@Test
public void select_groups_by_query_with_global_permission() {
GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
ComponentDto project = componentDb.insertComponent(newProjectDto());
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
permissionDb.addGlobalPermissionToGroup(PROVISIONING, null);
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group1.getId());
permissionDb.addGlobalPermissionToGroup(SYSTEM_ADMIN, group3.getId());
permissionDb.addProjectPermissionToGroup(UserRole.ADMIN, group2.getId(), project.getId());
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, PermissionQuery.builder().setPermission(SCAN_EXECUTION).build()))
.containsExactly(ANYONE, "Group-1");
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build()))
.containsExactly("Group-3");
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, PermissionQuery.builder().setPermission(PROVISIONING).build()))
.containsExactly(ANYONE);
}
@Test
public void select_groups_by_query_with_project_permissions() {
GroupDto group1 = groupDb.insertGroup();
GroupDto group2 = groupDb.insertGroup();
GroupDto group3 = groupDb.insertGroup();
ComponentDto project = componentDb.insertComponent(newProjectDto());
ComponentDto anotherProject = componentDb.insertComponent(newProjectDto());
permissionDb.addProjectPermissionToGroup(SCAN_EXECUTION, group1.getId(), project.getId());
permissionDb.addProjectPermissionToGroup(PROVISIONING, group1.getId(), project.getId());
permissionDb.addProjectPermissionToGroup(USER, null, project.getId());
permissionDb.addProjectPermissionToGroup(SYSTEM_ADMIN, group1.getId(), anotherProject.getId());
permissionDb.addProjectPermissionToGroup(SYSTEM_ADMIN, null, anotherProject.getId());
permissionDb.addProjectPermissionToGroup(
SCAN_EXECUTION, group3.getId(), anotherProject.getId());
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group2.getId());
PermissionQuery.Builder builderOnComponent =
PermissionQuery.builder().setComponentUuid(project.uuid());
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, builderOnComponent.withPermissionOnly().build()))
.containsOnlyOnce(group1.getName());
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, builderOnComponent.setPermission(SCAN_EXECUTION).build()))
.containsOnlyOnce(group1.getName());
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, builderOnComponent.setPermission(USER).build()))
.containsOnlyOnce(ANYONE);
}
@Test
public void count_groups_by_query() {
GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
permissionDb.addGlobalPermissionToGroup(PROVISIONING, group1.getId());
assertThat(underTest.countGroupsByPermissionQuery(dbSession, PermissionQuery.builder().build()))
.isEqualTo(4);
assertThat(
underTest.countGroupsByPermissionQuery(
dbSession, PermissionQuery.builder().setPermission(PROVISIONING).build()))
.isEqualTo(1);
assertThat(
underTest.countGroupsByPermissionQuery(
dbSession, PermissionQuery.builder().withPermissionOnly().build()))
.isEqualTo(2);
assertThat(
underTest.countGroupsByPermissionQuery(
dbSession, PermissionQuery.builder().setSearchQuery("Group-").build()))
.isEqualTo(3);
assertThat(
underTest.countGroupsByPermissionQuery(
dbSession, PermissionQuery.builder().setSearchQuery("Any").build()))
.isEqualTo(1);
}
@Test
public void should_remove_group_permission_with_null_name() throws Exception {
setupData("removeNullGroupPermissionFromTemplate");
permissionDao.removeGroupPermission(1L, null, "permission_to_remove");
checkTable(
"removeNullGroupPermissionFromTemplate",
"permission_templates",
"id",
"name",
"description");
checkTable(
"removeNullGroupPermissionFromTemplate",
"perm_templates_users",
"id",
"template_id",
"user_id",
"permission_reference");
checkTable(
"removeNullGroupPermissionFromTemplate",
"perm_templates_groups",
"id",
"template_id",
"group_id",
"permission_reference");
}
@Test
public void should_select_permission_template() throws Exception {
setupData("selectPermissionTemplate");
PermissionTemplateDto permissionTemplate =
permissionDao.selectPermissionTemplate("my template");
assertThat(permissionTemplate).isNotNull();
assertThat(permissionTemplate.getName()).isEqualTo("my template");
assertThat(permissionTemplate.getKee()).isEqualTo("my_template_20130102_030405");
assertThat(permissionTemplate.getDescription()).isEqualTo("my description");
assertThat(permissionTemplate.getUsersPermissions()).hasSize(3);
assertThat(permissionTemplate.getUsersPermissions())
.onProperty("userId")
.containsOnly(1L, 2L, 1L);
assertThat(permissionTemplate.getUsersPermissions())
.onProperty("userLogin")
.containsOnly("login1", "login2", "login2");
assertThat(permissionTemplate.getUsersPermissions())
.onProperty("userName")
.containsOnly("user1", "user2", "user2");
assertThat(permissionTemplate.getUsersPermissions())
.onProperty("permission")
.containsOnly("user_permission1", "user_permission1", "user_permission2");
assertThat(permissionTemplate.getGroupsPermissions()).hasSize(3);
assertThat(permissionTemplate.getGroupsPermissions())
.onProperty("groupId")
.containsOnly(1L, 2L, null);
assertThat(permissionTemplate.getGroupsPermissions())
.onProperty("groupName")
.containsOnly("group1", "group2", null);
assertThat(permissionTemplate.getGroupsPermissions())
.onProperty("permission")
.containsOnly("group_permission1", "group_permission1", "group_permission2");
}
@Test
public void group_count_by_permission_and_component_id() {
GroupDto group1 = groupDb.insertGroup();
GroupDto group2 = groupDb.insertGroup();
GroupDto group3 = groupDb.insertGroup();
permissionDb.addProjectPermissionToGroup(ISSUE_ADMIN, group1.getId(), 42L);
permissionDb.addProjectPermissionToGroup(ADMIN, group1.getId(), 123L);
permissionDb.addProjectPermissionToGroup(ADMIN, group2.getId(), 123L);
permissionDb.addProjectPermissionToGroup(ADMIN, group3.getId(), 123L);
// anyone group
permissionDb.addProjectPermissionToGroup(ADMIN, null, 123L);
permissionDb.addProjectPermissionToGroup(USER, group1.getId(), 123L);
permissionDb.addProjectPermissionToGroup(USER, group1.getId(), 456L);
final List<CountByProjectAndPermissionDto> result = new ArrayList<>();
underTest.groupsCountByComponentIdAndPermission(
dbSession,
asList(123L, 456L, 789L),
context -> result.add((CountByProjectAndPermissionDto) context.getResultObject()));
assertThat(result).hasSize(3);
assertThat(result).extracting("permission").containsOnly(ADMIN, USER);
assertThat(result).extracting("componentId").containsOnly(123L, 456L);
assertThat(result).extracting("count").containsOnly(4, 1);
}
@Test
public void search_groups_should_be_sorted_by_group_name() {
db.prepareDbUnit(getClass(), "groups_with_permissions_should_be_sorted_by_group_name.xml");
List<GroupWithPermissionDto> result =
underTest.selectGroups(
dbSession, OldPermissionQuery.builder().permission("user").build(), COMPONENT_ID);
int count = underTest.countGroups(dbSession, "user", COMPONENT_ID);
assertThat(result).hasSize(4);
assertThat(count).isEqualTo(2);
assertThat(result.get(0).getName()).isEqualTo("Anyone");
assertThat(result.get(1).getName()).isEqualTo("sonar-administrators");
assertThat(result.get(2).getName()).isEqualTo("sonar-reviewers");
assertThat(result.get(3).getName()).isEqualTo("sonar-users");
}
@Test
public void select_groups_for_project_permission() {
db.prepareDbUnit(getClass(), "groups_with_permissions.xml");
OldPermissionQuery query = OldPermissionQuery.builder().permission("user").build();
List<GroupWithPermissionDto> result = underTest.selectGroups(dbSession, query, COMPONENT_ID);
assertThat(result).hasSize(4);
GroupWithPermissionDto anyone = result.get(0);
assertThat(anyone.getName()).isEqualTo("Anyone");
assertThat(anyone.getDescription()).isNull();
assertThat(anyone.getPermission()).isNotNull();
GroupWithPermissionDto group1 = result.get(1);
assertThat(group1.getName()).isEqualTo("sonar-administrators");
assertThat(group1.getDescription()).isEqualTo("System administrators");
assertThat(group1.getPermission()).isNotNull();
GroupWithPermissionDto group2 = result.get(2);
assertThat(group2.getName()).isEqualTo("sonar-reviewers");
assertThat(group2.getDescription()).isEqualTo("Reviewers");
assertThat(group2.getPermission()).isNull();
GroupWithPermissionDto group3 = result.get(3);
assertThat(group3.getName()).isEqualTo("sonar-users");
assertThat(group3.getDescription())
.isEqualTo("Any new users created will automatically join this group");
assertThat(group3.getPermission()).isNotNull();
}
@Test
public void select_group_permissions_by_group_names_on_project_permissions() {
GroupDto group1 = groupDb.insertGroup(newGroupDto().setName("Group-1"));
permissionDb.addGlobalPermissionToGroup(PROVISIONING, group1.getId());
GroupDto group2 = groupDb.insertGroup(newGroupDto().setName("Group-2"));
ComponentDto project = componentDb.insertComponent(newProjectDto());
permissionDb.addProjectPermissionToGroup(USER, group2.getId(), project.getId());
GroupDto group3 = groupDb.insertGroup(newGroupDto().setName("Group-3"));
permissionDb.addProjectPermissionToGroup(USER, group3.getId(), project.getId());
// Anyone group
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
permissionDb.addProjectPermissionToGroup(PROVISIONING, null, project.getId());
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, asList("Group-1"), project.getId()))
.isEmpty();
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, asList("Group-2"), project.getId()))
.extracting(GroupRoleDto::getGroupId, GroupRoleDto::getRole, GroupRoleDto::getResourceId)
.containsOnly(tuple(group2.getId(), USER, project.getId()));
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, asList("Group-3"), project.getId()))
.extracting(GroupRoleDto::getGroupId, GroupRoleDto::getRole, GroupRoleDto::getResourceId)
.containsOnly(tuple(group3.getId(), USER, project.getId()));
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, asList("Anyone"), project.getId()))
.extracting(GroupRoleDto::getGroupId, GroupRoleDto::getRole, GroupRoleDto::getResourceId)
.containsOnly(tuple(0L, PROVISIONING, project.getId()));
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, asList("Group-1", "Group-2", "Anyone"), project.getId()))
.hasSize(2);
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, asList("Unknown"), project.getId()))
.isEmpty();
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, asList("Group-1"), 123L))
.isEmpty();
assertThat(
underTest.selectGroupPermissionsByGroupNamesAndProject(
dbSession, Collections.emptyList(), project.getId()))
.isEmpty();
}
@Test
public void should_update_permission_template() throws Exception {
setupData("updatePermissionTemplate");
permissionDao.updatePermissionTemplate(1L, "new_name", "new_description");
checkTable(
"updatePermissionTemplate", "permission_templates", "id", "name", "kee", "description");
}
@Test
public void select_groups_by_query_does_not_return_anyone_when_group_roles_is_empty() {
GroupDto group = groupDb.insertGroup();
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, PermissionQuery.builder().build()))
.doesNotContain(ANYONE)
.containsExactly(group.getName());
}
@Test
public void select_groups_by_query_paginated() {
IntStream.rangeClosed(0, 9)
.forEach(i -> groupDb.insertGroup(newGroupDto().setName(i + "-name")));
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, PermissionQuery.builder().setPageIndex(2).setPageSize(3).build()))
.containsExactly("3-name", "4-name", "5-name");
}
@Test
public void search_by_groups_name() {
db.prepareDbUnit(getClass(), "groups_with_permissions.xml");
List<GroupWithPermissionDto> result =
underTest.selectGroups(
dbSession,
OldPermissionQuery.builder().permission("user").search("aDMini").build(),
COMPONENT_ID);
assertThat(result).hasSize(1);
assertThat(result.get(0).getName()).isEqualTo("sonar-administrators");
result =
underTest.selectGroups(
dbSession,
OldPermissionQuery.builder().permission("user").search("sonar").build(),
COMPONENT_ID);
assertThat(result).hasSize(3);
}
@Test
public void should_create_permission_template() throws Exception {
setupData("createPermissionTemplate");
PermissionTemplateDto permissionTemplate =
permissionDao.createPermissionTemplate("my template", "my description");
assertThat(permissionTemplate).isNotNull();
assertThat(permissionTemplate.getId()).isEqualTo(1L);
checkTable(
"createPermissionTemplate", "permission_templates", "id", "name", "kee", "description");
}
@Test
public void select_groups_by_query_with_search_query() {
GroupDto group = groupDb.insertGroup(newGroupDto().setName("group-anyone"));
groupDb.insertGroup(newGroupDto().setName("unknown"));
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, group.getId());
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, PermissionQuery.builder().setSearchQuery("any").build()))
.containsOnlyOnce(ANYONE, "group-anyone");
}
@Test
public void select_groups_by_query() {
GroupDto group1 = groupDb.insertGroup(newGroupDto());
GroupDto group2 = groupDb.insertGroup(newGroupDto());
GroupDto group3 = groupDb.insertGroup(newGroupDto());
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
List<String> groupNames =
underTest.selectGroupNamesByPermissionQuery(dbSession, PermissionQuery.builder().build());
assertThat(groupNames)
.containsOnly("Anyone", group1.getName(), group2.getName(), group3.getName());
}
@Test
public void should_select_permission_template_by_name() throws Exception {
setupData("selectPermissionTemplate");
PermissionTemplateDto permissionTemplate = permissionDao.selectTemplateByName("my template");
assertThat(permissionTemplate).isNotNull();
assertThat(permissionTemplate.getId()).isEqualTo(1L);
assertThat(permissionTemplate.getName()).isEqualTo("my template");
assertThat(permissionTemplate.getKee()).isEqualTo("my_template_20130102_030405");
assertThat(permissionTemplate.getDescription()).isEqualTo("my description");
}
@Test
public void should_select_empty_permission_template() throws Exception {
setupData("selectEmptyPermissionTemplate");
PermissionTemplateDto permissionTemplate =
permissionDao.selectPermissionTemplate("my template");
assertThat(permissionTemplate).isNotNull();
assertThat(permissionTemplate.getName()).isEqualTo("my template");
assertThat(permissionTemplate.getDescription()).isEqualTo("my description");
assertThat(permissionTemplate.getUsersPermissions()).isNull();
assertThat(permissionTemplate.getGroupsPermissions()).isNull();
}
@Test
public void select_groups_by_query_is_ordered_by_group_names() {
groupDb.insertGroup(newGroupDto().setName("Group-2"));
groupDb.insertGroup(newGroupDto().setName("Group-3"));
groupDb.insertGroup(newGroupDto().setName("Group-1"));
permissionDb.addGlobalPermissionToGroup(SCAN_EXECUTION, null);
assertThat(
underTest.selectGroupNamesByPermissionQuery(
dbSession, PermissionQuery.builder().build()))
.containsExactly("Anyone", "Group-1", "Group-2", "Group-3");
}
@Test
public void should_normalize_kee_on_template_creation() throws Exception {
setupData("createNonAsciiPermissionTemplate");
PermissionTemplateDto permissionTemplate =
permissionDao.createPermissionTemplate("Môü Gnô Gnèçàß", "my description");
assertThat(permissionTemplate).isNotNull();
assertThat(permissionTemplate.getId()).isEqualTo(1L);
checkTable(
"createNonAsciiPermissionTemplate",
"permission_templates",
"id",
"name",
"kee",
"description");
}
@Test
public void should_select_all_permission_templates() throws Exception {
setupData("selectAllPermissionTemplates");
List<PermissionTemplateDto> permissionTemplates = permissionDao.selectAllPermissionTemplates();
assertThat(permissionTemplates).hasSize(3);
assertThat(permissionTemplates).onProperty("id").containsOnly(1L, 2L, 3L);
assertThat(permissionTemplates)
.onProperty("name")
.containsOnly("template1", "template2", "template3");
assertThat(permissionTemplates)
.onProperty("kee")
.containsOnly(
"template1_20130102_030405", "template2_20130102_030405", "template3_20130102_030405");
assertThat(permissionTemplates)
.onProperty("description")
.containsOnly("description1", "description2", "description3");
}
@Test
public void should_skip_key_normalization_on_default_template() throws Exception {
PermissionTemplateMapper mapper = mock(PermissionTemplateMapper.class);
SqlSession session = mock(SqlSession.class);
when(session.getMapper(PermissionTemplateMapper.class)).thenReturn(mapper);
MyBatis myBatis = mock(MyBatis.class);
when(myBatis.openSession()).thenReturn(session);
permissionDao = new PermissionDao(myBatis, dateProvider);
PermissionTemplateDto permissionTemplate =
permissionDao.createPermissionTemplate(PermissionTemplateDto.DEFAULT.getName(), null);
verify(mapper).insert(permissionTemplate);
verify(session).commit();
assertThat(permissionTemplate.getKee()).isEqualTo(PermissionTemplateDto.DEFAULT.getKee());
}
@Test
public void select_groups_for_global_permission() {
db.prepareDbUnit(getClass(), "groups_with_permissions.xml");
OldPermissionQuery query = OldPermissionQuery.builder().permission("admin").build();
List<GroupWithPermissionDto> result = underTest.selectGroups(dbSession, query, null);
assertThat(result).hasSize(3);
GroupWithPermissionDto group1 = result.get(0);
assertThat(group1.getName()).isEqualTo("sonar-administrators");
assertThat(group1.getPermission()).isNotNull();
GroupWithPermissionDto group2 = result.get(1);
assertThat(group2.getName()).isEqualTo("sonar-reviewers");
assertThat(group2.getPermission()).isNull();
GroupWithPermissionDto group3 = result.get(2);
assertThat(group3.getName()).isEqualTo("sonar-users");
assertThat(group3.getPermission()).isNull();
}
@Test
public void anyone_group_is_not_returned_when_it_has_no_permission() {
db.prepareDbUnit(getClass(), "groups_with_permissions.xml");
// Anyone group has not the permission 'admin', so it's not returned
OldPermissionQuery query = OldPermissionQuery.builder().permission("admin").build();
List<GroupWithPermissionDto> result = underTest.selectGroups(dbSession, query, COMPONENT_ID);
assertThat(result).hasSize(3);
GroupWithPermissionDto group1 = result.get(0);
assertThat(group1.getName()).isEqualTo("sonar-administrators");
assertThat(group1.getPermission()).isNotNull();
GroupWithPermissionDto group2 = result.get(1);
assertThat(group2.getName()).isEqualTo("sonar-reviewers");
assertThat(group2.getPermission()).isNull();
GroupWithPermissionDto group3 = result.get(2);
assertThat(group3.getName()).isEqualTo("sonar-users");
assertThat(group3.getPermission()).isNull();
}
@Test
public void should_add_group_permission_to_template() throws Exception {
setupData("addGroupPermissionToTemplate");
permissionDao.addGroupPermission(1L, 1L, "new_permission");
checkTable("addGroupPermissionToTemplate", "permission_templates", "id", "name", "description");
checkTable(
"addGroupPermissionToTemplate",
"perm_templates_users",
"id",
"template_id",
"user_id",
"permission_reference");
checkTable(
"addGroupPermissionToTemplate",
"perm_templates_groups",
"id",
"template_id",
"group_id",
"permission_reference");
}
@Test
public void should_delete_permission_template() throws Exception {
setupData("deletePermissionTemplate");
permissionDao.deletePermissionTemplate(1L);
checkTable("deletePermissionTemplate", "permission_templates", "id", "name", "description");
checkTable(
"deletePermissionTemplate",
"perm_templates_users",
"id",
"template_id",
"user_id",
"permission_reference");
checkTable(
"deletePermissionTemplate",
"perm_templates_groups",
"id",
"template_id",
"group_id",
"permission_reference");
}
@Test
public void should_remove_user_permission_from_template() throws Exception {
setupData("removeUserPermissionFromTemplate");
permissionDao.removeUserPermission(1L, 2L, "permission_to_remove");
checkTable(
"removeUserPermissionFromTemplate", "permission_templates", "id", "name", "description");
checkTable(
"removeUserPermissionFromTemplate",
"perm_templates_users",
"id",
"template_id",
"user_id",
"permission_reference");
checkTable(
"removeUserPermissionFromTemplate",
"perm_templates_groups",
"id",
"template_id",
"group_id",
"permission_reference");
}