diff options
57 files changed, 768 insertions, 882 deletions
diff --git a/server/sonar-db-dao/src/main/java/org/sonar/core/permission/GlobalPermissions.java b/server/sonar-db-dao/src/main/java/org/sonar/core/permission/GlobalPermissions.java deleted file mode 100644 index 2409ed98fa3..00000000000 --- a/server/sonar-db-dao/src/main/java/org/sonar/core/permission/GlobalPermissions.java +++ /dev/null @@ -1,54 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2023 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -package org.sonar.core.permission; - -import com.google.common.base.Joiner; -import java.util.List; -import org.sonar.db.permission.GlobalPermission; - -/** - * Holds the constants representing the various global permissions that can be assigned to users & groups - * - * @deprecated replaced by enum {@link GlobalPermission} - */ -@Deprecated -public final class GlobalPermissions { - public static final String SYSTEM_ADMIN = "admin"; - public static final String QUALITY_PROFILE_ADMIN = "profileadmin"; - public static final String QUALITY_GATE_ADMIN = "gateadmin"; - public static final String SCAN_EXECUTION = "scan"; - public static final String PROVISIONING = "provisioning"; - - /** - * All the global permissions values, ordered from {@link #SYSTEM_ADMIN} to {@link #PROVISIONING}. - */ - public static final List<String> ALL = List.of( - SYSTEM_ADMIN, - QUALITY_PROFILE_ADMIN, - QUALITY_GATE_ADMIN, - SCAN_EXECUTION, - PROVISIONING - ); - public static final String ALL_ON_ONE_LINE = Joiner.on(", ").join(GlobalPermissions.ALL); - - private GlobalPermissions() { - // only static methods - } -} diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GlobalPermission.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GlobalPermission.java index 6d2c7c60098..f60fefa13f6 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GlobalPermission.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/GlobalPermission.java @@ -19,6 +19,9 @@ */ package org.sonar.db.permission; +import java.util.Arrays; +import java.util.stream.Collectors; + public enum GlobalPermission { ADMINISTER("admin"), @@ -33,6 +36,8 @@ public enum GlobalPermission { APPLICATION_CREATOR("applicationcreator"), PORTFOLIO_CREATOR("portfoliocreator"); + public static final String ALL_ON_ONE_LINE = Arrays.stream(values()).map(GlobalPermission::getKey).collect(Collectors.joining(", ")); + private final String key; GlobalPermission(String key) { @@ -56,4 +61,8 @@ public enum GlobalPermission { } throw new IllegalArgumentException("Unsupported permission: " + key); } + + public static boolean contains(String key) { + return Arrays.stream(values()).anyMatch(v -> v.getKey().equals(key)); + } } diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java index b48926f58a9..8e48101304e 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java @@ -45,7 +45,6 @@ import org.sonar.db.user.UserDto; import static com.google.common.collect.Sets.newHashSet; import static java.util.Collections.singleton; import static org.assertj.core.api.Assertions.assertThat; -import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; @@ -53,7 +52,6 @@ import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; public class AuthorizationDaoTest { private static final String PROJECT_UUID = "uuid"; - private static final int MISSING_ID = -1; private static final String MISSING_UUID = "unknown"; private static final String A_PERMISSION = "a-permission"; private static final String DOES_NOT_EXIST = "does-not-exist"; @@ -207,7 +205,7 @@ public class AuthorizationDaoTest { db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS); db.users().insertMember(group1, user1); db.users().insertMember(group1, user2); - db.users().insertPermissionOnUser(user3, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user3, ADMINISTER); db.users().insertPermissionOnAnyone(ADMINISTER); assertThat(underTest.selectUserUuidsWithGlobalPermission(db.getSession(), ADMINISTER.getKey())) @@ -869,10 +867,10 @@ public class AuthorizationDaoTest { @Test public void selectQualityProfileAdministratorLogins_return_users_with_quality_profile_administrator_permission() { UserDto user1 = db.users().insertUser(withEmail("user1")); - db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES); UserDto user2 = db.users().insertUser(withEmail("user2")); - db.users().insertPermissionOnUser(user2, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user2, ADMINISTER_QUALITY_PROFILES); Set<EmailSubscriberDto> subscribers = underTest.selectQualityProfileAdministratorLogins(dbSession); @@ -898,7 +896,7 @@ public class AuthorizationDaoTest { @Test public void selectQualityProfileAdministratorLogins_does_not_return_non_quality_profile_administrator() { UserDto user1 = db.users().insertUser(withEmail("user1")); - db.users().insertPermissionOnUser(user1, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); db.users().insertUser(withoutEmail("user2")); Set<EmailSubscriberDto> subscribers = underTest.selectQualityProfileAdministratorLogins(dbSession); @@ -909,9 +907,9 @@ public class AuthorizationDaoTest { @Test public void selectQualityProfileAdministratorLogins_does_not_return_quality_profile_administrator_without_email() { UserDto user1NoEmail = db.users().insertUser(withoutEmail("user1NoEmail")); - db.users().insertPermissionOnUser(user1NoEmail, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user1NoEmail, ADMINISTER_QUALITY_PROFILES); UserDto user1WithEmail = db.users().insertUser(withEmail("user1WithEmail")); - db.users().insertPermissionOnUser(user1WithEmail, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user1WithEmail, ADMINISTER_QUALITY_PROFILES); GroupDto qualityProfileAdministratorGroup1 = db.users().insertGroup(); db.users().insertPermissionOnGroup(qualityProfileAdministratorGroup1, ADMINISTER_QUALITY_PROFILES); UserDto user2NoEmail = db.users().insertUser(withoutEmail("user2NoEmail")); @@ -926,13 +924,13 @@ public class AuthorizationDaoTest { UserDto user3WithEmail = db.users().insertUser(withEmail("user3WithEmail")); db.users().insertMember(qualityProfileAdministratorGroup2, user3WithEmail); UserDto user4NoEmail = db.users().insertUser(withoutEmail("user4NoEmail")); - db.users().insertPermissionOnUser(user4NoEmail, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user4NoEmail, ADMINISTER_QUALITY_PROFILES); UserDto user4WithEmail = db.users().insertUser(withEmail("user4WithEmail")); - db.users().insertPermissionOnUser(user4WithEmail, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user4WithEmail, ADMINISTER_QUALITY_PROFILES); UserDto user5NoEmail = db.users().insertUser(withoutEmail("user5NoEmail")); - db.users().insertPermissionOnUser(user5NoEmail, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user5NoEmail, ADMINISTER_QUALITY_PROFILES); UserDto user5WithEmail = db.users().insertUser(withEmail("user5WithEmail")); - db.users().insertPermissionOnUser(user5WithEmail, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user5WithEmail, ADMINISTER_QUALITY_PROFILES); db.users().insertUser(withoutEmail("user6NoEmail")); db.users().insertUser(withEmail("user6WithEmail")); @@ -950,10 +948,10 @@ public class AuthorizationDaoTest { @Test public void selectGlobalAdministerEmailSubscribers_returns_only_global_administers() { UserDto user1 = db.users().insertUser(withEmail("user1")); - db.users().insertPermissionOnUser(user1, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); UserDto user2 = db.users().insertUser(withEmail("user2")); - db.users().insertPermissionOnUser(user2, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user2, ADMINISTER); // user3 is global administer via a group GroupDto administratorGroup2 = db.users().insertGroup(); @@ -962,7 +960,7 @@ public class AuthorizationDaoTest { db.users().insertMember(administratorGroup2, user3); // user4 has another global permission via a group GroupDto administratorGroup3 = db.users().insertGroup(); - db.users().insertPermissionOnGroup(administratorGroup3, QUALITY_PROFILE_ADMIN); + db.users().insertPermissionOnGroup(administratorGroup3, ADMINISTER_QUALITY_PROFILES); UserDto user4 = db.users().insertUser(withEmail("user4")); db.users().insertMember(administratorGroup3, user4); @@ -974,7 +972,7 @@ public class AuthorizationDaoTest { db.users().insertProjectPermissionOnUser(user5, "admin", project); // user6 has other global permission UserDto user6 = db.users().insertUser(withEmail("user6")); - db.users().insertPermissionOnUser(user6, ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user6, ADMINISTER_QUALITY_PROFILES); // user7 has no permission db.users().insertUser(withEmail("user7")); @@ -990,14 +988,14 @@ public class AuthorizationDaoTest { public void selectGlobalAdministerEmailSubscribers_ignores_global_administers_without_email() { // user1 and user1NoEmail are global administers UserDto user1 = db.users().insertUser(withEmail("user1")); - db.users().insertPermissionOnUser(user1, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); UserDto user1NoEmail = db.users().insertUser(withoutEmail("user1NoEmail")); - db.users().insertPermissionOnUser(user1NoEmail, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1NoEmail, ADMINISTER); // user2 and user2NoEmail are global administers UserDto user2 = db.users().insertUser(withEmail("user2")); - db.users().insertPermissionOnUser(user2, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user2, ADMINISTER); UserDto user2NoEmail = db.users().insertUser(withoutEmail("user2NoEmail")); - db.users().insertPermissionOnUser(user2NoEmail, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user2NoEmail, ADMINISTER); // user3 and user3NoEmail are global administer via a group GroupDto administratorGroup2 = db.users().insertGroup(); diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GlobalPermissionTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GlobalPermissionTest.java index a095cca6741..e2655d47fb9 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GlobalPermissionTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GlobalPermissionTest.java @@ -19,9 +19,11 @@ */ package org.sonar.db.permission; +import java.util.Arrays; import org.junit.Test; import static org.assertj.core.api.Assertions.assertThat; +import static org.assertj.core.api.Assertions.assertThatThrownBy; public class GlobalPermissionTest { @@ -31,4 +33,31 @@ public class GlobalPermissionTest { assertThat(GlobalPermission.fromKey(p.getKey())).isEqualTo(p); } } + + @Test + public void fromKey_throws_exception_for_non_existing_keys() { + String non_existing_permission = "non_existing"; + assertThatThrownBy(() -> GlobalPermission.fromKey(non_existing_permission)) + .isInstanceOf(IllegalArgumentException.class); + } + + @Test + public void contains_returns_true_for_existing_permissions() { + Arrays.stream(GlobalPermission.values()) + .map(GlobalPermission::getKey) + .forEach(key -> { + assertThat(GlobalPermission.contains(key)).isTrue(); + }); + } + + @Test + public void contains_returns_false_for_non_existing_permissions() { + String non_existing_permission = "non_existing"; + assertThat(GlobalPermission.contains(non_existing_permission)).isFalse(); + } + + @Test + public void all_in_one_line_contains_all_permissions() { + assertThat(GlobalPermission.ALL_ON_ONE_LINE).isEqualTo("admin, gateadmin, profileadmin, provisioning, scan, applicationcreator, portfoliocreator"); + } } diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java index 3265b73b198..00841b794f2 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java @@ -42,13 +42,6 @@ import static java.util.Collections.singletonList; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.tuple; import static org.sonar.api.security.DefaultGroups.ANYONE; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; public class GroupPermissionDaoTest { @@ -71,19 +64,19 @@ public class GroupPermissionDaoTest { ComponentDto project2 = db.components().insertPrivateProject(); ComponentDto project3 = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnGroup(group1, ISSUE_ADMIN, project1); - db.users().insertProjectPermissionOnGroup(group1, ADMIN, project2); - db.users().insertProjectPermissionOnGroup(group2, ADMIN, project2); - db.users().insertProjectPermissionOnGroup(group3, ADMIN, project2); - db.users().insertProjectPermissionOnGroup(group1, USER, project2); - db.users().insertProjectPermissionOnGroup(group1, USER, project3); + db.users().insertProjectPermissionOnGroup(group1, UserRole.ISSUE_ADMIN, project1); + db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project2); + db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project2); + db.users().insertProjectPermissionOnGroup(group3, UserRole.ADMIN, project2); + db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project2); + db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project3); final List<CountPerProjectPermission> result = new ArrayList<>(); underTest.groupsCountByComponentUuidAndPermission(dbSession, asList(project2.uuid(), project3.uuid(), "789"), context -> result.add(context.getResultObject())); assertThat(result).hasSize(3); - assertThat(result).extracting("permission").containsOnly(ADMIN, USER); + assertThat(result).extracting("permission").containsOnly(UserRole.ADMIN, UserRole.USER); assertThat(result).extracting("componentUuid").containsOnly(project2.uuid(), project3.uuid()); assertThat(result).extracting("count").containsOnly(3, 1); } @@ -121,8 +114,8 @@ public class GroupPermissionDaoTest { GroupDto group2 = db.users().insertGroup("Group-2"); GroupDto group3 = db.users().insertGroup("Group-3"); GroupDto group1 = db.users().insertGroup("Group-1"); - db.users().insertPermissionOnAnyone(SCAN); - db.users().insertPermissionOnGroup(group3, SCAN); + db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); + db.users().insertPermissionOnGroup(group3, GlobalPermission.SCAN); assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery().build())) .containsExactly(ANYONE, group3.getName(), group1.getName(), group2.getName()); @@ -134,10 +127,10 @@ public class GroupPermissionDaoTest { IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { GroupDto group = db.users().insertGroup("Group-" + i); // Add permission on project to be sure projects are excluded - db.users().insertProjectPermissionOnGroup(group, SCAN.getKey(), project); + db.users().insertProjectPermissionOnGroup(group, GlobalPermission.SCAN.getKey(), project); }); String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1); - db.users().insertPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), SCAN); + db.users().insertPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), GlobalPermission.SCAN); assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery().build())) .hasSize(DEFAULT_PAGE_SIZE) @@ -149,11 +142,11 @@ public class GroupPermissionDaoTest { IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { GroupDto group = db.users().insertGroup("Group-" + i); // Add global permission to be sure they are excluded - db.users().insertPermissionOnGroup(group, SCAN.getKey()); + db.users().insertPermissionOnGroup(group, GlobalPermission.SCAN.getKey()); }); ComponentDto project = db.components().insertPrivateProject(); String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1); - db.users().insertProjectPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), SCAN.getKey(), project); + db.users().insertProjectPermissionOnGroup(db.users().selectGroup(lastGroupName).get(), GlobalPermission.SCAN.getKey(), project); assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery() .setComponent(project) @@ -167,13 +160,13 @@ public class GroupPermissionDaoTest { GroupDto group1 = db.users().insertGroup("Group-1"); db.users().insertGroup("Group-2"); db.users().insertGroup("Group-3"); - db.users().insertPermissionOnAnyone(SCAN); - db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS); + db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); + db.users().insertPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS); assertThat(underTest.countGroupsByQuery(dbSession, newQuery().build())).isEqualTo(4); assertThat(underTest.countGroupsByQuery(dbSession, - newQuery().setPermission(PROVISION_PROJECTS.getKey()).build())).isOne(); + newQuery().setPermission(GlobalPermission.PROVISION_PROJECTS.getKey()).build())).isOne(); assertThat(underTest.countGroupsByQuery(dbSession, newQuery().withAtLeastOnePermission().build())).isEqualTo(2); assertThat(underTest.countGroupsByQuery(dbSession, @@ -190,20 +183,20 @@ public class GroupPermissionDaoTest { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertPermissionOnAnyone(SCAN); - db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); - db.users().insertPermissionOnGroup(group1, SCAN); - db.users().insertPermissionOnGroup(group3, ADMINISTER); + db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); + db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); + db.users().insertPermissionOnGroup(group1, GlobalPermission.SCAN); + db.users().insertPermissionOnGroup(group3, GlobalPermission.ADMINISTER); db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project); assertThat(underTest.selectGroupNamesByQuery(dbSession, - newQuery().setPermission(SCAN.getKey()).build())).containsExactly(ANYONE, group1.getName()); + newQuery().setPermission(GlobalPermission.SCAN.getKey()).build())).containsExactly(ANYONE, group1.getName()); assertThat(underTest.selectGroupNamesByQuery(dbSession, - newQuery().setPermission(ADMINISTER.getKey()).build())).containsExactly(group3.getName()); + newQuery().setPermission(GlobalPermission.ADMINISTER.getKey()).build())).containsExactly(group3.getName()); assertThat(underTest.selectGroupNamesByQuery(dbSession, - newQuery().setPermission(PROVISION_PROJECTS.getKey()).build())).containsExactly(ANYONE); + newQuery().setPermission(GlobalPermission.PROVISION_PROJECTS.getKey()).build())).containsExactly(ANYONE); } @Test @@ -243,21 +236,21 @@ public class GroupPermissionDaoTest { ComponentDto project = db.components().insertPrivateProject(); ComponentDto anotherProject = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnGroup(group1, SCAN.getKey(), project); - db.users().insertProjectPermissionOnGroup(group1, PROVISION_PROJECTS.getKey(), project); + db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.SCAN.getKey(), project); + db.users().insertProjectPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS.getKey(), project); - db.users().insertProjectPermissionOnGroup(group1, ADMIN, anotherProject); + db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, anotherProject); db.users().insertProjectPermissionOnGroup(group3, UserRole.SCAN, anotherProject); - db.users().insertPermissionOnGroup(group2, SCAN); + db.users().insertPermissionOnGroup(group2, GlobalPermission.SCAN); PermissionQuery.Builder builderOnComponent = newQuery() .setComponent(project); assertThat(underTest.selectGroupNamesByQuery(dbSession, builderOnComponent.withAtLeastOnePermission().build())).containsOnlyOnce(group1.getName()); assertThat(underTest.selectGroupNamesByQuery(dbSession, - builderOnComponent.setPermission(SCAN_EXECUTION).build())).containsOnlyOnce(group1.getName()); + builderOnComponent.setPermission(GlobalPermission.SCAN.getKey()).build())).containsOnlyOnce(group1.getName()); assertThat(underTest.selectGroupNamesByQuery(dbSession, - builderOnComponent.setPermission(USER).build())).isEmpty(); + builderOnComponent.setPermission(UserRole.USER).build())).isEmpty(); } @Test @@ -273,7 +266,7 @@ public class GroupPermissionDaoTest { public void selectGroupNamesByQuery_with_search_query() { GroupDto group = db.users().insertGroup("group-anyone"); db.users().insertGroup("unknown"); - db.users().insertPermissionOnGroup(group, SCAN); + db.users().insertPermissionOnGroup(group, GlobalPermission.SCAN); assertThat(underTest.selectGroupNamesByQuery(dbSession, newQuery().setSearchQuery("any").build())).containsOnlyOnce(ANYONE, group.getName()); @@ -292,34 +285,34 @@ public class GroupPermissionDaoTest { @Test public void selectByGroupUuids_on_global_permissions() { GroupDto group1 = db.users().insertGroup("Group-1"); - db.users().insertPermissionOnGroup(group1, SCAN); + db.users().insertPermissionOnGroup(group1, GlobalPermission.SCAN); GroupDto group2 = db.users().insertGroup("Group-2"); ComponentDto project = db.components().insertPrivateProject(); db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project); GroupDto group3 = db.users().insertGroup("Group-3"); - db.users().insertPermissionOnGroup(group3, ADMINISTER); + db.users().insertPermissionOnGroup(group3, GlobalPermission.ADMINISTER); // Anyone - db.users().insertPermissionOnAnyone(SCAN); - db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); + db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); + db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid()), null)) .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) - .containsOnly(tuple(group1.getUuid(), SCAN_EXECUTION, null)); + .containsOnly(tuple(group1.getUuid(), GlobalPermission.SCAN.getKey(), null)); assertThat(underTest.selectByGroupUuids(dbSession, asList(group2.getUuid()), null)).isEmpty(); assertThat(underTest.selectByGroupUuids(dbSession, asList(group3.getUuid()), null)) .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) - .containsOnly(tuple(group3.getUuid(), ADMINISTER.getKey(), null)); + .containsOnly(tuple(group3.getUuid(), GlobalPermission.ADMINISTER.getKey(), null)); assertThat(underTest.selectByGroupUuids(dbSession, asList(ANYONE_UUID), null)) .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) .containsOnly( - tuple(ANYONE_UUID, SCAN.getKey(), null), - tuple(ANYONE_UUID, PROVISION_PROJECTS.getKey(), null)); + tuple(ANYONE_UUID, GlobalPermission.SCAN.getKey(), null), + tuple(ANYONE_UUID, GlobalPermission.PROVISION_PROJECTS.getKey(), null)); assertThat(underTest.selectByGroupUuids(dbSession, asList(group1.getUuid(), group2.getUuid(), ANYONE_UUID), null)).hasSize(3); assertThat(underTest.selectByGroupUuids(dbSession, asList(MISSING_UUID), null)).isEmpty(); @@ -365,27 +358,27 @@ public class GroupPermissionDaoTest { @Test public void selectByGroupUuids_on_private_projects() { GroupDto group1 = db.users().insertGroup("Group-1"); - db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS); + db.users().insertPermissionOnGroup(group1, GlobalPermission.PROVISION_PROJECTS); GroupDto group2 = db.users().insertGroup("Group-2"); ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnGroup(group2, USER, project); + db.users().insertProjectPermissionOnGroup(group2, UserRole.USER, project); GroupDto group3 = db.users().insertGroup("Group-3"); - db.users().insertProjectPermissionOnGroup(group3, USER, project); + db.users().insertProjectPermissionOnGroup(group3, UserRole.USER, project); // Anyone group - db.users().insertPermissionOnAnyone(SCAN); + db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group1.getUuid()), project.uuid())).isEmpty(); assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group2.getUuid()), project.uuid())) .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) - .containsOnly(tuple(group2.getUuid(), USER, project.uuid())); + .containsOnly(tuple(group2.getUuid(), UserRole.USER, project.uuid())); assertThat(underTest.selectByGroupUuids(dbSession, singletonList(group3.getUuid()), project.uuid())) .extracting(GroupPermissionDto::getGroupUuid, GroupPermissionDto::getRole, GroupPermissionDto::getComponentUuid) - .containsOnly(tuple(group3.getUuid(), USER, project.uuid())); + .containsOnly(tuple(group3.getUuid(), UserRole.USER, project.uuid())); assertThat(underTest.selectByGroupUuids(dbSession, singletonList(ANYONE_UUID), project.uuid())) .isEmpty(); diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java index 8ccee364bf4..8b5214bb9d7 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java @@ -44,17 +44,7 @@ import static java.util.Collections.emptyList; import static java.util.Collections.singletonList; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.tuple; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; -import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; public class UserPermissionDaoTest { @@ -71,10 +61,10 @@ public class UserPermissionDaoTest { UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); ComponentDto project = db.components().insertPrivateProject(); - UserPermissionDto global1 = addGlobalPermission(SYSTEM_ADMIN, user1); - UserPermissionDto global2 = addGlobalPermission(SYSTEM_ADMIN, user2); - UserPermissionDto global3 = addGlobalPermission(PROVISIONING, user2); - UserPermissionDto project1Perm = addProjectPermission(USER, user3, project); + UserPermissionDto global1 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); + UserPermissionDto global2 = addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user2); + UserPermissionDto global3 = addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user2); + UserPermissionDto project1Perm = addProjectPermission(UserRole.USER, user3, project); // global permissions of users who has at least one global permission, ordered by user name then permission PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().build(); @@ -87,14 +77,14 @@ public class UserPermissionDaoTest { expectPermissions(query, asList(user2.getUuid(), user1.getUuid(), user3.getUuid()), global2, global3, global1, project1Perm); // global permissions "admin" - query = PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build(); + query = PermissionQuery.builder().setPermission(GlobalPermission.ADMINISTER.getKey()).build(); expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), global2, global1); // empty if nobody has the specified global permission query = PermissionQuery.builder().setPermission("missing").build(); expectPermissions(query, emptyList()); - // search by user name (matches 2 users) + // search by username (matches 2 users) query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("mari").build(); expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), global2, global3, global1); @@ -107,7 +97,7 @@ public class UserPermissionDaoTest { expectPermissions(query, singletonList(user2.getUuid()), global2, global3); // search by user name (matches 2 users) and global permission - query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(PROVISIONING).build(); + query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(GlobalPermission.PROVISION_PROJECTS.getKey()).build(); expectPermissions(query, singletonList(user2.getUuid()), global3); // search by user name (no match) @@ -120,13 +110,13 @@ public class UserPermissionDaoTest { UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com")); - addGlobalPermission(SYSTEM_ADMIN, user1); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); ComponentDto project1 = db.components().insertPrivateProject(); ComponentDto project2 = db.components().insertPrivateProject(); - UserPermissionDto perm1 = addProjectPermission(USER, user1, project1); - UserPermissionDto perm2 = addProjectPermission(ISSUE_ADMIN, user1, project1); - UserPermissionDto perm3 = addProjectPermission(ISSUE_ADMIN, user2, project1); - addProjectPermission(ISSUE_ADMIN, user3, project2); + UserPermissionDto perm1 = addProjectPermission(UserRole.USER, user1, project1); + UserPermissionDto perm2 = addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); + UserPermissionDto perm3 = addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); + addProjectPermission(UserRole.ISSUE_ADMIN, user3, project2); // project permissions of users who has at least one permission on this project PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponent(project1).build(); @@ -141,7 +131,7 @@ public class UserPermissionDaoTest { expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1); // search by user name (matches 2 users) and project permission - query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponent(project1).build(); + query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(UserRole.ISSUE_ADMIN).setComponent(project1).build(); expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2); // search by user name (no match) @@ -159,8 +149,8 @@ public class UserPermissionDaoTest { UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com")); UserDto user3 = insertUser(u -> u.setLogin("login3").setName("Z").setEmail("zanother3@another.com")); UserDto user4 = insertUser(u -> u.setLogin("login4").setName("A").setEmail("zanother3@another.com")); - addGlobalPermission(SYSTEM_ADMIN, user1); - addGlobalPermission(QUALITY_PROFILE_ADMIN, user2); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); + addGlobalPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES.getKey(), user2); PermissionQuery query = PermissionQuery.builder().build(); @@ -174,11 +164,11 @@ public class UserPermissionDaoTest { IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i)); // Add permission on project to be sure projects are excluded - db.users().insertProjectPermissionOnUser(user, SCAN.getKey(), project); + db.users().insertProjectPermissionOnUser(user, GlobalPermission.SCAN.getKey(), project); }); String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1); UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin); - addGlobalPermission(SYSTEM_ADMIN, lastUser); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), lastUser); PermissionQuery query = PermissionQuery.builder().build(); @@ -192,12 +182,12 @@ public class UserPermissionDaoTest { IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> { UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i)); // Add global permission to be sure they are excluded - addGlobalPermission(SYSTEM_ADMIN, user); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user); }); String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1); UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin); ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(lastUser, SCAN.getKey(), project); + db.users().insertProjectPermissionOnUser(lastUser, GlobalPermission.SCAN.getKey(), project); PermissionQuery query = PermissionQuery.builder() .setComponent(project) @@ -212,11 +202,11 @@ public class UserPermissionDaoTest { public void selectUserUuidsByQuery_is_not_ordering_by_number_of_permissions() { UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com")); UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com")); - addGlobalPermission(SYSTEM_ADMIN, user1); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); ComponentDto project1 = db.components().insertPrivateProject(); - addProjectPermission(USER, user2, project1); - addProjectPermission(USER, user1, project1); - addProjectPermission(ADMIN, user1, project1); + addProjectPermission(UserRole.USER, user2, project1); + addProjectPermission(UserRole.USER, user1, project1); + addProjectPermission(UserRole.ADMIN, user1, project1); PermissionQuery query = PermissionQuery.builder().build(); @@ -231,25 +221,25 @@ public class UserPermissionDaoTest { UserDto user2 = insertUser(); ComponentDto project1 = db.components().insertPrivateProject(); ComponentDto project2 = db.components().insertPrivateProject(); - addGlobalPermission(SYSTEM_ADMIN, user1); - addProjectPermission(USER, user1, project1); - addProjectPermission(ISSUE_ADMIN, user1, project1); - addProjectPermission(ISSUE_ADMIN, user2, project1); - addProjectPermission(ISSUE_ADMIN, user2, project2); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user1); + addProjectPermission(UserRole.USER, user1, project1); + addProjectPermission(UserRole.ISSUE_ADMIN, user1, project1); + addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); + addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); // no projects -> return empty list assertThat(underTest.countUsersByProjectPermission(dbSession, emptyList())).isEmpty(); // one project expectCount(singletonList(project1.uuid()), - new CountPerProjectPermission(project1.uuid(), USER, 1), - new CountPerProjectPermission(project1.uuid(), ISSUE_ADMIN, 2)); + new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), + new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2)); // multiple projects expectCount(asList(project1.uuid(), project2.uuid(), "invalid"), - new CountPerProjectPermission(project1.uuid(), USER, 1), - new CountPerProjectPermission(project1.uuid(), ISSUE_ADMIN, 2), - new CountPerProjectPermission(project2.uuid(), ISSUE_ADMIN, 1)); + new CountPerProjectPermission(project1.uuid(), UserRole.USER, 1), + new CountPerProjectPermission(project1.uuid(), UserRole.ISSUE_ADMIN, 2), + new CountPerProjectPermission(project2.uuid(), UserRole.ISSUE_ADMIN, 1)); } @Test @@ -258,9 +248,9 @@ public class UserPermissionDaoTest { UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); ComponentDto project1 = db.components().insertPrivateProject(); ComponentDto project2 = db.components().insertPrivateProject(); - addProjectPermission(USER, user1, project1); - addProjectPermission(USER, user2, project1); - addProjectPermission(ISSUE_ADMIN, user2, project1); + addProjectPermission(UserRole.USER, user1, project1); + addProjectPermission(UserRole.USER, user2, project1); + addProjectPermission(UserRole.ISSUE_ADMIN, user2, project1); // logins are ordered by user name: user2 ("Marie") then user1 ("Marius") PermissionQuery query = PermissionQuery.builder().setComponent(project1).withAtLeastOnePermission().build(); @@ -291,9 +281,9 @@ public class UserPermissionDaoTest { UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); ComponentDto project1 = db.components().insertPrivateProject(); ComponentDto project2 = db.components().insertPrivateProject(); - addProjectPermission(USER, user1, project1); - addGlobalPermission(PROVISIONING, user1); - addProjectPermission(ISSUE_ADMIN, user2, project2); + addProjectPermission(UserRole.USER, user1, project1); + addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); + addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); PermissionQuery query = PermissionQuery.builder().build(); List<String> result = underTest.selectUserUuidsByQueryAndScope(dbSession, query); @@ -308,9 +298,9 @@ public class UserPermissionDaoTest { UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com")); ComponentDto project1 = db.components().insertPrivateProject(); ComponentDto project2 = db.components().insertPrivateProject(); - addProjectPermission(USER, user1, project1); - addGlobalPermission(PROVISIONING, user1); - addProjectPermission(ISSUE_ADMIN, user2, project2); + addProjectPermission(UserRole.USER, user1, project1); + addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); + addProjectPermission(UserRole.ISSUE_ADMIN, user2, project2); PermissionQuery query = PermissionQuery.builder() .setComponent(project1) .build(); @@ -327,8 +317,8 @@ public class UserPermissionDaoTest { for (int i = 0; i < 10; i++) { String name = "user-" + i; UserDto user = insertUser(u -> u.setName(name)); - addGlobalPermission(PROVISIONING, user); - addGlobalPermission(SYSTEM_ADMIN, user); + addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user); userUuids.add(user.getUuid()); } @@ -346,11 +336,11 @@ public class UserPermissionDaoTest { @Test public void selectUserUuidsByQuery_is_sorted_by_insensitive_name() { UserDto user1 = insertUser(u -> u.setName("user1")); - addGlobalPermission(PROVISIONING, user1); + addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user1); UserDto user3 = insertUser(u -> u.setName("user3")); - addGlobalPermission(SYSTEM_ADMIN, user3); + addGlobalPermission(GlobalPermission.ADMINISTER.getKey(), user3); UserDto user2 = insertUser(u -> u.setName("User2")); - addGlobalPermission(PROVISIONING, user2); + addGlobalPermission(GlobalPermission.PROVISION_PROJECTS.getKey(), user2); assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder().build())) .containsExactly(user1.getUuid(), user2.getUuid(), user3.getUuid()); @@ -509,91 +499,91 @@ public class UserPermissionDaoTest { UserDto user1 = insertUser(); UserDto user2 = insertUser(); ComponentDto project = db.components().insertPrivateProject(); - db.users().insertPermissionOnUser(user1, SCAN); - db.users().insertPermissionOnUser(user1, ADMINISTER); - db.users().insertProjectPermissionOnUser(user1, ADMINISTER_QUALITY_GATES.getKey(), project); - db.users().insertPermissionOnUser(user2, SCAN); - db.users().insertProjectPermissionOnUser(user2, ADMINISTER_QUALITY_GATES.getKey(), project); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); + db.users().insertProjectPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), project); + db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.SCAN); + db.users().insertProjectPermissionOnUser(user2, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), project); underTest.deleteByUserUuid(dbSession, user1); dbSession.commit(); assertThat(db.select("select user_uuid as \"userUuid\", component_uuid as \"projectUuid\", role as \"permission\" from user_roles")) .extracting((row) -> row.get("userUuid"), (row) -> row.get("projectUuid"), (row) -> row.get("permission")) - .containsOnly(tuple(user2.getUuid(), null, SCAN.getKey()), tuple(user2.getUuid(), project.uuid(), ADMINISTER_QUALITY_GATES.getKey())); + .containsOnly(tuple(user2.getUuid(), null, GlobalPermission.SCAN.getKey()), tuple(user2.getUuid(), project.uuid(), GlobalPermission.ADMINISTER_QUALITY_GATES.getKey())); } @Test public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_exist() { UserDto user = insertUser(); - db.users().insertPermissionOnUser(user, SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); ComponentDto component = newPrivateProjectDto(); - int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), component); + int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), component); assertThat(deletedCount).isZero(); - assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey()); + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); } @Test public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_has_no_permission_at_all() { UserDto user = insertUser(); - db.users().insertPermissionOnUser(user, SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); ComponentDto project = randomPublicOrPrivateProject(); - int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project); + int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project); assertThat(deletedCount).isZero(); - assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey()); + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); } @Test public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() { UserDto user = insertUser(); - db.users().insertPermissionOnUser(user, SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); ComponentDto project = randomPublicOrPrivateProject(); - db.users().insertProjectPermissionOnUser(user, SCAN.getKey(), project); + db.users().insertProjectPermissionOnUser(user, GlobalPermission.SCAN.getKey(), project); int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, "p1", project); assertThat(deletedCount).isZero(); - assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey()); - assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).containsOnly(SCAN.getKey()); + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); + assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).containsOnly(GlobalPermission.SCAN.getKey()); } @Test public void deleteProjectPermissionOfAnyUser_deletes_specified_permission_for_any_user_on_the_specified_component() { UserDto user1 = insertUser(); UserDto user2 = insertUser(); - db.users().insertPermissionOnUser(user1, SCAN); - db.users().insertPermissionOnUser(user2, SCAN); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.SCAN); ComponentDto project1 = randomPublicOrPrivateProject(); ComponentDto project2 = randomPublicOrPrivateProject(); - db.users().insertProjectPermissionOnUser(user1, SCAN.getKey(), project1); - db.users().insertProjectPermissionOnUser(user2, SCAN.getKey(), project1); - db.users().insertProjectPermissionOnUser(user1, SCAN.getKey(), project2); - db.users().insertProjectPermissionOnUser(user2, SCAN.getKey(), project2); - db.users().insertProjectPermissionOnUser(user2, PROVISION_PROJECTS.getKey(), project2); + db.users().insertProjectPermissionOnUser(user1, GlobalPermission.SCAN.getKey(), project1); + db.users().insertProjectPermissionOnUser(user2, GlobalPermission.SCAN.getKey(), project1); + db.users().insertProjectPermissionOnUser(user1, GlobalPermission.SCAN.getKey(), project2); + db.users().insertProjectPermissionOnUser(user2, GlobalPermission.SCAN.getKey(), project2); + db.users().insertProjectPermissionOnUser(user2, GlobalPermission.PROVISION_PROJECTS.getKey(), project2); - int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project1); + int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project1); assertThat(deletedCount).isEqualTo(2); - assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(SCAN.getKey()); - assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(SCAN.getKey()); + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).isEmpty(); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.uuid())).isEmpty(); - assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly(SCAN.getKey()); - assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(SCAN.getKey(), PROVISION_PROJECTS.getKey()); + assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly(GlobalPermission.SCAN.getKey()); + assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(GlobalPermission.SCAN.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); - deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project2); + deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, GlobalPermission.SCAN.getKey(), project2); assertThat(deletedCount).isEqualTo(2); - assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(SCAN.getKey()); - assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(SCAN.getKey()); + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(GlobalPermission.SCAN.getKey()); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).isEmpty(); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.uuid())).isEmpty(); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly(); - assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(PROVISION_PROJECTS.getKey()); + assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); } private ComponentDto randomPublicOrPrivateProject() { diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java index 529684f19ab..fd836f3e8a5 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoWithPersisterTest.java @@ -39,8 +39,8 @@ import static org.mockito.ArgumentMatchers.eq; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoMoreInteractions; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; +import static org.sonar.db.permission.GlobalPermission.ADMINISTER; +import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; public class UserPermissionDaoWithPersisterTest { @@ -56,7 +56,7 @@ public class UserPermissionDaoWithPersisterTest { @Test public void userGlobalPermissionInsertAndDeleteArePersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); - UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), null); + UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); underTest.insert(dbSession, dto, null, user, null); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); @@ -64,7 +64,7 @@ public class UserPermissionDaoWithPersisterTest { assertNewValue(newValue, dto.getUuid(), user.getUuid(), user.getLogin(), null, dto.getPermission(), null, null, null); assertThat(newValue.toString()).doesNotContain("projectUuid"); - underTest.deleteGlobalPermission(dbSession, user, SYSTEM_ADMIN); + underTest.deleteGlobalPermission(dbSession, user, ADMINISTER.getKey()); verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); @@ -77,7 +77,7 @@ public class UserPermissionDaoWithPersisterTest { PermissionTemplateDto templateDto = newPermissionTemplateDto(); db.getDbClient().permissionTemplateDao().insert(db.getSession(), templateDto); UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); - UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), null); + UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), null); underTest.insert(dbSession, dto, null, user, templateDto); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); @@ -96,7 +96,7 @@ public class UserPermissionDaoWithPersisterTest { public void userProjectPermissionInsertAndDeleteArePersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); - UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid()); + UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); underTest.insert(dbSession, dto, project, user, null); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); @@ -105,7 +105,7 @@ public class UserPermissionDaoWithPersisterTest { project.getKey(), project.name(), "TRK"); assertThat(newValue.toString()).contains("componentUuid"); - underTest.deleteProjectPermission(dbSession, user, SYSTEM_ADMIN, project); + underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); newValue = newValueCaptor.getValue(); @@ -119,7 +119,7 @@ public class UserPermissionDaoWithPersisterTest { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); - underTest.deleteProjectPermission(dbSession, user, SYSTEM_ADMIN, project); + underTest.deleteProjectPermission(dbSession, user, ADMINISTER.getKey(), project); verify(auditPersister).addUser(any(), any()); verify(auditPersister).addComponent(any(), any()); @@ -130,7 +130,7 @@ public class UserPermissionDaoWithPersisterTest { public void userPortfolioPermissionIsPersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto portfolio = db.components().insertPublicPortfolio(); - UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), portfolio.uuid()); + UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), portfolio.uuid()); underTest.insert(dbSession, dto, portfolio, user, null); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); @@ -144,7 +144,7 @@ public class UserPermissionDaoWithPersisterTest { public void userApplicationPermissionIsPersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto application = db.components().insertPublicApplication(); - UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), application.uuid()); + UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), application.uuid()); underTest.insert(dbSession, dto, application, user, null); verify(auditPersister).addUserPermission(eq(dbSession), newValueCaptor.capture()); @@ -158,9 +158,9 @@ public class UserPermissionDaoWithPersisterTest { public void deleteUserPermissionOfAnyUserIsPersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); - UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SCAN_EXECUTION, user.getUuid(), project.uuid()); + UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SCAN.getKey(), user.getUuid(), project.uuid()); underTest.insert(dbSession, dto, project, user, null); - underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN_EXECUTION, project); + underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project); verify(auditPersister).deleteUserPermission(eq(dbSession), newValueCaptor.capture()); UserPermissionNewValue newValue = newValueCaptor.getValue(); @@ -173,7 +173,7 @@ public class UserPermissionDaoWithPersisterTest { public void deleteUserPermissionOfAnyUserWithoutAffectedRowsIsNotPersisted() { ComponentDto project = db.components().insertPrivateProject(); - underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN_EXECUTION, project); + underTest.deleteProjectPermissionOfAnyUser(dbSession, SCAN.getKey(), project); verify(auditPersister).addComponent(any(), any()); verifyNoMoreInteractions(auditPersister); @@ -183,7 +183,7 @@ public class UserPermissionDaoWithPersisterTest { public void deleteUserPermissionByUserUuidIsPersisted() { UserDto user = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com")); ComponentDto project = db.components().insertPrivateProject(); - UserPermissionDto dto = new UserPermissionDto(Uuids.create(), SYSTEM_ADMIN, user.getUuid(), project.uuid()); + UserPermissionDto dto = new UserPermissionDto(Uuids.create(), ADMINISTER.getKey(), user.getUuid(), project.uuid()); underTest.insert(dbSession, dto, project, user, null); underTest.deleteByUserUuid(dbSession, user); diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/GroupWithPermissionTemplateDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/GroupWithPermissionTemplateDaoTest.java index 8051c3c425c..0dfdd76264a 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/GroupWithPermissionTemplateDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/GroupWithPermissionTemplateDaoTest.java @@ -36,7 +36,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.tuple; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; +import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; import static org.sonar.db.permission.PermissionQuery.builder; import static org.sonar.db.user.GroupTesting.newGroupDto; @@ -59,11 +59,11 @@ public class GroupWithPermissionTemplateDaoTest { PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); - permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); + permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); - permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); + permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); assertThat(selectGroupNamesByQueryAndTemplate(builder(), template)) .containsOnly("Group-1", "Group-2", "Group-3", "Anyone"); @@ -165,11 +165,11 @@ public class GroupWithPermissionTemplateDaoTest { PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); - permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); + permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); - permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); + permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); assertThat(countGroupNamesByQueryAndTemplate(builder(), template)) .isEqualTo(4); @@ -200,11 +200,11 @@ public class GroupWithPermissionTemplateDaoTest { PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); - permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); + permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); - permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); + permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); assertThat(underTest.selectGroupPermissionsByTemplateIdAndGroupNames(session, template.getUuid(), asList("Group-1"))) .extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) @@ -215,7 +215,7 @@ public class GroupWithPermissionTemplateDaoTest { assertThat(underTest.selectGroupPermissionsByTemplateIdAndGroupNames(session, anotherTemplate.getUuid(), asList("Group-1"))) .extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) .containsOnly( - tuple(group1.getUuid(), "Group-1", PROVISIONING)); + tuple(group1.getUuid(), "Group-1", PROVISION_PROJECTS.getKey())); assertThat(underTest.selectGroupPermissionsByTemplateIdAndGroupNames(session, anotherTemplate.getUuid(), asList("Anyone"))) .extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) @@ -236,22 +236,22 @@ public class GroupWithPermissionTemplateDaoTest { PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER, template.getName(), group1.getName()); permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN, template.getName(), group1.getName()); - permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING, template.getName(), group2.getName()); + permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISION_PROJECTS.getKey(), template.getName(), group2.getName()); PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(); permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER, anotherTemplate.getName(), null); - permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING, anotherTemplate.getName(), group1.getName()); + permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISION_PROJECTS.getKey(), anotherTemplate.getName(), group1.getName()); assertThat(underTest.selectGroupPermissionsByTemplateUuid(session, template.getUuid())) .extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) .containsOnly( tuple(group1.getUuid(), "Group-1", USER), tuple(group1.getUuid(), "Group-1", ADMIN), - tuple(group2.getUuid(), "Group-2", PROVISIONING)); + tuple(group2.getUuid(), "Group-2", PROVISION_PROJECTS.getKey())); assertThat(underTest.selectGroupPermissionsByTemplateUuid(session, anotherTemplate.getUuid())) .extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getGroupName, PermissionTemplateGroupDto::getPermission) .containsOnly( - tuple(group1.getUuid(), "Group-1", PROVISIONING), + tuple(group1.getUuid(), "Group-1", PROVISION_PROJECTS.getKey()), tuple("Anyone", "Anyone", USER)); assertThat(underTest.selectGroupPermissionsByTemplateUuid(session, "321")).isEmpty(); diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/PermissionTemplateDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/PermissionTemplateDaoTest.java index effa92dff8f..c863316939e 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/PermissionTemplateDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/PermissionTemplateDaoTest.java @@ -32,6 +32,7 @@ import org.sonar.core.util.UuidFactoryFast; import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.audit.NoOpAuditPersister; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.user.GroupDto; import org.sonar.db.user.UserDto; @@ -40,11 +41,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.tuple; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto; import static org.sonar.db.user.GroupTesting.newGroupDto; @@ -275,20 +271,20 @@ public class PermissionTemplateDaoTest { GroupDto group1 = db.users().insertGroup(newGroupDto()); GroupDto group2 = db.users().insertGroup(newGroupDto()); GroupDto group3 = db.users().insertGroup(newGroupDto()); - templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), CODEVIEWER, template1.getName(), group1.getName()); - templateDb.addGroupToTemplate(template1.getUuid(), group2.getUuid(), CODEVIEWER, template1.getName(), group2.getName()); - templateDb.addGroupToTemplate(template1.getUuid(), group3.getUuid(), CODEVIEWER, template1.getName(), group3.getName()); - templateDb.addGroupToTemplate(template1.getUuid(), null, CODEVIEWER, template1.getName(), null); - templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), ADMIN, template1.getName(), group1.getName()); - templateDb.addGroupToTemplate(template2.getUuid(), group1.getUuid(), ADMIN, template2.getName(), group1.getName()); - templateDb.addGroupToTemplate(template4.getUuid(), group1.getUuid(), ISSUE_ADMIN, template4.getName(), group1.getName()); + templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), UserRole.CODEVIEWER, template1.getName(), group1.getName()); + templateDb.addGroupToTemplate(template1.getUuid(), group2.getUuid(), UserRole.CODEVIEWER, template1.getName(), group2.getName()); + templateDb.addGroupToTemplate(template1.getUuid(), group3.getUuid(), UserRole.CODEVIEWER, template1.getName(), group3.getName()); + templateDb.addGroupToTemplate(template1.getUuid(), null, UserRole.CODEVIEWER, template1.getName(), null); + templateDb.addGroupToTemplate(template1.getUuid(), group1.getUuid(), UserRole.ADMIN, template1.getName(), group1.getName()); + templateDb.addGroupToTemplate(template2.getUuid(), group1.getUuid(), UserRole.ADMIN, template2.getName(), group1.getName()); + templateDb.addGroupToTemplate(template4.getUuid(), group1.getUuid(), UserRole.ISSUE_ADMIN, template4.getName(), group1.getName()); final List<CountByTemplateAndPermissionDto> result = new ArrayList<>(); underTest.groupsCountByTemplateUuidAndPermission(dbSession, asList(template1.getUuid(), template2.getUuid(), template3.getUuid()), context -> result.add(context.getResultObject())); assertThat(result).extracting(CountByTemplateAndPermissionDto::getPermission, CountByTemplateAndPermissionDto::getTemplateUuid, CountByTemplateAndPermissionDto::getCount) - .containsOnly(tuple(ADMIN, template1.getUuid(), 1), tuple(CODEVIEWER, template1.getUuid(), 4), tuple(ADMIN, template2.getUuid(), 1)); + .containsOnly(tuple(UserRole.ADMIN, template1.getUuid(), 1), tuple(UserRole.CODEVIEWER, template1.getUuid(), 4), tuple(UserRole.ADMIN, template2.getUuid(), 1)); } @Test @@ -302,12 +298,12 @@ public class PermissionTemplateDaoTest { UserDto user2 = db.users().insertUser(); UserDto user3 = db.users().insertUser(); - templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), ADMIN, template1.getName(), user1.getLogin()); - templateDb.addUserToTemplate(template1.getUuid(), user2.getUuid(), ADMIN, template1.getName(), user2.getLogin()); - templateDb.addUserToTemplate(template1.getUuid(), user3.getUuid(), ADMIN, template1.getName(), user3.getLogin()); - templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), USER, template1.getName(), user1.getLogin()); - templateDb.addUserToTemplate(template2.getUuid(), user1.getUuid(), USER, template2.getName(), user1.getLogin()); - templateDb.addUserToTemplate(anotherTemplate.getUuid(), user1.getUuid(), ISSUE_ADMIN, anotherTemplate.getName(), user1.getLogin()); + templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), UserRole.ADMIN, template1.getName(), user1.getLogin()); + templateDb.addUserToTemplate(template1.getUuid(), user2.getUuid(), UserRole.ADMIN, template1.getName(), user2.getLogin()); + templateDb.addUserToTemplate(template1.getUuid(), user3.getUuid(), UserRole.ADMIN, template1.getName(), user3.getLogin()); + templateDb.addUserToTemplate(template1.getUuid(), user1.getUuid(), UserRole.USER, template1.getName(), user1.getLogin()); + templateDb.addUserToTemplate(template2.getUuid(), user1.getUuid(), UserRole.USER, template2.getName(), user1.getLogin()); + templateDb.addUserToTemplate(anotherTemplate.getUuid(), user1.getUuid(), UserRole.ISSUE_ADMIN, anotherTemplate.getName(), user1.getLogin()); final List<CountByTemplateAndPermissionDto> result = new ArrayList<>(); underTest.usersCountByTemplateUuidAndPermission(dbSession, asList(template1.getUuid(), template2.getUuid(), template3.getUuid()), @@ -315,9 +311,9 @@ public class PermissionTemplateDaoTest { assertThat(result) .extracting(CountByTemplateAndPermissionDto::getPermission, CountByTemplateAndPermissionDto::getTemplateUuid, CountByTemplateAndPermissionDto::getCount) .containsExactlyInAnyOrder( - tuple(ADMIN, template1.getUuid(), 3), - tuple(USER, template1.getUuid(), 1), - tuple(USER, template2.getUuid(), 1)); + tuple(UserRole.ADMIN, template1.getUuid(), 3), + tuple(UserRole.USER, template1.getUuid(), 1), + tuple(UserRole.USER, template2.getUuid(), 1)); } @Test @@ -343,7 +339,7 @@ public class PermissionTemplateDaoTest { GroupDto group = db.users().insertGroup(newGroupDto()); db.users().insertMember(group, user); PermissionTemplateDto template = templateDb.insertTemplate(); - templateDb.addProjectCreatorToTemplate(template.getUuid(), SCAN_EXECUTION, template.getName()); + templateDb.addProjectCreatorToTemplate(template.getUuid(), GlobalPermission.SCAN.getKey(), template.getName()); templateDb.addProjectCreatorToTemplate(template.getUuid(), UserRole.ADMIN, template.getName()); templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin()); templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.ADMIN, template.getName(), user.getLogin()); @@ -354,7 +350,7 @@ public class PermissionTemplateDaoTest { List<String> resultWithUser = underTest.selectPotentialPermissionsByUserUuidAndTemplateUuid(dbSession, user.getUuid(), template.getUuid()); List<String> resultWithoutUser = underTest.selectPotentialPermissionsByUserUuidAndTemplateUuid(dbSession, null, template.getUuid()); - assertThat(resultWithUser).containsOnlyOnce(SCAN_EXECUTION, UserRole.ADMIN, UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); + assertThat(resultWithUser).containsOnlyOnce(GlobalPermission.SCAN.getKey(), UserRole.ADMIN, UserRole.USER, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN); // only permission from anyone group assertThat(resultWithoutUser).containsOnly(UserRole.ISSUE_ADMIN); } diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/purge/PurgeCommandsTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/purge/PurgeCommandsTest.java index 783c99e7f5f..a44fabfd009 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/purge/PurgeCommandsTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/purge/PurgeCommandsTest.java @@ -743,7 +743,7 @@ public class PurgeCommandsTest { UserDto user = dbTester.users().insertUser(); dbTester.users().insertProjectPermissionOnUser(user, "doh", root); - dbTester.users().insertPermissionOnUser(user, GlobalPermission.SCAN); + dbTester.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); assertThat(dbTester.countRowsOfTable("group_roles")).isEqualTo(root.isPrivate() ? 2 : 4); assertThat(dbTester.countRowsOfTable("user_roles")).isEqualTo(2); diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/user/RoleDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/user/RoleDaoTest.java index 269267b9c3c..76380f5a695 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/user/RoleDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/user/RoleDaoTest.java @@ -77,7 +77,7 @@ public class RoleDaoTest { db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project1); db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2); // global permission - not returned - db.users().insertPermissionOnUser(user1, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); // project permission on another user id - not returned db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project1); // project permission on another permission - not returned @@ -96,7 +96,7 @@ public class RoleDaoTest { db.users().insertMember(group1, user1); db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2); // global permission - not returned - db.users().insertPermissionOnUser(user1, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, ADMINISTER); db.users().insertPermissionOnGroup(group1, ADMINISTER); // project permission on another user id - not returned db.users().insertPermissionOnGroup(group2, ADMINISTER); diff --git a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/permission/PermissionsTestHelper.java b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/permission/PermissionsTestHelper.java index 456b2ba6e87..c2e4610f9db 100644 --- a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/permission/PermissionsTestHelper.java +++ b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/permission/PermissionsTestHelper.java @@ -19,15 +19,17 @@ */ package org.sonar.db.permission; -import com.google.common.collect.ImmutableSet; import java.util.Set; import org.sonar.api.web.UserRole; -import org.sonar.core.permission.GlobalPermissions; + +import static org.sonar.db.permission.GlobalPermission.APPLICATION_CREATOR; +import static org.sonar.db.permission.GlobalPermission.PORTFOLIO_CREATOR; +import static org.sonar.db.permission.GlobalPermission.SCAN; public class PermissionsTestHelper { - public static final Set<String> ALL_PERMISSIONS = ImmutableSet.of(UserRole.ADMIN, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, - GlobalPermissions.SCAN_EXECUTION, UserRole.USER, GlobalPermission.APPLICATION_CREATOR.getKey(), GlobalPermission.PORTFOLIO_CREATOR.getKey()); + public static final Set<String> ALL_PERMISSIONS = Set.of(UserRole.ADMIN, UserRole.CODEVIEWER, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, + SCAN.getKey(), UserRole.USER, APPLICATION_CREATOR.getKey(), PORTFOLIO_CREATOR.getKey()); private PermissionsTestHelper() { } diff --git a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java index 245f2bfeaf4..46cacd0142d 100644 --- a/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java +++ b/server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java @@ -19,7 +19,6 @@ */ package org.sonar.db.user; -import com.google.common.collect.ImmutableSet; import java.util.Arrays; import java.util.List; import java.util.Optional; @@ -47,7 +46,8 @@ import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.db.user.GroupTesting.newGroupDto; public class UserDbTester { - private static final Set<String> PUBLIC_PERMISSIONS = ImmutableSet.of(UserRole.USER, UserRole.CODEVIEWER); // FIXME to check with Simon + private static final Set<String> PUBLIC_PERMISSIONS = Set.of(UserRole.USER, UserRole.CODEVIEWER); + public static final String PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES = "Permissions can't be granted on branches"; private final DbTester db; private final DbClient dbClient; @@ -90,7 +90,7 @@ public class UserDbTester { public UserDto insertAdminByUserPermission() { UserDto user = insertUser(); - insertPermissionOnUser(user, ADMINISTER); + insertGlobalPermissionOnUser(user, ADMINISTER); return user; } @@ -211,7 +211,7 @@ public class UserDbTester { checkArgument(!project.isPrivate(), "No permission to group AnyOne can be granted on a private project"); checkArgument(!PUBLIC_PERMISSIONS.contains(permission), "permission %s can't be granted on a public project", permission); - checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); + checkArgument(project.getMainBranchProjectUuid() == null, PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES); GroupPermissionDto dto = new GroupPermissionDto() .setUuid(Uuids.createFast()) .setGroupUuid(null) @@ -231,7 +231,7 @@ public class UserDbTester { public GroupPermissionDto insertProjectPermissionOnGroup(GroupDto group, String permission, ComponentDto project) { checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), "%s can't be granted on a public project", permission); - checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); + checkArgument(project.getMainBranchProjectUuid() == null, PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES); GroupPermissionDto dto = new GroupPermissionDto() .setUuid(Uuids.createFast()) .setGroupUuid(group.getUuid()) @@ -261,17 +261,15 @@ public class UserDbTester { // USER PERMISSIONS /** - * Grant permission + * Grant global permission */ - public UserPermissionDto insertPermissionOnUser(UserDto user, GlobalPermission permission) { + public UserPermissionDto insertGlobalPermissionOnUser(UserDto user, GlobalPermission permission) { return insertPermissionOnUser(user, permission.getKey()); } /** - * Grant global permission - * @deprecated use {@link #insertPermissionOnUser(UserDto, GlobalPermission)} + * Grant permission */ - @Deprecated public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) { UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null); db.getDbClient().userPermissionDao().insert(db.getSession(), dto, null, user, null); @@ -295,7 +293,7 @@ public class UserDbTester { public UserPermissionDto insertProjectPermissionOnUser(UserDto user, String permission, ComponentDto project) { checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission), "%s can't be granted on a public project", permission); - checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches"); + checkArgument(project.getMainBranchProjectUuid() == null, PERMISSIONS_CANT_BE_GRANTED_ON_BRANCHES); UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid()); db.getDbClient().userPermissionDao().insert(db.getSession(), dto, project, user, null); db.commit(); diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java index 2b334d5f8a9..f10f6b81659 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java @@ -61,8 +61,8 @@ public class DefaultAdminCredentialsVerifierNotificationHandlerTest { // Users granted admin permission directly UserDto admin1 = db.users().insertUser(u -> u.setEmail("admin1")); UserDto adminWithNoEmail = db.users().insertUser(u -> u.setEmail(null)); - db.users().insertPermissionOnUser(admin1, ADMINISTER); - db.users().insertPermissionOnUser(adminWithNoEmail, ADMINISTER); + db.users().insertGlobalPermissionOnUser(admin1, ADMINISTER); + db.users().insertGlobalPermissionOnUser(adminWithNoEmail, ADMINISTER); // User granted admin permission by group membership UserDto admin2 = db.users().insertUser(u -> u.setEmail("admin2")); GroupDto adminGroup = db.users().insertGroup(); diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java index a5feb662795..fb5d2047ae3 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java @@ -27,9 +27,11 @@ import org.assertj.core.api.ThrowableAssert.ThrowingCallable; import org.junit.Rule; import org.junit.Test; import org.sonar.api.utils.System2; +import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDto; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.project.ProjectDto; import org.sonar.db.user.GroupDto; import org.sonar.db.user.UserDto; @@ -39,18 +41,9 @@ import static com.google.common.base.Preconditions.checkState; import static java.util.Arrays.asList; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newChildComponent; import static org.sonar.db.component.ComponentTesting.newProjectCopy; import static org.sonar.db.component.ComponentTesting.newSubPortfolio; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; -import static org.sonar.db.permission.GlobalPermission.SCAN; public class ServerUserSessionTest { @@ -142,23 +135,23 @@ public class ServerUserSessionTest { public void checkComponentUuidPermission_fails_with_FE_when_user_has_not_permission_for_specified_uuid_in_db() { UserDto user = db.users().insertUser(); ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(user, USER, project); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project); UserSession session = newUserSession(user); - assertThatForbiddenExceptionIsThrown(() -> session.checkComponentUuidPermission(USER, "another-uuid")); + assertThatForbiddenExceptionIsThrown(() -> session.checkComponentUuidPermission(UserRole.USER, "another-uuid")); } @Test public void checkChildProjectsPermission_succeeds_if_user_has_permissions_on_all_application_child_projects() { UserDto user = db.users().insertUser(); ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(user, USER, project); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project); ComponentDto application = db.components().insertPrivateApplication(); db.components().addApplicationProject(application, project); UserSession underTest = newUserSession(user); - assertThat(underTest.checkChildProjectsPermission(USER, application)).isSameAs(underTest); + assertThat(underTest.checkChildProjectsPermission(UserRole.USER, application)).isSameAs(underTest); } @Test @@ -168,7 +161,7 @@ public class ServerUserSessionTest { UserSession underTest = newUserSession(user); - assertThat(underTest.checkChildProjectsPermission(USER, project)).isSameAs(underTest); + assertThat(underTest.checkChildProjectsPermission(UserRole.USER, project)).isSameAs(underTest); } @Test @@ -182,76 +175,76 @@ public class ServerUserSessionTest { UserSession underTest = newUserSession(user); - assertThatForbiddenExceptionIsThrown(() -> underTest.checkChildProjectsPermission(USER, application)); + assertThatForbiddenExceptionIsThrown(() -> underTest.checkChildProjectsPermission(UserRole.USER, application)); } @Test public void checkPermission_throws_ForbiddenException_when_user_doesnt_have_the_specified_permission() { UserDto user = db.users().insertUser(); - assertThatForbiddenExceptionIsThrown(() -> newUserSession(user).checkPermission(PROVISION_PROJECTS)); + assertThatForbiddenExceptionIsThrown(() -> newUserSession(user).checkPermission(GlobalPermission.PROVISION_PROJECTS)); } @Test public void checkPermission_succeeds_when_user_has_the_specified_permission() { UserDto adminUser = db.users().insertAdminByUserPermission(); - db.users().insertPermissionOnUser(adminUser, PROVISIONING); + db.users().insertGlobalPermissionOnUser(adminUser, GlobalPermission.PROVISION_PROJECTS); - newUserSession(adminUser).checkPermission(PROVISION_PROJECTS); + newUserSession(adminUser).checkPermission(GlobalPermission.PROVISION_PROJECTS); } @Test public void test_hasPermission_for_logged_in_user() { ComponentDto project = db.components().insertPrivateProject(); UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); - db.users().insertProjectPermissionOnUser(user, ADMIN, project); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); + db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); UserSession session = newUserSession(user); - assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); - assertThat(session.hasPermission(ADMINISTER)).isFalse(); + assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); + assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse(); } @Test public void test_hasPermission_for_anonymous_user() { - db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); + db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); UserSession session = newAnonymousSession(); - assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); - assertThat(session.hasPermission(ADMINISTER)).isFalse(); + assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); + assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse(); } @Test public void hasPermission_keeps_cache_of_permissions_of_logged_in_user() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, PROVISIONING); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); UserSession session = newUserSession(user); // feed the cache - assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); + assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); // change permissions without updating the cache - db.users().deletePermissionFromUser(user, PROVISION_PROJECTS); - db.users().insertPermissionOnUser(user, SCAN); - assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); - assertThat(session.hasPermission(ADMINISTER)).isFalse(); - assertThat(session.hasPermission(SCAN)).isFalse(); + db.users().deletePermissionFromUser(user, GlobalPermission.PROVISION_PROJECTS); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); + assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); + assertThat(session.hasPermission(GlobalPermission.ADMINISTER)).isFalse(); + assertThat(session.hasPermission(GlobalPermission.SCAN)).isFalse(); } @Test public void hasPermission_keeps_cache_of_permissions_of_anonymous_user() { - db.users().insertPermissionOnAnyone(PROVISION_PROJECTS); + db.users().insertPermissionOnAnyone(GlobalPermission.PROVISION_PROJECTS); UserSession session = newAnonymousSession(); // feed the cache - assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); + assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); // change permissions without updating the cache - db.users().insertPermissionOnAnyone(SCAN); - assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue(); - assertThat(session.hasPermission(SCAN)).isFalse(); + db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); + assertThat(session.hasPermission(GlobalPermission.PROVISION_PROJECTS)).isTrue(); + assertThat(session.hasPermission(GlobalPermission.SCAN)).isFalse(); } @Test @@ -259,7 +252,7 @@ public class ServerUserSessionTest { ComponentDto project1 = db.components().insertPrivateProject(); ComponentDto project2 = db.components().insertPrivateProject(); UserDto user = db.users().insertUser(); - db.users().insertProjectPermissionOnUser(user, USER, project1); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project1); ComponentDto application = db.components().insertPrivateApplication(); db.components().addApplicationProject(application, project1); @@ -267,30 +260,30 @@ public class ServerUserSessionTest { db.components().insertComponent(newProjectCopy(project1, application)); UserSession session = newUserSession(user); - assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue(); db.components().addApplicationProject(application, project2); db.components().insertComponent(newProjectCopy(project2, application)); - assertThat(session.hasChildProjectsPermission(USER, application)).isFalse(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isFalse(); } @Test public void test_hasChildProjectsPermission_for_anonymous_user() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertPermissionOnAnyone(USER); + db.users().insertPermissionOnAnyone(UserRole.USER); ComponentDto application = db.components().insertPrivateApplication(); db.components().addApplicationProject(application, project); // add computed project db.components().insertComponent(newProjectCopy(project, application)); UserSession session = newAnonymousSession(); - assertThat(session.hasChildProjectsPermission(USER, application)).isFalse(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isFalse(); } @Test public void hasChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() { - db.users().insertPermissionOnAnyone(USER); + db.users().insertPermissionOnAnyone(UserRole.USER); ComponentDto project = db.components().insertPublicProject(); ComponentDto application = db.components().insertPublicApplication(); @@ -299,11 +292,11 @@ public class ServerUserSessionTest { UserSession session = newAnonymousSession(); // feed the cache - assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue(); // change privacy of the project without updating the cache db.getDbClient().componentDao().setPrivateForBranchUuidWithoutAudit(db.getSession(), project.uuid(), true); - assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, application)).isTrue(); } @Test @@ -324,44 +317,44 @@ public class ServerUserSessionTest { db.components().addPortfolioProject(portfolio, project1); db.components().insertComponent(newProjectCopy(project1, portfolio)); - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); + assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); // Add private project2 with USER permissions to private portfolio - db.users().insertProjectPermissionOnUser(user, USER, project2); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2); db.components().addPortfolioProject(portfolio, project2); db.components().insertComponent(newProjectCopy(project2, portfolio)); - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); + assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); // Add private project4 with USER permissions to sub-portfolio - db.users().insertProjectPermissionOnUser(user, USER, project4); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project4); db.components().addPortfolioProject(subPortfolio, project4); db.components().insertComponent(newProjectCopy(project4, subPortfolio)); db.components().addPortfolioReference(portfolio, subPortfolio.uuid()); // The predicate should work both on view and subview components - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); - assertThat(session.hasPortfolioChildProjectsPermission(USER, subPortfolio)).isTrue(); + assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); + assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, subPortfolio)).isTrue(); // Add private project3 without permissions to private portfolio db.components().addPortfolioProject(portfolio, project3); db.components().insertComponent(newProjectCopy(project3, portfolio)); - assertThat(session.hasChildProjectsPermission(USER, portfolio)).isFalse(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isFalse(); // Add private project5 without permissions to sub-portfolio db.components().addPortfolioProject(subPortfolio, project5); db.components().insertComponent(newProjectCopy(project5, subPortfolio)); - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse(); - assertThat(session.hasPortfolioChildProjectsPermission(USER, subPortfolio)).isFalse(); + assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isFalse(); + assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, subPortfolio)).isFalse(); } @Test public void test_hasPortfolioChildProjectsPermission_for_anonymous_user() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertPermissionOnAnyone(USER); + db.users().insertPermissionOnAnyone(UserRole.USER); ComponentDto portfolio = db.components().insertPrivatePortfolio(); @@ -370,12 +363,12 @@ public class ServerUserSessionTest { db.components().insertComponent(newProjectCopy(project, portfolio)); UserSession session = newAnonymousSession(); - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse(); + assertThat(session.hasPortfolioChildProjectsPermission(UserRole.USER, portfolio)).isFalse(); } @Test public void hasPortfolioChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() { - db.users().insertPermissionOnAnyone(USER); + db.users().insertPermissionOnAnyone(UserRole.USER); ComponentDto project = db.components().insertPublicProject(); ComponentDto portfolio = db.components().insertPublicPortfolio(); @@ -384,11 +377,11 @@ public class ServerUserSessionTest { UserSession session = newAnonymousSession(); // feed the cache - assertThat(session.hasChildProjectsPermission(USER, portfolio)).isTrue(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); // change privacy of the project without updating the cache db.getDbClient().componentDao().setPrivateForBranchUuidWithoutAudit(db.getSession(), project.uuid(), true); - assertThat(session.hasChildProjectsPermission(USER, portfolio)).isTrue(); + assertThat(session.hasChildProjectsPermission(UserRole.USER, portfolio)).isTrue(); } @Test @@ -397,8 +390,8 @@ public class ServerUserSessionTest { ServerUserSession underTest = newAnonymousSession(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); } @Test @@ -408,8 +401,8 @@ public class ServerUserSessionTest { ServerUserSession underTest = newAnonymousSession(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); } @Test @@ -419,8 +412,8 @@ public class ServerUserSessionTest { ServerUserSession underTest = newAnonymousSession(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); } @Test @@ -430,8 +423,8 @@ public class ServerUserSessionTest { ServerUserSession underTest = newAnonymousSession(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, publicProject)).isTrue(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, publicProject)).isTrue(); } @Test @@ -441,8 +434,8 @@ public class ServerUserSessionTest { ServerUserSession underTest = newUserSession(user); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse(); } @Test @@ -453,8 +446,8 @@ public class ServerUserSessionTest { ServerUserSession underTest = newUserSession(user); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse(); } @Test @@ -465,8 +458,8 @@ public class ServerUserSessionTest { ServerUserSession underTest = newUserSession(user); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, USER, privateProject)).isFalse(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, CODEVIEWER, privateProject)).isFalse(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.USER, privateProject)).isFalse(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.CODEVIEWER, privateProject)).isFalse(); } @Test @@ -527,35 +520,35 @@ public class ServerUserSessionTest { public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_logged_in_user() { UserDto user = db.users().insertUser(); ComponentDto publicProject = db.components().insertPublicProject(); - db.users().insertProjectPermissionOnUser(user, ADMIN, publicProject); + db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, publicProject); UserSession underTest = newUserSession(user); // feed the cache - assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); // change permissions without updating the cache - db.users().deletePermissionFromUser(publicProject, user, ADMIN); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, publicProject); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, ISSUE_ADMIN, publicProject)).isFalse(); + db.users().deletePermissionFromUser(publicProject, user, UserRole.ADMIN); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, publicProject); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ISSUE_ADMIN, publicProject)).isFalse(); } @Test public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_anonymous_user() { ComponentDto publicProject = db.components().insertPublicProject(); - db.users().insertProjectPermissionOnAnyone(ADMIN, publicProject); + db.users().insertProjectPermissionOnAnyone(UserRole.ADMIN, publicProject); UserSession underTest = newAnonymousSession(); // feed the cache - assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); // change permissions without updating the cache - db.users().deleteProjectPermissionFromAnyone(publicProject, ADMIN); - db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, publicProject); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, ADMIN, publicProject)).isTrue(); - assertThat(hasComponentPermissionByDtoOrUuid(underTest, ISSUE_ADMIN, publicProject)).isFalse(); + db.users().deleteProjectPermissionFromAnyone(publicProject, UserRole.ADMIN); + db.users().insertProjectPermissionOnAnyone(UserRole.ISSUE_ADMIN, publicProject); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ADMIN, publicProject)).isTrue(); + assertThat(hasComponentPermissionByDtoOrUuid(underTest, UserRole.ISSUE_ADMIN, publicProject)).isFalse(); } private boolean hasComponentPermissionByDtoOrUuid(UserSession underTest, String permission, ComponentDto component) { @@ -572,31 +565,31 @@ public class ServerUserSessionTest { UserSession underTest = newAnonymousSession(); - assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); + assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); } @Test public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_anonymous() { ComponentDto publicProject = db.components().insertPublicProject(); ComponentDto privateProject = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnAnyone(ISSUE_ADMIN, publicProject); + db.users().insertProjectPermissionOnAnyone(UserRole.ISSUE_ADMIN, publicProject); UserSession underTest = newAnonymousSession(); - assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); - assertThat(underTest.keepAuthorizedComponents(ISSUE_ADMIN, Arrays.asList(privateProject, publicProject))).containsExactly(publicProject); + assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(privateProject, publicProject))).isEmpty(); + assertThat(underTest.keepAuthorizedComponents(UserRole.ISSUE_ADMIN, Arrays.asList(privateProject, publicProject))).containsExactly(publicProject); } @Test public void keepAuthorizedComponents_on_branches() { UserDto user = db.users().insertUser(); ComponentDto privateProject = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(user, ADMIN, privateProject); + db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, privateProject); ComponentDto privateBranchProject = db.components().insertProjectBranch(privateProject); UserSession underTest = newUserSession(user); - assertThat(underTest.keepAuthorizedComponents(ADMIN, asList(privateProject, privateBranchProject))) + assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, asList(privateProject, privateBranchProject))) .containsExactlyInAnyOrder(privateProject, privateBranchProject); } @@ -613,13 +606,13 @@ public class ServerUserSessionTest { UserSession underTest = newUserSession(user); ComponentDto portfolio = db.components().insertPrivatePortfolio(); - db.users().insertProjectPermissionOnUser(user, USER, portfolio); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, portfolio); ComponentDto subPortfolio = db.components().insertComponent(newSubPortfolio(portfolio)); - db.users().insertProjectPermissionOnUser(user, USER, subPortfolio); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, subPortfolio); ComponentDto app = db.components().insertPrivateApplication(); - db.users().insertProjectPermissionOnUser(user, USER, app); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, app); ComponentDto app2 = db.components().insertPrivateApplication(); @@ -628,12 +621,12 @@ public class ServerUserSessionTest { var copyProject1 = db.components().insertComponent(newProjectCopy(project1, portfolio)); // Add private project2 with USER permissions to private portfolio - db.users().insertProjectPermissionOnUser(user, USER, project2); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2); db.components().addPortfolioProject(portfolio, project2); var copyProject2 = db.components().insertComponent(newProjectCopy(project2, portfolio)); // Add private project4 with USER permissions to sub-portfolio - db.users().insertProjectPermissionOnUser(user, USER, project4); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project4); db.components().addPortfolioProject(subPortfolio, project4); var copyProject4 = db.components().insertComponent(newProjectCopy(project4, subPortfolio)); db.components().addPortfolioReference(portfolio, subPortfolio.uuid()); @@ -643,7 +636,7 @@ public class ServerUserSessionTest { var copyProject3 = db.components().insertComponent(newProjectCopy(project3, portfolio)); // Add private project5 with USER permissions to app - db.users().insertProjectPermissionOnUser(user, USER, project5); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project5); db.components().addApplicationProject(app, project5); var copyProject5 = db.components().insertComponent(newProjectCopy(project5, app)); db.components().addPortfolioReference(portfolio, app.uuid()); @@ -653,16 +646,16 @@ public class ServerUserSessionTest { var copyProject6 = db.components().insertComponent(newProjectCopy(project6, app2)); db.components().addPortfolioReference(portfolio, app2.uuid()); - assertThat(underTest.keepAuthorizedComponents(ADMIN, List.of(portfolio))).isEmpty(); - assertThat(underTest.keepAuthorizedComponents(USER, List.of(portfolio))).containsExactly(portfolio); + assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, List.of(portfolio))).isEmpty(); + assertThat(underTest.keepAuthorizedComponents(UserRole.USER, List.of(portfolio))).containsExactly(portfolio); - assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty(); - assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio); + assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(app, subPortfolio, app2))).isEmpty(); + assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(app, subPortfolio, app2))).containsExactly(app, subPortfolio); - assertThat(underTest.keepAuthorizedComponents(ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty(); - assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5); + assertThat(underTest.keepAuthorizedComponents(UserRole.ADMIN, Arrays.asList(project1, project2, project3, project4, project5, project6))).isEmpty(); + assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(project1, project2, project3, project4, project5, project6))).containsExactly(project1, project2, project4, project5); - assertThat(underTest.keepAuthorizedComponents(USER, Arrays.asList(copyProject1, copyProject2, copyProject3, copyProject4, copyProject5, copyProject6))) + assertThat(underTest.keepAuthorizedComponents(UserRole.USER, Arrays.asList(copyProject1, copyProject2, copyProject3, copyProject4, copyProject5, copyProject6))) .containsExactly(copyProject1, copyProject2, copyProject4, copyProject5); } @@ -678,7 +671,7 @@ public class ServerUserSessionTest { @Test public void isSystemAdministrator_returns_true_if_user_is_administrator() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, SYSTEM_ADMIN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); UserSession session = newUserSession(user); @@ -688,7 +681,7 @@ public class ServerUserSessionTest { @Test public void isSystemAdministrator_returns_false_if_user_is_not_administrator() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, PROVISIONING); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); UserSession session = newUserSession(user); @@ -698,7 +691,7 @@ public class ServerUserSessionTest { @Test public void keep_isSystemAdministrator_flag_in_cache() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, SYSTEM_ADMIN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); UserSession session = newUserSession(user); @@ -745,7 +738,7 @@ public class ServerUserSessionTest { ComponentDto privateProject = db.components().insertPrivateProject(); Set<ProjectDto> projectDto = Set.of(getProjectDto(publicProject), getProjectDto(privateProject)); - List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(USER, projectDto); + List<ProjectDto> projectDtos = newUserSession(null).keepAuthorizedProjects(UserRole.USER, projectDto); assertThat(projectDtos).containsExactly(db.components().getProjectDto(publicProject)); } @@ -757,7 +750,7 @@ public class ServerUserSessionTest { ComponentDto privateProject = db.components().insertPrivateProject(); Set<ProjectDto> projectDto = Set.of(getProjectDto(publicProject), getProjectDto(privateProject)); - List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(USER, projectDto); + List<ProjectDto> projectDtos = newUserSession(userDto).keepAuthorizedProjects(UserRole.USER, projectDto); assertThat(projectDtos).containsExactly(db.components().getProjectDto(publicProject)); } diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java index 2e9d8c420e4..4afcfb50829 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/TokenUserSessionTest.java @@ -95,7 +95,7 @@ public class TokenUserSessionTest { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1); @@ -106,7 +106,7 @@ public class TokenUserSessionTest { @Test public void test_hasGlobalPermission_for_UserToken() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); TokenUserSession userSession = mockTokenUserSession(user); @@ -123,7 +123,7 @@ public class TokenUserSessionTest { db.users().insertProjectPermissionOnUser(user, SCAN, project1); db.users().insertProjectPermissionOnUser(user, SCAN, project2); - db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); TokenUserSession userSession = mockProjectAnalysisTokenUserSession(user,project1); @@ -136,7 +136,7 @@ public class TokenUserSessionTest { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); @@ -148,8 +148,8 @@ public class TokenUserSessionTest { public void test_hasProvisionProjectsGlobalPermission_for_GlobalAnalysisToken_returnsTrueIfUserIsGranted() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); - db.users().insertPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); @@ -160,7 +160,7 @@ public class TokenUserSessionTest { public void test_hasProvisionProjectsGlobalPermission_for_GlobalAnalysisToken_returnsFalseIfUserIsNotGranted() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); @@ -171,7 +171,7 @@ public class TokenUserSessionTest { public void test_hasAdministerGlobalPermission_for_GlobalAnalysisToken_returnsFalse() { UserDto user = db.users().insertUser(); - db.users().insertPermissionOnUser(user, GlobalPermission.ADMINISTER); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); TokenUserSession userSession = mockGlobalAnalysisTokenUserSession(user); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java index eeef0164780..a34f53baee8 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java @@ -21,18 +21,17 @@ package org.sonar.server.permission; import java.util.List; import java.util.Optional; -import org.sonar.core.permission.GlobalPermissions; +import org.sonar.api.web.UserRole; import org.sonar.core.util.UuidFactory; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.component.ComponentDto; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.permission.GroupPermissionDto; import org.sonar.db.user.GroupDto; import static com.google.common.base.Preconditions.checkNotNull; import static java.lang.String.format; -import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.server.exceptions.BadRequestException.checkRequest; import static org.sonar.server.permission.PermissionChange.Operation.ADD; import static org.sonar.server.permission.PermissionChange.Operation.REMOVE; @@ -78,7 +77,7 @@ public class GroupPermissionChanger { private static boolean isAttemptToAddPublicPermissionToPublicComponent(GroupPermissionChange change, ComponentDto project) { return !project.isPrivate() && change.getOperation() == ADD - && PUBLIC_PERMISSIONS.contains(change.getPermission()); + && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); } private static boolean isAttemptToRemovePermissionFromAnyoneOnPrivateComponent(GroupPermissionChange change, ComponentDto project) { @@ -108,7 +107,7 @@ public class GroupPermissionChanger { private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(GroupPermissionChange change, ComponentDto project) { return !project.isPrivate() && change.getOperation() == REMOVE - && PUBLIC_PERMISSIONS.contains(change.getPermission()); + && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); } private boolean addPermission(DbSession dbSession, GroupPermissionChange change) { @@ -136,7 +135,7 @@ public class GroupPermissionChanger { } private static void validateNotAnyoneAndAdminPermission(String permission, GroupUuidOrAnyone group) { - checkRequest(!GlobalPermissions.SYSTEM_ADMIN.equals(permission) || !group.isAnyone(), + checkRequest(!GlobalPermission.ADMINISTER.getKey().equals(permission) || !group.isAnyone(), format("It is not possible to add the '%s' permission to group 'Anyone'.", permission)); } @@ -173,13 +172,13 @@ public class GroupPermissionChanger { private void checkIfRemainingGlobalAdministrators(DbSession dbSession, GroupPermissionChange change) { GroupUuidOrAnyone groupUuidOrAnyone = change.getGroupUuidOrAnyone(); - if (SYSTEM_ADMIN.equals(change.getPermission()) && + if (GlobalPermission.ADMINISTER.getKey().equals(change.getPermission()) && !groupUuidOrAnyone.isAnyone() && change.getProjectUuid() == null) { String groupUuid = checkNotNull(groupUuidOrAnyone.getUuid()); // removing global admin permission from group - int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, SYSTEM_ADMIN, groupUuid); - checkRequest(remaining > 0, "Last group with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); + int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, GlobalPermission.ADMINISTER.getKey(), groupUuid); + checkRequest(remaining > 0, "Last group with permission '%s'. Permission cannot be removed.", GlobalPermission.ADMINISTER.getKey()); } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java index 80a3aa00e54..19e19a6d31d 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/PermissionChange.java @@ -21,8 +21,8 @@ package org.sonar.server.permission; import javax.annotation.CheckForNull; import javax.annotation.Nullable; -import org.sonar.db.component.ComponentDto; import org.sonar.db.permission.GlobalPermission; +import org.sonar.db.component.ComponentDto; import static java.util.Objects.requireNonNull; import static org.sonar.core.util.stream.MoreCollectors.toList; diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/RequestValidator.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/RequestValidator.java index 63d76a67310..ad4376c83ca 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/RequestValidator.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/RequestValidator.java @@ -27,7 +27,7 @@ import java.util.stream.Collectors; import javax.annotation.Nullable; import org.sonar.api.resources.ResourceType; import org.sonar.api.resources.ResourceTypes; -import org.sonar.core.permission.GlobalPermissions; +import org.sonar.db.permission.GlobalPermission; import org.sonar.server.exceptions.BadRequestException; import static com.google.common.base.Strings.isNullOrEmpty; @@ -55,8 +55,8 @@ public class RequestValidator { } public static void validateGlobalPermission(String permission) { - checkRequest(GlobalPermissions.ALL.contains(permission), - format("The '%s' parameter for global permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION, GlobalPermissions.ALL_ON_ONE_LINE, permission)); + checkRequest(GlobalPermission.contains(permission), + format("The '%s' parameter for global permissions must be one of %s. '%s' was passed.", PARAM_PERMISSION, GlobalPermission.ALL_ON_ONE_LINE, permission)); } public static void validateQualifier(@Nullable String qualifier, ResourceTypes resourceTypes) { diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java index e3c5a3784ae..795d52f0f57 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/UserPermissionChanger.java @@ -20,14 +20,14 @@ package org.sonar.server.permission; import java.util.List; +import org.sonar.api.web.UserRole; import org.sonar.core.util.UuidFactory; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.component.ComponentDto; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.permission.UserPermissionDto; -import static org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.server.exceptions.BadRequestException.checkRequest; import static org.sonar.server.permission.PermissionChange.Operation.ADD; import static org.sonar.server.permission.PermissionChange.Operation.REMOVE; @@ -75,7 +75,7 @@ public class UserPermissionChanger { private static boolean isAttemptToAddPublicPermissionToPublicComponent(UserPermissionChange change, ComponentDto project) { return !project.isPrivate() && change.getOperation() == ADD - && PUBLIC_PERMISSIONS.contains(change.getPermission()); + && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); } private static void ensureConsistencyWithVisibility(UserPermissionChange change) { @@ -89,7 +89,7 @@ public class UserPermissionChanger { private static boolean isAttemptToRemovePublicPermissionFromPublicComponent(UserPermissionChange change, ComponentDto projectUuid) { return !projectUuid.isPrivate() && change.getOperation() == REMOVE - && PUBLIC_PERMISSIONS.contains(change.getPermission()); + && UserRole.PUBLIC_PERMISSIONS.contains(change.getPermission()); } private boolean addPermission(DbSession dbSession, UserPermissionChange change) { @@ -125,9 +125,9 @@ public class UserPermissionChanger { } private void checkOtherAdminsExist(DbSession dbSession, UserPermissionChange change) { - if (SYSTEM_ADMIN.equals(change.getPermission()) && change.getProjectUuid() == null) { + if (GlobalPermission.ADMINISTER.getKey().equals(change.getPermission()) && change.getProjectUuid() == null) { int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUserPermission(dbSession, change.getPermission(), change.getUserId().getUuid()); - checkRequest(remaining > 0, "Last user with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); + checkRequest(remaining > 0, "Last user with permission '%s'. Permission cannot be removed.", GlobalPermission.ADMINISTER.getKey()); } } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/WsParameters.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/WsParameters.java index 21040aadc7a..d5fcfce90ee 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/WsParameters.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/WsParameters.java @@ -21,7 +21,7 @@ package org.sonar.server.permission.ws; import com.google.common.base.Joiner; import org.sonar.api.server.ws.WebService; -import org.sonar.core.permission.GlobalPermissions; +import org.sonar.db.permission.GlobalPermission; import org.sonar.server.permission.PermissionService; import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01; @@ -50,7 +50,7 @@ public class WsParameters { "<li>Possible values for global permissions: %s</li>" + "<li>Possible values for project permissions %s</li>" + "</ul>", - GlobalPermissions.ALL_ON_ONE_LINE, + GlobalPermission.ALL_ON_ONE_LINE, allProjectsPermissionsOnOneLine); projectPermissionParamDescription = String.format("Permission" + "<ul>" + diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/template/AddGroupToTemplateAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/template/AddGroupToTemplateAction.java index 491f9fcde3f..7e4034bbecf 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/template/AddGroupToTemplateAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/permission/ws/template/AddGroupToTemplateAction.java @@ -33,7 +33,7 @@ import org.sonar.server.permission.ws.WsParameters; import org.sonar.server.user.UserSession; import static java.lang.String.format; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; +import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.server.exceptions.BadRequestException.checkRequest; import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdmin; import static org.sonar.server.permission.ws.WsParameters.createGroupNameParameter; @@ -79,7 +79,7 @@ public class AddGroupToTemplateAction implements PermissionsWsAction { try (DbSession dbSession = dbClient.openSession(false)) { String permission = request.mandatoryParam(PARAM_PERMISSION); GroupUuidOrAnyone group = support.findGroup(dbSession, request); - checkRequest(!SYSTEM_ADMIN.equals(permission) || !group.isAnyone(), + checkRequest(!ADMINISTER.getKey().equals(permission) || !group.isAnyone(), format("It is not possible to add the '%s' permission to the group 'Anyone'.", permission)); PermissionTemplateDto template = support.findTemplate(dbSession, fromRequest(request)); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/webhook/ws/WebhookSupport.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/webhook/ws/WebhookSupport.java index 8b1d772762c..0c6392ba26d 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/webhook/ws/WebhookSupport.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/webhook/ws/WebhookSupport.java @@ -24,13 +24,13 @@ import java.net.SocketException; import java.net.UnknownHostException; import okhttp3.HttpUrl; import org.sonar.api.config.Configuration; +import org.sonar.api.web.UserRole; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.project.ProjectDto; import org.sonar.server.user.UserSession; import static org.sonar.api.CoreProperties.SONAR_VALIDATE_WEBHOOKS_DEFAULT_VALUE; import static org.sonar.api.CoreProperties.SONAR_VALIDATE_WEBHOOKS_PROPERTY; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; public class WebhookSupport { @@ -45,11 +45,11 @@ public class WebhookSupport { } void checkPermission(ProjectDto projectDto) { - userSession.checkProjectPermission(ADMIN, projectDto); + userSession.checkProjectPermission(UserRole.ADMIN, projectDto); } void checkPermission() { - userSession.checkPermission(ADMINISTER); + userSession.checkPermission(GlobalPermission.ADMINISTER); } void checkUrlPattern(String url, String message, Object... messageArguments) { diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almintegration/ws/bitbucketserver/ImportBitbucketServerProjectActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almintegration/ws/bitbucketserver/ImportBitbucketServerProjectActionTest.java index 2ab71dfcee3..020772c6e7e 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almintegration/ws/bitbucketserver/ImportBitbucketServerProjectActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almintegration/ws/bitbucketserver/ImportBitbucketServerProjectActionTest.java @@ -23,7 +23,6 @@ import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Optional; -import java.util.stream.Collectors; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Rule; diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java index 49458647741..dfb4c056fc8 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/batch/ProjectDataLoaderTest.java @@ -21,7 +21,6 @@ package org.sonar.server.batch; import org.junit.Rule; import org.junit.Test; -import org.sonar.api.config.internal.MapSettings; import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.Scopes; import org.sonar.core.util.Uuids; @@ -43,8 +42,8 @@ import static com.google.common.collect.ImmutableList.of; import static java.lang.String.format; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.db.component.ComponentTesting.newFileDto; +import static org.sonar.db.permission.GlobalPermission.SCAN; public class ProjectDataLoaderTest { @Rule @@ -54,15 +53,13 @@ public class ProjectDataLoaderTest { private DbClient dbClient = db.getDbClient(); private DbSession dbSession = db.getSession(); - private int uuidCounter = 0; private ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT); - private MapSettings settings = new MapSettings(); private ProjectDataLoader underTest = new ProjectDataLoader(dbClient, userSession, new ComponentFinder(dbClient, resourceTypes)); @Test public void throws_NotFoundException_when_branch_does_not_exist() { ComponentDto project = db.components().insertPrivateProject(); - userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn().addProjectPermission(SCAN.getKey(), project); assertThatThrownBy(() -> { underTest.load(ProjectDataQuery.create() @@ -76,7 +73,7 @@ public class ProjectDataLoaderTest { @Test public void return_file_data_from_single_project() { ComponentDto project = db.components().insertPrivateProject(); - userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn().addProjectPermission(SCAN.getKey(), project); ComponentDto file = db.components().insertComponent(newFileDto(project)); dbClient.fileSourceDao().insert(dbSession, newFileSourceDto(file).setSrcHash("123456")); db.commit(); @@ -92,7 +89,7 @@ public class ProjectDataLoaderTest { public void return_file_data_from_branch() { ComponentDto project = db.components().insertPrivateProject(); ComponentDto branch = db.components().insertProjectBranch(project, b -> b.setKey("my_branch")); - userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn().addProjectPermission(SCAN.getKey(), project); // File on branch ComponentDto projectFile = db.components().insertComponent(newFileDto(branch)); dbClient.fileSourceDao().insert(dbSession, newFileSourceDto(projectFile).setSrcHash("123456")); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/branch/ws/ListActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/branch/ws/ListActionTest.java index 18de60360b9..58a976b812c 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/branch/ws/ListActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/branch/ws/ListActionTest.java @@ -56,10 +56,10 @@ import static org.sonar.api.rules.RuleType.BUG; import static org.sonar.api.utils.DateUtils.dateToLong; import static org.sonar.api.utils.DateUtils.parseDateTime; import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.db.component.BranchDto.DEFAULT_MAIN_BRANCH_NAME; import static org.sonar.db.component.BranchType.BRANCH; import static org.sonar.db.component.SnapshotTesting.newAnalysis; +import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.test.JsonAssert.assertJson; public class ListActionTest { @@ -141,7 +141,7 @@ public class ListActionTest { db.issues().insert(rule, branch, branch, i -> i.setType(BUG).setResolution(null)); indexIssues(); - userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn().addProjectPermission(SCAN.getKey(), project); String json = ws.newRequest() .setParam("project", project.getKey()) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/BranchReportSubmitterTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/BranchReportSubmitterTest.java index 3d6d1e6cfc8..c7537f60b89 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/BranchReportSubmitterTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/BranchReportSubmitterTest.java @@ -69,7 +69,6 @@ import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.verifyNoMoreInteractions; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; import static org.sonar.db.component.ComponentTesting.newBranchDto; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; @@ -108,7 +107,7 @@ public class BranchReportSubmitterTest { public void submit_does_not_use_delegate_if_characteristics_are_empty() { ComponentDto project = db.components().insertPublicProject(); UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); mockSuccessfulPrepareSubmitCall(); InputStream reportInput = IOUtils.toInputStream("{binary}", StandardCharsets.UTF_8); @@ -122,7 +121,7 @@ public class BranchReportSubmitterTest { ComponentDto project = db.components().insertPublicProject(); ComponentDto branch = db.components().insertProjectBranch(project, b -> b.setKey("branch1")); UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); Map<String, String> randomCharacteristics = randomNonEmptyMap(); BranchSupport.ComponentKey componentKey = createComponentKeyOfBranch(project.getKey(), "branch1"); when(branchSupportDelegate.createComponentKey(project.getKey(), randomCharacteristics)).thenReturn(componentKey); @@ -145,7 +144,7 @@ public class BranchReportSubmitterTest { ComponentDto existingProject = db.components().insertPublicProject(); BranchDto exitingProjectMainBranch = db.getDbClient().branchDao().selectByUuid(db.getSession(), existingProject.uuid()).get(); UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, existingProject); + userSession.logIn(user).addProjectPermission(SCAN.getKey(), existingProject); Map<String, String> randomCharacteristics = randomNonEmptyMap(); ComponentDto createdBranch = createButDoNotInsertBranch(existingProject); BranchSupport.ComponentKey componentKey = createComponentKeyOfBranch(existingProject.getKey(), "branch1"); @@ -200,7 +199,7 @@ public class BranchReportSubmitterTest { public void submit_fails_if_branch_support_delegate_createComponentKey_throws_an_exception() { ComponentDto project = db.components().insertPublicProject(); UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); Map<String, String> randomCharacteristics = randomNonEmptyMap(); InputStream reportInput = IOUtils.toInputStream("{binary}", StandardCharsets.UTF_8); RuntimeException expected = new RuntimeException("Faking an exception thrown by branchSupportDelegate"); @@ -218,7 +217,7 @@ public class BranchReportSubmitterTest { public void submit_report_on_missing_branch_of_missing_project_fails_with_ForbiddenException_if_only_scan_permission() { ComponentDto nonExistingProject = newPrivateProjectDto(); UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, nonExistingProject); + userSession.logIn(user).addProjectPermission(SCAN.getKey(), nonExistingProject); Map<String, String> randomCharacteristics = randomNonEmptyMap(); ComponentDto createdBranch = createButDoNotInsertBranch(nonExistingProject); BranchSupport.ComponentKey componentKey = createComponentKeyOfBranch(nonExistingProject.getKey()); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/ReportSubmitterTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/ReportSubmitterTest.java index 897975b2536..11f47662726 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/ReportSubmitterTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/queue/ReportSubmitterTest.java @@ -65,7 +65,6 @@ import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verifyNoInteractions; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.core.util.stream.MoreCollectors.uniqueIndex; import static org.sonar.db.component.BranchDto.DEFAULT_MAIN_BRANCH_NAME; import static org.sonar.db.component.ComponentTesting.newDirectory; @@ -140,7 +139,7 @@ public class ReportSubmitterTest { public void submit_a_report_on_existing_project() { ComponentDto project = db.components().insertPrivateProject(); UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn(user).addProjectPermission(SCAN.getKey(), project); mockSuccessfulPrepareSubmitCall(); underTest.submit(project.getKey(), project.name(), emptyMap(), IOUtils.toInputStream("{binary}", StandardCharsets.UTF_8)); @@ -250,7 +249,7 @@ public class ReportSubmitterTest { @Test public void submit_a_report_on_existing_project_with_project_scan_permission() { ComponentDto project = db.components().insertPrivateProject(); - userSession.addProjectPermission(SCAN_EXECUTION, project); + userSession.addProjectPermission(SCAN.getKey(), project); mockSuccessfulPrepareSubmitCall(); underTest.submit(project.getKey(), project.name(), emptyMap(), IOUtils.toInputStream("{binary}")); @@ -261,7 +260,7 @@ public class ReportSubmitterTest { @Test public void fail_if_component_is_not_a_project() { ComponentDto component = db.components().insertPublicPortfolio(); - userSession.logIn().addProjectPermission(SCAN_EXECUTION, component); + userSession.logIn().addProjectPermission(SCAN.getKey(), component); mockSuccessfulPrepareSubmitCall(); String dbKey = component.getKey(); @@ -277,7 +276,7 @@ public class ReportSubmitterTest { public void fail_if_project_key_already_exists_as_other_component() { ComponentDto project = db.components().insertPrivateProject(); ComponentDto dir = db.components().insertComponent(newDirectory(project, "path")); - userSession.logIn().addProjectPermission(SCAN_EXECUTION, project); + userSession.logIn().addProjectPermission(SCAN.getKey(), project); mockSuccessfulPrepareSubmitCall(); String dirDbKey = dir.getKey(); @@ -304,7 +303,7 @@ public class ReportSubmitterTest { @Test public void fail_with_forbidden_exception_on_new_project_when_only_project_scan_permission() { ComponentDto component = db.components().insertPrivateProject(PROJECT_UUID); - userSession.addProjectPermission(SCAN_EXECUTION, component); + userSession.addProjectPermission(SCAN.getKey(), component); mockSuccessfulPrepareSubmitCall(); Map<String, String> emptyMap = emptyMap(); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java index 2dc20eb6a6b..28772dcb1b2 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java @@ -28,7 +28,6 @@ import org.junit.Rule; import org.junit.Test; import org.sonar.api.utils.System2; import org.sonar.api.web.UserRole; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.util.CloseableIterator; import org.sonar.core.util.UuidFactoryFast; import org.sonar.core.util.Uuids; @@ -56,7 +55,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.SCAN; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.db.ce.CeTaskCharacteristicDto.BRANCH_KEY; import static org.sonar.db.ce.CeTaskCharacteristicDto.BRANCH_TYPE_KEY; import static org.sonar.db.component.BranchType.BRANCH; @@ -300,7 +298,7 @@ public class TaskActionTest { @Test public void get_project_queue_task_with_scan_permission_on_project() { UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(GlobalPermissions.SCAN_EXECUTION, privateProject); + userSession.logIn(user).addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); CeQueueDto task = createAndPersistQueueTask(privateProject, user); call(task.getUuid()); @@ -331,7 +329,7 @@ public class TaskActionTest { @Test public void get_project_queue_task_on_public_project() { UserDto user = db.users().insertUser(); - userSession.logIn(user).addProjectPermission(SCAN_EXECUTION, privateProject); + userSession.logIn(user).addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); CeQueueDto task = createAndPersistQueueTask(privateProject, user); call(task.getUuid()); @@ -379,7 +377,7 @@ public class TaskActionTest { @Test public void get_project_archived_task_with_scan_permission_on_project() { - userSession.logIn().addProjectPermission(GlobalPermissions.SCAN_EXECUTION, privateProject); + userSession.logIn().addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); CeActivityDto task = createAndPersistArchivedTask(privateProject); call(task.getUuid()); @@ -458,7 +456,7 @@ public class TaskActionTest { @Test public void get_warnings_on_private_project_archived_task_if_scan() { - userSession.logIn().addProjectPermission(SCAN_EXECUTION, privateProject); + userSession.logIn().addProjectPermission(GlobalPermission.SCAN.getKey(), privateProject); getWarningsImpl(createAndPersistArchivedTask(privateProject)); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java index 5a4faeff39a..5e03f974540 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java @@ -27,7 +27,6 @@ import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.utils.System2; import org.sonar.api.web.UserRole; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.util.SequenceUuidFactory; import org.sonar.core.util.Uuids; import org.sonar.db.DbTester; @@ -44,6 +43,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.fail; import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; +import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; public class GroupPermissionChangerTest { @@ -69,18 +69,18 @@ public class GroupPermissionChangerTest { public void apply_adds_global_permission_to_group() { GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); - apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); + apply(new GroupPermissionChange(PermissionChange.Operation.ADD, ADMINISTER_QUALITY_PROFILES.getKey(), null, groupUuid, permissionService)); - assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); + assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(ADMINISTER_QUALITY_PROFILES.getKey()); } @Test public void apply_adds_global_permission_to_group_AnyOne() { GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); - apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); + apply(new GroupPermissionChange(PermissionChange.Operation.ADD, ADMINISTER_QUALITY_PROFILES.getKey(), null, groupUuid, permissionService)); - assertThat(db.users().selectAnyonePermissions(null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); + assertThat(db.users().selectAnyonePermissions(null)).containsOnly(ADMINISTER_QUALITY_PROFILES.getKey()); } @Test @@ -134,7 +134,7 @@ public class GroupPermissionChangerTest { @Test public void apply_adds_permission_SCAN_EXECUTION_to_group_on_private_project() { - applyAddsPermissionToGroupOnPrivateProject(GlobalPermissions.SCAN_EXECUTION); + applyAddsPermissionToGroupOnPrivateProject(GlobalPermission.SCAN.getKey()); } private void applyAddsPermissionToGroupOnPrivateProject(String permission) { @@ -168,7 +168,7 @@ public class GroupPermissionChangerTest { @Test public void apply_removes_permission_SCAN_EXECUTION_from_on_private_project() { - applyRemovesPermissionFromGroupOnPrivateProject(GlobalPermissions.SCAN_EXECUTION); + applyRemovesPermissionFromGroupOnPrivateProject(GlobalPermission.SCAN.getKey()); } private void applyRemovesPermissionFromGroupOnPrivateProject(String permission) { @@ -220,9 +220,9 @@ public class GroupPermissionChangerTest { public void apply_adds_permission_SCAN_EXECUTION_to_group_AnyOne_on_a_public_project() { GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); - apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.SCAN_EXECUTION, publicProject, groupUuid, permissionService)); + apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermission.SCAN.getKey(), publicProject, groupUuid, permissionService)); - assertThat(db.users().selectAnyonePermissions(publicProject)).containsOnly(GlobalPermissions.SCAN_EXECUTION); + assertThat(db.users().selectAnyonePermissions(publicProject)).containsOnly(GlobalPermission.SCAN.getKey()); } @Test @@ -255,7 +255,7 @@ public class GroupPermissionChangerTest { @Test public void apply_removes_SCAN_EXECUTION_permission_from_group_AnyOne_on_a_public_project() { - applyRemovesPermissionFromGroupAnyOneOnAPublicProject(GlobalPermissions.SCAN_EXECUTION); + applyRemovesPermissionFromGroupAnyOneOnAPublicProject(GlobalPermission.SCAN.getKey()); } private void applyRemovesPermissionFromGroupAnyOneOnAPublicProject(String permission) { @@ -289,10 +289,10 @@ public class GroupPermissionChangerTest { public void add_permission_to_anyone() { GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.forAnyone(); - apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupUuid, permissionService)); + apply(new GroupPermissionChange(PermissionChange.Operation.ADD, ADMINISTER_QUALITY_PROFILES.getKey(), null, groupUuid, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); - assertThat(db.users().selectAnyonePermissions(null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); + assertThat(db.users().selectAnyonePermissions(null)).containsOnly(ADMINISTER_QUALITY_PROFILES.getKey()); } @Test @@ -311,7 +311,7 @@ public class GroupPermissionChangerTest { permissionService.getGlobalPermissions().stream() .map(GlobalPermission::getKey) - .filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) + .filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) .forEach(perm -> { try { new GroupPermissionChange(PermissionChange.Operation.ADD, perm, privateProject, groupUuid, permissionService); @@ -329,7 +329,7 @@ public class GroupPermissionChangerTest { permissionService.getGlobalPermissions().stream() .map(GlobalPermission::getKey) - .filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermissions.SCAN_EXECUTION.equals(perm)) + .filter(perm -> !UserRole.ADMIN.equals(perm) && !GlobalPermission.SCAN.getKey().equals(perm)) .forEach(perm -> { try { new GroupPermissionChange(PermissionChange.Operation.ADD, perm, publicProject, groupUuid, permissionService); @@ -347,7 +347,7 @@ public class GroupPermissionChangerTest { permissionService.getAllProjectPermissions() .stream() - .filter(perm -> !GlobalPermissions.SCAN_EXECUTION.equals(perm) && !GlobalPermission.ADMINISTER.getKey().equals(perm)) + .filter(perm -> !GlobalPermission.SCAN.getKey().equals(perm) && !GlobalPermission.ADMINISTER.getKey().equals(perm)) .forEach(permission -> { try { new GroupPermissionChange(PermissionChange.Operation.ADD, permission, null, groupUuid, permissionService); @@ -407,7 +407,7 @@ public class GroupPermissionChangerTest { GroupUuidOrAnyone groupUuid = GroupUuidOrAnyone.from(group); db.users().insertPermissionOnGroup(group, ADMINISTER); UserDto admin = db.users().insertUser(); - db.users().insertPermissionOnUser(admin, ADMINISTER); + db.users().insertGlobalPermissionOnUser(admin, ADMINISTER); apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, ADMINISTER.getKey(), null, groupUuid, permissionService)); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/PermissionTemplateServiceTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/PermissionTemplateServiceTest.java index 2ad502c3d7d..d1f212a264d 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/PermissionTemplateServiceTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/PermissionTemplateServiceTest.java @@ -31,6 +31,7 @@ import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ResourceTypesRule; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.permission.template.PermissionTemplateDbTester; import org.sonar.db.permission.template.PermissionTemplateDto; import org.sonar.db.user.GroupDto; @@ -46,9 +47,6 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.sonar.api.resources.Qualifiers.APP; import static org.sonar.api.resources.Qualifiers.PROJECT; import static org.sonar.api.resources.Qualifiers.VIEW; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; -import static org.sonar.db.permission.GlobalPermission.SCAN; public class PermissionTemplateServiceTest { @@ -101,7 +99,7 @@ public class PermissionTemplateServiceTest { underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); assertThat(selectProjectPermissionsOfGroup(null, publicProject)) - .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -116,7 +114,7 @@ public class PermissionTemplateServiceTest { underTest.applyDefaultToNewComponent(session, publicProject, null); assertThat(selectProjectPermissionsOfGroup(null, publicProject)) - .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -131,7 +129,7 @@ public class PermissionTemplateServiceTest { underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); assertThat(selectProjectPermissionsOfGroup(group, privateProject)) - .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -147,7 +145,7 @@ public class PermissionTemplateServiceTest { underTest.applyDefaultToNewComponent(session, privateProject, null); assertThat(selectProjectPermissionsOfGroup(group, privateProject)) - .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -162,7 +160,7 @@ public class PermissionTemplateServiceTest { underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); assertThat(selectProjectPermissionsOfGroup(group, publicProject)) - .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -178,7 +176,7 @@ public class PermissionTemplateServiceTest { underTest.applyDefaultToNewComponent(session, publicProject, null); assertThat(selectProjectPermissionsOfGroup(group, publicProject)) - .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -193,7 +191,7 @@ public class PermissionTemplateServiceTest { underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject)); assertThat(selectProjectPermissionsOfUser(user, publicProject)) - .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -209,7 +207,7 @@ public class PermissionTemplateServiceTest { underTest.applyDefaultToNewComponent(session, publicProject, null); assertThat(selectProjectPermissionsOfUser(user, publicProject)) - .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -224,7 +222,7 @@ public class PermissionTemplateServiceTest { underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject)); assertThat(selectProjectPermissionsOfUser(user, privateProject)) - .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -240,7 +238,7 @@ public class PermissionTemplateServiceTest { underTest.applyDefaultToNewComponent(session, privateProject, null); assertThat(selectProjectPermissionsOfUser(user, privateProject)) - .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -256,7 +254,7 @@ public class PermissionTemplateServiceTest { underTest.applyDefaultToNewComponent(session, publicProject, user.getUuid()); assertThat(selectProjectPermissionsOfUser(user, publicProject)) - .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -272,7 +270,7 @@ public class PermissionTemplateServiceTest { underTest.applyDefaultToNewComponent(session, privateProject, user.getUuid()); assertThat(selectProjectPermissionsOfUser(user, privateProject)) - .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey()); + .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, GlobalPermission.SCAN.getKey()); } @Test @@ -280,14 +278,14 @@ public class PermissionTemplateServiceTest { ComponentDto portfolio = dbTester.components().insertPrivatePortfolio(); PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); GroupDto group = dbTester.users().insertGroup(); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, ADMINISTER.getKey()); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, PROVISION_PROJECTS.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null); underTest.applyDefaultToNewComponent(session, portfolio, null); assertThat(selectProjectPermissionsOfGroup(group, portfolio)) - .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); + .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); } @Test @@ -296,14 +294,14 @@ public class PermissionTemplateServiceTest { PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); GroupDto group = dbTester.users().insertGroup(); - dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, ADMINISTER.getKey()); - dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, PROVISION_PROJECTS.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, null); underTest.applyDefaultToNewComponent(session, view, null); assertThat(selectProjectPermissionsOfGroup(group, view)) - .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); + .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); } @Test @@ -312,14 +310,14 @@ public class PermissionTemplateServiceTest { PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); GroupDto group = dbTester.users().insertGroup(); - dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, ADMINISTER.getKey()); - dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, PROVISION_PROJECTS.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, portPermissionTemplate); underTest.applyDefaultToNewComponent(session, view, null); assertThat(selectProjectPermissionsOfGroup(group, view)) - .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); + .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); } @Test @@ -327,12 +325,12 @@ public class PermissionTemplateServiceTest { ComponentDto view = dbTester.components().insertPrivatePortfolio(); PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); GroupDto group = dbTester.users().insertGroup(); - dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, PROVISION_PROJECTS.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null); underTest.applyDefaultToNewComponent(session, view, null); - assertThat(selectProjectPermissionsOfGroup(group, view)).containsOnly(PROVISION_PROJECTS.getKey()); + assertThat(selectProjectPermissionsOfGroup(group, view)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); } @Test @@ -340,14 +338,14 @@ public class PermissionTemplateServiceTest { ComponentDto application = dbTester.components().insertPublicApplication(); PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); GroupDto group = dbTester.users().insertGroup(); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, ADMINISTER.getKey()); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, PROVISION_PROJECTS.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null); underTest.applyDefaultToNewComponent(session, application, null); assertThat(selectProjectPermissionsOfGroup(group, application)) - .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); + .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); } @Test @@ -357,14 +355,14 @@ public class PermissionTemplateServiceTest { PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); GroupDto group = dbTester.users().insertGroup(); - dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, ADMINISTER.getKey()); - dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, PROVISION_PROJECTS.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.ADMINISTER.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, portPermissionTemplate); underTest.applyDefaultToNewComponent(session, application, null); assertThat(selectProjectPermissionsOfGroup(group, application)) - .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey()); + .containsOnly(GlobalPermission.ADMINISTER.getKey(), GlobalPermission.PROVISION_PROJECTS.getKey()); } @Test @@ -372,12 +370,12 @@ public class PermissionTemplateServiceTest { ComponentDto application = dbTester.components().insertPublicApplication(); PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate(); GroupDto group = dbTester.users().insertGroup(); - dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, PROVISION_PROJECTS.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, GlobalPermission.PROVISION_PROJECTS.getKey()); dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null); underTest.applyDefaultToNewComponent(session, application, null); - assertThat(selectProjectPermissionsOfGroup(group, application)).containsOnly(PROVISION_PROJECTS.getKey()); + assertThat(selectProjectPermissionsOfGroup(group, application)).containsOnly(GlobalPermission.PROVISION_PROJECTS.getKey()); } @Test @@ -386,17 +384,17 @@ public class PermissionTemplateServiceTest { ComponentDto project = dbTester.components().insertPrivateProject(); GroupDto adminGroup = dbTester.users().insertGroup(); GroupDto userGroup = dbTester.users().insertGroup(); - dbTester.users().insertPermissionOnGroup(adminGroup, "admin"); - dbTester.users().insertPermissionOnGroup(userGroup, "user"); - dbTester.users().insertPermissionOnUser(user, "admin"); + dbTester.users().insertPermissionOnGroup(adminGroup, GlobalPermission.ADMINISTER.getKey()); + dbTester.users().insertPermissionOnGroup(userGroup, UserRole.USER); + dbTester.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, "admin"); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, "issueadmin"); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, "user"); - dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, "codeviewer"); - dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "user"); - dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "codeviewer"); - dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, "admin"); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, GlobalPermission.ADMINISTER.getKey()); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, UserRole.ISSUE_ADMIN); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, UserRole.USER); + dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, UserRole.CODEVIEWER); + dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, UserRole.USER); + dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, UserRole.CODEVIEWER); + dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, GlobalPermission.ADMINISTER.getKey()); assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).isEmpty(); assertThat(selectProjectPermissionsOfGroup(userGroup, project)).isEmpty(); @@ -405,10 +403,10 @@ public class PermissionTemplateServiceTest { underTest.applyAndCommit(session, permissionTemplate, singletonList(project)); - assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).containsOnly("admin", "issueadmin"); - assertThat(selectProjectPermissionsOfGroup(userGroup, project)).containsOnly("user", "codeviewer"); + assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).containsOnly(GlobalPermission.ADMINISTER.getKey(), UserRole.ISSUE_ADMIN); + assertThat(selectProjectPermissionsOfGroup(userGroup, project)).containsOnly(UserRole.USER, UserRole.CODEVIEWER); assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty(); - assertThat(selectProjectPermissionsOfUser(user, project)).containsOnly("admin"); + assertThat(selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } private List<String> selectProjectPermissionsOfGroup(@Nullable GroupDto groupDto, ComponentDto project) { @@ -427,7 +425,7 @@ public class PermissionTemplateServiceTest { dbTester.users().insertMember(group, user); PermissionTemplateDto template = templateDb.insertTemplate(); dbTester.permissionTemplates().setDefaultTemplates(template, null, null); - templateDb.addProjectCreatorToTemplate(template.getUuid(), SCAN.getKey(), template.getName()); + templateDb.addProjectCreatorToTemplate(template.getUuid(), GlobalPermission.SCAN.getKey(), template.getName()); templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin()); templateDb.addGroupToTemplate(template.getUuid(), group.getUuid(), UserRole.CODEVIEWER, template.getName(), group.getName()); templateDb.addGroupToTemplate(template.getUuid(), null, UserRole.ISSUE_ADMIN, template.getName(), null); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java index 69df458665e..cfe6e6aeb11 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java @@ -26,6 +26,7 @@ import org.junit.Test; import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.utils.System2; +import org.sonar.api.web.UserRole; import org.sonar.core.util.SequenceUuidFactory; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDto; @@ -38,16 +39,6 @@ import org.sonar.server.exceptions.BadRequestException; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.server.permission.PermissionChange.Operation.ADD; import static org.sonar.server.permission.PermissionChange.Operation.REMOVE; @@ -87,9 +78,9 @@ public class UserPermissionChangerTest { @Test public void apply_removes_any_global_permission_to_user() { // give ADMIN perm to user2 so that user1 is not the only one with this permission and it can be removed from user1 - db.users().insertPermissionOnUser(user2, GlobalPermission.ADMINISTER); + db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.ADMINISTER); permissionService.getGlobalPermissions() - .forEach(perm -> db.users().insertPermissionOnUser(user1, perm)); + .forEach(perm -> db.users().insertGlobalPermissionOnUser(user1, perm)); assertThat(db.users().selectPermissionsOfUser(user1)) .containsOnly(permissionService.getGlobalPermissions().toArray(new GlobalPermission[0])); @@ -105,35 +96,35 @@ public class UserPermissionChangerTest { @Test public void apply_has_no_effect_when_adding_permission_USER_on_a_public_project() { - UserPermissionChange change = new UserPermissionChange(ADD, USER, publicProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(ADD, UserRole.USER, publicProject, UserIdDto.from(user1), permissionService); apply(change); - assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(USER); + assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.USER); } @Test public void apply_has_no_effect_when_adding_permission_CODEVIEWER_on_a_public_project() { - UserPermissionChange change = new UserPermissionChange(ADD, CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(ADD, UserRole.CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); apply(change); - assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(CODEVIEWER); + assertThat(db.users().selectProjectPermissionsOfUser(user1, publicProject)).doesNotContain(UserRole.CODEVIEWER); } @Test public void apply_adds_permission_ADMIN_on_a_public_project() { - applyAddsPermissionOnAPublicProject(ADMIN); + applyAddsPermissionOnAPublicProject(UserRole.ADMIN); } @Test public void apply_adds_permission_ISSUE_ADMIN_on_a_public_project() { - applyAddsPermissionOnAPublicProject(ISSUE_ADMIN); + applyAddsPermissionOnAPublicProject(UserRole.ISSUE_ADMIN); } @Test public void apply_adds_permission_SCAN_EXECUTION_on_a_public_project() { - applyAddsPermissionOnAPublicProject(SCAN_EXECUTION); + applyAddsPermissionOnAPublicProject(GlobalPermission.SCAN.getKey()); } private void applyAddsPermissionOnAPublicProject(String permission) { @@ -146,7 +137,7 @@ public class UserPermissionChangerTest { @Test public void apply_fails_with_BadRequestException_when_removing_permission_USER_from_a_public_project() { - UserPermissionChange change = new UserPermissionChange(REMOVE, USER, publicProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.USER, publicProject, UserIdDto.from(user1), permissionService); assertThatThrownBy(() -> apply(change)) .isInstanceOf(BadRequestException.class) @@ -155,7 +146,7 @@ public class UserPermissionChangerTest { @Test public void apply_fails_with_BadRequestException_when_removing_permission_CODEVIEWER_from_a_public_project() { - UserPermissionChange change = new UserPermissionChange(REMOVE, CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.CODEVIEWER, publicProject, UserIdDto.from(user1), permissionService); assertThatThrownBy(() -> apply(change)) .isInstanceOf(BadRequestException.class) @@ -164,17 +155,17 @@ public class UserPermissionChangerTest { @Test public void apply_removes_permission_ADMIN_from_a_public_project() { - applyRemovesPermissionFromPublicProject(ADMIN); + applyRemovesPermissionFromPublicProject(UserRole.ADMIN); } @Test public void apply_removes_permission_ISSUE_ADMIN_from_a_public_project() { - applyRemovesPermissionFromPublicProject(ISSUE_ADMIN); + applyRemovesPermissionFromPublicProject(UserRole.ISSUE_ADMIN); } @Test public void apply_removes_permission_SCAN_EXECUTION_from_a_public_project() { - applyRemovesPermissionFromPublicProject(SCAN_EXECUTION); + applyRemovesPermissionFromPublicProject(GlobalPermission.SCAN.getKey()); } private void applyRemovesPermissionFromPublicProject(String permission) { @@ -215,11 +206,11 @@ public class UserPermissionChangerTest { @Test public void add_global_permission_to_user() { - UserPermissionChange change = new UserPermissionChange(ADD, SCAN_EXECUTION, null, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(ADD, GlobalPermission.SCAN.getKey(), null, UserIdDto.from(user1), permissionService); apply(change); - assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(SCAN); + assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); @@ -227,29 +218,29 @@ public class UserPermissionChangerTest { @Test public void add_project_permission_to_user() { - UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(ADD, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); apply(change); assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); - assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(ISSUE_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).contains(UserRole.ISSUE_ADMIN); assertThat(db.users().selectPermissionsOfUser(user2)).isEmpty(); assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).isEmpty(); } @Test public void do_nothing_when_adding_global_permission_that_already_exists() { - db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); - UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(ADD, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), null, UserIdDto.from(user1), permissionService); apply(change); - assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(ADMINISTER_QUALITY_GATES); + assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.ADMINISTER_QUALITY_GATES); } @Test public void fail_to_add_global_permission_on_project() { assertThatThrownBy(() -> { - UserPermissionChange change = new UserPermissionChange(ADD, QUALITY_GATE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(ADD, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), privateProject, UserIdDto.from(user1), permissionService); apply(change); }) .isInstanceOf(BadRequestException.class) @@ -259,7 +250,7 @@ public class UserPermissionChangerTest { @Test public void fail_to_add_project_permission() { assertThatThrownBy(() -> { - UserPermissionChange change = new UserPermissionChange(ADD, ISSUE_ADMIN, null, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(ADD, UserRole.ISSUE_ADMIN, null, UserIdDto.from(user1), permissionService); apply(change); }) .isInstanceOf(BadRequestException.class) @@ -268,39 +259,39 @@ public class UserPermissionChangerTest { @Test public void remove_global_permission_from_user() { - db.users().insertPermissionOnUser(user1, QUALITY_GATE_ADMIN); - db.users().insertPermissionOnUser(user1, SCAN_EXECUTION); - db.users().insertPermissionOnUser(user2, QUALITY_GATE_ADMIN); - db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, privateProject); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.ADMINISTER_QUALITY_GATES); + db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, privateProject); - UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), null, UserIdDto.from(user1), permissionService); apply(change); - assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(SCAN); - assertThat(db.users().selectPermissionsOfUser(user2)).containsOnly(ADMINISTER_QUALITY_GATES); - assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectPermissionsOfUser(user1)).containsOnly(GlobalPermission.SCAN); + assertThat(db.users().selectPermissionsOfUser(user2)).containsOnly(GlobalPermission.ADMINISTER_QUALITY_GATES); + assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); } @Test public void remove_project_permission_from_user() { ComponentDto project2 = db.components().insertPrivateProject(); - db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES); - db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, privateProject); - db.users().insertProjectPermissionOnUser(user1, USER, privateProject); - db.users().insertProjectPermissionOnUser(user2, ISSUE_ADMIN, privateProject); - db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project2); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); + db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, privateProject); + db.users().insertProjectPermissionOnUser(user1, UserRole.USER, privateProject); + db.users().insertProjectPermissionOnUser(user2, UserRole.ISSUE_ADMIN, privateProject); + db.users().insertProjectPermissionOnUser(user1, UserRole.ISSUE_ADMIN, project2); - UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); apply(change); - assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(USER); - assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).containsOnly(ISSUE_ADMIN); - assertThat(db.users().selectProjectPermissionsOfUser(user1, project2)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).containsOnly(UserRole.USER); + assertThat(db.users().selectProjectPermissionsOfUser(user2, privateProject)).containsOnly(UserRole.ISSUE_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user1, project2)).containsOnly(UserRole.ISSUE_ADMIN); } @Test public void do_not_fail_if_removing_a_global_permission_that_does_not_exist() { - UserPermissionChange change = new UserPermissionChange(REMOVE, QUALITY_GATE_ADMIN, null, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey(), null, UserIdDto.from(user1), permissionService); apply(change); assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); @@ -308,7 +299,7 @@ public class UserPermissionChangerTest { @Test public void do_not_fail_if_removing_a_project_permission_that_does_not_exist() { - UserPermissionChange change = new UserPermissionChange(REMOVE, ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, UserRole.ISSUE_ADMIN, privateProject, UserIdDto.from(user1), permissionService); apply(change); assertThat(db.users().selectProjectPermissionsOfUser(user1, privateProject)).isEmpty(); @@ -316,10 +307,10 @@ public class UserPermissionChangerTest { @Test public void fail_to_remove_admin_global_permission_if_no_more_admins() { - db.users().insertPermissionOnUser(user1, SYSTEM_ADMIN); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); assertThatThrownBy(() -> { - UserPermissionChange change = new UserPermissionChange(REMOVE, SYSTEM_ADMIN, null, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER.getKey(), null, UserIdDto.from(user1), permissionService); underTest.apply(db.getSession(), change); }) .isInstanceOf(BadRequestException.class) @@ -328,12 +319,12 @@ public class UserPermissionChangerTest { @Test public void remove_admin_user_if_still_other_admins() { - db.users().insertPermissionOnUser(user1, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); GroupDto admins = db.users().insertGroup("admins"); db.users().insertMember(admins, user2); - db.users().insertPermissionOnGroup(admins, ADMINISTER); + db.users().insertPermissionOnGroup(admins, GlobalPermission.ADMINISTER); - UserPermissionChange change = new UserPermissionChange(REMOVE, ADMINISTER.getKey(), null, UserIdDto.from(user1), permissionService); + UserPermissionChange change = new UserPermissionChange(REMOVE, GlobalPermission.ADMINISTER.getKey(), null, UserIdDto.from(user1), permissionService); underTest.apply(db.getSession(), change); assertThat(db.users().selectPermissionsOfUser(user1)).isEmpty(); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java index 968fd1c956a..b5919a27050 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java @@ -28,6 +28,7 @@ import org.sonar.api.web.UserRole; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ComponentTesting; import org.sonar.db.component.ResourceTypesRule; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.user.GroupDto; import org.sonar.server.exceptions.BadRequestException; import org.sonar.server.exceptions.ForbiddenException; @@ -41,17 +42,10 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.fail; import static org.assertj.core.api.Assertions.tuple; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newDirectory; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; import static org.sonar.db.component.ComponentTesting.newSubPortfolio; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; @@ -90,7 +84,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, "sonar-administrators") - .setParam(PARAM_PERMISSION, ADMINISTER.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly("admin"); @@ -103,7 +97,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) - .setParam(PARAM_PERMISSION, PROVISION_PROJECTS.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly("provisioning"); @@ -119,11 +113,11 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, A_PROJECT_UUID) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); - assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(SYSTEM_ADMIN); + assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } @Test @@ -135,11 +129,11 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_KEY, A_PROJECT_KEY) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); - assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(SYSTEM_ADMIN); + assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } @Test @@ -151,11 +145,11 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, portfolio.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); - assertThat(db.users().selectGroupPermissions(group, portfolio)).containsOnly(SYSTEM_ADMIN); + assertThat(db.users().selectGroupPermissions(group, portfolio)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } @Test @@ -167,7 +161,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, "not-found") - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(NotFoundException.class); @@ -205,7 +199,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, file.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -234,7 +228,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, file.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(BadRequestException.class); @@ -248,7 +242,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setMethod("GET") .setParam(PARAM_GROUP_NAME, "sonar-administrators") - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(ServerException.class); @@ -260,7 +254,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(IllegalArgumentException.class) @@ -302,7 +296,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { assertThatThrownBy(() -> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_PROJECT_ID, project.uuid()) .setParam(PARAM_PROJECT_KEY, project.getKey()) .execute(); @@ -314,12 +308,12 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { @Test public void adding_global_permission_fails_if_not_administrator() { GroupDto group = db.users().insertGroup("sonar-administrators"); - userSession.logIn().addPermission(SCAN); + userSession.logIn().addPermission(GlobalPermission.SCAN); assertThatThrownBy(() -> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) - .setParam(PARAM_PERMISSION, PROVISION_PROJECTS.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) .execute(); }) .isInstanceOf(ForbiddenException.class); @@ -334,7 +328,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { assertThatThrownBy(() -> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) - .setParam(PARAM_PERMISSION, PROVISION_PROJECTS.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) .setParam(PARAM_PROJECT_KEY, project.getKey()) .execute(); }) @@ -353,10 +347,10 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); - assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(UserRole.ISSUE_ADMIN); } @Test @@ -387,7 +381,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, "anyone") .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, USER) + .setParam(PARAM_PERMISSION, UserRole.USER) .execute(); assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); @@ -401,7 +395,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, "anyone") .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, CODEVIEWER) + .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) .execute(); assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); @@ -416,7 +410,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, USER) + .setParam(PARAM_PERMISSION, UserRole.USER) .execute(); assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); @@ -431,7 +425,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, CODEVIEWER) + .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) .execute(); assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); @@ -448,7 +442,7 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> { newRequest() .setParam(PARAM_PROJECT_ID, branch.uuid()) .setParam(PARAM_GROUP_NAME, group.getName()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); }) .isInstanceOf(NotFoundException.class) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java index a7af59edeeb..d5e6fceb02b 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java @@ -28,6 +28,7 @@ import org.sonar.api.web.UserRole; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ComponentTesting; import org.sonar.db.component.ResourceTypesRule; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.user.UserDto; import org.sonar.server.exceptions.BadRequestException; import org.sonar.server.exceptions.ForbiddenException; @@ -41,14 +42,9 @@ import static java.lang.String.format; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.mockito.Mockito.mock; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newDirectory; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newSubPortfolio; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; @@ -78,10 +74,10 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); - assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(ADMINISTER); + assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(GlobalPermission.ADMINISTER); } @Test @@ -92,11 +88,11 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); - assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(SYSTEM_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } @Test @@ -107,11 +103,11 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_KEY, project.getKey()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); - assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(SYSTEM_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } @Test @@ -122,11 +118,11 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, view.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); assertThat(db.users().selectPermissionsOfUser(user)).isEmpty(); - assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(SYSTEM_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } @Test @@ -137,7 +133,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, "unknown-project-uuid") - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(NotFoundException.class); @@ -174,7 +170,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, file.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -204,7 +200,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, "file-uuid") - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(BadRequestException.class); @@ -218,7 +214,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setMethod("GET") .setParam(PARAM_USER_LOGIN, "george.orwell") - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(ServerException.class); @@ -230,7 +226,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(IllegalArgumentException.class); @@ -255,7 +251,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, "project-uuid") .setParam(PARAM_PROJECT_KEY, "project-key") @@ -272,7 +268,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { assertThatThrownBy(() -> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(ForbiddenException.class); @@ -285,7 +281,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { TestRequest request = newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_PROJECT_KEY, project.getKey()); assertThatThrownBy(() -> request.execute()) @@ -299,7 +295,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { TestRequest request = newRequest() .setParam(PARAM_USER_LOGIN, "unknown") - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_PROJECT_KEY, project.getKey()); assertThatThrownBy(() -> request.execute()) .isInstanceOf(ForbiddenException.class); @@ -311,7 +307,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { userSession.logIn(); TestRequest request = newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_PROJECT_KEY, project.getKey()); assertThatThrownBy(() -> request.execute()) @@ -333,7 +329,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); - assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); } @Test @@ -344,7 +340,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, USER) + .setParam(PARAM_PERMISSION, UserRole.USER) .execute(); assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); @@ -358,7 +354,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, CODEVIEWER) + .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) .execute(); assertThat(db.users().selectAnyonePermissions(project)).isEmpty(); @@ -373,7 +369,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> { TestRequest request = newRequest() .setParam(PARAM_PROJECT_ID, branch.uuid()) .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN); + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); assertThatThrownBy(() -> request.execute()) .isInstanceOf(NotFoundException.class) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/GroupsActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/GroupsActionTest.java index ae43f2c8f40..ac7f7060e2d 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/GroupsActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/GroupsActionTest.java @@ -26,9 +26,11 @@ import org.sonar.api.resources.ResourceTypes; import org.sonar.api.security.DefaultGroups; import org.sonar.api.server.ws.Change; import org.sonar.api.server.ws.WebService.Action; +import org.sonar.api.web.UserRole; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ComponentTesting; import org.sonar.db.component.ResourceTypesRule; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.user.GroupDto; import org.sonar.server.exceptions.BadRequestException; import org.sonar.server.exceptions.ForbiddenException; @@ -44,12 +46,7 @@ import static org.assertj.core.api.Assertions.tuple; import static org.sonar.api.server.ws.WebService.Param.PAGE; import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.db.component.ComponentTesting.newPrivateProjectDto; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.test.JsonAssert.assertJson; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; @@ -76,10 +73,10 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { group1 = db.users().insertGroup("group-1-name"); group2 = db.users().insertGroup("group-2-name"); GroupDto group3 = db.users().insertGroup("group-3-name"); - db.users().insertPermissionOnGroup(group1, SCAN); - db.users().insertPermissionOnGroup(group2, SCAN); - db.users().insertPermissionOnGroup(group3, ADMINISTER); - db.users().insertPermissionOnAnyone(SCAN); + db.users().insertPermissionOnGroup(group1, GlobalPermission.SCAN); + db.users().insertPermissionOnGroup(group2, GlobalPermission.SCAN); + db.users().insertPermissionOnGroup(group3, GlobalPermission.ADMINISTER); + db.users().insertPermissionOnAnyone(GlobalPermission.SCAN); db.commit(); } @@ -100,7 +97,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { loginAsAdmin(); String json = newRequest() - .setParam(PARAM_PERMISSION, SCAN.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) .execute() .getInput(); assertJson(json).isSimilarTo("{\n" + @@ -138,7 +135,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void search_with_selection() { loginAsAdmin(); String result = newRequest() - .setParam(PARAM_PERMISSION, SCAN.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) .execute() .getInput(); @@ -149,7 +146,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void search_groups_with_pagination() { loginAsAdmin(); String result = newRequest() - .setParam(PARAM_PERMISSION, SCAN.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) .setParam(PAGE_SIZE, "1") .setParam(PAGE, "3") .execute() @@ -164,7 +161,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void search_groups_with_query() { loginAsAdmin(); String result = newRequest() - .setParam(PARAM_PERMISSION, SCAN.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) .setParam(TEXT_QUERY, "group-") .execute() .getInput(); @@ -178,17 +175,17 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void search_groups_with_project_permissions() { ComponentDto project = db.components().insertPrivateProject(); GroupDto group = db.users().insertGroup("project-group-name"); - db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); ComponentDto anotherProject = db.components().insertPrivateProject(); GroupDto anotherGroup = db.users().insertGroup("another-project-group-name"); - db.users().insertProjectPermissionOnGroup(anotherGroup, ISSUE_ADMIN, anotherProject); + db.users().insertProjectPermissionOnGroup(anotherGroup, UserRole.ISSUE_ADMIN, anotherProject); GroupDto groupWithoutPermission = db.users().insertGroup("group-without-permission"); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); String result = newRequest() - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .setParam(PARAM_PROJECT_ID, project.uuid()) .execute() .getInput(); @@ -202,14 +199,14 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void return_also_groups_without_permission_when_search_query() { ComponentDto project = db.components().insertPrivateProject(); GroupDto group = db.users().insertGroup("group-with-permission"); - db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); GroupDto groupWithoutPermission = db.users().insertGroup("group-without-permission"); GroupDto anotherGroup = db.users().insertGroup("another-group"); loginAsAdmin(); String result = newRequest() - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .setParam(PARAM_PROJECT_ID, project.uuid()) .setParam(TEXT_QUERY, "group-with") .execute() @@ -224,13 +221,13 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void return_only_groups_with_permission_when_no_search_query() { ComponentDto project = db.components().insertComponent(newPrivateProjectDto("project-uuid")); GroupDto group = db.users().insertGroup("project-group-name"); - db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); GroupDto groupWithoutPermission = db.users().insertGroup("group-without-permission"); loginAsAdmin(); String result = newRequest() - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .setParam(PARAM_PROJECT_ID, project.uuid()) .execute() .getInput(); @@ -243,7 +240,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void return_anyone_group_when_search_query_and_no_param_permission() { ComponentDto project = db.components().insertPrivateProject(); GroupDto group = db.users().insertGroup("group-with-permission"); - db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); loginAsAdmin(); String result = newRequest() @@ -259,11 +256,11 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { public void search_groups_on_views() { ComponentDto view = db.components().insertComponent(ComponentTesting.newPortfolio("view-uuid").setKey("view-key")); GroupDto group = db.users().insertGroup("project-group-name"); - db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, view); + db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, view); loginAsAdmin(); String result = newRequest() - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .setParam(PARAM_PROJECT_ID, "view-uuid") .execute() .getInput(); @@ -280,7 +277,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { userSession.anonymous(); newRequest() - .setParam(PARAM_PERMISSION, SCAN.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) .execute(); }) .isInstanceOf(UnauthorizedException.class); @@ -291,7 +288,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { assertThatThrownBy(() -> { userSession.logIn("login"); newRequest() - .setParam(PARAM_PERMISSION, SCAN.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) .execute(); }) .isInstanceOf(ForbiddenException.class); @@ -304,7 +301,7 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { assertThatThrownBy(() -> { loginAsAdmin(); newRequest() - .setParam(PARAM_PERMISSION, SCAN_EXECUTION) + .setParam(PARAM_PERMISSION, GlobalPermission.SCAN.getKey()) .setParam(PARAM_PROJECT_ID, project.uuid()) .setParam(PARAM_PROJECT_KEY, project.getKey()) .execute(); @@ -317,12 +314,12 @@ public class GroupsActionTest extends BasePermissionWsTest<GroupsAction> { ComponentDto project = db.components().insertPublicProject(); ComponentDto branch = db.components().insertProjectBranch(project); GroupDto group = db.users().insertGroup(); - db.users().insertProjectPermissionOnGroup(group, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, project); loginAsAdmin(); assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .setParam(PARAM_PROJECT_ID, branch.uuid()) .execute(); }) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java index 3212c34a75a..016ed4cb0d1 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java @@ -29,6 +29,7 @@ import org.sonar.api.web.UserRole; import org.sonar.core.util.Uuids; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ResourceTypesRule; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.permission.GroupPermissionDto; import org.sonar.db.user.GroupDto; import org.sonar.server.exceptions.BadRequestException; @@ -41,17 +42,9 @@ import static java.lang.String.format; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.tuple; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newDirectory; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newSubPortfolio; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; @@ -88,80 +81,80 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio @Test public void remove_permission_using_group_name() { - db.users().insertPermissionOnGroup(aGroup, ADMINISTER); - db.users().insertPermissionOnGroup(aGroup, PROVISION_PROJECTS); + db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); + db.users().insertPermissionOnGroup(aGroup, GlobalPermission.PROVISION_PROJECTS); loginAsAdmin(); newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) - .setParam(PARAM_PERMISSION, PROVISIONING) + .setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) .execute(); - assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); + assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); } @Test public void remove_project_permission() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertPermissionOnGroup(aGroup, ADMINISTER); - db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, project); - db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, project); + db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); loginAsAdmin(); newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ADMIN) .execute(); - assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); - assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); + assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(UserRole.ISSUE_ADMIN); } @Test public void remove_with_view_uuid() { ComponentDto view = db.components().insertPrivatePortfolio(); - db.users().insertPermissionOnGroup(aGroup, ADMINISTER); - db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, view); - db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, view); + db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, view); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, view); loginAsAdmin(); newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PROJECT_ID, view.uuid()) - .setParam(PARAM_PERMISSION, ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ADMIN) .execute(); - assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); - assertThat(db.users().selectGroupPermissions(aGroup, view)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); + assertThat(db.users().selectGroupPermissions(aGroup, view)).containsOnly(UserRole.ISSUE_ADMIN); } @Test public void remove_with_project_key() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertPermissionOnGroup(aGroup, ADMINISTER); - db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, project); - db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, project); + db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ADMIN, project); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); loginAsAdmin(); newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PROJECT_KEY, project.getKey()) - .setParam(PARAM_PERMISSION, ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ADMIN) .execute(); - assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); - assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(GlobalPermission.ADMINISTER.getKey()); + assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(UserRole.ISSUE_ADMIN); } @Test public void fail_to_remove_last_admin_permission() { - db.users().insertPermissionOnGroup(aGroup, ADMINISTER); - db.users().insertPermissionOnGroup(aGroup, PROVISION_PROJECTS); + db.users().insertPermissionOnGroup(aGroup, GlobalPermission.ADMINISTER); + db.users().insertPermissionOnGroup(aGroup, GlobalPermission.PROVISION_PROJECTS); loginAsAdmin(); assertThatThrownBy(() -> { - executeRequest(aGroup, SYSTEM_ADMIN); + executeRequest(aGroup, GlobalPermission.ADMINISTER.getKey()); }) .isInstanceOf(BadRequestException.class) .hasMessage("Last group with permission 'admin'. Permission cannot be removed."); @@ -175,7 +168,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PROJECT_ID, "unknown-project-uuid") - .setParam(PARAM_PERMISSION, ADMINISTER.getKey()) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(NotFoundException.class) @@ -186,7 +179,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio public void fail_when_project_project_permission_without_project() { loginAsAdmin(); - assertThatThrownBy(() -> executeRequest(aGroup, ISSUE_ADMIN)) + assertThatThrownBy(() -> executeRequest(aGroup, UserRole.ISSUE_ADMIN)) .isInstanceOf(BadRequestException.class) .hasMessage("Invalid global permission 'issueadmin'. Valid values are [admin, gateadmin, profileadmin, provisioning, scan]"); } @@ -222,7 +215,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PROJECT_ID, file.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -235,7 +228,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(IllegalArgumentException.class) @@ -263,7 +256,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio assertThatThrownBy(() -> { newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_PROJECT_ID, project.uuid()) .setParam(PARAM_PROJECT_KEY, project.getKey()) .execute(); @@ -286,7 +279,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio assertThatThrownBy(() -> { newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) - .setParam(PARAM_PERMISSION, PROVISIONING) + .setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) .execute(); }) .isInstanceOf(ForbiddenException.class); @@ -300,7 +293,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio assertThatThrownBy(() -> { newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) - .setParam(PARAM_PERMISSION, PROVISIONING) + .setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) .setParam(PARAM_PROJECT_KEY, project.getKey()) .execute(); }) @@ -313,17 +306,17 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio @Test public void removing_project_permission_is_allowed_to_project_administrators() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnGroup(aGroup, CODEVIEWER, project); - db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.CODEVIEWER, project); + db.users().insertProjectPermissionOnGroup(aGroup, UserRole.ISSUE_ADMIN, project); userSession.logIn().addProjectPermission(UserRole.ADMIN, project); newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); - assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(CODEVIEWER); + assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(UserRole.CODEVIEWER); } @Test @@ -354,7 +347,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio newRequest() .setParam(PARAM_GROUP_NAME, "anyone") .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, USER) + .setParam(PARAM_PERMISSION, UserRole.USER) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -370,7 +363,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio newRequest() .setParam(PARAM_GROUP_NAME, "anyone") .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, CODEVIEWER) + .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -387,7 +380,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, USER) + .setParam(PARAM_PERMISSION, UserRole.USER) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -404,7 +397,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, CODEVIEWER) + .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -422,7 +415,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio newRequest() .setParam(PARAM_PROJECT_ID, branch.uuid()) .setParam(PARAM_GROUP_NAME, group.getName()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(NotFoundException.class) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java index a4e70827191..e50b5974bfb 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java @@ -26,6 +26,7 @@ import org.sonar.api.resources.ResourceTypes; import org.sonar.api.web.UserRole; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ResourceTypesRule; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.user.UserDto; import org.sonar.server.exceptions.BadRequestException; import org.sonar.server.exceptions.ForbiddenException; @@ -38,19 +39,9 @@ import org.sonar.server.ws.TestRequest; import static java.lang.String.format; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; -import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.component.ComponentTesting.newDirectory; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.component.ComponentTesting.newSubPortfolio; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY; @@ -79,28 +70,28 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> @Test public void remove_permission_from_user() { - db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); - db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER_QUALITY_GATES); loginAsAdmin(); newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, QUALITY_GATE_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER_QUALITY_GATES.getKey()) .execute(); - assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(PROVISION_PROJECTS); + assertThat(db.users().selectPermissionsOfUser(user)).containsOnly(GlobalPermission.PROVISION_PROJECTS); } @Test public void admin_can_not_remove_his_global_admin_right() { - db.users().insertPermissionOnUser(user, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); loginAsAdmin(); UserDto admin = db.users().insertUser(userSession.getLogin()); - db.users().insertPermissionOnUser(admin, ADMINISTER); + db.users().insertGlobalPermissionOnUser(admin, GlobalPermission.ADMINISTER); TestRequest request = newRequest() .setParam(PARAM_USER_LOGIN, userSession.getLogin()) - .setParam(PARAM_PERMISSION, ADMINISTER.getKey()); + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); assertThatThrownBy(() -> request.execute()) .isInstanceOf(BadRequestException.class) @@ -112,12 +103,12 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> loginAsAdmin(); UserDto admin = db.users().insertUser(userSession.getLogin()); ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(admin, ADMINISTER.getKey(), project); + db.users().insertProjectPermissionOnUser(admin, GlobalPermission.ADMINISTER.getKey(), project); TestRequest request = newRequest() .setParam(PARAM_USER_LOGIN, userSession.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, ADMINISTER.getKey()); + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()); assertThatThrownBy(() -> request.execute()) .isInstanceOf(BadRequestException.class) @@ -126,13 +117,13 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> @Test public void fail_to_remove_admin_permission_if_last_admin() { - db.users().insertPermissionOnUser(user, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); loginAsAdmin(); assertThatThrownBy(() -> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ADMIN) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -142,49 +133,49 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> @Test public void remove_permission_from_project() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); loginAsAdmin(); newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, CODEVIEWER) + .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) .execute(); - assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(ISSUE_ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.ISSUE_ADMIN); } @Test public void remove_with_project_key() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); - db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); loginAsAdmin(); newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_KEY, project.getKey()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); - assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(CODEVIEWER); + assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); } @Test public void remove_with_view_uuid() { ComponentDto view = db.components().insertPrivatePortfolio(); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, view); - db.users().insertProjectPermissionOnUser(user, ADMIN, view); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, view); + db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, view); loginAsAdmin(); newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_KEY, view.getKey()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); - assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(ADMIN); + assertThat(db.users().selectProjectPermissionsOfUser(user, view)).containsOnly(UserRole.ADMIN); } @Test @@ -195,7 +186,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, "unknown-project-uuid") - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); }) .isInstanceOf(NotFoundException.class); @@ -208,7 +199,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> assertThatThrownBy(() -> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); }) .isInstanceOf(BadRequestException.class); @@ -245,7 +236,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, file.uuid()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -260,7 +251,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> newRequest() .setMethod("GET") .setParam(PARAM_USER_LOGIN, "george.orwell") - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(ServerException.class); @@ -272,7 +263,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(IllegalArgumentException.class); @@ -297,7 +288,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) .setParam(PARAM_PROJECT_KEY, project.getKey()) @@ -314,7 +305,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> assertThatThrownBy(() -> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, PROVISIONING) + .setParam(PARAM_PERMISSION, GlobalPermission.PROVISION_PROJECTS.getKey()) .execute(); }) .isInstanceOf(ForbiddenException.class); @@ -328,7 +319,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> assertThatThrownBy(() -> { newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .setParam(PARAM_PROJECT_KEY, project.getKey()) .execute(); }) @@ -341,17 +332,17 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> @Test public void removing_project_permission_is_allowed_to_project_administrators() { ComponentDto project = db.components().insertPrivateProject(); - db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); userSession.logIn().addProjectPermission(UserRole.ADMIN, project); newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .execute(); - assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(CODEVIEWER); + assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(UserRole.CODEVIEWER); } @Test @@ -363,7 +354,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, USER) + .setParam(PARAM_PERMISSION, UserRole.USER) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -380,7 +371,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PROJECT_ID, project.uuid()) - .setParam(PARAM_PERMISSION, CODEVIEWER) + .setParam(PARAM_PERMISSION, UserRole.CODEVIEWER) .execute(); }) .isInstanceOf(BadRequestException.class) @@ -397,7 +388,7 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction> newRequest() .setParam(PARAM_PROJECT_ID, branch.uuid()) .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(NotFoundException.class) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/UsersActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/UsersActionTest.java index a228ad81f37..8a3107fb4fa 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/UsersActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/UsersActionTest.java @@ -27,6 +27,7 @@ import org.sonar.api.server.ws.WebService.SelectionMode; import org.sonar.api.web.UserRole; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ResourceTypesRule; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.user.UserDto; import org.sonar.server.exceptions.BadRequestException; import org.sonar.server.exceptions.ForbiddenException; @@ -44,13 +45,6 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.sonar.api.server.ws.WebService.Param.PAGE; import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE; import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY; -import static org.sonar.api.web.UserRole.ISSUE_ADMIN; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; -import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.db.user.UserTesting.newUserDto; import static org.sonar.test.JsonAssert.assertJson; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; @@ -75,10 +69,10 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { UserDto user1 = db.users().insertUser(newUserDto().setLogin("admin").setName("Administrator").setEmail("admin@admin.com")); UserDto user2 = db.users().insertUser(newUserDto().setLogin("adam.west").setName("Adam West").setEmail("adamwest@adamwest.com")); UserDto user3 = db.users().insertUser(newUserDto().setLogin("george.orwell").setName("George Orwell").setEmail("george.orwell@1984.net")); - db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES); - db.users().insertPermissionOnUser(user1, ADMINISTER); - db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_GATES); - db.users().insertPermissionOnUser(user3, SCAN); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_PROFILES); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.ADMINISTER_QUALITY_GATES); + db.users().insertGlobalPermissionOnUser(user3, GlobalPermission.SCAN); loginAsAdmin(); String result = newRequest().execute().getInput(); @@ -101,19 +95,19 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { // User has permission on project ComponentDto project = db.components().insertPrivateProject(); UserDto user = db.users().insertUser(newUserDto()); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); // User has permission on another project ComponentDto anotherProject = db.components().insertPrivateProject(); UserDto userHavePermissionOnAnotherProject = db.users().insertUser(newUserDto()); - db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, ISSUE_ADMIN, anotherProject); + db.users().insertProjectPermissionOnUser(userHavePermissionOnAnotherProject, UserRole.ISSUE_ADMIN, anotherProject); // User has no permission UserDto withoutPermission = db.users().insertUser(newUserDto()); - userSession.logIn().addProjectPermission(SYSTEM_ADMIN, project); + userSession.logIn().addProjectPermission(GlobalPermission.ADMINISTER.getKey(), project); String result = newRequest() - .setParam(PARAM_PERMISSION, ISSUE_ADMIN) + .setParam(PARAM_PERMISSION, UserRole.ISSUE_ADMIN) .setParam(PARAM_PROJECT_ID, project.uuid()) .execute() .getInput(); @@ -128,7 +122,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { // User with permission on project ComponentDto project = db.components().insertPrivateProject(); UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); // User without permission UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); @@ -149,7 +143,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { // User with permission on project ComponentDto project = db.components().insertPrivateProject(); UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); // User without permission UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); @@ -166,7 +160,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { // User with permission on project ComponentDto project = db.components().insertPrivateProject(); UserDto user = db.users().insertUser(newUserDto("with-permission-login", "with-permission-name", "with-permission-email")); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); // User without permission UserDto withoutPermission = db.users().insertUser(newUserDto("without-permission-login", "without-permission-name", "without-permission-email")); @@ -210,8 +204,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { public void search_for_users_is_paginated() { for (int i = 9; i >= 0; i--) { UserDto user = db.users().insertUser(newUserDto().setName("user-" + i)); - db.users().insertPermissionOnUser(user, ADMINISTER); - db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER_QUALITY_GATES); } loginAsAdmin(); @@ -252,8 +246,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { loginAsAdmin(); for (int i = 0; i < 30; i++) { UserDto user = db.users().insertUser(newUserDto().setLogin("user-" + i)); - db.users().insertPermissionOnUser(user, SCAN); - db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.PROVISION_PROJECTS); } String result = newRequest() @@ -283,7 +277,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { assertThatThrownBy(() -> { newRequest() - .setParam("permission", SYSTEM_ADMIN) + .setParam("permission", GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(ForbiddenException.class); @@ -295,7 +289,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { assertThatThrownBy(() -> { newRequest() - .setParam("permission", SYSTEM_ADMIN) + .setParam("permission", GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(UnauthorizedException.class); @@ -308,7 +302,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .setParam(PARAM_PROJECT_ID, project.uuid()) .setParam(PARAM_PROJECT_KEY, project.getKey()) .execute(); @@ -331,14 +325,14 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { UserDto user = db.users().insertUser(newUserDto()); ComponentDto project = db.components().insertPublicProject(); ComponentDto branch = db.components().insertProjectBranch(project); - db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project); + db.users().insertProjectPermissionOnUser(user, UserRole.ISSUE_ADMIN, project); userSession.logIn().addProjectPermission(UserRole.ADMIN, project); assertThatThrownBy(() -> { newRequest() .setParam(PARAM_PROJECT_ID, branch.uuid()) .setParam(PARAM_USER_LOGIN, user.getLogin()) - .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) + .setParam(PARAM_PERMISSION, GlobalPermission.ADMINISTER.getKey()) .execute(); }) .isInstanceOf(NotFoundException.class) @@ -349,9 +343,9 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> { UserDto user1 = db.users().insertUser(newUserDto("login-1", "name-1", "email-1")); UserDto user2 = db.users().insertUser(newUserDto("login-2", "name-2", "email-2")); UserDto user3 = db.users().insertUser(newUserDto("login-3", "name-3", "email-3")); - db.users().insertPermissionOnUser(user1, SCAN); - db.users().insertPermissionOnUser(user2, SCAN); - db.users().insertPermissionOnUser(user3, ADMINISTER); + db.users().insertGlobalPermissionOnUser(user1, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user2, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user3, GlobalPermission.ADMINISTER); } } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddGroupToTemplateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddGroupToTemplateActionTest.java index 82fec864e27..fd96d1bdb8e 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddGroupToTemplateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddGroupToTemplateActionTest.java @@ -28,7 +28,6 @@ import org.sonar.api.resources.ResourceTypes; import org.sonar.api.server.ws.Change; import org.sonar.api.server.ws.WebService.Action; import org.sonar.api.web.UserRole; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.component.ResourceTypesRule; import org.sonar.db.permission.PermissionQuery; import org.sonar.db.permission.template.PermissionTemplateDto; @@ -49,6 +48,7 @@ import static org.sonar.api.security.DefaultGroups.ANYONE; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.CODEVIEWER; import static org.sonar.api.web.UserRole.ISSUE_ADMIN; +import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; @@ -139,7 +139,7 @@ public class AddGroupToTemplateActionTest extends BasePermissionWsTest<AddGroupT public void fail_if_not_a_project_permission() { loginAsAdmin(); - assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), GlobalPermissions.PROVISIONING)) + assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), PROVISION_PROJECTS.getKey())) .isInstanceOf(IllegalArgumentException.class); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java index 52b39abc689..f07f40bdeba 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddProjectCreatorToTemplateActionTest.java @@ -42,7 +42,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.mockito.Mockito.spy; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN; import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; @@ -125,7 +124,7 @@ public class AddProjectCreatorToTemplateActionTest extends BasePermissionWsTest< assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, QUALITY_GATE_ADMIN) + .setParam(PARAM_PERMISSION, ADMINISTER_QUALITY_GATES.getKey()) .setParam(PARAM_TEMPLATE_ID, template.getUuid()) .execute(); }) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java index 92bd0e0f1df..12ec02068ea 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/AddUserToTemplateActionTest.java @@ -25,7 +25,6 @@ import org.junit.Before; import org.junit.Test; import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.ResourceTypes; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.component.ResourceTypesRule; import org.sonar.db.permission.PermissionQuery; import org.sonar.db.permission.template.PermissionTemplateDto; @@ -44,6 +43,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.sonar.api.web.UserRole.CODEVIEWER; import static org.sonar.api.web.UserRole.ISSUE_ADMIN; import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; +import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; @@ -105,7 +105,7 @@ public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToT loginAsAdmin(); assertThatThrownBy(() -> { - newRequest(user.getLogin(), permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING); + newRequest(user.getLogin(), permissionTemplate.getUuid(), PROVISION_PROJECTS.getKey()); }) .isInstanceOf(IllegalArgumentException.class); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java index d437507c059..ea0ecbb5429 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveGroupFromTemplateActionTest.java @@ -27,7 +27,6 @@ import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.server.ws.Change; import org.sonar.api.server.ws.WebService.Action; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.component.ResourceTypesRule; import org.sonar.db.permission.PermissionQuery; import org.sonar.db.permission.template.PermissionTemplateDto; @@ -47,6 +46,7 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.tuple; import static org.sonar.api.security.DefaultGroups.ANYONE; import static org.sonar.api.web.UserRole.CODEVIEWER; +import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; @@ -126,7 +126,7 @@ public class RemoveGroupFromTemplateActionTest extends BasePermissionWsTest<Remo @Test public void fail_if_not_a_project_permission() { - assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), GlobalPermissions.PROVISIONING)) + assertThatThrownBy(() -> newRequest(group.getName(), template.getUuid(), PROVISION_PROJECTS.getKey())) .isInstanceOf(IllegalArgumentException.class); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java index 6321c9e68a8..0bcce63a3bb 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java @@ -26,7 +26,6 @@ import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.utils.System2; import org.sonar.api.web.UserRole; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.core.util.Uuids; import org.sonar.db.component.ResourceTypesRule; import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto; @@ -44,6 +43,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; +import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; @@ -119,7 +119,7 @@ public class RemoveProjectCreatorFromTemplateActionTest extends BasePermissionWs public void fail_if_permission_is_not_a_project_permission() { assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) + .setParam(PARAM_PERMISSION, ADMINISTER_QUALITY_GATES.getKey()) .setParam(PARAM_TEMPLATE_ID, template.getUuid()) .execute(); }) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java index 03d587a7bff..705afd993d6 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java @@ -25,7 +25,6 @@ import org.junit.Before; import org.junit.Test; import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.ResourceTypes; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.component.ResourceTypesRule; import org.sonar.db.permission.PermissionQuery; import org.sonar.db.permission.template.PermissionTemplateDto; @@ -45,6 +44,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.sonar.api.web.UserRole.CODEVIEWER; import static org.sonar.api.web.UserRole.ISSUE_ADMIN; +import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID; import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME; @@ -129,7 +129,7 @@ public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<Remov loginAsAdmin(); assertThatThrownBy(() -> { - newRequest(user.getLogin(), template.getUuid(), GlobalPermissions.PROVISIONING); + newRequest(user.getLogin(), template.getUuid(), PROVISION_PROJECTS.getKey()); }) .isInstanceOf(IllegalArgumentException.class); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/TemplateGroupsActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/TemplateGroupsActionTest.java index 9a8a0b3ba89..e9c2471fbfe 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/TemplateGroupsActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/permission/ws/template/TemplateGroupsActionTest.java @@ -26,7 +26,6 @@ import org.sonar.api.resources.Qualifiers; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.server.ws.WebService; import org.sonar.api.web.UserRole; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.component.ResourceTypesRule; import org.sonar.db.permission.template.PermissionTemplateDto; import org.sonar.db.permission.template.PermissionTemplateGroupDto; @@ -51,6 +50,7 @@ import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.CODEVIEWER; import static org.sonar.api.web.UserRole.ISSUE_ADMIN; import static org.sonar.api.web.UserRole.USER; +import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES; import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE; import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto; import static org.sonar.db.user.GroupTesting.newGroupDto; @@ -362,7 +362,7 @@ public class TemplateGroupsActionTest extends BasePermissionWsTest<TemplateGroup assertThatThrownBy(() -> { newRequest() - .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN) + .setParam(PARAM_PERMISSION, ADMINISTER_QUALITY_GATES.getKey()) .setParam(PARAM_TEMPLATE_ID, template1.getUuid()) .execute(); }) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java index 529cb325121..add535a3f97 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java @@ -31,6 +31,7 @@ import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; import org.sonar.db.component.ComponentDto; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.project.ProjectDto; import org.sonar.db.user.UserDto; import org.sonar.db.webhook.WebhookDbTester; @@ -38,7 +39,6 @@ import org.sonar.db.webhook.WebhookDto; import org.sonar.server.component.ComponentCleanerService; import org.sonar.server.es.TestProjectIndexers; import org.sonar.server.exceptions.ForbiddenException; -import org.sonar.server.exceptions.NotFoundException; import org.sonar.server.exceptions.UnauthorizedException; import org.sonar.server.project.Project; import org.sonar.server.project.ProjectLifeCycleListeners; @@ -53,8 +53,6 @@ import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.mockito.ArgumentMatchers.any; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.verify; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.db.user.UserTesting.newUserDto; import static org.sonar.server.component.TestComponentFinder.from; import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT; @@ -85,7 +83,7 @@ public class DeleteActionTest { @Test public void global_administrator_deletes_project_by_key() { ComponentDto project = componentDbTester.insertPrivateProject(); - userSessionRule.logIn().addPermission(ADMINISTER); + userSessionRule.logIn().addPermission(GlobalPermission.ADMINISTER); call(tester.newRequest().setParam(PARAM_PROJECT, project.getKey())); @@ -96,7 +94,7 @@ public class DeleteActionTest { @Test public void project_administrator_deletes_the_project_by_key() { ComponentDto project = componentDbTester.insertPrivateProject(); - userSessionRule.logIn().addProjectPermission(ADMIN, project); + userSessionRule.logIn().addProjectPermission(UserRole.ADMIN, project); call(tester.newRequest().setParam(PARAM_PROJECT, project.getKey())); @@ -110,7 +108,7 @@ public class DeleteActionTest { UserDto insert = dbClient.userDao().insert(dbSession, newUserDto().setHomepageType("PROJECT").setHomepageParameter(project.uuid())); dbSession.commit(); - userSessionRule.logIn().addProjectPermission(ADMIN, project); + userSessionRule.logIn().addProjectPermission(UserRole.ADMIN, project); DeleteAction underTest = new DeleteAction( new ComponentCleanerService(dbClient, mockResourceTypes, new TestProjectIndexers()), from(db), dbClient, userSessionRule, projectLifeCycleListeners); @@ -133,7 +131,7 @@ public class DeleteActionTest { webhookDbTester.insertWebhook(project); webhookDbTester.insertWebhook(project); - userSessionRule.logIn().addProjectPermission(ADMIN, project); + userSessionRule.logIn().addProjectPermission(UserRole.ADMIN, project); DeleteAction underTest = new DeleteAction( new ComponentCleanerService(dbClient, mockResourceTypes, new TestProjectIndexers()), from(db), dbClient, userSessionRule, projectLifeCycleListeners); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java index 9c6d73422c6..c1f0f158443 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/project/ws/UpdateVisibilityActionTest.java @@ -575,7 +575,7 @@ public class UpdateVisibilityActionTest { .forEach(globalPermission -> { dbTester.users().insertPermissionOnAnyone(globalPermission); dbTester.users().insertPermissionOnGroup(group, globalPermission); - dbTester.users().insertPermissionOnUser(user, globalPermission); + dbTester.users().insertGlobalPermissionOnUser(user, globalPermission); }); permissionService.getAllProjectPermissions() .forEach(permission -> { diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java index 54d458221da..55e5b850800 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ListDefinitionsActionTest.java @@ -30,11 +30,13 @@ import org.sonar.api.config.PropertyFieldDefinition; import org.sonar.api.server.ws.WebService; import org.sonar.api.server.ws.WebService.Param; import org.sonar.api.utils.System2; +import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; import org.sonar.db.component.ComponentDto; import org.sonar.db.component.ComponentTesting; +import org.sonar.db.permission.GlobalPermission; import org.sonar.server.component.TestComponentFinder; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.exceptions.NotFoundException; @@ -51,11 +53,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.groups.Tuple.tuple; import static org.sonar.api.resources.Qualifiers.PROJECT; -import static org.sonar.api.web.UserRole.ADMIN; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonarqube.ws.MediaTypes.JSON; import static org.sonarqube.ws.Settings.Definition.CategoryOneOfCase.CATEGORYONEOF_NOT_SET; import static org.sonarqube.ws.Settings.Definition.DefaultValueOneOfCase.DEFAULTVALUEONEOF_NOT_SET; @@ -348,7 +345,7 @@ public class ListDefinitionsActionTest { @Test public void return_secured_settings_when_not_authenticated_but_with_scan_permission() { - userSession.anonymous().addPermission(SCAN); + userSession.anonymous().addPermission(GlobalPermission.SCAN); propertyDefinitions.addComponents(asList( PropertyDefinition.builder("foo").build(), PropertyDefinition.builder("secret.secured").build())); @@ -384,7 +381,7 @@ public class ListDefinitionsActionTest { @Test public void fail_when_user_has_not_project_browse_permission() { - userSession.logIn("project-admin").addProjectPermission(CODEVIEWER, project); + userSession.logIn("project-admin").addProjectPermission(UserRole.CODEVIEWER, project); propertyDefinitions.addComponent(PropertyDefinition.builder("foo").build()); assertThatThrownBy(() -> executeRequest(project.getKey())) @@ -480,17 +477,17 @@ public class ListDefinitionsActionTest { } private void logInAsProjectUser() { - userSession.logIn().addProjectPermission(USER, project); + userSession.logIn().addProjectPermission(UserRole.USER, project); } private void logInAsAdmin() { - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); } private void logInAsProjectAdmin() { userSession.logIn() - .addProjectPermission(ADMIN, project) - .addProjectPermission(USER, project); + .addProjectPermission(UserRole.ADMIN, project) + .addProjectPermission(UserRole.USER, project); } } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java index 7bdd2227d21..6902864e50e 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java @@ -56,12 +56,10 @@ import static java.util.Comparator.comparing; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.groups.Tuple.tuple; -import static org.sonar.api.resources.Qualifiers.FILE; import static org.sonar.api.resources.Qualifiers.PROJECT; import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.api.web.UserRole.CODEVIEWER; import static org.sonar.api.web.UserRole.USER; -import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION; import static org.sonar.db.component.ComponentTesting.newFileDto; import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.db.property.PropertyTesting.newComponentPropertyDto; @@ -522,7 +520,7 @@ public class ValuesActionTest { public void return_component_secured_settings_when_not_authenticated_but_with_project_scan_permission() { userSession .addProjectPermission(USER, project) - .addProjectPermission(SCAN_EXECUTION, project); + .addProjectPermission(SCAN.getKey(), project); definitions.addComponents(asList( PropertyDefinition.builder("foo").onQualifiers(PROJECT).build(), PropertyDefinition.builder("global.secret.secured").build(), @@ -543,7 +541,7 @@ public class ValuesActionTest { public void return_component_secured_settings_even_if_not_defined_when_not_authenticated_but_with_scan_permission() { userSession .addProjectPermission(USER, project) - .addProjectPermission(SCAN_EXECUTION, project); + .addProjectPermission(SCAN.getKey(), project); db.properties().insertProperties(null, project.getKey(), project.name(), project.qualifier(), newComponentPropertyDto(project).setKey("not-defined.secured").setValue("123")); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/AnonymizeActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/AnonymizeActionTest.java index 0c5788fcca2..310a2868c1d 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/AnonymizeActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/AnonymizeActionTest.java @@ -201,7 +201,7 @@ public class AnonymizeActionTest { private UserDto createAdminUser() { UserDto admin = db.users().insertUser(); - db.users().insertPermissionOnUser(admin, ADMINISTER); + db.users().insertGlobalPermissionOnUser(admin, ADMINISTER); db.commit(); return admin; } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java index 2775361b35d..f070e3b346f 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java @@ -26,12 +26,14 @@ import org.junit.Rule; import org.junit.Test; import org.sonar.api.impl.utils.AlwaysIncreasingSystem2; import org.sonar.api.utils.System2; +import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.alm.setting.AlmSettingDto; import org.sonar.db.ce.CeTaskMessageType; import org.sonar.db.component.ComponentDto; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.permission.template.PermissionTemplateDto; import org.sonar.db.permission.template.PermissionTemplateUserDto; import org.sonar.db.project.ProjectDto; @@ -62,11 +64,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.elasticsearch.index.query.QueryBuilders.boolQuery; import static org.elasticsearch.index.query.QueryBuilders.termQuery; -import static org.sonar.api.web.UserRole.CODEVIEWER; -import static org.sonar.api.web.UserRole.USER; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES; -import static org.sonar.db.permission.GlobalPermission.SCAN; import static org.sonar.db.property.PropertyTesting.newUserPropertyDto; import static org.sonar.server.user.index.UserIndexDefinition.FIELD_ACTIVE; import static org.sonar.server.user.index.UserIndexDefinition.FIELD_UUID; @@ -184,10 +181,10 @@ public class DeactivateActionTest { logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); ComponentDto project = db.components().insertPrivateProject(); - db.users().insertPermissionOnUser(user, SCAN); - db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_PROFILES); - db.users().insertProjectPermissionOnUser(user, USER, project); - db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.SCAN); + db.users().insertGlobalPermissionOnUser(user, GlobalPermission.ADMINISTER_QUALITY_PROFILES); + db.users().insertProjectPermissionOnUser(user, UserRole.USER, project); + db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project); deactivate(user.getLogin()); @@ -202,8 +199,8 @@ public class DeactivateActionTest { UserDto user = db.users().insertUser(); PermissionTemplateDto template = db.permissionTemplates().insertTemplate(); PermissionTemplateDto anotherTemplate = db.permissionTemplates().insertTemplate(); - db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), USER, template.getName(), user.getLogin()); - db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), CODEVIEWER, anotherTemplate.getName(), user.getLogin()); + db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin()); + db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), UserRole.CODEVIEWER, anotherTemplate.getName(), user.getLogin()); deactivate(user.getLogin()); @@ -392,7 +389,7 @@ public class DeactivateActionTest { @Test public void fail_to_deactivate_last_administrator() { UserDto admin = db.users().insertUser(); - db.users().insertPermissionOnUser(admin, ADMINISTER); + db.users().insertGlobalPermissionOnUser(admin, GlobalPermission.ADMINISTER); logInAsSystemAdministrator(); assertThatThrownBy(() -> { @@ -496,7 +493,7 @@ public class DeactivateActionTest { private UserDto createAdminUser() { UserDto admin = db.users().insertUser(); - db.users().insertPermissionOnUser(admin, ADMINISTER); + db.users().insertGlobalPermissionOnUser(admin, GlobalPermission.ADMINISTER); db.commit(); return admin; } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java index c321e4eb55f..40f4f244fbf 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java @@ -43,7 +43,6 @@ import org.sonar.server.ws.WsActionTester; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.Assertions.tuple; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME; @@ -200,7 +199,7 @@ public class DeleteActionTest { public void cannot_delete_last_system_admin_group() { insertDefaultGroup(); GroupDto group = db.users().insertGroup(); - db.users().insertPermissionOnGroup(group, SYSTEM_ADMIN); + db.users().insertPermissionOnGroup(group, ADMINISTER.getKey()); loginAsAdmin(); TestRequest request = newRequest() .setParam(PARAM_GROUP_NAME, group.getName()); @@ -215,7 +214,7 @@ public class DeleteActionTest { // admin users are part of the group to be deleted db.users().insertDefaultGroup(); GroupDto adminGroup = db.users().insertGroup("admins"); - db.users().insertPermissionOnGroup(adminGroup, SYSTEM_ADMIN); + db.users().insertPermissionOnGroup(adminGroup, ADMINISTER.getKey()); UserDto bigBoss = db.users().insertUser(); db.users().insertMember(adminGroup, bigBoss); loginAsAdmin(); @@ -231,9 +230,9 @@ public class DeleteActionTest { public void delete_admin_group_succeeds_if_other_groups_have_administrators() { db.users().insertDefaultGroup(); GroupDto adminGroup1 = db.users().insertGroup("admins"); - db.users().insertPermissionOnGroup(adminGroup1, SYSTEM_ADMIN); + db.users().insertPermissionOnGroup(adminGroup1, ADMINISTER.getKey()); GroupDto adminGroup2 = db.users().insertGroup("admins2"); - db.users().insertPermissionOnGroup(adminGroup2, SYSTEM_ADMIN); + db.users().insertPermissionOnGroup(adminGroup2, ADMINISTER.getKey()); UserDto bigBoss = db.users().insertUser(); db.users().insertMember(adminGroup2, bigBoss); loginAsAdmin(); @@ -251,7 +250,7 @@ public class DeleteActionTest { private void addAdmin() { UserDto admin = db.users().insertUser(); - db.users().insertPermissionOnUser(admin, SYSTEM_ADMIN); + db.users().insertGlobalPermissionOnUser(admin, ADMINISTER); } private void loginAsAdmin() { diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java index 658b74e50aa..31d35912391 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java @@ -24,7 +24,6 @@ import org.junit.Test; import org.sonar.api.impl.utils.AlwaysIncreasingSystem2; import org.sonar.api.server.ws.Change; import org.sonar.api.server.ws.WebService.Action; -import org.sonar.core.permission.GlobalPermissions; import org.sonar.db.DbTester; import org.sonar.db.user.GroupDto; import org.sonar.db.user.UserDto; @@ -185,7 +184,7 @@ public class RemoveUserActionTest { public void fail_to_remove_the_last_administrator() { db.users().insertDefaultGroup(); GroupDto adminGroup = db.users().insertGroup("sonar-admins"); - db.users().insertPermissionOnGroup(adminGroup, GlobalPermissions.SYSTEM_ADMIN); + db.users().insertPermissionOnGroup(adminGroup, ADMINISTER); UserDto adminUser = db.users().insertUser("the-single-admin"); db.users().insertMember(adminGroup, adminUser); loginAsAdmin(); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/CreateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/CreateActionTest.java index d3c08793a78..1c2df953d0b 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/CreateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/CreateActionTest.java @@ -24,12 +24,14 @@ import org.junit.Test; import org.sonar.api.config.Configuration; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.server.ws.WebService; +import org.sonar.api.web.UserRole; import org.sonar.core.util.UuidFactory; import org.sonar.core.util.UuidFactoryFast; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; import org.sonar.db.component.ComponentDto; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.project.ProjectDto; import org.sonar.db.webhook.WebhookDbTester; import org.sonar.server.component.ComponentFinder; @@ -46,9 +48,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.AssertionsForClassTypes.tuple; import static org.mockito.Mockito.mock; -import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.db.DbTester.create; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.server.tester.UserSessionRule.standalone; import static org.sonar.server.webhook.ws.WebhooksWsParameters.NAME_PARAM; import static org.sonar.server.webhook.ws.WebhooksWsParameters.PROJECT_KEY_PARAM; @@ -98,7 +98,7 @@ public class CreateActionTest { String longProjectKey = generateStringWithLength(400); ComponentDto project = componentDbTester.insertPrivateProject(componentDto -> componentDto.setKey(longProjectKey)); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); CreateWsResponse response = wsActionTester.newRequest() .setParam("project", longProjectKey) @@ -116,7 +116,7 @@ public class CreateActionTest { @Test public void create_a_webhook_with_secret() { - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); CreateWsResponse response = wsActionTester.newRequest() .setParam("name", NAME_WEBHOOK_EXAMPLE_001) @@ -133,7 +133,7 @@ public class CreateActionTest { @Test public void create_a_global_webhook() { - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); CreateWsResponse response = wsActionTester.newRequest() .setParam("name", NAME_WEBHOOK_EXAMPLE_001) @@ -151,7 +151,7 @@ public class CreateActionTest { public void create_a_webhook_on_project() { ComponentDto project = componentDbTester.insertPrivateProject(); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); CreateWsResponse response = wsActionTester.newRequest() .setParam("project", project.getKey()) @@ -185,7 +185,7 @@ public class CreateActionTest { for (int i = 0; i < 10; i++) { webhookDbTester.insertWebhook(project); } - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); TestRequest request = wsActionTester.newRequest() .setParam(PROJECT_KEY_PARAM, project.getKey()) .setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) @@ -201,7 +201,7 @@ public class CreateActionTest { for (int i = 0; i < 10; i++) { webhookDbTester.insertGlobalWebhook(); } - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestRequest request = wsActionTester.newRequest() .setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) .setParam(URL_PARAM, URL_WEBHOOK_EXAMPLE_001); @@ -213,7 +213,7 @@ public class CreateActionTest { @Test public void fail_if_url_is_not_valid() { - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestRequest request = wsActionTester.newRequest() .setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) .setParam(URL_PARAM, "htp://www.wrong-protocol.com/"); @@ -224,7 +224,7 @@ public class CreateActionTest { @Test public void fail_if_credential_in_url_is_have_a_wrong_format() { - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestRequest request = wsActionTester.newRequest() .setParam(NAME_PARAM, NAME_WEBHOOK_EXAMPLE_001) .setParam(URL_PARAM, "http://:www.wrong-protocol.com/"); @@ -272,7 +272,7 @@ public class CreateActionTest { @Test public void throw_IllegalArgumentException_if_project_key_greater_than_400() { String longProjectKey = generateStringWithLength(401); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestRequest request = wsActionTester.newRequest() .setParam("project", longProjectKey) .setParam("name", NAME_WEBHOOK_EXAMPLE_001) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/DeleteActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/DeleteActionTest.java index 22a978f6c23..9d32494811e 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/DeleteActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/DeleteActionTest.java @@ -24,10 +24,12 @@ import org.junit.Rule; import org.junit.Test; import org.sonar.api.config.Configuration; import org.sonar.api.server.ws.WebService; +import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.project.ProjectDto; import org.sonar.db.webhook.WebhookDbTester; import org.sonar.db.webhook.WebhookDeliveryDao; @@ -46,9 +48,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.AssertionsForClassTypes.tuple; import static org.mockito.Mockito.mock; -import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.db.DbTester.create; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.db.webhook.WebhookDeliveryTesting.newDto; import static org.sonar.server.tester.UserSessionRule.standalone; import static org.sonar.server.webhook.ws.WebhooksWsParameters.KEY_PARAM; @@ -94,7 +94,7 @@ public class DeleteActionTest { webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); TestResponse response = wsActionTester.newRequest() .setParam(KEY_PARAM, dto.getUuid()) @@ -114,7 +114,7 @@ public class DeleteActionTest { WebhookDto dto = webhookDbTester.insertGlobalWebhook(); webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); webhookDeliveryDbTester.insert(newDto().setWebhookUuid(dto.getUuid())); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestResponse response = wsActionTester.newRequest() .setParam(KEY_PARAM, dto.getUuid()) .execute(); @@ -129,7 +129,7 @@ public class DeleteActionTest { @Test public void fail_if_webhook_does_not_exist() { - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestRequest request = wsActionTester.newRequest() .setParam(KEY_PARAM, "inexistent-webhook-uuid"); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/ListActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/ListActionTest.java index 550d750588a..5d62be603f8 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/ListActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/ListActionTest.java @@ -26,10 +26,12 @@ import org.sonar.api.config.Configuration; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.server.ws.WebService; import org.sonar.api.server.ws.WebService.Param; +import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; import org.sonar.db.component.ComponentDto; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.project.ProjectDto; import org.sonar.db.webhook.WebhookDbTester; import org.sonar.db.webhook.WebhookDeliveryDbTester; @@ -48,9 +50,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.AssertionsForClassTypes.tuple; import static org.mockito.Mockito.mock; -import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.db.DbTester.create; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.db.webhook.WebhookDeliveryTesting.newDto; import static org.sonar.db.webhook.WebhookTesting.newGlobalWebhook; import static org.sonar.server.tester.UserSessionRule.standalone; @@ -105,7 +105,7 @@ public class ListActionTest { webhookDeliveryDbTester.insert(newDto("WH2-DELIVERY-1-UUID", webhook2.getUuid(), "COMPONENT_1", "TASK_1").setCreatedAt(BEFORE)); webhookDeliveryDbTester.insert(newDto("WH2-DELIVERY-2-UUID", webhook2.getUuid(), "COMPONENT_1", "TASK_2").setCreatedAt(NOW)); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); ListResponse response = wsActionTester.newRequest().executeProtobuf(ListResponse.class); @@ -128,7 +128,7 @@ public class ListActionTest { WebhookDto webhook1 = webhookDbTester.insert(newGlobalWebhook("aaa"), null, null); WebhookDto webhook2 = webhookDbTester.insert(newGlobalWebhook("bbb"), null, null); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); ListResponse response = wsActionTester.newRequest().executeProtobuf(ListResponse.class); @@ -153,7 +153,7 @@ public class ListActionTest { webhookDeliveryDbTester.insert(newDto("WH1-DELIVERY-2-UUID", webhook1.getUuid(), "COMPONENT_1", "TASK_2").setCreatedAt(NOW)); webhookDbTester.insert(newGlobalWebhook("bbb", t -> t.setUrl(url)), null, null); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); ListResponse response = wsActionTester.newRequest().executeProtobuf(ListResponse.class); @@ -171,7 +171,7 @@ public class ListActionTest { // insert a project-specific webhook, that should not be returned when listing global webhooks webhookDbTester.insertWebhook(componentDbTester.insertPrivateProjectDto()); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); ListResponse response = wsActionTester.newRequest() .executeProtobuf(ListResponse.class); @@ -186,7 +186,7 @@ public class ListActionTest { @Test public void list_project_webhooks_when_project_key_param_is_provided() { ProjectDto project1 = componentDbTester.insertPrivateProjectDto(); - userSession.logIn().addProjectPermission(ADMIN, project1); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project1); WebhookDto dto1 = webhookDbTester.insertWebhook(project1); WebhookDto dto2 = webhookDbTester.insertWebhook(project1); @@ -206,7 +206,7 @@ public class ListActionTest { public void list_global_webhooks_if_project_key_param_missing() { WebhookDto dto1 = webhookDbTester.insertGlobalWebhook(); WebhookDto dto2 = webhookDbTester.insertGlobalWebhook(); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); ListResponse response = wsActionTester.newRequest() .executeProtobuf(ListResponse.class); diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/UpdateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/UpdateActionTest.java index a222eee8e79..75c2c8504ec 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/UpdateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/UpdateActionTest.java @@ -25,9 +25,11 @@ import org.junit.Test; import org.sonar.api.config.Configuration; import org.sonar.api.resources.ResourceTypes; import org.sonar.api.server.ws.WebService; +import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbTester; import org.sonar.db.component.ComponentDbTester; +import org.sonar.db.permission.GlobalPermission; import org.sonar.db.project.ProjectDto; import org.sonar.db.webhook.WebhookDbTester; import org.sonar.db.webhook.WebhookDto; @@ -45,9 +47,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatThrownBy; import static org.assertj.core.api.AssertionsForClassTypes.tuple; import static org.mockito.Mockito.mock; -import static org.sonar.api.web.UserRole.ADMIN; import static org.sonar.db.DbTester.create; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; import static org.sonar.server.tester.UserSessionRule.standalone; import static org.sonar.server.ws.KeyExamples.NAME_WEBHOOK_EXAMPLE_001; import static org.sonar.server.ws.KeyExamples.URL_WEBHOOK_EXAMPLE_001; @@ -90,7 +90,7 @@ public class UpdateActionTest { public void update_a_project_webhook_with_required_fields() { ProjectDto project = componentDbTester.insertPrivateProjectDto(); WebhookDto dto = webhookDbTester.insertWebhook(project); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); TestResponse response = wsActionTester.newRequest() .setParam("webhook", dto.getUuid()) @@ -111,7 +111,7 @@ public class UpdateActionTest { public void update_a_project_webhook_with_all_fields() { ProjectDto project = componentDbTester.insertPrivateProjectDto(); WebhookDto dto = webhookDbTester.insertWebhook(project); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); TestResponse response = wsActionTester.newRequest() .setParam("webhook", dto.getUuid()) @@ -132,7 +132,7 @@ public class UpdateActionTest { @Test public void update_a_global_webhook() { WebhookDto dto = webhookDbTester.insertGlobalWebhook(); - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestResponse response = wsActionTester.newRequest() .setParam("webhook", dto.getUuid()) @@ -152,7 +152,7 @@ public class UpdateActionTest { @Test public void fail_if_webhook_does_not_exist() { - userSession.logIn().addPermission(ADMINISTER); + userSession.logIn().addPermission(GlobalPermission.ADMINISTER); TestRequest request = wsActionTester.newRequest() .setParam("webhook", "inexistent-webhook-uuid") .setParam("name", NAME_WEBHOOK_EXAMPLE_001) @@ -209,7 +209,7 @@ public class UpdateActionTest { public void fail_if_url_is_not_valid() { ProjectDto project = componentDbTester.insertPrivateProjectDto(); WebhookDto dto = webhookDbTester.insertWebhook(project); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); TestRequest request = wsActionTester.newRequest() .setParam("webhook", dto.getUuid()) .setParam("name", NAME_WEBHOOK_EXAMPLE_001) @@ -223,7 +223,7 @@ public class UpdateActionTest { public void fail_if_credential_in_url_is_have_a_wrong_format() { ProjectDto project = componentDbTester.insertPrivateProjectDto(); WebhookDto dto = webhookDbTester.insertWebhook(project); - userSession.logIn().addProjectPermission(ADMIN, project); + userSession.logIn().addProjectPermission(UserRole.ADMIN, project); TestRequest request = wsActionTester.newRequest() .setParam("webhook", dto.getUuid()) .setParam("name", NAME_WEBHOOK_EXAMPLE_001) |