aboutsummaryrefslogtreecommitdiffstats
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java8
-rw-r--r--server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java51
2 files changed, 4 insertions, 55 deletions
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
index 2d1ad370edf..9bb13a34c81 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
@@ -168,8 +168,8 @@ public class ServerUserSession extends AbstractUserSession {
@Override
protected boolean hasChildProjectsPermission(String permission, String applicationUuid) {
Set<String> childProjectUuids = loadChildProjectUuids(applicationUuid);
- return childProjectUuids.stream()
- .allMatch(uuid -> hasPermission(permission, uuid));
+ Set<String> projectsWithPermission = keepProjectsUuidsByPermission(permission, childProjectUuids);
+ return projectsWithPermission.containsAll(childProjectUuids);
}
@Override
@@ -178,8 +178,8 @@ public class ServerUserSession extends AbstractUserSession {
Set<String> branchUuids = findBranchUuids(portfolioHierarchyComponents);
Set<String> projectUuids = findProjectUuids(branchUuids);
- return projectUuids.stream()
- .allMatch(uuid -> hasPermission(permission, uuid));
+ Set<String> projectsWithPermission = keepProjectsUuidsByPermission(permission, projectUuids);
+ return projectsWithPermission.containsAll(projectUuids);
}
@Override
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
index 855c3c5ae64..4814021479c 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java
@@ -289,31 +289,6 @@ public class ServerUserSessionTest {
}
@Test
- public void hasChildProjectsPermission_keeps_cache_of_permissions_of_logged_in_user() {
- ComponentDto project = db.components().insertPrivateProject();
- UserDto user = db.users().insertUser();
- db.users().insertProjectPermissionOnUser(user, USER, project);
-
- ComponentDto application = db.components().insertPrivateApplication();
- db.components().addApplicationProject(application, project);
- // add computed project
- db.components().insertComponent(newProjectCopy(project, application));
-
- UserSession session = newUserSession(user);
-
- // feed the cache
- assertThat(session.hasChildProjectsPermission(USER, application)).isTrue();
-
- // change permissions without updating the cache
- db.users().deletePermissionFromUser(project, user, USER);
- assertThat(session.hasChildProjectsPermission(USER, application)).isTrue();
-
- // cache is refreshed when user logs in again
- session = newUserSession(user);
- assertThat(session.hasChildProjectsPermission(USER, application)).isFalse();
- }
-
- @Test
public void hasChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() {
db.users().insertPermissionOnAnyone(USER);
@@ -399,32 +374,6 @@ public class ServerUserSessionTest {
}
@Test
- public void hasPortfolioChildProjectsPermission_keeps_cache_of_permissions_of_logged_in_user() {
- ComponentDto project = db.components().insertPrivateProject();
-
- UserDto user = db.users().insertUser();
- db.users().insertProjectPermissionOnUser(user, USER, project);
-
- ComponentDto portfolio = db.components().insertPrivatePortfolio();
- db.components().addPortfolioProject(portfolio, project);
- // add computed project
- db.components().insertComponent(newProjectCopy(project, portfolio));
-
- UserSession session = newUserSession(user);
-
- // feed the cache
- assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue();
-
- // change permissions without updating the cache
- db.users().deletePermissionFromUser(project, user, USER);
- assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isTrue();
-
- // cache is refreshed when user logs in again
- session = newUserSession(user);
- assertThat(session.hasPortfolioChildProjectsPermission(USER, portfolio)).isFalse();
- }
-
- @Test
public void hasPortfolioChildProjectsPermission_keeps_cache_of_permissions_of_anonymous_user() {
db.users().insertPermissionOnAnyone(USER);