aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--sonar-batch/src/main/java/org/sonar/batch/index/DefaultResourcePersister.java12
-rw-r--r--sonar-batch/src/test/java/org/sonar/batch/index/DefaultResourcePersisterTest.java42
-rw-r--r--sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java3
3 files changed, 49 insertions, 8 deletions
diff --git a/sonar-batch/src/main/java/org/sonar/batch/index/DefaultResourcePersister.java b/sonar-batch/src/main/java/org/sonar/batch/index/DefaultResourcePersister.java
index 77b97879ced..93b48113c92 100644
--- a/sonar-batch/src/main/java/org/sonar/batch/index/DefaultResourcePersister.java
+++ b/sonar-batch/src/main/java/org/sonar/batch/index/DefaultResourcePersister.java
@@ -25,12 +25,18 @@ import org.apache.commons.lang.StringUtils;
import org.sonar.api.database.DatabaseSession;
import org.sonar.api.database.model.ResourceModel;
import org.sonar.api.database.model.Snapshot;
-import org.sonar.api.resources.*;
+import org.sonar.api.resources.Library;
+import org.sonar.api.resources.Project;
+import org.sonar.api.resources.Qualifiers;
+import org.sonar.api.resources.Resource;
+import org.sonar.api.resources.ResourceUtils;
+import org.sonar.api.resources.Scopes;
import org.sonar.api.security.ResourcePermissions;
import org.sonar.api.utils.SonarException;
import javax.persistence.NonUniqueResultException;
import javax.persistence.Query;
+
import java.util.Date;
import java.util.Iterator;
import java.util.List;
@@ -88,7 +94,9 @@ public final class DefaultResourcePersister implements ResourcePersister {
snapshot = session.save(snapshot);
session.commit();
- permissions.grantDefaultRoles(project);
+ if (!permissions.hasRoles(project)) {
+ permissions.grantDefaultRoles(project);
+ }
return snapshot;
}
diff --git a/sonar-batch/src/test/java/org/sonar/batch/index/DefaultResourcePersisterTest.java b/sonar-batch/src/test/java/org/sonar/batch/index/DefaultResourcePersisterTest.java
index 3d35e195e0a..a9ea3b30b51 100644
--- a/sonar-batch/src/test/java/org/sonar/batch/index/DefaultResourcePersisterTest.java
+++ b/sonar-batch/src/test/java/org/sonar/batch/index/DefaultResourcePersisterTest.java
@@ -38,6 +38,9 @@ import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.notNullValue;
import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
public class DefaultResourcePersisterTest extends AbstractDbUnitTestCase {
@@ -72,7 +75,7 @@ public class DefaultResourcePersisterTest extends AbstractDbUnitTestCase {
ResourcePersister persister = new DefaultResourcePersister(getSession(), mock(ResourcePermissions.class));
persister.saveProject(singleProject, null);
- checkTables("shouldSaveNewProject", new String[] {"build_date", "created_at"}, "projects", "snapshots");
+ checkTables("shouldSaveNewProject", new String[]{"build_date", "created_at"}, "projects", "snapshots");
// SONAR-3636 : created_at must be fed when inserting a new entry in the 'projects' table
ResourceModel model = getSession().getSingleResult(ResourceModel.class, "key", singleProject.getKey());
@@ -89,7 +92,7 @@ public class DefaultResourcePersisterTest extends AbstractDbUnitTestCase {
persister.saveProject(moduleB, multiModuleProject);
persister.saveProject(moduleB1, moduleB);
- checkTables("shouldSaveNewMultiModulesProject", new String[] {"build_date", "created_at"}, "projects", "snapshots");
+ checkTables("shouldSaveNewMultiModulesProject", new String[]{"build_date", "created_at"}, "projects", "snapshots");
}
@Test
@@ -101,8 +104,9 @@ public class DefaultResourcePersisterTest extends AbstractDbUnitTestCase {
persister.saveResource(singleProject, new JavaPackage("org.foo").setEffectiveKey("foo:org.foo"));
// check that the directory is attached to the project
- checkTables("shouldSaveNewDirectory", new String[] {"build_date", "created_at"}, "projects", "snapshots");
+ checkTables("shouldSaveNewDirectory", new String[]{"build_date", "created_at"}, "projects", "snapshots");
}
+
@Test
public void shouldSaveNewLibrary() {
setupData("shared");
@@ -113,7 +117,7 @@ public class DefaultResourcePersisterTest extends AbstractDbUnitTestCase {
persister.saveResource(singleProject, new Library("junit:junit", "4.8.2").setEffectiveKey("junit:junit"));// do nothing, already saved
persister.saveResource(singleProject, new Library("junit:junit", "3.2").setEffectiveKey("junit:junit"));
- checkTables("shouldSaveNewLibrary", new String[] {"build_date", "created_at"}, "projects", "snapshots");
+ checkTables("shouldSaveNewLibrary", new String[]{"build_date", "created_at"}, "projects", "snapshots");
}
@Test
@@ -141,7 +145,7 @@ public class DefaultResourcePersisterTest extends AbstractDbUnitTestCase {
singleProject.setDescription("new description");
persister.saveProject(singleProject, null);
- checkTables("shouldUpdateExistingResource", new String[] {"build_date", "created_at"}, "projects", "snapshots");
+ checkTables("shouldUpdateExistingResource", new String[]{"build_date", "created_at"}, "projects", "snapshots");
}
// SONAR-1700
@@ -152,7 +156,33 @@ public class DefaultResourcePersisterTest extends AbstractDbUnitTestCase {
ResourcePersister persister = new DefaultResourcePersister(getSession(), mock(ResourcePermissions.class));
persister.saveProject(singleProject, null);
- checkTables("shouldRemoveRootIndexIfResourceIsProject", new String[] {"build_date", "created_at"}, "projects", "snapshots");
+ checkTables("shouldRemoveRootIndexIfResourceIsProject", new String[]{"build_date", "created_at"}, "projects", "snapshots");
+ }
+
+ @Test
+ public void shouldGrantDefaultPermissionsIfNewProject() {
+ setupData("shared");
+
+ ResourcePermissions permissions = mock(ResourcePermissions.class);
+ when(permissions.hasRoles(singleProject)).thenReturn(false);
+
+ ResourcePersister persister = new DefaultResourcePersister(getSession(), permissions);
+ persister.saveProject(singleProject, null);
+
+ verify(permissions).grantDefaultRoles(singleProject);
+ }
+
+ @Test
+ public void shouldNotGrantDefaultPermissionsIfExistingProject() {
+ setupData("shared");
+
+ ResourcePermissions permissions = mock(ResourcePermissions.class);
+ when(permissions.hasRoles(singleProject)).thenReturn(true);
+
+ ResourcePersister persister = new DefaultResourcePersister(getSession(), permissions);
+ persister.saveProject(singleProject, null);
+
+ verify(permissions, never()).grantDefaultRoles(singleProject);
}
private static Project newProject(String key, String language) {
diff --git a/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java b/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java
index 7c20de3883f..b3eff260a25 100644
--- a/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java
+++ b/sonar-plugin-api/src/main/java/org/sonar/api/security/ResourcePermissions.java
@@ -39,6 +39,9 @@ public interface ResourcePermissions extends BatchComponent, ServerComponent {
/**
* Limitation - the resource id is used instead of logical key.
+ * Important note : the existing roles are overridden by default ones, so it's recommended
+ * to check that {@link ResourcePermissions#hasRoles(org.sonar.api.resources.Resource)} is
+ * false before executing this method.
*/
void grantDefaultRoles(Resource resource);
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-15 22:16:09 +0000