private void insertProjectPermissionOnGroup(DbSession dbSession, ComponentDto component, String permission, Integer groupId) { dbClient.groupPermissionDao().insert(dbSession, new GroupPermissionDto() .setOrganizationUuid(component.getOrganizationUuid()) .setResourceId(component.getId()) .setGroupId(groupId) .setRole(permission)); }
private void copySonarUsersGroupPermissionsToMembersGroup(DbSession dbSession, String defaultOrganizationUuid, GroupDto sonarUsersGroup, GroupDto membersGroup) { dbClient.groupPermissionDao().selectAllPermissionsByGroupId(dbSession, defaultOrganizationUuid, sonarUsersGroup.getId(), context -> { GroupPermissionDto groupPermissionDto = (GroupPermissionDto) context.getResultObject(); dbClient.groupPermissionDao().insert(dbSession, new GroupPermissionDto().setOrganizationUuid(defaultOrganizationUuid).setGroupId(membersGroup.getId()) .setRole(groupPermissionDto.getRole()) .setResourceId(groupPermissionDto.getResourceId())); }); }
private List<String> loadExistingPermissions(DbSession dbSession, GroupPermissionChange change) { Optional<ProjectId> projectId = change.getProjectId(); if (projectId.isPresent()) { return dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession, change.getOrganizationUuid(), change.getGroupIdOrAnyone().getId(), projectId.get().getId()); } return dbClient.groupPermissionDao().selectGlobalPermissionsOfGroup(dbSession, change.getOrganizationUuid(), change.getGroupIdOrAnyone().getId()); }
private void updatePermissionsToPrivate(DbSession dbSession, ComponentDto component) { // delete project permissions for group AnyOne dbClient.groupPermissionDao().deleteByRootComponentIdAndGroupId(dbSession, component.getId(), null); // grant UserRole.CODEVIEWER and UserRole.USER to any group or user with at least one permission on project PUBLIC_PERMISSIONS.forEach(permission -> { dbClient.groupPermissionDao().selectGroupIdsWithPermissionOnProjectBut(dbSession, component.getId(), permission) .forEach(groupId -> insertProjectPermissionOnGroup(dbSession, component, permission, groupId)); dbClient.userPermissionDao().selectUserIdsWithPermissionOnProjectBut(dbSession, component.getId(), permission) .forEach(userId -> insertProjectPermissionOnUser(dbSession, component, permission, userId)); }); }
@Test public void deleteByRootComponentIdAndGroupId_has_no_effect_if_component_has_no_group_permission_for_group_AnyOne() { OrganizationDto organization = db.organizations().insert(); ComponentDto project = db.components().insertPrivateProject(organization); GroupDto group1 = db.users().insertGroup(organization); db.users().insertProjectPermissionOnGroup(group1, "p1", project); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), null, project.getId())) .isEmpty(); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), group1.getId(), project.getId())) .containsOnly("p1"); db.users().insertPermissionOnAnyone(organization, "p2"); db.users().insertPermissionOnGroup(group1, "p3"); int deletedCount = underTest.deleteByRootComponentIdAndGroupId(dbSession, project.getId(), null); assertThat(deletedCount).isEqualTo(0); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), null, project.getId())) .isEmpty(); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), group1.getId(), project.getId())) .containsOnly("p1"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, organization.getUuid(), null)) .containsOnly("p2"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, organization.getUuid(), group1.getId())) .containsOnly("p3"); }
private List<GroupDto> findGroups(DbSession dbSession, OrganizationDto org, PermissionQuery dbQuery) { List<String> orderedNames = dbClient.groupPermissionDao().selectGroupNamesByQuery(dbSession, dbQuery); List<GroupDto> groups = dbClient.groupDao().selectByNames(dbSession, org.getUuid(), orderedNames); if (orderedNames.contains(DefaultGroups.ANYONE)) { groups.add(0, new GroupDto().setId(0).setName(DefaultGroups.ANYONE).setOrganizationUuid(org.getUuid())); } return Ordering.explicit(orderedNames).onResultOf(GroupDto::getName).immutableSortedCopy(groups); }
private List<String> selectProjectPermissionsOfGroup(OrganizationDto organizationDto, @Nullable GroupDto groupDto, ComponentDto project) { return dbTester.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(session, organizationDto.getUuid(), groupDto != null ? groupDto.getId() : null, project.getId()); }
private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, ComponentDto project, @Nullable Integer projectCreatorUserId) { dbClient.groupPermissionDao().deleteByRootComponentId(dbSession, project.getId()); dbClient.userPermissionDao().deleteProjectPermissions(dbSession, project.getId()); .setRole(gp.getPermission()) .setResourceId(project.getId()); dbClient.groupPermissionDao().insert(dbSession, dto); });
private boolean removePermission(DbSession dbSession, GroupPermissionChange change) { if (!loadExistingPermissions(dbSession, change).contains(change.getPermission())) { return false; } checkIfRemainingGlobalAdministrators(dbSession, change); dbClient.groupPermissionDao().delete(dbSession, change.getPermission(), change.getOrganizationUuid(), change.getGroupIdOrAnyone().getId(), change.getNullableProjectId()); return true; }
@Test public void selectGlobalPermissionsOfGroup() { OrganizationDto org1 = db.organizations().insert(); OrganizationDto org2 = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org1, "group1"); GroupDto group2 = db.users().insertGroup(org2, "group2"); ComponentDto project = db.components().insertPublicProject(org1); db.users().insertPermissionOnAnyone(org1, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertPermissionOnGroup(group1, "perm3"); db.users().insertPermissionOnGroup(group2, "perm4"); db.users().insertProjectPermissionOnGroup(group1, "perm5", project); db.users().insertProjectPermissionOnAnyone("perm6", project); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, org1.getUuid(), group1.getId())).containsOnly("perm2", "perm3"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, org2.getUuid(), group2.getId())).containsOnly("perm4"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, org1.getUuid(), null)).containsOnly("perm1"); // group1 is not in org2 assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, org2.getUuid(), group1.getId())).isEmpty(); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, org2.getUuid(), null)).isEmpty(); }
@Test public void enabling_support_copy_sonar_users_permissions_to_members_group() { OrganizationDto defaultOrganization = dbTester.getDefaultOrganization(); UserDto user = dbTester.users().insertUser(); GroupDto sonarUsersGroup = dbTester.users().insertDefaultGroup(defaultOrganization, "sonar-users"); ComponentDto project = dbTester.components().insertPrivateProject(defaultOrganization); dbTester.users().insertPermissionOnGroup(sonarUsersGroup, "user"); dbTester.users().insertProjectPermissionOnGroup(sonarUsersGroup, "codeviewer", project); // Should be ignored GroupDto anotherGroup = dbTester.users().insertGroup(); dbTester.users().insertPermissionOnGroup(anotherGroup, "admin"); call(user.getLogin()); int defaultGroupId = dbTester.getDbClient().organizationDao().getDefaultGroupId(dbTester.getSession(), defaultOrganization.getUuid()).get(); assertThat(defaultGroupId).isNotEqualTo(sonarUsersGroup.getId()); List<GroupPermissionDto> result = new ArrayList<>(); dbTester.getDbClient().groupPermissionDao().selectAllPermissionsByGroupId(dbTester.getSession(), defaultOrganization.getUuid(), defaultGroupId, context -> result.add((GroupPermissionDto) context.getResultObject())); assertThat(result).extracting(GroupPermissionDto::getResourceId, GroupPermissionDto::getRole).containsOnly( tuple(null, "user"), tuple(project.getId(), "codeviewer")); }
@Test public void deleteByOrganization_does_not_fail_on_empty_db() { underTest.deleteByOrganization(dbSession, "some uuid"); dbSession.commit(); }
private int countGroups(DbSession dbSession, OrganizationDto org, String permission) { PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(org.getUuid()).setPermission(permission).build(); return dbClient.groupPermissionDao().countGroupsByQuery(dbSession, query); }
@Test public void deleteByRootComponentIdAndGroupId_has_no_effect_if_component_does_not_exist() { OrganizationDto organization = db.organizations().insert(); GroupDto group = db.users().insertGroup(organization); assertThat(underTest.deleteByRootComponentIdAndGroupId(dbSession, 1234L, null)).isEqualTo(0); assertThat(underTest.deleteByRootComponentIdAndGroupId(dbSession, 1234L, group.getId())).isEqualTo(0); }
@Test public void deleteByRootComponentId_on_private_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); GroupDto group2 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPrivateProject(org); ComponentDto project2 = db.components().insertPrivateProject(org); db.users().insertPermissionOnGroup(group1, "perm1"); db.users().insertProjectPermissionOnGroup(group1, "perm2", project1); db.users().insertProjectPermissionOnGroup(group2, "perm3", project2); underTest.deleteByRootComponentId(dbSession, project1.getId()); dbSession.commit(); assertThat(db.countSql("select count(id) from group_roles where resource_id=" + project1.getId())).isEqualTo(0); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2); }
@Test public void deleteByRootComponentIdAndGroupId_deletes_all_permissions_of_group_AnyOne_of_specified_component_if_groupId_is_null() { OrganizationDto organization = db.organizations().insert(); ComponentDto project = db.components().insertPublicProject(organization); GroupDto group = db.users().insertGroup(organization); db.users().insertProjectPermissionOnAnyone("p1", project); db.users().insertProjectPermissionOnGroup(group, "p2", project); db.users().insertPermissionOnAnyone(organization, "p3"); db.users().insertPermissionOnGroup(group, "p4"); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), null, project.getId())) .containsOnly("p1"); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), group.getId(), project.getId())) .containsOnly("p2"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, organization.getUuid(), null)) .containsOnly("p3"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, organization.getUuid(), group.getId())) .containsOnly("p4"); int deletedCount = underTest.deleteByRootComponentIdAndGroupId(dbSession, project.getId(), null); assertThat(deletedCount).isEqualTo(1); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), null, project.getId())) .isEmpty(); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, organization.getUuid(), group.getId(), project.getId())) .containsOnly("p2"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, organization.getUuid(), null)) .containsOnly("p3"); assertThat(underTest.selectGlobalPermissionsOfGroup(dbSession, organization.getUuid(), group.getId())) .containsOnly("p4"); }
@Test public void selectGroupNamesByQuery_is_paginated() { IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(db.getDefaultOrganization(), i + "-name")); List<String> groupNames = underTest.selectGroupNamesByQuery(dbSession, newQuery().setPageIndex(2).setPageSize(3).build()); assertThat(groupNames).containsExactly("3-name", "4-name", "5-name"); }
@Test public void selectProjectPermissionsOfGroup_on_private_project() { OrganizationDto org1 = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org1, "group1"); ComponentDto project1 = db.components().insertPrivateProject(org1); ComponentDto project2 = db.components().insertPrivateProject(org1); db.users().insertPermissionOnAnyone(org1, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnGroup(group1, "perm4", project1); db.users().insertProjectPermissionOnGroup(group1, "perm5", project2); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, org1.getUuid(), group1.getId(), project1.getId())) .containsOnly("perm3", "perm4"); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, org1.getUuid(), group1.getId(), project2.getId())) .containsOnly("perm5"); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, org1.getUuid(), null, project1.getId())) .isEmpty(); assertThat(underTest.selectProjectPermissionsOfGroup(dbSession, org1.getUuid(), null, project2.getId())) .isEmpty(); }
private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, ComponentDto project, @Nullable Integer projectCreatorUserId) { dbClient.groupPermissionDao().deleteByRootComponentId(dbSession, project.getId()); dbClient.userPermissionDao().deleteProjectPermissions(dbSession, project.getId()); .setRole(gp.getPermission()) .setResourceId(project.getId()); dbClient.groupPermissionDao().insert(dbSession, dto); });
public void deletePermissionFromGroup(GroupDto group, String permission) { db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getOrganizationUuid(), group.getId(), null); db.commit(); }