From fcf197ca9827fc1606ecedd49d7ca37273138d8f Mon Sep 17 00:00:00 2001 From: Sébastien Lesaint Date: Thu, 19 Jan 2017 10:00:52 +0100 Subject: SONAR-8608 consistent organization on permission/group/component --- .../org/sonar/db/component/ComponentMapper.java | 8 + .../sonar/db/permission/GroupPermissionDao.java | 27 +++ .../org/sonar/db/permission/UserPermissionDao.java | 13 ++ .../main/java/org/sonar/db/user/GroupMapper.java | 7 + .../org/sonar/db/component/ComponentMapper.xml | 9 + .../resources/org/sonar/db/user/GroupMapper.xml | 9 + .../sonar/db/permission/AuthorizationDaoTest.java | 23 +-- .../db/permission/GroupPermissionDaoTest.java | 185 +++++++++++---------- .../sonar/db/permission/UserPermissionDaoTest.java | 158 +++++++++--------- .../test/java/org/sonar/db/user/RoleDaoTest.java | 5 +- .../test/java/org/sonar/db/user/UserDbTester.java | 20 +-- 11 files changed, 259 insertions(+), 205 deletions(-) (limited to 'sonar-db/src') diff --git a/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java b/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java index 7cf6f163b49..ed88b3950e0 100644 --- a/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java +++ b/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java @@ -57,6 +57,14 @@ public interface ComponentMapper { List selectComponentsByQualifiers(@Param("qualifiers") Collection qualifiers); + /** + * Counts the number of components with the specified id belonging to the specified organization. + * + * @return 1 or 0. Either because the organization uuid is not the one of the component or because the component does + * not exist. + */ + int countComponentByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("componentId") long componentId); + List selectByQuery(@Param("query") ComponentQuery query, RowBounds rowBounds); int countByQuery(@Param("query") ComponentQuery query); diff --git a/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java index 77ee9cd6907..ac972f2e31a 100644 --- a/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java +++ b/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java @@ -28,7 +28,10 @@ import org.apache.ibatis.session.RowBounds; import org.sonar.api.security.DefaultGroups; import org.sonar.db.Dao; import org.sonar.db.DbSession; +import org.sonar.db.component.ComponentMapper; +import org.sonar.db.user.GroupMapper; +import static com.google.common.base.Preconditions.checkArgument; import static org.sonar.db.DatabaseUtils.executeLargeInputs; import static org.sonar.db.DatabaseUtils.executeLargeInputsWithoutOutput; @@ -102,9 +105,33 @@ public class GroupPermissionDao implements Dao { } public void insert(DbSession dbSession, GroupPermissionDto dto) { + ensureComponentPermissionConsistency(dbSession, dto); + ensureGroupPermissionConsistency(dbSession, dto); mapper(dbSession).insert(dto); } + private static void ensureComponentPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) { + if (dto.getResourceId() == null) { + return; + } + ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class); + checkArgument( + componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getResourceId()) == 1, + "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'", + dto.getRole(), dto.getResourceId(), dto.getOrganizationUuid(), dto.getOrganizationUuid()); + } + + private static void ensureGroupPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) { + if (dto.getGroupId() == null) { + return; + } + GroupMapper groupMapper = dbSession.getMapper(GroupMapper.class); + checkArgument( + groupMapper.countGroupByOrganizationAndId(dto.getOrganizationUuid(), dto.getGroupId()) == 1, + "Can't insert permission '%s' for group with id '%s' in organization with uuid '%s' because this group does not belong to organization with uuid '%s'", + dto.getRole(), dto.getGroupId(), dto.getOrganizationUuid(), dto.getOrganizationUuid()); + } + /** * Delete all the permissions associated to a root component (project) */ diff --git a/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java b/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java index ac72fe33491..5490c119b70 100644 --- a/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java +++ b/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java @@ -27,6 +27,7 @@ import org.sonar.core.util.stream.Collectors; import org.sonar.db.Dao; import org.sonar.db.DatabaseUtils; import org.sonar.db.DbSession; +import org.sonar.db.component.ComponentMapper; import static com.google.common.base.Preconditions.checkArgument; import static java.util.Collections.emptyList; @@ -107,9 +108,21 @@ public class UserPermissionDao implements Dao { } public void insert(DbSession dbSession, UserPermissionDto dto) { + ensureComponentPermissionConsistency(dbSession, dto); mapper(dbSession).insert(dto); } + private static void ensureComponentPermissionConsistency(DbSession dbSession, UserPermissionDto dto) { + if (dto.getComponentId() == null) { + return; + } + ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class); + checkArgument( + componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getComponentId()) == 1, + "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'", + dto.getPermission(), dto.getComponentId(), dto.getOrganizationUuid(), dto.getOrganizationUuid()); + } + /** * Removes a single global permission from user */ diff --git a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java index cbb3e0dff7c..8066482bb79 100644 --- a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java +++ b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java @@ -42,6 +42,13 @@ public interface GroupMapper { int countByQuery(@Param("organizationUuid") String organizationUuid, @Nullable @Param("query") String query); + /** + * Counts the number of groups with the specified id belonging to the specified organization. + * + * @return 1 or 0. Either because the organization uuid is not the one of the group or because the group does not exist + */ + int countGroupByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("groupId") long groupId); + void deleteById(long groupId); void deleteByOrganization(@Param("organizationUuid") String organizationUuid); diff --git a/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml b/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml index 0607cbce185..c6614dd1d44 100644 --- a/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml +++ b/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml @@ -225,6 +225,15 @@ + + + +