diff options
| author | Sébastien Lesaint <sebastien.lesaint@sonarsource.com> | 2017-01-19 10:00:52 +0100 |
|---|---|---|
| committer | Sébastien Lesaint <sebastien.lesaint@sonarsource.com> | 2017-01-27 16:55:16 +0100 |
| commit | fcf197ca9827fc1606ecedd49d7ca37273138d8f (patch) | |
| tree | 2835daeeb6da7092b5242f109f5cf9f0abdee596 /sonar-db/src | |
| parent | 3c0dd8758d56ce8583a3a74c17a181e4cfe5918c (diff) | |
| download | sonarqube-fcf197ca9827fc1606ecedd49d7ca37273138d8f.tar.gz sonarqube-fcf197ca9827fc1606ecedd49d7ca37273138d8f.zip | |
SONAR-8608 consistent organization on permission/group/component
Diffstat (limited to 'sonar-db/src')
11 files changed, 259 insertions, 205 deletions
diff --git a/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java b/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java index 7cf6f163b49..ed88b3950e0 100644 --- a/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java +++ b/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java @@ -57,6 +57,14 @@ public interface ComponentMapper { List<ComponentDto> selectComponentsByQualifiers(@Param("qualifiers") Collection<String> qualifiers); + /** + * Counts the number of components with the specified id belonging to the specified organization. + * + * @return 1 or 0. Either because the organization uuid is not the one of the component or because the component does + * not exist. + */ + int countComponentByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("componentId") long componentId); + List<ComponentDto> selectByQuery(@Param("query") ComponentQuery query, RowBounds rowBounds); int countByQuery(@Param("query") ComponentQuery query); diff --git a/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java index 77ee9cd6907..ac972f2e31a 100644 --- a/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java +++ b/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java @@ -28,7 +28,10 @@ import org.apache.ibatis.session.RowBounds; import org.sonar.api.security.DefaultGroups; import org.sonar.db.Dao; import org.sonar.db.DbSession; +import org.sonar.db.component.ComponentMapper; +import org.sonar.db.user.GroupMapper; +import static com.google.common.base.Preconditions.checkArgument; import static org.sonar.db.DatabaseUtils.executeLargeInputs; import static org.sonar.db.DatabaseUtils.executeLargeInputsWithoutOutput; @@ -102,9 +105,33 @@ public class GroupPermissionDao implements Dao { } public void insert(DbSession dbSession, GroupPermissionDto dto) { + ensureComponentPermissionConsistency(dbSession, dto); + ensureGroupPermissionConsistency(dbSession, dto); mapper(dbSession).insert(dto); } + private static void ensureComponentPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) { + if (dto.getResourceId() == null) { + return; + } + ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class); + checkArgument( + componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getResourceId()) == 1, + "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'", + dto.getRole(), dto.getResourceId(), dto.getOrganizationUuid(), dto.getOrganizationUuid()); + } + + private static void ensureGroupPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) { + if (dto.getGroupId() == null) { + return; + } + GroupMapper groupMapper = dbSession.getMapper(GroupMapper.class); + checkArgument( + groupMapper.countGroupByOrganizationAndId(dto.getOrganizationUuid(), dto.getGroupId()) == 1, + "Can't insert permission '%s' for group with id '%s' in organization with uuid '%s' because this group does not belong to organization with uuid '%s'", + dto.getRole(), dto.getGroupId(), dto.getOrganizationUuid(), dto.getOrganizationUuid()); + } + /** * Delete all the permissions associated to a root component (project) */ diff --git a/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java b/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java index ac72fe33491..5490c119b70 100644 --- a/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java +++ b/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java @@ -27,6 +27,7 @@ import org.sonar.core.util.stream.Collectors; import org.sonar.db.Dao; import org.sonar.db.DatabaseUtils; import org.sonar.db.DbSession; +import org.sonar.db.component.ComponentMapper; import static com.google.common.base.Preconditions.checkArgument; import static java.util.Collections.emptyList; @@ -107,9 +108,21 @@ public class UserPermissionDao implements Dao { } public void insert(DbSession dbSession, UserPermissionDto dto) { + ensureComponentPermissionConsistency(dbSession, dto); mapper(dbSession).insert(dto); } + private static void ensureComponentPermissionConsistency(DbSession dbSession, UserPermissionDto dto) { + if (dto.getComponentId() == null) { + return; + } + ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class); + checkArgument( + componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getComponentId()) == 1, + "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'", + dto.getPermission(), dto.getComponentId(), dto.getOrganizationUuid(), dto.getOrganizationUuid()); + } + /** * Removes a single global permission from user */ diff --git a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java index cbb3e0dff7c..8066482bb79 100644 --- a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java +++ b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java @@ -42,6 +42,13 @@ public interface GroupMapper { int countByQuery(@Param("organizationUuid") String organizationUuid, @Nullable @Param("query") String query); + /** + * Counts the number of groups with the specified id belonging to the specified organization. + * + * @return 1 or 0. Either because the organization uuid is not the one of the group or because the group does not exist + */ + int countGroupByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("groupId") long groupId); + void deleteById(long groupId); void deleteByOrganization(@Param("organizationUuid") String organizationUuid); diff --git a/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml b/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml index 0607cbce185..c6614dd1d44 100644 --- a/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml +++ b/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml @@ -225,6 +225,15 @@ </foreach> </select> + <select id="countComponentByOrganizationAndId" resultType="int"> + select + count(1) + from projects p + where + p.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} + and p.id = #{componentId,jdbcType=BIGINT} + </select> + <select id="selectByQuery" resultType="Component"> select <include refid="componentColumns"/> diff --git a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml index bc74e334d7e..39b0193fc31 100644 --- a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml +++ b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml @@ -120,6 +120,15 @@ </if> </select> + <select id="countGroupByOrganizationAndId" parameterType="map" resultType="int"> + select + count(1) + from groups g + where + g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} + and g.id = #{groupId,jdbcType=BIGINT} + </select> + <select id="selectByOrganizationUuid" parameterType="map" resultType="Group"> select <include refid="groupColumns"/> diff --git a/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java b/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java index 0bc7faa939a..b44fcf8c1b7 100644 --- a/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java +++ b/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java @@ -53,6 +53,7 @@ public class AuthorizationDaoTest { @Rule public DbTester db = DbTester.create(System2.INSTANCE); + private DbSession dbSession = db.getSession(); private AuthorizationDao underTest = new AuthorizationDao(db.myBatis()); private OrganizationDto org; @@ -76,10 +77,10 @@ public class AuthorizationDaoTest { */ @Test public void selectOrganizationPermissions_for_logged_in_user() { - ComponentDto project = db.components().insertProject(); + ComponentDto project = db.components().insertProject(org); db.users().insertMember(group1, user); db.users().insertPermissionOnUser(org, user, "perm1"); - db.users().insertProjectPermissionOnUser(org, user, "perm42", project); + db.users().insertProjectPermissionOnUser(user, "perm42", project); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertPermissionOnAnyone(org, "perm3"); @@ -117,8 +118,8 @@ public class AuthorizationDaoTest { @Test public void selectRootComponentPermissions_for_logged_in_user() { db.users().insertMember(group1, user); - ComponentDto project1 = db.components().insertProject(); - db.users().insertProjectPermissionOnAnyone("perm1", project1); + ComponentDto project1 = db.components().insertProject(org); + db.users().insertProjectPermissionOnAnyone(org, "perm1", project1); db.users().insertProjectPermissionOnGroup(group1, "perm2", project1); db.users().insertProjectPermissionOnUser(user, "perm3", project1); @@ -141,14 +142,14 @@ public class AuthorizationDaoTest { */ @Test public void selectRootComponentPermissions_for_anonymous_user() { - ComponentDto project1 = db.components().insertProject(); - db.users().insertProjectPermissionOnAnyone("perm1", project1); + ComponentDto project1 = db.components().insertProject(org); + db.users().insertProjectPermissionOnAnyone(org, "perm1", project1); // ignored permissions db.users().insertPermissionOnAnyone(org, "ignored"); db.users().insertPermissionOnUser(org, user, "ignored"); db.users().insertPermissionOnGroup(group1, "ignored"); - ComponentDto project2 = db.components().insertProject(); + ComponentDto project2 = db.components().insertProject(org); db.users().insertProjectPermissionOnGroup(group1, "ignored", project2); Set<String> permissions = underTest.selectRootComponentPermissionsOfAnonymous(dbSession, project1.getId()); @@ -560,11 +561,11 @@ public class AuthorizationDaoTest { assertThat(count).isEqualTo(3); // another organization - count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION, group1.getId(), u2.getId()); + count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION, group1.getId(), u2.getId()); assertThat(count).isEqualTo(0); // another permission - count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST, group1.getId(), u2.getId()); + count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST, group1.getId(), u2.getId()); assertThat(count).isEqualTo(0); } @@ -588,11 +589,11 @@ public class AuthorizationDaoTest { assertThat(count).isEqualTo(3); // another organization - count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getId()); + count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getId()); assertThat(count).isEqualTo(0); // another permission - count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST, u2.getId()); + count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST, u2.getId()); assertThat(count).isEqualTo(0); } diff --git a/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java b/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java index 2ae7ec72b25..3383821e733 100644 --- a/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java +++ b/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java @@ -35,6 +35,7 @@ import org.sonar.db.organization.OrganizationDto; import org.sonar.db.user.GroupDto; import static java.util.Arrays.asList; +import static java.util.Collections.singletonList; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.tuple; import static org.sonar.api.security.DefaultGroups.ANYONE; @@ -45,7 +46,6 @@ import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newProjectDto; -import static org.sonar.db.user.GroupTesting.newGroupDto; public class GroupPermissionDaoTest { @@ -78,7 +78,7 @@ public class GroupPermissionDaoTest { db.users().insertProjectPermissionOnGroup(group2, ADMIN, project2); db.users().insertProjectPermissionOnGroup(group3, ADMIN, project2); // anyone group - db.users().insertProjectPermissionOnAnyone(ADMIN, project2); + db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), ADMIN, project2); db.users().insertProjectPermissionOnGroup(group1, USER, project2); db.users().insertProjectPermissionOnGroup(group1, USER, project3); @@ -94,21 +94,23 @@ public class GroupPermissionDaoTest { @Test public void selectGroupNamesByQuery_is_ordered_by_group_names() { - GroupDto group2 = addGroupOnDefaultOrganization("Group-2"); - GroupDto group3 = addGroupOnDefaultOrganization("Group-3"); - GroupDto group1 = addGroupOnDefaultOrganization("Group-1"); - db.users().insertPermissionOnAnyone(SCAN_EXECUTION); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2"); + GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3"); + GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1"); + db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION); - assertThat(underTest.selectGroupNamesByQuery(dbSession, - defaultOrganizationUuid, PermissionQuery.builder().build())).containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName()); + assertThat(underTest.selectGroupNamesByQuery(dbSession, organizationDto.getUuid(), PermissionQuery.builder().build())) + .containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName()); } @Test public void countGroupsByQuery() { - GroupDto group1 = addGroupOnDefaultOrganization("Group-1"); - addGroupOnDefaultOrganization("Group-2"); - addGroupOnDefaultOrganization("Group-3"); - db.users().insertPermissionOnAnyone(SCAN_EXECUTION); + OrganizationDto organizationDto = db.getDefaultOrganization(); + GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1"); + db.users().insertGroup(organizationDto, "Group-2"); + db.users().insertGroup(organizationDto, "Group-3"); + db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION); db.users().insertPermissionOnGroup(group1, PROVISIONING); assertThat(underTest.countGroupsByQuery(dbSession, @@ -125,26 +127,27 @@ public class GroupPermissionDaoTest { @Test public void selectGroupNamesByQuery_with_global_permission() { - GroupDto group1 = addGroupOnDefaultOrganization("Group-1"); - GroupDto group2 = addGroupOnDefaultOrganization("Group-2"); - GroupDto group3 = addGroupOnDefaultOrganization("Group-3"); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1"); + GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2"); + GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3"); - ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization())); + ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto)); - db.users().insertPermissionOnAnyone(SCAN_EXECUTION); - db.users().insertPermissionOnAnyone(PROVISIONING); + db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION); + db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING); db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION); db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN); db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project); assertThat(underTest.selectGroupNamesByQuery(dbSession, - defaultOrganizationUuid, PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName()); + organizationDto.getUuid(), PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName()); assertThat(underTest.selectGroupNamesByQuery(dbSession, - defaultOrganizationUuid, PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName()); + organizationDto.getUuid(), PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName()); assertThat(underTest.selectGroupNamesByQuery(dbSession, - defaultOrganizationUuid, PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE); + organizationDto.getUuid(), PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE); } @Test @@ -158,10 +161,10 @@ public class GroupPermissionDaoTest { db.users().insertProjectPermissionOnGroup(group1, SCAN_EXECUTION, project); db.users().insertProjectPermissionOnGroup(group1, PROVISIONING, project); - db.users().insertProjectPermissionOnAnyone(USER, project); + db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), USER, project); db.users().insertProjectPermissionOnGroup(group1, SYSTEM_ADMIN, anotherProject); - db.users().insertProjectPermissionOnAnyone(SYSTEM_ADMIN, anotherProject); + db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN, anotherProject); db.users().insertProjectPermissionOnGroup(group3, SCAN_EXECUTION, anotherProject); db.users().insertPermissionOnGroup(group2, SCAN_EXECUTION); @@ -176,7 +179,7 @@ public class GroupPermissionDaoTest { @Test public void selectGroupNamesByQuery_is_paginated() { - IntStream.rangeClosed(0, 9).forEach(i -> addGroupOnDefaultOrganization(i + "-name")); + IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(db.getDefaultOrganization(), i + "-name")); List<String> groupNames = underTest.selectGroupNamesByQuery(dbSession, defaultOrganizationUuid, PermissionQuery.builder().setPageIndex(2).setPageSize(3).build()); @@ -185,8 +188,8 @@ public class GroupPermissionDaoTest { @Test public void selectGroupNamesByQuery_with_search_query() { - GroupDto group = addGroupOnDefaultOrganization("group-anyone"); - addGroupOnDefaultOrganization("unknown"); + GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "group-anyone"); + db.users().insertGroup(db.getDefaultOrganization(), "unknown"); db.users().insertPermissionOnGroup(group, SCAN_EXECUTION); assertThat(underTest.selectGroupNamesByQuery(dbSession, @@ -207,75 +210,76 @@ public class GroupPermissionDaoTest { public void selectByGroupIds_on_global_permissions() { OrganizationDto organizationDto = db.organizations().insert(); - GroupDto group1 = addGroupOnDefaultOrganization("Group-1"); + GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1"); db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION); - GroupDto group2 = addGroupOnDefaultOrganization("Group-2"); + GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2"); ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto)); db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project); - GroupDto group3 = addGroupOnDefaultOrganization("Group-3"); + GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3"); db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN); // Anyone - db.users().insertPermissionOnAnyone(SCAN_EXECUTION); - db.users().insertPermissionOnAnyone(PROVISIONING); + db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION); + db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), null)) + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId()), null)) .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId) .containsOnly(tuple(group1.getId(), SCAN_EXECUTION, null)); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), null)).isEmpty(); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group2.getId()), null)).isEmpty(); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), null)) + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group3.getId()), null)) .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId) .containsOnly(tuple(group3.getId(), SYSTEM_ADMIN, null)); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), null)) + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(ANYONE_ID), null)) .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId) .containsOnly( tuple(0L, SCAN_EXECUTION, null), tuple(0L, PROVISIONING, null)); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), null)).isEmpty(); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), null)).isEmpty(); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(MISSING_ID), null)).isEmpty(); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), null)).isEmpty(); } @Test public void selectByGroupIds_on_projects() { - GroupDto group1 = addGroupOnDefaultOrganization("Group-1"); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1"); db.users().insertPermissionOnGroup(group1, PROVISIONING); - GroupDto group2 = addGroupOnDefaultOrganization("Group-2"); - ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization())); + GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2"); + ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto)); db.users().insertProjectPermissionOnGroup(group2, USER, project); - GroupDto group3 = addGroupOnDefaultOrganization("Group-3"); + GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3"); db.users().insertProjectPermissionOnGroup(group3, USER, project); // Anyone group - db.users().insertPermissionOnAnyone(SCAN_EXECUTION); - db.users().insertProjectPermissionOnAnyone(PROVISIONING, project); + db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION); + db.users().insertProjectPermissionOnAnyone(organizationDto, PROVISIONING, project); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), project.getId())).isEmpty(); + assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, singletonList(group1.getId()), project.getId())).isEmpty(); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), project.getId())) + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group2.getId()), project.getId())) .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId) .containsOnly(tuple(group2.getId(), USER, project.getId())); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), project.getId())) + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group3.getId()), project.getId())) .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId) .containsOnly(tuple(group3.getId(), USER, project.getId())); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), project.getId())) + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(ANYONE_ID), project.getId())) .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId) .containsOnly(tuple(0L, PROVISIONING, project.getId())); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), project.getId())).isEmpty(); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), 123L)).isEmpty(); - assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), project.getId())).isEmpty(); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(MISSING_ID), project.getId())).isEmpty(); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group1.getId()), 123L)).isEmpty(); + assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), project.getId())).isEmpty(); } @Test @@ -284,7 +288,7 @@ public class GroupPermissionDaoTest { OrganizationDto org2 = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org1, "group1"); GroupDto group2 = db.users().insertGroup(org2, "group2"); - ComponentDto project = db.components().insertProject(); + ComponentDto project = db.components().insertProject(org1); db.users().insertPermissionOnAnyone(org1, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); @@ -306,8 +310,8 @@ public class GroupPermissionDaoTest { public void selectProjectPermissionsOfGroup() { OrganizationDto org1 = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org1, "group1"); - ComponentDto project1 = db.components().insertProject(); - ComponentDto project2 = db.components().insertProject(); + ComponentDto project1 = db.components().insertProject(org1); + ComponentDto project2 = db.components().insertProject(org1); db.users().insertPermissionOnAnyone(org1, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); @@ -328,16 +332,18 @@ public class GroupPermissionDaoTest { @Test public void projectHasPermissions_is_false_if_no_permissions_at_all() { - ComponentDto project1 = db.components().insertProject(); - db.users().insertPermissionOnAnyone("perm1"); + OrganizationDto organizationDto = db.organizations().insert(); + ComponentDto project1 = db.components().insertProject(organizationDto); + db.users().insertPermissionOnAnyone(organizationDto, "perm1"); assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isFalse(); } @Test public void projectHasPermissions_is_true_if_at_least_one_permission_on_group() { - GroupDto group1 = db.users().insertGroup(newGroupDto()); - ComponentDto project1 = db.components().insertProject(); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto); + ComponentDto project1 = db.components().insertProject(organizationDto); db.users().insertProjectPermissionOnGroup(group1, "perm1", project1); assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue(); @@ -345,9 +351,10 @@ public class GroupPermissionDaoTest { @Test public void projectHasPermissions_is_true_if_at_least_one_permission_on_anyone() { - ComponentDto project1 = db.components().insertProject(); - ComponentDto project2 = db.components().insertProject(); - db.users().insertProjectPermissionOnAnyone("perm1", project1); + OrganizationDto organizationDto = db.organizations().insert(); + ComponentDto project1 = db.components().insertProject(organizationDto); + ComponentDto project2 = db.components().insertProject(organizationDto); + db.users().insertProjectPermissionOnAnyone(organizationDto, "perm1", project1); assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue(); assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse(); @@ -355,13 +362,14 @@ public class GroupPermissionDaoTest { @Test public void deleteByRootComponentId() { - GroupDto group1 = db.users().insertGroup(newGroupDto()); - GroupDto group2 = db.users().insertGroup(newGroupDto()); - ComponentDto project1 = db.components().insertProject(); - ComponentDto project2 = db.components().insertProject(); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto); + GroupDto group2 = db.users().insertGroup(organizationDto); + ComponentDto project1 = db.components().insertProject(organizationDto); + ComponentDto project2 = db.components().insertProject(organizationDto); db.users().insertPermissionOnGroup(group1, "perm1"); db.users().insertProjectPermissionOnGroup(group1, "perm2", project1); - db.users().insertProjectPermissionOnAnyone("perm3", project1); + db.users().insertProjectPermissionOnAnyone(organizationDto, "perm3", project1); db.users().insertProjectPermissionOnGroup(group2, "perm4", project2); underTest.deleteByRootComponentId(dbSession, project1.getId()); @@ -373,12 +381,13 @@ public class GroupPermissionDaoTest { @Test public void delete_global_permission_from_group() { - GroupDto group1 = db.users().insertGroup(); - ComponentDto project1 = db.components().insertProject(); - db.users().insertPermissionOnAnyone("perm1"); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto); + ComponentDto project1 = db.components().insertProject(organizationDto); + db.users().insertPermissionOnAnyone(organizationDto, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); - db.users().insertProjectPermissionOnAnyone("perm4", project1); + db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1); underTest.delete(dbSession, "perm2", group1.getOrganizationUuid(), group1.getId(), null); dbSession.commit(); @@ -389,12 +398,13 @@ public class GroupPermissionDaoTest { @Test public void delete_global_permission_from_anyone() { - GroupDto group1 = db.users().insertGroup(); - ComponentDto project1 = db.components().insertProject(); - db.users().insertPermissionOnAnyone("perm1"); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto); + ComponentDto project1 = db.components().insertProject(organizationDto); + db.users().insertPermissionOnAnyone(organizationDto, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); - db.users().insertProjectPermissionOnAnyone("perm4", project1); + db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1); underTest.delete(dbSession, "perm1", group1.getOrganizationUuid(), null, null); dbSession.commit(); @@ -405,12 +415,13 @@ public class GroupPermissionDaoTest { @Test public void delete_project_permission_from_group() { - GroupDto group1 = db.users().insertGroup(); - ComponentDto project1 = db.components().insertProject(); - db.users().insertPermissionOnAnyone("perm1"); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto); + ComponentDto project1 = db.components().insertProject(organizationDto); + db.users().insertPermissionOnAnyone(organizationDto, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); - db.users().insertProjectPermissionOnAnyone("perm4", project1); + db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1); underTest.delete(dbSession, "perm3", group1.getOrganizationUuid(), group1.getId(), project1.getId()); dbSession.commit(); @@ -421,12 +432,13 @@ public class GroupPermissionDaoTest { @Test public void delete_project_permission_from_anybody() { - GroupDto group1 = db.users().insertGroup(); - ComponentDto project1 = db.components().insertProject(); - db.users().insertPermissionOnAnyone("perm1"); + OrganizationDto organizationDto = db.organizations().insert(); + GroupDto group1 = db.users().insertGroup(organizationDto); + ComponentDto project1 = db.components().insertProject(organizationDto); + db.users().insertPermissionOnAnyone(organizationDto, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); - db.users().insertProjectPermissionOnAnyone("perm4", project1); + db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1); underTest.delete(dbSession, "perm4", group1.getOrganizationUuid(), null, project1.getId()); dbSession.commit(); @@ -478,8 +490,8 @@ public class GroupPermissionDaoTest { private void verifyOrganizationUuidsInTable(String... organizationUuids) { assertThat(db.select("select distinct organization_uuid as \"organizationUuid\" from group_roles")) - .extracting((row) -> (String) row.get("organizationUuid")) - .containsOnly(organizationUuids); + .extracting((row) -> (String) row.get("organizationUuid")) + .containsOnly(organizationUuids); } private Long insertGroupWithPermissions(OrganizationDto organization1) { @@ -494,7 +506,4 @@ public class GroupPermissionDaoTest { assertThat(db.countSql("select count(id) from group_roles where role='" + permission + "'")).isEqualTo(0); } - private GroupDto addGroupOnDefaultOrganization(String name) { - return db.users().insertGroup(db.getDefaultOrganization(), name); - } } diff --git a/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java b/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java index 186fc7e3fb4..e8aec519644 100644 --- a/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java +++ b/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java @@ -41,7 +41,6 @@ import static org.sonar.api.web.UserRole.ISSUE_ADMIN; import static org.sonar.api.web.UserRole.USER; import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; -import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto; import static org.sonar.db.user.UserTesting.newUserDto; public class UserPermissionDaoTest { @@ -53,6 +52,7 @@ public class UserPermissionDaoTest { private UserDto user1 = newUserDto().setLogin("login1").setName("Marius").setActive(true); private UserDto user2 = newUserDto().setLogin("login2").setName("Marie").setActive(true); private UserDto user3 = newUserDto().setLogin("login3").setName("Bernard").setActive(true); + private OrganizationDto organizationDto; private ComponentDto project1; private ComponentDto project2; private DbSession dbSession = dbTester.getSession(); @@ -63,7 +63,7 @@ public class UserPermissionDaoTest { dbClient.userDao().insert(dbSession, user1); dbClient.userDao().insert(dbSession, user2); dbClient.userDao().insert(dbSession, user3); - OrganizationDto organizationDto = dbTester.organizations().insert(); + organizationDto = dbTester.organizations().insert(); project1 = dbTester.components().insertProject(organizationDto); project2 = dbTester.components().insertProject(organizationDto); dbTester.commit(); @@ -71,133 +71,133 @@ public class UserPermissionDaoTest { @Test public void select_global_permissions() { - OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto()); - UserPermissionDto global1 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1); - UserPermissionDto global2 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user2); - UserPermissionDto global3 = addGlobalPermissionOnDefaultOrganization(PROVISIONING, user2); - UserPermissionDto project1Perm = addProjectPermissionOnDefaultOrganization(USER, user3, project1); + OrganizationDto org2 = dbTester.organizations().insert(); + UserPermissionDto global1 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1); + UserPermissionDto global2 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user2); + UserPermissionDto global3 = addGlobalPermission(organizationDto, PROVISIONING, user2); + UserPermissionDto project1Perm = addProjectPermission(organizationDto, USER, user3, project1); // permissions on another organization, to be excluded UserPermissionDto org2Global1 = addGlobalPermission(org2, SYSTEM_ADMIN, user1); UserPermissionDto org2Global2 = addGlobalPermission(org2, PROVISIONING, user2); // global permissions of users who has at least one global permission, ordered by user name then permission PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().build(); - expectPermissions(query, null, global2, global3, global1); + expectPermissions(organizationDto, query, null, global2, global3, global1); // default query returns all users, whatever their permissions nor organizations // (that's a non-sense, but still this is required for api/permissions/groups // when filtering users by name) query = PermissionQuery.builder().build(); - expectPermissions(query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1); + expectPermissions(organizationDto, query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1); // return empty list if non-null but empty logins - expectPermissions(query, Collections.emptyList()); + expectPermissions(organizationDto, query, Collections.emptyList()); // global permissions of user1 query = PermissionQuery.builder().withAtLeastOnePermission().build(); - expectPermissions(query, asList(user1.getLogin()), global1); + expectPermissions(organizationDto, query, asList(user1.getLogin()), global1); // global permissions of user2 query = PermissionQuery.builder().withAtLeastOnePermission().build(); - expectPermissions(query, asList(user2.getLogin()), global2, global3); + expectPermissions(organizationDto, query, asList(user2.getLogin()), global2, global3); // global permissions of user1, user2 and another one query = PermissionQuery.builder().withAtLeastOnePermission().build(); - expectPermissions(query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1); + expectPermissions(organizationDto, query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1); // empty global permissions if login does not exist query = PermissionQuery.builder().withAtLeastOnePermission().build(); - expectPermissions(query, asList("missing")); + expectPermissions(organizationDto, query, asList("missing")); // empty global permissions if user does not have any query = PermissionQuery.builder().withAtLeastOnePermission().build(); - expectPermissions(query, asList(user3.getLogin())); + expectPermissions(organizationDto, query, asList(user3.getLogin())); // user3 has no global permissions query = PermissionQuery.builder().withAtLeastOnePermission().build(); - expectPermissions(query, asList(user3.getLogin())); + expectPermissions(organizationDto, query, asList(user3.getLogin())); // global permissions "admin" query = PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build(); - expectPermissions(query, null, global2, global1); + expectPermissions(organizationDto, query, null, global2, global1); // empty if nobody has the specified global permission query = PermissionQuery.builder().setPermission("missing").build(); - expectPermissions(query, null); + expectPermissions(organizationDto, query, null); // search by user name (matches 2 users) query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("Mari").build(); - expectPermissions(query, null, global2, global3, global1); + expectPermissions(organizationDto, query, null, global2, global3, global1); // search by user name (matches 2 users) and global permission query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(PROVISIONING).build(); - expectPermissions(query, null, global3); + expectPermissions(organizationDto, query, null, global3); // search by user name (no match) query = PermissionQuery.builder().setSearchQuery("Unknown").build(); - expectPermissions(query, null); + expectPermissions(organizationDto, query, null); } @Test public void select_project_permissions() { - addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1); - UserPermissionDto perm1 = addProjectPermissionOnDefaultOrganization(USER, user1, project1); - UserPermissionDto perm2 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1); - UserPermissionDto perm3 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1); - addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user3, project2); + addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1); + UserPermissionDto perm1 = addProjectPermission(organizationDto, USER, user1, project1); + UserPermissionDto perm2 = addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1); + UserPermissionDto perm3 = addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1); + addProjectPermission(organizationDto, ISSUE_ADMIN, user3, project2); // project permissions of users who has at least one permission on this project PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build(); - expectPermissions(query, null, perm3, perm2, perm1); + expectPermissions(organizationDto, query, null, perm3, perm2, perm1); // project permissions of user1 query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build(); - expectPermissions(query, asList(user1.getLogin()), perm2, perm1); + expectPermissions(organizationDto, query, asList(user1.getLogin()), perm2, perm1); // project permissions of user2 query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build(); - expectPermissions(query, asList(user2.getLogin()), perm3); + expectPermissions(organizationDto, query, asList(user2.getLogin()), perm3); // project permissions of user2 and another one query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build(); - expectPermissions(query, asList(user2.getLogin(), "missing"), perm3); + expectPermissions(organizationDto, query, asList(user2.getLogin(), "missing"), perm3); // empty project permissions if login does not exist query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build(); - expectPermissions(query, asList("missing")); + expectPermissions(organizationDto, query, asList("missing")); // empty project permissions if user does not have any query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build(); - expectPermissions(query, asList(user3.getLogin())); + expectPermissions(organizationDto, query, asList(user3.getLogin())); // empty if nobody has the specified global permission query = PermissionQuery.builder().setPermission("missing").setComponentUuid(project1.uuid()).build(); - expectPermissions(query, null); + expectPermissions(organizationDto, query, null); // search by user name (matches 2 users), users with at least one permission query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setComponentUuid(project1.uuid()).build(); - expectPermissions(query, null, perm3, perm2, perm1); + expectPermissions(organizationDto, query, null, perm3, perm2, perm1); // search by user name (matches 2 users) and project permission query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponentUuid(project1.uuid()).build(); - expectPermissions(query, null, perm3, perm2); + expectPermissions(organizationDto, query, null, perm3, perm2); // search by user name (no match) query = PermissionQuery.builder().setSearchQuery("Unknown").setComponentUuid(project1.uuid()).build(); - expectPermissions(query, null); + expectPermissions(organizationDto, query, null); // permissions of unknown project query = PermissionQuery.builder().setComponentUuid("missing").withAtLeastOnePermission().build(); - expectPermissions(query, null); + expectPermissions(organizationDto, query, null); } @Test public void countUsersByProjectPermission() { - addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1); - addProjectPermissionOnDefaultOrganization(USER, user1, project1); - addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1); - addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1); - addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project2); + addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1); + addProjectPermission(organizationDto, USER, user1, project1); + addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1); + addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1); + addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project2); // no projects -> return empty list assertThat(underTest.countUsersByProjectPermission(dbSession, Collections.emptyList())).isEmpty(); @@ -216,8 +216,10 @@ public class UserPermissionDaoTest { @Test public void selectUserIds() { - OrganizationDto org1 = dbTester.organizations().insert(newOrganizationDto()); - OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto()); + OrganizationDto org1 = dbTester.organizations().insert(); + OrganizationDto org2 = dbTester.organizations().insert(); + ComponentDto project1 = dbTester.components().insertProject(org1); + ComponentDto project2 = dbTester.components().insertProject(org2); addProjectPermission(org1, USER, user1, project1); addProjectPermission(org1, USER, user2, project1); @@ -253,11 +255,11 @@ public class UserPermissionDaoTest { @Test public void deleteGlobalPermission() { - addGlobalPermissionOnDefaultOrganization("perm1", user1); - addGlobalPermissionOnDefaultOrganization("perm2", user1); - addProjectPermissionOnDefaultOrganization("perm1", user1, project1); - addProjectPermissionOnDefaultOrganization("perm3", user2, project1); - addProjectPermissionOnDefaultOrganization("perm4", user2, project2); + addGlobalPermission(organizationDto, "perm1", user1); + addGlobalPermission(organizationDto, "perm2", user1); + addProjectPermission(organizationDto, "perm1", user1, project1); + addProjectPermission(organizationDto, "perm3", user2, project1); + addProjectPermission(organizationDto, "perm4", user2, project2); // user2 does not have global permissions -> do nothing underTest.deleteGlobalPermission(dbSession, user2.getId(), "perm1", dbTester.getDefaultOrganization().getUuid()); @@ -276,17 +278,17 @@ public class UserPermissionDaoTest { assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5); // global permission exists -> delete it, but not the project permission with the same name ! - underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", dbTester.getDefaultOrganization().getUuid()); + underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", organizationDto.getUuid()); assertThat(dbTester.countSql(dbSession, "select count(id) from user_roles where role='perm1' and resource_id is null")).isEqualTo(0); assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4); } @Test public void deleteProjectPermission() { - addGlobalPermissionOnDefaultOrganization("perm", user1); - addProjectPermissionOnDefaultOrganization("perm", user1, project1); - addProjectPermissionOnDefaultOrganization("perm", user1, project2); - addProjectPermissionOnDefaultOrganization("perm", user2, project1); + addGlobalPermission(organizationDto, "perm", user1); + addProjectPermission(organizationDto, "perm", user1, project1); + addProjectPermission(organizationDto, "perm", user1, project2); + addProjectPermission(organizationDto, "perm", user2, project1); // no such provision -> ignore underTest.deleteProjectPermission(dbSession, user1.getId(), "anotherPerm", project1.getId()); @@ -299,10 +301,10 @@ public class UserPermissionDaoTest { @Test public void deleteProjectPermissions() { - addGlobalPermissionOnDefaultOrganization("perm", user1); - addProjectPermissionOnDefaultOrganization("perm", user1, project1); - addProjectPermissionOnDefaultOrganization("perm", user2, project1); - addProjectPermissionOnDefaultOrganization("perm", user1, project2); + addGlobalPermission(organizationDto, "perm", user1); + addProjectPermission(organizationDto, "perm", user1, project1); + addProjectPermission(organizationDto, "perm", user2, project1); + addProjectPermission(organizationDto, "perm", user1, project2); underTest.deleteProjectPermissions(dbSession, project1.getId()); assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(2); @@ -311,8 +313,8 @@ public class UserPermissionDaoTest { @Test public void projectHasPermissions() { - addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1); - addProjectPermissionOnDefaultOrganization(USER, user1, project1); + addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1); + addProjectPermission(organizationDto, USER, user1, project1); assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue(); assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse(); @@ -320,12 +322,12 @@ public class UserPermissionDaoTest { @Test public void selectGlobalPermissionsOfUser() { - OrganizationDto org = dbTester.organizations().insert(newOrganizationDto()); - addGlobalPermissionOnDefaultOrganization("perm1", user1); - addGlobalPermissionOnDefaultOrganization("perm2", user2); + OrganizationDto org = dbTester.organizations().insert(); + addGlobalPermission(dbTester.getDefaultOrganization(), "perm1", user1); + addGlobalPermission(org, "perm2", user2); addGlobalPermission(org, "perm3", user1); - addProjectPermissionOnDefaultOrganization("perm4", user1, project1); - addProjectPermission(org, "perm5", user1, project1); + addProjectPermission(organizationDto, "perm4", user1, project1); + addProjectPermission(organizationDto, "perm5", user1, project1); assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), org.getUuid())).containsOnly("perm3"); assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), dbTester.getDefaultOrganization().getUuid())).containsOnly("perm1"); @@ -335,13 +337,13 @@ public class UserPermissionDaoTest { @Test public void selectProjectPermissionsOfUser() { - OrganizationDto org = dbTester.organizations().insert(newOrganizationDto()); - ComponentDto project3 = dbTester.components().insertProject(); - addGlobalPermission(org, "perm1", user1); - addProjectPermission(org, "perm2", user1, project1); - addProjectPermission(org, "perm3", user1, project1); - addProjectPermission(org, "perm4", user1, project2); - addProjectPermission(org, "perm5", user2, project1); + OrganizationDto org = dbTester.organizations().insert(); + ComponentDto project3 = dbTester.components().insertProject(org); + addGlobalPermission(organizationDto, "perm1", user1); + addProjectPermission(organizationDto, "perm2", user1, project1); + addProjectPermission(organizationDto, "perm3", user1, project1); + addProjectPermission(organizationDto, "perm4", user1, project2); + addProjectPermission(organizationDto, "perm5", user2, project1); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project1.getId())).containsOnly("perm2", "perm3"); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project2.getId())).containsOnly("perm4"); @@ -411,10 +413,6 @@ public class UserPermissionDaoTest { } } - private void expectPermissions(PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) { - expectPermissions(dbTester.getDefaultOrganization(), query, logins, expected); - } - private void expectPermissions(OrganizationDto org, PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) { // test method "select()" List<UserPermissionDto> permissions = underTest.select(dbSession, org.getUuid(), query, logins); @@ -434,10 +432,6 @@ public class UserPermissionDaoTest { } } - private UserPermissionDto addGlobalPermissionOnDefaultOrganization(String permission, UserDto user) { - return addGlobalPermission(dbTester.getDefaultOrganization(), permission, user); - } - private UserPermissionDto addGlobalPermission(OrganizationDto org, String permission, UserDto user) { UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), null); underTest.insert(dbSession, dto); @@ -445,10 +439,6 @@ public class UserPermissionDaoTest { return dto; } - private UserPermissionDto addProjectPermissionOnDefaultOrganization(String permission, UserDto user, ComponentDto project) { - return addProjectPermission(dbTester.getDefaultOrganization(), permission, user, project); - } - private UserPermissionDto addProjectPermission(OrganizationDto org, String permission, UserDto user, ComponentDto project) { UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId()); underTest.insert(dbSession, dto); diff --git a/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java index 52cfd71a593..7190db6203a 100644 --- a/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java +++ b/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java @@ -32,7 +32,6 @@ import org.sonar.db.component.ComponentDbTester; import org.sonar.db.component.ComponentDto; import static org.assertj.core.api.Assertions.assertThat; -import static org.sonar.db.user.GroupTesting.newGroupDto; public class RoleDaoTest { @@ -74,8 +73,8 @@ public class RoleDaoTest { @Test public void selectComponentIdsByPermissionAndUserId_group_permissions() { - GroupDto group1 = db.users().insertGroup(newGroupDto()); - GroupDto group2 = db.users().insertGroup(newGroupDto()); + GroupDto group1 = db.users().insertGroup(); + GroupDto group2 = db.users().insertGroup(); db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project1); db.users().insertMember(group1, user1); db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2); diff --git a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java index ed11b06605e..b62e2b6e765 100644 --- a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java +++ b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java @@ -237,13 +237,6 @@ public class UserDbTester { // GROUP PERMISSIONS - /** - * Grant permission to virtual group "anyone" in default organization - */ - public GroupPermissionDto insertPermissionOnAnyone(String permission) { - return insertPermissionOnAnyone(db.getDefaultOrganization(), permission); - } - public GroupPermissionDto insertPermissionOnAnyone(OrganizationDto org, String permission) { GroupPermissionDto dto = new GroupPermissionDto() .setOrganizationUuid(org.getUuid()) @@ -269,10 +262,6 @@ public class UserDbTester { db.commit(); } - public GroupPermissionDto insertProjectPermissionOnAnyone(String permission, ComponentDto project) { - return insertProjectPermissionOnAnyone(db.getDefaultOrganization(), permission, project); - } - public GroupPermissionDto insertProjectPermissionOnAnyone(OrganizationDto org, String permission, ComponentDto project) { GroupPermissionDto dto = new GroupPermissionDto() .setOrganizationUuid(org.getUuid()) @@ -336,14 +325,7 @@ public class UserDbTester { * Grant permission on given project in default organization */ public UserPermissionDto insertProjectPermissionOnUser(UserDto user, String permission, ComponentDto project) { - return insertProjectPermissionOnUser(db.getDefaultOrganization(), user, permission, project); - } - - /** - * Grant permission on given project - */ - public UserPermissionDto insertProjectPermissionOnUser(OrganizationDto org, UserDto user, String permission, ComponentDto project) { - UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId()); + UserPermissionDto dto = new UserPermissionDto(project.getOrganizationUuid(), permission, user.getId(), project.getId()); db.getDbClient().userPermissionDao().insert(db.getSession(), dto); db.commit(); return dto; |