Example #1
0
  @Test
  public void select_group_permissions_by_permission_and_user_id() {
    long userId = 11L;

    underTest.insertGroupRole(
        dbSession, new GroupRoleDto().setRole(UserRole.ADMIN).setGroupId(1L).setResourceId(2L));
    groupDb.addUserToGroup(userId, 1L);
    underTest.insertGroupRole(
        dbSession, new GroupRoleDto().setRole(UserRole.ADMIN).setGroupId(2L).setResourceId(3L));
    groupDb.addUserToGroup(userId, 2L);
    // global permission - not returned
    groupDb.addUserToGroup(userId, 3L);
    underTest.insertGroupRole(
        dbSession, new GroupRoleDto().setRole(UserRole.ADMIN).setGroupId(3L).setResourceId(null));
    // project permission on another user id - not returned
    underTest.insertGroupRole(
        dbSession, new GroupRoleDto().setRole(UserRole.ADMIN).setGroupId(4L).setResourceId(4L));
    groupDb.addUserToGroup(12L, 4L);
    // project permission on another permission - not returned
    underTest.insertGroupRole(
        dbSession, new GroupRoleDto().setRole(UserRole.USER).setGroupId(5L).setResourceId(5L));
    groupDb.addUserToGroup(userId, 5L);
    // duplicates on resource id - should be returned once
    underTest.insertUserRole(
        dbSession, new UserRoleDto().setRole(UserRole.ADMIN).setUserId(userId).setResourceId(2L));
    underTest.insertGroupRole(
        dbSession, new GroupRoleDto().setRole(UserRole.ADMIN).setGroupId(3L).setResourceId(3L));
    db.commit();

    List<Long> result =
        underTest.selectComponentIdsByPermissionAndUserId(dbSession, UserRole.ADMIN, userId);

    assertThat(result).hasSize(2).containsExactly(2L, 3L);
  }
Example #2
0
  @Test
  public void select_user_permissions_by_permission_and_user_id() {
    underTest.insertUserRole(
        dbSession, new UserRoleDto().setRole(UserRole.ADMIN).setUserId(1L).setResourceId(2L));
    underTest.insertUserRole(
        dbSession, new UserRoleDto().setRole(UserRole.ADMIN).setUserId(1L).setResourceId(3L));
    // global permission - not returned
    underTest.insertUserRole(
        dbSession, new UserRoleDto().setRole(UserRole.ADMIN).setUserId(1L).setResourceId(null));
    // project permission on another user id - not returned
    underTest.insertUserRole(
        dbSession, new UserRoleDto().setRole(UserRole.ADMIN).setUserId(42L).setResourceId(2L));
    // project permission on another permission - not returned
    underTest.insertUserRole(
        dbSession,
        new UserRoleDto()
            .setRole(GlobalPermissions.SCAN_EXECUTION)
            .setUserId(1L)
            .setResourceId(2L));
    db.commit();

    List<Long> result =
        underTest.selectComponentIdsByPermissionAndUserId(dbSession, UserRole.ADMIN, 1L);

    assertThat(result).hasSize(2).containsExactly(2L, 3L);
  }