use of org.sonar.db.user.GroupDto in project sonarqube by SonarSource.
the class UserIdentityAuthenticatorTest method authenticate_existing_user_and_remove_all_groups.
@Test
public void authenticate_existing_user_and_remove_all_groups() throws Exception {
UserDto user = db.users().insertUser();
GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization(), "group2");
db.users().insertMember(group1, user);
db.users().insertMember(group2, user);
authenticate(user.getLogin());
assertThat(db.users().selectGroupIdsOfUser(user)).isEmpty();
}
use of org.sonar.db.user.GroupDto in project sonarqube by SonarSource.
the class ComponentIndexLoginTest method should_find_project_for_which_the_user_has_indirect_permission_through_group.
@Test
public void should_find_project_for_which_the_user_has_indirect_permission_through_group() {
GroupDto group = newGroupDto();
userSession.logIn().setGroups(group);
ComponentDto project = newProject("sonarqube", "Quality Product");
indexer.index(project);
assertNoSearchResults("sonarqube");
// give the user implicit access (though group)
authorizationIndexerTester.allowOnlyGroup(project, group);
assertSearchResults("sonarqube", project);
}
use of org.sonar.db.user.GroupDto in project sonarqube by SonarSource.
the class IssueIndexTest method search_issues_for_batch_return_only_authorized_issues.
@Test
public void search_issues_for_batch_return_only_authorized_issues() {
OrganizationDto org = newOrganizationDto();
ComponentDto project1 = newProjectDto(org);
ComponentDto project2 = newProjectDto(org);
ComponentDto file1 = newFileDto(project1, null);
ComponentDto file2 = newFileDto(project2, null);
GroupDto allowedGroup = newGroupDto();
GroupDto otherGroup = newGroupDto();
// project1 can be seen by allowedGroup
indexIssue(IssueDocTesting.newDoc("ISSUE1", file1));
authorizationIndexerTester.allowOnlyGroup(project1, allowedGroup);
// project3 can be seen by nobody
indexIssue(IssueDocTesting.newDoc("ISSUE3", file2));
userSessionRule.logIn().setGroups(allowedGroup);
assertThat(Lists.newArrayList(underTest.selectIssuesForBatch(project1))).hasSize(1);
userSessionRule.logIn().setGroups(otherGroup);
assertThat(Lists.newArrayList(underTest.selectIssuesForBatch(project2))).isEmpty();
}
use of org.sonar.db.user.GroupDto in project sonarqube by SonarSource.
the class IssueIndexTest method authorized_issues_on_groups.
@Test
public void authorized_issues_on_groups() {
OrganizationDto org = newOrganizationDto();
ComponentDto project1 = newProjectDto(org);
ComponentDto project2 = newProjectDto(org);
ComponentDto project3 = newProjectDto(org);
ComponentDto file1 = newFileDto(project1, null);
ComponentDto file2 = newFileDto(project2, null);
ComponentDto file3 = newFileDto(project3, null);
GroupDto group1 = newGroupDto();
GroupDto group2 = newGroupDto();
// project1 can be seen by group1
indexIssue(IssueDocTesting.newDoc("ISSUE1", file1));
authorizationIndexerTester.allowOnlyGroup(project1, group1);
// project2 can be seen by group2
indexIssue(IssueDocTesting.newDoc("ISSUE2", file2));
authorizationIndexerTester.allowOnlyGroup(project2, group2);
// project3 can be seen by nobody
indexIssue(IssueDocTesting.newDoc("ISSUE3", file3));
userSessionRule.logIn().setGroups(group1);
assertThat(underTest.search(IssueQuery.builder().build(), new SearchOptions()).getDocs()).hasSize(1);
userSessionRule.logIn().setGroups(group2);
assertThat(underTest.search(IssueQuery.builder().build(), new SearchOptions()).getDocs()).hasSize(1);
userSessionRule.logIn().setGroups(group1, group2);
assertThat(underTest.search(IssueQuery.builder().build(), new SearchOptions()).getDocs()).hasSize(2);
GroupDto otherGroup = newGroupDto();
userSessionRule.logIn().setGroups(otherGroup);
assertThat(underTest.search(IssueQuery.builder().build(), new SearchOptions()).getDocs()).isEmpty();
userSessionRule.logIn().setGroups(group1, group2);
assertThat(underTest.search(IssueQuery.builder().projectUuids(newArrayList(project3.uuid())).build(), new SearchOptions()).getDocs()).isEmpty();
}
use of org.sonar.db.user.GroupDto in project sonarqube by SonarSource.
the class OrganizationCreationImplTest method create_creates_default_template_for_new_organization.
@Test
public void create_creates_default_template_for_new_organization() throws OrganizationCreation.KeyConflictException {
mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
underTest.create(dbSession, SOME_USER_ID, FULL_POPULATED_NEW_ORGANIZATION);
OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, FULL_POPULATED_NEW_ORGANIZATION.getKey()).get();
GroupDto ownersGroup = dbClient.groupDao().selectByName(dbSession, organization.getUuid(), "Owners").get();
PermissionTemplateDto defaultTemplate = dbClient.permissionTemplateDao().selectByName(dbSession, organization.getUuid(), "default template");
assertThat(defaultTemplate.getName()).isEqualTo("Default template");
assertThat(defaultTemplate.getDescription()).isEqualTo("Default permission template of organization " + FULL_POPULATED_NEW_ORGANIZATION.getName());
DefaultTemplates defaultTemplates = dbClient.organizationDao().getDefaultTemplates(dbSession, organization.getUuid()).get();
assertThat(defaultTemplates.getProjectUuid()).isEqualTo(defaultTemplate.getUuid());
assertThat(defaultTemplates.getViewUuid()).isNull();
assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateId(dbSession, defaultTemplate.getId())).extracting(PermissionTemplateGroupDto::getGroupId, PermissionTemplateGroupDto::getPermission).containsOnly(tuple(ownersGroup.getId(), UserRole.ADMIN), tuple(ownersGroup.getId(), UserRole.ISSUE_ADMIN), tuple(ownersGroup.getId(), GlobalPermissions.SCAN_EXECUTION), tuple(ANYONE_GROUP_ID, UserRole.USER), tuple(ANYONE_GROUP_ID, UserRole.CODEVIEWER));
}
Aggregations