Search in sources :

Example 1 with PermissionTemplateGroupDto

use of org.sonar.db.permission.template.PermissionTemplateGroupDto in project sonarqube by SonarSource.

the class PermissionTemplateService method copyPermissions.

private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, ComponentDto project, @Nullable Integer projectCreatorUserId) {
    dbClient.resourceDao().updateAuthorizationDate(project.getId(), dbSession);
    dbClient.groupPermissionDao().deleteByRootComponentId(dbSession, project.getId());
    dbClient.userPermissionDao().deleteProjectPermissions(dbSession, project.getId());
    List<PermissionTemplateUserDto> usersPermissions = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(dbSession, template.getId());
    String organizationUuid = template.getOrganizationUuid();
    usersPermissions.forEach(up -> {
        UserPermissionDto dto = new UserPermissionDto(organizationUuid, up.getPermission(), up.getUserId(), project.getId());
        dbClient.userPermissionDao().insert(dbSession, dto);
    });
    List<PermissionTemplateGroupDto> groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, template.getId());
    groupsPermissions.forEach(gp -> {
        GroupPermissionDto dto = new GroupPermissionDto().setOrganizationUuid(organizationUuid).setGroupId(isAnyone(gp.getGroupName()) ? null : gp.getGroupId()).setRole(gp.getPermission()).setResourceId(project.getId());
        dbClient.groupPermissionDao().insert(dbSession, dto);
    });
    List<PermissionTemplateCharacteristicDto> characteristics = dbClient.permissionTemplateCharacteristicDao().selectByTemplateIds(dbSession, asList(template.getId()));
    if (projectCreatorUserId != null) {
        Set<String> permissionsForCurrentUserAlreadyInDb = usersPermissions.stream().filter(userPermission -> projectCreatorUserId.equals(userPermission.getUserId())).map(PermissionTemplateUserDto::getPermission).collect(java.util.stream.Collectors.toSet());
        characteristics.stream().filter(PermissionTemplateCharacteristicDto::getWithProjectCreator).filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission())).forEach(c -> {
            UserPermissionDto dto = new UserPermissionDto(organizationUuid, c.getPermission(), projectCreatorUserId, project.getId());
            dbClient.userPermissionDao().insert(dbSession, dto);
        });
    }
}
Also used : PermissionTemplateDto(org.sonar.db.permission.template.PermissionTemplateDto) StringUtils(org.apache.commons.lang.StringUtils) OrganizationPermission(org.sonar.db.permission.OrganizationPermission) DbSession(org.sonar.db.DbSession) GroupPermissionDto(org.sonar.db.permission.GroupPermissionDto) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) MessageFormat(java.text.MessageFormat) ArrayList(java.util.ArrayList) Collections.singletonList(java.util.Collections.singletonList) DefaultTemplatesResolverImpl(org.sonar.server.permission.ws.template.DefaultTemplatesResolverImpl) PermissionTemplateUserDto(org.sonar.db.permission.template.PermissionTemplateUserDto) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) Arrays.asList(java.util.Arrays.asList) DefaultTemplatesResolver(org.sonar.server.permission.ws.template.DefaultTemplatesResolver) Nullable(javax.annotation.Nullable) PermissionIndexer(org.sonar.server.permission.index.PermissionIndexer) Iterator(java.util.Iterator) Collection(java.util.Collection) DefaultTemplates(org.sonar.db.organization.DefaultTemplates) Set(java.util.Set) Collectors(org.sonar.core.util.stream.Collectors) String.format(java.lang.String.format) DbClient(org.sonar.db.DbClient) List(java.util.List) ComponentDto(org.sonar.db.component.ComponentDto) Qualifiers(org.sonar.api.resources.Qualifiers) PermissionTemplateCharacteristicDto(org.sonar.db.permission.template.PermissionTemplateCharacteristicDto) DefaultGroups.isAnyone(org.sonar.api.security.DefaultGroups.isAnyone) ServerSide(org.sonar.api.server.ServerSide) UserSession(org.sonar.server.user.UserSession) CheckForNull(javax.annotation.CheckForNull) UserPermissionDto(org.sonar.db.permission.UserPermissionDto) ComponentKeys(org.sonar.core.component.ComponentKeys) PermissionTemplateUserDto(org.sonar.db.permission.template.PermissionTemplateUserDto) PermissionTemplateCharacteristicDto(org.sonar.db.permission.template.PermissionTemplateCharacteristicDto) UserPermissionDto(org.sonar.db.permission.UserPermissionDto) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) GroupPermissionDto(org.sonar.db.permission.GroupPermissionDto)

Example 2 with PermissionTemplateGroupDto

use of org.sonar.db.permission.template.PermissionTemplateGroupDto in project sonarqube by SonarSource.

the class OrganizationCreationImplTest method create_creates_default_template_for_new_organization.

@Test
public void create_creates_default_template_for_new_organization() throws OrganizationCreation.KeyConflictException {
    mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
    underTest.create(dbSession, SOME_USER_ID, FULL_POPULATED_NEW_ORGANIZATION);
    OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, FULL_POPULATED_NEW_ORGANIZATION.getKey()).get();
    GroupDto ownersGroup = dbClient.groupDao().selectByName(dbSession, organization.getUuid(), "Owners").get();
    PermissionTemplateDto defaultTemplate = dbClient.permissionTemplateDao().selectByName(dbSession, organization.getUuid(), "default template");
    assertThat(defaultTemplate.getName()).isEqualTo("Default template");
    assertThat(defaultTemplate.getDescription()).isEqualTo("Default permission template of organization " + FULL_POPULATED_NEW_ORGANIZATION.getName());
    DefaultTemplates defaultTemplates = dbClient.organizationDao().getDefaultTemplates(dbSession, organization.getUuid()).get();
    assertThat(defaultTemplates.getProjectUuid()).isEqualTo(defaultTemplate.getUuid());
    assertThat(defaultTemplates.getViewUuid()).isNull();
    assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, defaultTemplate.getId())).extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission).containsOnly(tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN), tuple(ownersGroup.getId(), GlobalPermissions.SCAN_EXECUTION), tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER));
}
Also used : PermissionTemplateDto(org.sonar.db.permission.template.PermissionTemplateDto) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) GroupDto(org.sonar.db.user.GroupDto) OrganizationDto(org.sonar.db.organization.OrganizationDto) DefaultTemplates(org.sonar.db.organization.DefaultTemplates) Test(org.junit.Test)

Example 3 with PermissionTemplateGroupDto

use of org.sonar.db.permission.template.PermissionTemplateGroupDto in project sonarqube by SonarSource.

the class CreateActionTest method request_creates_default_template_for_owner_group_and_anyone.

@Test
public void request_creates_default_template_for_owner_group_and_anyone() {
    mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
    UserDto user = dbTester.users().insertUser();
    userSession.logIn(user).setSystemAdministrator();
    executeRequest("orgFoo");
    OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, "orgfoo").get();
    GroupDto ownersGroup = dbClient.groupDao().selectByName(dbSession, organization.getUuid(), "Owners").get();
    PermissionTemplateDto defaultTemplate = dbClient.permissionTemplateDao().selectByName(dbSession, organization.getUuid(), "default template");
    assertThat(defaultTemplate.getName()).isEqualTo("Default template");
    assertThat(defaultTemplate.getDescription()).isEqualTo("Default permission template of organization orgFoo");
    DefaultTemplates defaultTemplates = dbClient.organizationDao().getDefaultTemplates(dbSession, organization.getUuid()).get();
    assertThat(defaultTemplates.getProjectUuid()).isEqualTo(defaultTemplate.getUuid());
    assertThat(defaultTemplates.getViewUuid()).isNull();
    assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, defaultTemplate.getId())).extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission).containsOnly(tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN), tuple(ownersGroup.getId(), GlobalPermissions.SCAN_EXECUTION), tuple(0, UserRole.USER), tuple(0, UserRole.CODEVIEWER));
}
Also used : PermissionTemplateDto(org.sonar.db.permission.template.PermissionTemplateDto) UserDto(org.sonar.db.user.UserDto) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) GroupDto(org.sonar.db.user.GroupDto) OrganizationDto(org.sonar.db.organization.OrganizationDto) DefaultTemplates(org.sonar.db.organization.DefaultTemplates) Test(org.junit.Test)

Example 4 with PermissionTemplateGroupDto

use of org.sonar.db.permission.template.PermissionTemplateGroupDto in project sonarqube by SonarSource.

the class PermissionTemplateService method copyPermissions.

private void copyPermissions(DbSession dbSession, PermissionTemplateDto template, ComponentDto project, @Nullable String projectCreatorUserUuid) {
    List<PermissionTemplateUserDto> usersPermissions = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(dbSession, template.getUuid());
    Set<String> permissionTemplateUserUuids = usersPermissions.stream().map(PermissionTemplateUserDto::getUserUuid).collect(Collectors.toSet());
    Map<String, UserId> userIdByUuid = dbClient.userDao().selectByUuids(dbSession, permissionTemplateUserUuids).stream().collect(Collectors.toMap(UserDto::getUuid, u -> u));
    usersPermissions.stream().filter(up -> permissionValidForProject(project, up.getPermission())).forEach(up -> {
        UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), up.getPermission(), up.getUserUuid(), project.uuid());
        dbClient.userPermissionDao().insert(dbSession, dto, project, userIdByUuid.get(up.getUserUuid()), template);
    });
    List<PermissionTemplateGroupDto> groupsPermissions = dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, template.getUuid());
    groupsPermissions.stream().filter(gp -> groupNameValidForProject(project, gp.getGroupName())).filter(gp -> permissionValidForProject(project, gp.getPermission())).forEach(gp -> {
        String groupUuid = isAnyone(gp.getGroupName()) ? null : gp.getGroupUuid();
        String groupName = groupUuid == null ? null : dbClient.groupDao().selectByUuid(dbSession, groupUuid).getName();
        GroupPermissionDto dto = new GroupPermissionDto().setUuid(uuidFactory.create()).setGroupUuid(groupUuid).setGroupName(groupName).setRole(gp.getPermission()).setComponentUuid(project.uuid()).setComponentName(project.name());
        dbClient.groupPermissionDao().insert(dbSession, dto, project, template);
    });
    List<PermissionTemplateCharacteristicDto> characteristics = dbClient.permissionTemplateCharacteristicDao().selectByTemplateUuids(dbSession, singletonList(template.getUuid()));
    if (projectCreatorUserUuid != null) {
        Set<String> permissionsForCurrentUserAlreadyInDb = usersPermissions.stream().filter(userPermission -> projectCreatorUserUuid.equals(userPermission.getUserUuid())).map(PermissionTemplateUserDto::getPermission).collect(java.util.stream.Collectors.toSet());
        UserDto userDto = dbClient.userDao().selectByUuid(dbSession, projectCreatorUserUuid);
        characteristics.stream().filter(PermissionTemplateCharacteristicDto::getWithProjectCreator).filter(up -> permissionValidForProject(project, up.getPermission())).filter(characteristic -> !permissionsForCurrentUserAlreadyInDb.contains(characteristic.getPermission())).forEach(c -> {
            UserPermissionDto dto = new UserPermissionDto(uuidFactory.create(), c.getPermission(), userDto.getUuid(), project.uuid());
            dbClient.userPermissionDao().insert(dbSession, dto, project, userDto, template);
        });
    }
}
Also used : PermissionTemplateDto(org.sonar.db.permission.template.PermissionTemplateDto) ProjectIndexers(org.sonar.server.es.ProjectIndexers) StringUtils(org.apache.commons.lang.StringUtils) UserDto(org.sonar.db.user.UserDto) DbSession(org.sonar.db.DbSession) GroupPermissionDto(org.sonar.db.permission.GroupPermissionDto) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) MessageFormat(java.text.MessageFormat) ArrayList(java.util.ArrayList) Collections.singletonList(java.util.Collections.singletonList) PermissionTemplateUserDto(org.sonar.db.permission.template.PermissionTemplateUserDto) Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument) SCAN(org.sonar.db.permission.GlobalPermission.SCAN) Map(java.util.Map) ProjectIndexer(org.sonar.server.es.ProjectIndexer) PUBLIC_PERMISSIONS(org.sonar.api.web.UserRole.PUBLIC_PERMISSIONS) Nullable(javax.annotation.Nullable) Iterator(java.util.Iterator) Collection(java.util.Collection) UuidFactory(org.sonar.core.util.UuidFactory) Set(java.util.Set) Collectors(java.util.stream.Collectors) String.format(java.lang.String.format) TemplateMatchingKeyException(org.sonar.server.exceptions.TemplateMatchingKeyException) UserId(org.sonar.db.user.UserId) DbClient(org.sonar.db.DbClient) List(java.util.List) ComponentDto(org.sonar.db.component.ComponentDto) Qualifiers(org.sonar.api.resources.Qualifiers) PermissionTemplateCharacteristicDto(org.sonar.db.permission.template.PermissionTemplateCharacteristicDto) DefaultGroups.isAnyone(org.sonar.api.security.DefaultGroups.isAnyone) ServerSide(org.sonar.api.server.ServerSide) ResolvedDefaultTemplates(org.sonar.server.permission.DefaultTemplatesResolver.ResolvedDefaultTemplates) UserSession(org.sonar.server.user.UserSession) CheckForNull(javax.annotation.CheckForNull) UserPermissionDto(org.sonar.db.permission.UserPermissionDto) UserDto(org.sonar.db.user.UserDto) PermissionTemplateUserDto(org.sonar.db.permission.template.PermissionTemplateUserDto) UserPermissionDto(org.sonar.db.permission.UserPermissionDto) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) PermissionTemplateUserDto(org.sonar.db.permission.template.PermissionTemplateUserDto) UserId(org.sonar.db.user.UserId) PermissionTemplateCharacteristicDto(org.sonar.db.permission.template.PermissionTemplateCharacteristicDto) GroupPermissionDto(org.sonar.db.permission.GroupPermissionDto)

Example 5 with PermissionTemplateGroupDto

use of org.sonar.db.permission.template.PermissionTemplateGroupDto in project sonarqube by SonarSource.

the class TemplateGroupsAction method handle.

@Override
public void handle(Request wsRequest, Response wsResponse) throws Exception {
    try (DbSession dbSession = dbClient.openSession(false)) {
        WsTemplateRef templateRef = WsTemplateRef.fromRequest(wsRequest);
        PermissionTemplateDto template = wsSupport.findTemplate(dbSession, templateRef);
        checkGlobalAdmin(userSession);
        PermissionQuery query = buildPermissionQuery(wsRequest);
        int total = dbClient.permissionTemplateDao().countGroupNamesByQueryAndTemplate(dbSession, query, template.getUuid());
        Paging paging = Paging.forPageIndex(wsRequest.mandatoryParamAsInt(PAGE)).withPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE)).andTotal(total);
        List<GroupDto> groups = findGroups(dbSession, query, template);
        List<PermissionTemplateGroupDto> groupPermissions = findGroupPermissions(dbSession, groups, template);
        Permissions.WsGroupsResponse groupsResponse = buildResponse(groups, groupPermissions, paging);
        writeProtobuf(groupsResponse, wsRequest, wsResponse);
    }
}
Also used : DbSession(org.sonar.db.DbSession) PermissionTemplateDto(org.sonar.db.permission.template.PermissionTemplateDto) Paging(org.sonar.api.utils.Paging) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) GroupDto(org.sonar.db.user.GroupDto) Permissions(org.sonarqube.ws.Permissions) PermissionTemplateGroupDto(org.sonar.db.permission.template.PermissionTemplateGroupDto) PermissionQuery(org.sonar.db.permission.PermissionQuery)

Aggregations

PermissionTemplateDto (org.sonar.db.permission.template.PermissionTemplateDto)7 PermissionTemplateGroupDto (org.sonar.db.permission.template.PermissionTemplateGroupDto)7 GroupDto (org.sonar.db.user.GroupDto)5 Test (org.junit.Test)4 DbSession (org.sonar.db.DbSession)3 DefaultTemplates (org.sonar.db.organization.DefaultTemplates)3 Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)2 String.format (java.lang.String.format)2 MessageFormat (java.text.MessageFormat)2 ArrayList (java.util.ArrayList)2 Collection (java.util.Collection)2 Collections.singletonList (java.util.Collections.singletonList)2 Iterator (java.util.Iterator)2 List (java.util.List)2 Set (java.util.Set)2 CheckForNull (javax.annotation.CheckForNull)2 Nullable (javax.annotation.Nullable)2 StringUtils (org.apache.commons.lang.StringUtils)2 Qualifiers (org.sonar.api.resources.Qualifiers)2 DefaultGroups.isAnyone (org.sonar.api.security.DefaultGroups.isAnyone)2