diff options
Diffstat (limited to 'server')
2 files changed, 4 insertions, 55 deletions
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java index 2d1ad370edf..9bb13a34c81 100644 --- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java +++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java @@ -168,8 +168,8 @@ public class ServerUserSession extends AbstractUserSession { @Override protected boolean hasChildProjectsPermission(String permission, String applicationUuid) { Set<String> childProjectUuids = loadChildProjectUuids(applicationUuid); - return childProjectUuids.stream() - .allMatch(uuid -> hasPermission(permission, uuid)); + Set<String> projectsWithPermission = keepProjectsUuidsByPermission(permission, childProjectUuids); + return projectsWithPermission.containsAll(childProjectUuids); } @Override @@ -178,8 +178,8 @@ public class ServerUserSession extends AbstractUserSession { Set<String> branchUuids = findBranchUuids(portfolioHierarchyComponents); Set<String> projectUuids = findProjectUuids(branchUuids); - return projectUuids.stream() - .allMatch(uuid -> hasPermission(permission, uuid)); + Set<String> projectsWithPermission = keepProjectsUuidsByPermission(permission, projectUuids); + return projectsWithPermission.containsAll(projectUuids); } @Override diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java index 855c3c5ae64..4814021479c 100644 --- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java +++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java @@ -289,31 +289,6 @@ public class ServerUserSessionTest { } @Test - public void hasChildProjectsPermission_keeps_cache_of_permissions_of_logged_in_user() { - ComponentDto project = db.components().insertPrivateProject(); - UserDto user = db.users().insertUser(); - db.users().insertProjectPermissionOnUser(user, USER, project); - - ComponentDto application = db.components().insertPrivateApplication(); - db.components().addApplicationProject(application, project); - // add computed project - db.components().insertComponent(newProjectCopy(project, application)); - - UserSession session = newUserSession(user); - - // feed the cache - assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); - - // change permissions without updating the cache - db.users().deletePermissionFromUser(project, user, USER); - assertThat(session.hasChildProjectsPermission(USER, application)).isTrue(); - - // cache is refreshed when user logs in again - session = newUserSession(user); - assertThat(session.hasChildProjectsPermission(USER, application)).isFalse(); - } - - @Test public void hasChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() { db.users().insertPermissionOnAnyone(USER); @@ -399,32 +374,6 @@ public class ServerUserSessionTest { } @Test - public void hasPortfolioChildProjectsPermission_keeps_cache_of_permissions_of_logged_in_user() { - ComponentDto project = db.components().insertPrivateProject(); - - UserDto user = db.users().insertUser(); - db.users().insertProjectPermissionOnUser(user, USER, project); - - ComponentDto portfolio = db.components().insertPrivatePortfolio(); - db.components().addPortfolioProject(portfolio, project); - // add computed project - db.components().insertComponent(newProjectCopy(project, portfolio)); - - UserSession session = newUserSession(user); - - // feed the cache - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); - - // change permissions without updating the cache - db.users().deletePermissionFromUser(project, user, USER); - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue(); - - // cache is refreshed when user logs in again - session = newUserSession(user); - assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse(); - } - - @Test public void hasPortfolioChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() { db.users().insertPermissionOnAnyone(USER); |