).updateAuthorizationDate(projectId, new Date(system2.now()));
-  }
-
   /**
    * Should not be called from batch side (used to reindex permission in E/S)
    */
-  public void updateAuthorizationDate(Long projectId) {
-    SqlSession session = mybatis.openSession(false);
-    try {
-      updateAuthorizationDate(projectId, session);
-      session.commit();
-    } finally {
-      MyBatis.closeQuietly(session);
-    }
+  public void updateAuthorizationDate(Long projectId, SqlSession session) {
+    session.getMapper(ResourceMapper.class).updateAuthorizationDate(projectId, new Date(system2.now()));
   }
 
   public Collection<ComponentDto> selectComponentsByIds(Collection<Long> ids) {
@@ -347,10 +337,14 @@ public class ResourceDao implements DaoComponent {
   /**
    * Return provisioned project with given key
    */
+  public ResourceDto selectProvisionedProject(DbSession session, String key) {
+    return session.getMapper(ResourceMapper.class).selectProvisionedProject(key);
+  }
+
   public ResourceDto selectProvisionedProject(String key) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
-      return session.getMapper(ResourceMapper.class).selectProvisionedProject(key);
+      return selectProvisionedProject(session, key);
     } finally {
       MyBatis.closeQuietly(session);
     }
diff --git a/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java b/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
index 104f62402c5..2a6b191daf7 100644
--- a/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/RoleDao.java
@@ -24,9 +24,11 @@ import org.apache.ibatis.session.SqlSession;
 import org.sonar.api.ServerComponent;
 import org.sonar.api.security.DefaultGroups;
 import org.sonar.api.task.TaskComponent;
+import org.sonar.core.persistence.DbSession;
 import org.sonar.core.persistence.MyBatis;
 
 import javax.annotation.Nullable;
+
 import java.util.List;
 
 public class RoleDao implements TaskComponent, ServerComponent {
@@ -37,28 +39,34 @@ public class RoleDao implements TaskComponent, ServerComponent {
     this.mybatis = mybatis;
   }
 
+  public List<String> selectUserPermissions(DbSession session, String userLogin, @Nullable Long resourceId) {
+    return session.getMapper(RoleMapper.class).selectUserPermissions(userLogin, resourceId);
+  }
+
   public List<String> selectUserPermissions(String userLogin, @Nullable Long resourceId) {
-    SqlSession session = mybatis.openSession(false);
-    RoleMapper mapper = session.getMapper(RoleMapper.class);
+    DbSession session = mybatis.openSession(false);
     try {
-      return mapper.selectUserPermissions(userLogin, resourceId);
+      return selectUserPermissions(session, userLogin, resourceId);
     } finally {
       MyBatis.closeQuietly(session);
     }
   }
 
+  public List<String> selectGroupPermissions(DbSession session, String groupName, @Nullable Long resourceId) {
+    return session.getMapper(RoleMapper.class).selectGroupPermissions(groupName, resourceId, DefaultGroups.isAnyone(groupName));
+  }
+
   public List<String> selectGroupPermissions(String groupName, @Nullable Long resourceId) {
-    SqlSession session = mybatis.openSession(false);
-    RoleMapper mapper = session.getMapper(RoleMapper.class);
+    DbSession session = mybatis.openSession(false);
     try {
-      return mapper.selectGroupPermissions(groupName, resourceId, DefaultGroups.isAnyone(groupName));
+      return selectGroupPermissions(session, groupName, resourceId);
     } finally {
       MyBatis.closeQuietly(session);
     }
   }
 
   public void insertGroupRole(GroupRoleDto groupRole) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
       insertGroupRole(groupRole, session);
       session.commit();
@@ -73,7 +81,7 @@ public class RoleDao implements TaskComponent, ServerComponent {
   }
 
   public void insertUserRole(UserRoleDto userRole) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
       insertUserRole(userRole, session);
       session.commit();
@@ -88,7 +96,7 @@ public class RoleDao implements TaskComponent, ServerComponent {
   }
 
   public void deleteUserRole(UserRoleDto userRole) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
       deleteUserRole(userRole, session);
       session.commit();
@@ -103,7 +111,7 @@ public class RoleDao implements TaskComponent, ServerComponent {
   }
 
   public void deleteGroupRole(GroupRoleDto groupRole) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
       deleteGroupRole(groupRole, session);
       session.commit();
@@ -127,21 +135,27 @@ public class RoleDao implements TaskComponent, ServerComponent {
     mapper.deleteUserRolesByResourceId(resourceId);
   }
 
+  public int countResourceGroupRoles(DbSession session, Long resourceId) {
+    return session.getMapper(RoleMapper.class).countResourceGroupRoles(resourceId);
+  }
+
   public int countResourceGroupRoles(Long resourceId) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
-      RoleMapper mapper = session.getMapper(RoleMapper.class);
-      return mapper.countResourceGroupRoles(resourceId);
+      return countResourceGroupRoles(session, resourceId);
     } finally {
       MyBatis.closeQuietly(session);
     }
   }
 
+  public int countResourceUserRoles(DbSession session, Long resourceId) {
+    return session.getMapper(RoleMapper.class).countResourceUserRoles(resourceId);
+  }
+
   public int countResourceUserRoles(Long resourceId) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
-      RoleMapper mapper = session.getMapper(RoleMapper.class);
-      return mapper.countResourceUserRoles(resourceId);
+      return countResourceUserRoles(session, resourceId);
     } finally {
       MyBatis.closeQuietly(session);
     }
diff --git a/sonar-core/src/main/java/org/sonar/core/user/UserDao.java b/sonar-core/src/main/java/org/sonar/core/user/UserDao.java
index 577af4e9e70..d4060795d3f 100644
--- a/sonar-core/src/main/java/org/sonar/core/user/UserDao.java
+++ b/sonar-core/src/main/java/org/sonar/core/user/UserDao.java
@@ -25,9 +25,11 @@ import org.sonar.api.BatchComponent;
 import org.sonar.api.ServerComponent;
 import org.sonar.api.user.UserQuery;
 import org.sonar.core.persistence.DaoComponent;
+import org.sonar.core.persistence.DbSession;
 import org.sonar.core.persistence.MyBatis;
 
 import javax.annotation.CheckForNull;
+
 import java.util.List;
 
 /**
@@ -61,7 +63,7 @@ public class UserDao implements BatchComponent, ServerComponent, DaoComponent {
    */
   @CheckForNull
   public UserDto selectActiveUserByLogin(String login) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
       return selectActiveUserByLogin(login, session);
     } finally {
@@ -69,7 +71,7 @@ public class UserDao implements BatchComponent, ServerComponent, DaoComponent {
     }
   }
 
-  public UserDto selectActiveUserByLogin(String login, SqlSession session) {
+  public UserDto selectActiveUserByLogin(String login, DbSession session) {
     UserMapper mapper = session.getMapper(UserMapper.class);
     return mapper.selectUserByLogin(login);
   }
@@ -151,14 +153,14 @@ public class UserDao implements BatchComponent, ServerComponent, DaoComponent {
    * @return the group, null if group not found
    */
   @CheckForNull
-  public GroupDto selectGroupByName(String name, SqlSession session) {
+  public GroupDto selectGroupByName(String name, DbSession session) {
     UserMapper mapper = session.getMapper(UserMapper.class);
     return mapper.selectGroupByName(name);
   }
 
   @CheckForNull
   public GroupDto selectGroupByName(String name) {
-    SqlSession session = mybatis.openSession(false);
+    DbSession session = mybatis.openSession(false);
     try {
       return selectGroupByName(name, session);
     } finally {
diff --git a/sonar-core/src/test/java/org/sonar/core/permission/PermissionFacadeTest.java b/sonar-core/src/test/java/org/sonar/core/permission/PermissionFacadeTest.java
index 2d6149002b7..4b52afa5022 100644
--- a/sonar-core/src/test/java/org/sonar/core/permission/PermissionFacadeTest.java
+++ b/sonar-core/src/test/java/org/sonar/core/permission/PermissionFacadeTest.java
@@ -20,7 +20,7 @@
 
 package org.sonar.core.permission;
 
-import org.apache.ibatis.session.SqlSession;
+import org.junit.After;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -30,7 +30,7 @@ import org.sonar.api.utils.DateUtils;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
 import org.sonar.core.persistence.AbstractDaoTestCase;
-import org.sonar.core.persistence.MyBatis;
+import org.sonar.core.persistence.DbSession;
 import org.sonar.core.resource.ResourceDao;
 import org.sonar.core.user.RoleDao;
 import org.sonar.core.user.UserDao;
@@ -44,56 +44,64 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
   @Rule
   public ExpectedException throwable = ExpectedException.none();
 
-  private System2 system2;
-  private PermissionFacade permissionFacade;
-  private PermissionTemplateDao permissionTemplateDao;
-  private ResourceDao resourceDao;
+  DbSession session;
+  System2 system2;
+  PermissionFacade permissionFacade;
+  PermissionTemplateDao permissionTemplateDao;
+  ResourceDao resourceDao;
 
   @Before
   public void setUp() {
     system2 = mock(System2.class);
     when(system2.now()).thenReturn(DateUtils.parseDate("2014-09-03").getTime());
 
+    session = getMyBatis().openSession(false);
     RoleDao roleDao = new RoleDao(getMyBatis());
     UserDao userDao = new UserDao(getMyBatis());
     permissionTemplateDao = new PermissionTemplateDao(getMyBatis(), System2.INSTANCE);
     Settings settings = new Settings();
     resourceDao = new ResourceDao(getMyBatis(), system2);
-    permissionFacade = new PermissionFacade(getMyBatis(), roleDao, userDao, resourceDao, permissionTemplateDao, settings);
+    permissionFacade = new PermissionFacade(roleDao, userDao, resourceDao, permissionTemplateDao, settings);
+  }
+
+  @After
+  public void tearDown() throws Exception {
+    session.close();
   }
 
   @Test
   public void should_apply_permission_template() throws Exception {
     setupData("should_apply_permission_template");
 
-    assertThat(permissionFacade.selectGroupPermissions("sonar-administrators", 123L)).isEmpty();
-    assertThat(permissionFacade.selectGroupPermissions("sonar-users", 123L)).isEmpty();
-    assertThat(permissionFacade.selectGroupPermissions("Anyone", 123L)).isEmpty();
-    assertThat(permissionFacade.selectUserPermissions("marius", 123L)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-administrators", 123L)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-users", 123L)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "Anyone", 123L)).isEmpty();
+    assertThat(permissionFacade.selectUserPermissions(session, "marius", 123L)).isEmpty();
 
-    permissionFacade.applyPermissionTemplate("default_20130101_010203", 123L);
+    permissionFacade.applyPermissionTemplate(session, "default_20130101_010203", 123L);
 
-    assertThat(permissionFacade.selectGroupPermissions("sonar-administrators", 123L)).containsOnly("admin", "issueadmin");
-    assertThat(permissionFacade.selectGroupPermissions("sonar-users", 123L)).containsOnly("user", "codeviewer");
-    assertThat(permissionFacade.selectGroupPermissions("Anyone", 123L)).containsOnly("user", "codeviewer");
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-administrators", 123L)).containsOnly("admin", "issueadmin");
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-users", 123L)).containsOnly("user", "codeviewer");
+    assertThat(permissionFacade.selectGroupPermissions(session, "Anyone", 123L)).containsOnly("user", "codeviewer");
 
-    assertThat(permissionFacade.selectUserPermissions("marius", 123L)).containsOnly("admin");
+    assertThat(permissionFacade.selectUserPermissions(session, "marius", 123L)).containsOnly("admin");
 
-    assertThat(resourceDao.getResource(123L).getAuthorizationUpdatedAt()).isEqualTo(DateUtils.parseDate("2014-09-03"));
+    assertThat(resourceDao.getResource(123L, session).getAuthorizationUpdatedAt()).isEqualTo(DateUtils.parseDate("2014-09-03"));
   }
 
   @Test
   public void should_count_component_permissions() throws Exception {
     setupData("should_count_component_permissions");
 
-    assertThat(permissionFacade.countComponentPermissions(123L)).isEqualTo(2);
+    assertThat(permissionFacade.countComponentPermissions(session, 123L)).isEqualTo(2);
   }
 
   @Test
   public void should_add_user_permission() throws Exception {
     setupData("should_add_user_permission");
 
-    permissionFacade.insertUserPermission(123L, 200L, UserRole.ADMIN);
+    permissionFacade.insertUserPermission(123L, 200L, UserRole.ADMIN, session);
+    session.commit();
 
     checkTable("should_add_user_permission", "user_roles", "user_id", "resource_id", "role");
     checkTable("should_add_user_permission", "projects", "authorization_updated_at");
@@ -103,7 +111,8 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
   public void should_delete_user_permission() throws Exception {
     setupData("should_delete_user_permission");
 
-    permissionFacade.deleteUserPermission(123L, 200L, UserRole.ADMIN);
+    permissionFacade.deleteUserPermission(123L, 200L, UserRole.ADMIN, session);
+    session.commit();
 
     checkTable("should_delete_user_permission", "user_roles", "user_id", "resource_id", "role");
     checkTable("should_delete_user_permission", "projects", "authorization_updated_at");
@@ -113,13 +122,8 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
   public void should_insert_group_permission() throws Exception {
     setupData("should_insert_group_permission");
 
-    SqlSession session = getMyBatis().openSession();
-    try {
-      permissionFacade.insertGroupPermission(123L, 100L, UserRole.USER);
-      session.commit();
-    } finally {
-      MyBatis.closeQuietly(session);
-    }
+    permissionFacade.insertGroupPermission(123L, 100L, UserRole.USER, session);
+    session.commit();
 
     checkTable("should_insert_group_permission", "group_roles", "group_id", "resource_id", "role");
     checkTable("should_insert_group_permission", "projects", "authorization_updated_at");
@@ -129,13 +133,8 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
   public void should_insert_group_name_permission() throws Exception {
     setupData("should_insert_group_permission");
 
-    SqlSession session = getMyBatis().openSession();
-    try {
-      permissionFacade.insertGroupPermission(123L, "devs", UserRole.USER, session);
-      session.commit();
-    } finally {
-      MyBatis.closeQuietly(session);
-    }
+    permissionFacade.insertGroupPermission(123L, "devs", UserRole.USER, session);
+    session.commit();
 
     checkTable("should_insert_group_permission", "group_roles", "group_id", "resource_id", "role");
     checkTable("should_insert_group_permission", "projects", "authorization_updated_at");
@@ -145,13 +144,8 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
   public void should_insert_anyone_group_permission() throws Exception {
     setupData("should_insert_anyone_group_permission");
 
-    SqlSession session = getMyBatis().openSession();
-    try {
-      permissionFacade.insertGroupPermission(123L, "Anyone", UserRole.USER, session);
-      session.commit();
-    } finally {
-      MyBatis.closeQuietly(session);
-    }
+    permissionFacade.insertGroupPermission(123L, "Anyone", UserRole.USER, session);
+    session.commit();
 
     checkTable("should_insert_anyone_group_permission", "group_roles", "group_id", "resource_id", "role");
     checkTable("should_insert_anyone_group_permission", "projects", "authorization_updated_at");
@@ -161,7 +155,8 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
   public void should_delete_group_permission() throws Exception {
     setupData("should_delete_group_permission");
 
-    permissionFacade.deleteGroupPermission(123L, 100L, UserRole.USER);
+    permissionFacade.deleteGroupPermission(123L, 100L, UserRole.USER, session);
+    session.commit();
 
     checkTable("should_delete_group_permission", "group_roles", "group_id", "resource_id", "role");
     checkTable("should_delete_group_permission", "projects", "authorization_updated_at");
@@ -171,13 +166,8 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
   public void should_delete_group_name_permission() throws Exception {
     setupData("should_delete_group_permission");
 
-    SqlSession session = getMyBatis().openSession();
-    try {
-      permissionFacade.deleteGroupPermission(123L, "devs", UserRole.USER, session);
-      session.commit();
-    } finally {
-      MyBatis.closeQuietly(session);
-    }
+    permissionFacade.deleteGroupPermission(123L, "devs", UserRole.USER, session);
+    session.commit();
 
     checkTable("should_delete_group_permission", "group_roles", "group_id", "resource_id", "role");
     checkTable("should_delete_group_permission", "projects", "authorization_updated_at");
@@ -188,12 +178,12 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
     PermissionTemplateDto permissionTemplateDto = new PermissionTemplateDto().setName("Test template").setKee("test_template");
     PermissionTemplateDto templateWithPermissions = new PermissionTemplateDto().setKee("test_template");
     permissionTemplateDao = mock(PermissionTemplateDao.class);
-    when(permissionTemplateDao.selectTemplateByKey("test_template")).thenReturn(permissionTemplateDto);
-    when(permissionTemplateDao.selectPermissionTemplate("test_template")).thenReturn(templateWithPermissions);
+    when(permissionTemplateDao.selectTemplateByKey(session, "test_template")).thenReturn(permissionTemplateDto);
+    when(permissionTemplateDao.selectPermissionTemplate(session, "test_template")).thenReturn(templateWithPermissions);
 
-    permissionFacade = new PermissionFacade(null, null, null, null, permissionTemplateDao, null);
+    permissionFacade = new PermissionFacade(null, null, null, permissionTemplateDao, null);
 
-    PermissionTemplateDto permissionTemplate = permissionFacade.getPermissionTemplateWithPermissions("test_template");
+    PermissionTemplateDto permissionTemplate = permissionFacade.getPermissionTemplateWithPermissions(session, "test_template");
 
     assertThat(permissionTemplate).isSameAs(templateWithPermissions);
   }
@@ -204,31 +194,26 @@ public class PermissionFacadeTest extends AbstractDaoTestCase {
 
     permissionTemplateDao = mock(PermissionTemplateDao.class);
 
-    permissionFacade = new PermissionFacade(null, null, null, null, permissionTemplateDao, null);
-    permissionFacade.getPermissionTemplateWithPermissions("unmatched");
+    permissionFacade = new PermissionFacade(null, null, null, permissionTemplateDao, null);
+    permissionFacade.getPermissionTemplateWithPermissions(session, "unmatched");
   }
 
   @Test
   public void should_remove_all_permissions() throws Exception {
     setupData("should_remove_all_permissions");
 
-    SqlSession session = getMyBatis().openSession();
-    try {
-      assertThat(permissionFacade.selectGroupPermissions("devs", 123L)).hasSize(1);
-      assertThat(permissionFacade.selectGroupPermissions("other", 123L)).isEmpty();
-      assertThat(permissionFacade.selectUserPermissions("dave.loper", 123L)).hasSize(1);
-      assertThat(permissionFacade.selectUserPermissions("other.user", 123L)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "devs", 123L)).hasSize(1);
+    assertThat(permissionFacade.selectGroupPermissions(session, "other", 123L)).isEmpty();
+    assertThat(permissionFacade.selectUserPermissions(session, "dave.loper", 123L)).hasSize(1);
+    assertThat(permissionFacade.selectUserPermissions(session, "other.user", 123L)).isEmpty();
 
-      permissionFacade.removeAllPermissions(123L, session);
-      session.commit();
-    } finally {
-      MyBatis.closeQuietly(session);
-    }
+    permissionFacade.removeAllPermissions(123L, session);
+    session.commit();
 
     checkTable("should_remove_all_permissions", "group_roles", "group_id", "resource_id", "role");
     checkTable("should_remove_all_permissions", "user_roles", "user_id", "resource_id", "role");
 
-    assertThat(permissionFacade.selectGroupPermissions("devs", 123L)).isEmpty();
-    assertThat(permissionFacade.selectUserPermissions("dave.loper", 123L)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "devs", 123L)).isEmpty();
+    assertThat(permissionFacade.selectUserPermissions(session, "dave.loper", 123L)).isEmpty();
   }
 }
diff --git a/sonar-core/src/test/java/org/sonar/core/resource/DefaultResourcePermissionsTest.java b/sonar-core/src/test/java/org/sonar/core/resource/DefaultResourcePermissionsTest.java
index d1aed3aee66..8ed1cf598e0 100644
--- a/sonar-core/src/test/java/org/sonar/core/resource/DefaultResourcePermissionsTest.java
+++ b/sonar-core/src/test/java/org/sonar/core/resource/DefaultResourcePermissionsTest.java
@@ -19,6 +19,7 @@
  */
 package org.sonar.core.resource;
 
+import org.junit.After;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -31,6 +32,7 @@ import org.sonar.api.utils.System2;
 import org.sonar.core.permission.PermissionFacade;
 import org.sonar.core.permission.PermissionTemplateDao;
 import org.sonar.core.persistence.AbstractDaoTestCase;
+import org.sonar.core.persistence.DbSession;
 import org.sonar.core.user.RoleDao;
 import org.sonar.core.user.UserDao;
 
@@ -40,23 +42,30 @@ public class DefaultResourcePermissionsTest extends AbstractDaoTestCase {
 
   private final static Long PROJECT_ID = 123L;
 
-  private Resource project;
-  private Settings settings;
-  private DefaultResourcePermissions permissions;
-  private PermissionFacade permissionFacade;
+  DbSession session;
+  Resource project;
+  Settings settings;
+  DefaultResourcePermissions permissions;
+  PermissionFacade permissionFacade;
 
   @Rule
   public ExpectedException throwable = ExpectedException.none();
 
   @Before
   public void initResourcePermissions() {
+    session = getMyBatis().openSession(false);
     project = new Project("project").setId(PROJECT_ID.intValue());
     settings = new Settings();
-    permissionFacade = new PermissionFacade(getMyBatis(),
-      new RoleDao(getMyBatis()), new UserDao(getMyBatis()), new ResourceDao(getMyBatis(), System2.INSTANCE), new PermissionTemplateDao(getMyBatis(), System2.INSTANCE), settings);
+    permissionFacade = new PermissionFacade(new RoleDao(getMyBatis()), new UserDao(getMyBatis()), new ResourceDao(getMyBatis(), System2.INSTANCE),
+      new PermissionTemplateDao(getMyBatis(), System2.INSTANCE), settings);
     permissions = new DefaultResourcePermissions(getMyBatis(), permissionFacade);
   }
 
+  @After
+  public void tearDown() throws Exception {
+    session.close();
+  }
+
   @Test
   public void grantGroupRole() {
     setupData("grantGroupRole");
@@ -115,18 +124,19 @@ public class DefaultResourcePermissionsTest extends AbstractDaoTestCase {
 
     settings.setProperty("sonar.permission.template.default", "default_template_20130101_010203");
 
-    assertThat(permissionFacade.selectGroupPermissions("sonar-administrators", PROJECT_ID)).isEmpty();
-    assertThat(permissionFacade.selectGroupPermissions("sonar-users", PROJECT_ID)).isEmpty();
-    assertThat(permissionFacade.selectGroupPermissions("Anyone", PROJECT_ID)).isEmpty();
-    assertThat(permissionFacade.selectUserPermissions("marius", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-administrators", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-users", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "Anyone", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectUserPermissions(session, "marius", PROJECT_ID)).isEmpty();
 
     permissions.grantDefaultRoles(project);
+    session.commit();
 
-    assertThat(permissionFacade.selectGroupPermissions("sonar-administrators", PROJECT_ID)).containsOnly("admin");
-    assertThat(permissionFacade.selectGroupPermissions("sonar-users", PROJECT_ID)).containsOnly("user", "codeviewer");
-    assertThat(permissionFacade.selectGroupPermissions("Anyone", PROJECT_ID)).containsOnly("user", "codeviewer");
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-administrators", PROJECT_ID)).containsOnly("admin");
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-users", PROJECT_ID)).containsOnly("user", "codeviewer");
+    assertThat(permissionFacade.selectGroupPermissions(session, "Anyone", PROJECT_ID)).containsOnly("user", "codeviewer");
 
-    assertThat(permissionFacade.selectUserPermissions("marius", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectUserPermissions(session, "marius", PROJECT_ID)).isEmpty();
   }
 
   @Test
@@ -160,18 +170,19 @@ public class DefaultResourcePermissionsTest extends AbstractDaoTestCase {
     settings.setProperty("sonar.permission.template.default", "default_20130101_010203");
     settings.setProperty("sonar.permission.template.TRK.default", "default_for_trk_20130101_010203");
 
-    assertThat(permissionFacade.selectGroupPermissions("sonar-administrators", PROJECT_ID)).isEmpty();
-    assertThat(permissionFacade.selectGroupPermissions("sonar-users", PROJECT_ID)).isEmpty();
-    assertThat(permissionFacade.selectGroupPermissions("Anyone", PROJECT_ID)).isEmpty();
-    assertThat(permissionFacade.selectUserPermissions("marius", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-administrators", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-users", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectGroupPermissions(session, "Anyone", PROJECT_ID)).isEmpty();
+    assertThat(permissionFacade.selectUserPermissions(session, "marius", PROJECT_ID)).isEmpty();
 
     permissions.grantDefaultRoles(project);
+    session.commit();
 
-    assertThat(permissionFacade.selectGroupPermissions("sonar-administrators", PROJECT_ID)).containsOnly("admin", "user", "codeviewer");
-    assertThat(permissionFacade.selectGroupPermissions("sonar-users", PROJECT_ID)).containsOnly("admin");
-    assertThat(permissionFacade.selectGroupPermissions("Anyone", PROJECT_ID)).containsOnly("codeviewer");
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-administrators", PROJECT_ID)).containsOnly("admin", "user", "codeviewer");
+    assertThat(permissionFacade.selectGroupPermissions(session, "sonar-users", PROJECT_ID)).containsOnly("admin");
+    assertThat(permissionFacade.selectGroupPermissions(session, "Anyone", PROJECT_ID)).containsOnly("codeviewer");
 
-    assertThat(permissionFacade.selectUserPermissions("marius", PROJECT_ID)).containsOnly("codeviewer");
+    assertThat(permissionFacade.selectUserPermissions(session, "marius", PROJECT_ID)).containsOnly("codeviewer");
   }
 
   @Test
diff --git a/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java b/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java
index 95b36b80ff3..fa200c46851 100644
--- a/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java
+++ b/sonar-core/src/test/java/org/sonar/core/resource/ResourceDaoTest.java
@@ -494,7 +494,8 @@ public class ResourceDaoTest extends AbstractDaoTestCase {
     setupData("update_authorization_date");
 
     when(system2.now()).thenReturn(DateUtils.parseDate("2014-09-03").getTime());
-    dao.updateAuthorizationDate(1L);
+    dao.updateAuthorizationDate(1L, session);
+    session.commit();
 
     checkTables("update_authorization_date", "projects");
   }
author	Julien Lancelot <julien.lancelot@sonarsource.com>	2014-09-11 12:26:19 +0200
committer	Julien Lancelot <julien.lancelot@sonarsource.com>	2014-09-11 12:26:19 +0200
commit	49bc20e4cd664c5f373f8d451bf636d1d880bf81 (patch)
tree	b8d53feb6a6c76eab445ce28a6e0dc9a12bfd786 /sonar-core
parent	eda451a6d41f87329c0c18c7f933330581c5308b (diff)
download	sonarqube-49bc20e4cd664c5f373f8d451bf636d1d880bf81.tar.gz sonarqube-49bc20e4cd664c5f373f8d451bf636d1d880bf81.zip