Beispiel #1
0
  @Test
  public void select_groups_by_query_with_project_permissions() {
    GroupDto group1 = groupDb.insertGroup();
    GroupDto group2 = groupDb.insertGroup();
    GroupDto group3 = groupDb.insertGroup();

    ComponentDto project = componentDb.insertComponent(newProjectDto());
    ComponentDto anotherProject = componentDb.insertComponent(newProjectDto());

    permissionDb.addProjectPermissionToGroup(SCAN_EXECUTION, group1.getId(), project.getId());
    permissionDb.addProjectPermissionToGroup(PROVISIONING, group1.getId(), project.getId());
    permissionDb.addProjectPermissionToGroup(USER, null, project.getId());

    permissionDb.addProjectPermissionToGroup(SYSTEM_ADMIN, group1.getId(), anotherProject.getId());
    permissionDb.addProjectPermissionToGroup(SYSTEM_ADMIN, null, anotherProject.getId());
    permissionDb.addProjectPermissionToGroup(
        SCAN_EXECUTION, group3.getId(), anotherProject.getId());

    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group2.getId());

    PermissionQuery.Builder builderOnComponent =
        PermissionQuery.builder().setComponentUuid(project.uuid());
    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, builderOnComponent.withPermissionOnly().build()))
        .containsOnlyOnce(group1.getName());
    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, builderOnComponent.setPermission(SCAN_EXECUTION).build()))
        .containsOnlyOnce(group1.getName());
    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, builderOnComponent.setPermission(USER).build()))
        .containsOnlyOnce(ANYONE);
  }
Beispiel #2
0
  @Test
  public void count_groups_by_query() {
    GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
    GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
    GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
    permissionDb.addGlobalPermissionToGroup(PROVISIONING, group1.getId());

    assertThat(underTest.countGroupsByPermissionQuery(dbSession, PermissionQuery.builder().build()))
        .isEqualTo(4);
    assertThat(
            underTest.countGroupsByPermissionQuery(
                dbSession, PermissionQuery.builder().setPermission(PROVISIONING).build()))
        .isEqualTo(1);
    assertThat(
            underTest.countGroupsByPermissionQuery(
                dbSession, PermissionQuery.builder().withPermissionOnly().build()))
        .isEqualTo(2);
    assertThat(
            underTest.countGroupsByPermissionQuery(
                dbSession, PermissionQuery.builder().setSearchQuery("Group-").build()))
        .isEqualTo(3);
    assertThat(
            underTest.countGroupsByPermissionQuery(
                dbSession, PermissionQuery.builder().setSearchQuery("Any").build()))
        .isEqualTo(1);
  }
Beispiel #3
0
  @Test
  public void select_groups_by_query_with_global_permission() {
    GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
    GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
    GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));

    ComponentDto project = componentDb.insertComponent(newProjectDto());

    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
    permissionDb.addGlobalPermissionToGroup(PROVISIONING, null);
    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group1.getId());
    permissionDb.addGlobalPermissionToGroup(SYSTEM_ADMIN, group3.getId());
    permissionDb.addProjectPermissionToGroup(UserRole.ADMIN, group2.getId(), project.getId());

    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, PermissionQuery.builder().setPermission(SCAN_EXECUTION).build()))
        .containsExactly(ANYONE, "Group-1");

    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build()))
        .containsExactly("Group-3");

    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, PermissionQuery.builder().setPermission(PROVISIONING).build()))
        .containsExactly(ANYONE);
  }
Beispiel #4
0
  @Test
  public void group_count_by_permission_and_component_id() {
    GroupDto group1 = groupDb.insertGroup();
    GroupDto group2 = groupDb.insertGroup();
    GroupDto group3 = groupDb.insertGroup();

    permissionDb.addProjectPermissionToGroup(ISSUE_ADMIN, group1.getId(), 42L);
    permissionDb.addProjectPermissionToGroup(ADMIN, group1.getId(), 123L);
    permissionDb.addProjectPermissionToGroup(ADMIN, group2.getId(), 123L);
    permissionDb.addProjectPermissionToGroup(ADMIN, group3.getId(), 123L);
    // anyone group
    permissionDb.addProjectPermissionToGroup(ADMIN, null, 123L);
    permissionDb.addProjectPermissionToGroup(USER, group1.getId(), 123L);
    permissionDb.addProjectPermissionToGroup(USER, group1.getId(), 456L);

    final List<CountByProjectAndPermissionDto> result = new ArrayList<>();
    underTest.groupsCountByComponentIdAndPermission(
        dbSession,
        asList(123L, 456L, 789L),
        context -> result.add((CountByProjectAndPermissionDto) context.getResultObject()));

    assertThat(result).hasSize(3);
    assertThat(result).extracting("permission").containsOnly(ADMIN, USER);
    assertThat(result).extracting("componentId").containsOnly(123L, 456L);
    assertThat(result).extracting("count").containsOnly(4, 1);
  }
Beispiel #5
0
  @Test
  public void select_group_permissions_by_group_names_on_project_permissions() {
    GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
    permissionDb.addGlobalPermissionToGroup(PROVISIONING, group1.getId());

    GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
    ComponentDto project = componentDb.insertComponent(newProjectDto());
    permissionDb.addProjectPermissionToGroup(USER, group2.getId(), project.getId());

    GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
    permissionDb.addProjectPermissionToGroup(USER, group3.getId(), project.getId());

    // Anyone group
    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
    permissionDb.addProjectPermissionToGroup(PROVISIONING, null, project.getId());

    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, asList("Group-1"), project.getId()))
        .isEmpty();

    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, asList("Group-2"), project.getId()))
        .extracting(GroupRoleDto::getGroupId, GroupRoleDto::getRole, GroupRoleDto::getResourceId)
        .containsOnly(tuple(group2.getId(), USER, project.getId()));

    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, asList("Group-3"), project.getId()))
        .extracting(GroupRoleDto::getGroupId, GroupRoleDto::getRole, GroupRoleDto::getResourceId)
        .containsOnly(tuple(group3.getId(), USER, project.getId()));

    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, asList("Anyone"), project.getId()))
        .extracting(GroupRoleDto::getGroupId, GroupRoleDto::getRole, GroupRoleDto::getResourceId)
        .containsOnly(tuple(0L, PROVISIONING, project.getId()));

    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, asList("Group-1", "Group-2", "Anyone"), project.getId()))
        .hasSize(2);
    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, asList("Unknown"), project.getId()))
        .isEmpty();
    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, asList("Group-1"), 123L))
        .isEmpty();
    assertThat(
            underTest.selectGroupPermissionsByGroupNamesAndProject(
                dbSession, Collections.emptyList(), project.getId()))
        .isEmpty();
  }
Beispiel #6
0
  @Test
  public void select_groups_by_query_with_search_query() {
    GroupDto group = groupDb.insertGroup(newGroupDto().setName("group-anyone"));
    groupDb.insertGroup(newGroupDto().setName("unknown"));
    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group.getId());

    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, PermissionQuery.builder().setSearchQuery("any").build()))
        .containsOnlyOnce(ANYONE, "group-anyone");
  }
Beispiel #7
0
  @Test
  public void select_groups_by_query_is_ordered_by_group_names() {
    groupDb.insertGroup(newGroupDto().setName("Group-2"));
    groupDb.insertGroup(newGroupDto().setName("Group-3"));
    groupDb.insertGroup(newGroupDto().setName("Group-1"));
    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);

    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, PermissionQuery.builder().build()))
        .containsExactly("Anyone", "Group-1", "Group-2", "Group-3");
  }
Beispiel #8
0
  @Test
  public void select_groups_by_query() {
    GroupDto group1 = groupDb.insertGroup(newGroupDto());
    GroupDto group2 = groupDb.insertGroup(newGroupDto());
    GroupDto group3 = groupDb.insertGroup(newGroupDto());
    permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);

    List<String> groupNames =
        underTest.selectGroupNamesByPermissionQuery(dbSession, PermissionQuery.builder().build());
    assertThat(groupNames)
        .containsOnly("Anyone", group1.getName(), group2.getName(), group3.getName());
  }
Beispiel #9
0
  @Test
  public void admin_via_groups() {
    ComponentDto jdk7 = insertJdk7();
    ComponentDto cLang = insertClang();

    GroupDto group = groupDb.insertGroup(newGroupDto());
    groupDb.addUserToGroup(user.getId(), group.getId());

    insertGroupPermission(UserRole.ADMIN, group.getId(), jdk7.getId());
    insertGroupPermission(UserRole.USER, group.getId(), cLang.getId());

    SearchMyProjectsWsResponse result = call_ws();

    assertThat(result.getProjectsCount()).isEqualTo(1);
    assertThat(result.getProjects(0).getId()).isEqualTo(jdk7.uuid());
  }
Beispiel #10
0
  @Test
  public void select_groups_by_query_does_not_return_anyone_when_group_roles_is_empty() {
    GroupDto group = groupDb.insertGroup();

    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, PermissionQuery.builder().build()))
        .doesNotContain(ANYONE)
        .containsExactly(group.getName());
  }
Beispiel #11
0
  @Test
  public void select_groups_by_query_paginated() {
    IntStream.rangeClosed(0, 9)
        .forEach(i -> groupDb.insertGroup(newGroupDto().setName(i + "-name")));

    assertThat(
            underTest.selectGroupNamesByPermissionQuery(
                dbSession, PermissionQuery.builder().setPageIndex(2).setPageSize(3).build()))
        .containsExactly("3-name", "4-name", "5-name");
  }
Beispiel #12
0
  @Test
  public void admin_via_groups_and_users() {
    ComponentDto jdk7 = insertJdk7();
    ComponentDto cLang = insertClang();
    ComponentDto sonarqube = componentDb.insertComponent(newProjectDto());

    GroupDto group = groupDb.insertGroup(newGroupDto());
    groupDb.addUserToGroup(user.getId(), group.getId());

    insertUserPermission(UserRole.ADMIN, user.getId(), jdk7.getId());
    insertGroupPermission(UserRole.ADMIN, group.getId(), cLang.getId());
    // admin via group and user
    insertUserPermission(UserRole.ADMIN, user.getId(), sonarqube.getId());
    insertGroupPermission(UserRole.ADMIN, group.getId(), sonarqube.getId());

    SearchMyProjectsWsResponse result = call_ws();

    assertThat(result.getProjectsCount()).isEqualTo(3);
    assertThat(result.getProjectsList())
        .extracting(Project::getId)
        .containsOnly(jdk7.uuid(), cLang.uuid(), sonarqube.uuid());
  }