Skip to content

Commit

Permalink
SONAR-8704 create and populate field authorization/groupIds
Browse files Browse the repository at this point in the history 
Using groupIds removes conflicts between organizations
when two groups have the same name.
  • Loading branch information
Simon Brandhof committed Jan 31, 2017
1 parent 057a46c commit cff2885
Show file tree
Hide file tree
Showing 9 changed files with 47 additions and 36 deletions.
2 changes: 2 additions & 0 deletions ...onar-server/src/main/java/org/sonar/server/permission/index/AuthorizationTypeSupport.java
View file
Expand Up @@ -38,6 +38,7 @@
public class AuthorizationTypeSupport {

public static final String TYPE_AUTHORIZATION = "authorization";
public static final String FIELD_GROUP_IDS = "groupIds";
public static final String FIELD_GROUP_NAMES = "groupNames";
public static final String FIELD_USER_LOGINS = "users";
public static final String FIELD_UPDATED_AT = "updatedAt";
Expand Down Expand Up @@ -73,6 +74,7 @@ public static NewIndex.NewIndexType enableProjectAuthorization(NewIndex.NewIndex
NewIndex.NewIndexType authType = type.getIndex().createType(TYPE_AUTHORIZATION);
authType.setAttribute("_routing", ImmutableMap.of("required", true));
authType.createDateTimeField(FIELD_UPDATED_AT);
authType.createLongField(FIELD_GROUP_IDS);
authType.stringFieldBuilder(FIELD_GROUP_NAMES).disableNorms().build();
authType.stringFieldBuilder(FIELD_USER_LOGINS).disableNorms().build();
authType.createBooleanField(FIELD_ALLOW_ANYONE);
Expand Down
3 changes: 2 additions & 1 deletion server/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexer.java
View file
Expand Up @@ -181,7 +181,8 @@ private static IndexRequest newIndexRequest(PermissionIndexerDao.Dto dto, String
// no need to feed users and groups
} else {
doc.put(AuthorizationTypeSupport.FIELD_ALLOW_ANYONE, false);
doc.put(AuthorizationTypeSupport.FIELD_GROUP_NAMES, dto.getGroups());
doc.put(AuthorizationTypeSupport.FIELD_GROUP_IDS, dto.getGroupIds());
doc.put(AuthorizationTypeSupport.FIELD_GROUP_NAMES, dto.getGroupNames());
doc.put(AuthorizationTypeSupport.FIELD_USER_LOGINS, dto.getUsers());
}
return new IndexRequest(indexName, TYPE_AUTHORIZATION, dto.getProjectUuid())
Expand Down
50 changes: 29 additions & 21 deletions ...er/sonar-server/src/main/java/org/sonar/server/permission/index/PermissionIndexerDao.java
View file
Expand Up @@ -19,7 +19,6 @@
*/
package org.sonar.server.permission.index;

import com.google.common.collect.Lists;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
Expand All @@ -45,8 +44,9 @@ public static final class Dto {
private final String projectUuid;
private final long updatedAt;
private final String qualifier;
private final List<Long> users = Lists.newArrayList();
private final List<String> groups = Lists.newArrayList();
private final List<Long> users = new ArrayList<>();
private final List<String> groupNames = new ArrayList<>();
private final List<Long> groupIds = new ArrayList<>();
private boolean allowAnyone = false;

public Dto(String projectUuid, long updatedAt, String qualifier) {
Expand Down Expand Up @@ -76,13 +76,22 @@ public Dto addUser(Long s) {
return this;
}

public Dto addGroup(String s) {
groups.add(s);
public Dto addGroupName(String s) {
groupNames.add(s);
return this;
}

public List<String> getGroups() {
return groups;
public List<String> getGroupNames() {
return groupNames;
}

public Dto addGroupId(long id) {
groupIds.add(id);
return this;
}

public List<Long> getGroupIds() {
return groupIds;
}

public void allowAnyone() {
Expand All @@ -107,7 +116,8 @@ private enum RowKind {
" project_authorization.kind as kind, " +
" project_authorization.project as project, " +
" project_authorization.user_id as user_id, " +
" project_authorization.permission_group as permission_group, " +
" project_authorization.group_name as group_name, " +
" project_authorization.group_id as group_id, " +
" project_authorization.updated_at as updated_at, " +
" project_authorization.qualifier as qualifier " +
"FROM ( " +
Expand All @@ -119,7 +129,8 @@ private enum RowKind {
" projects.authorization_updated_at AS updated_at, " +
" projects.qualifier AS qualifier, " +
" user_roles.user_id AS user_id, " +
" NULL AS permission_group " +
" NULL AS group_name, " +
" NULL AS group_id " +
" FROM projects " +
" INNER JOIN user_roles ON user_roles.resource_id = projects.id AND user_roles.role = 'user' " +
" WHERE " +
Expand All @@ -135,7 +146,8 @@ private enum RowKind {
" projects.authorization_updated_at AS updated_at, " +
" projects.qualifier AS qualifier, " +
" NULL AS user_id, " +
" groups.name AS permission_group " +
" groups.name AS group_name, " +
" groups.id AS group_id " +
" FROM projects " +
" INNER JOIN group_roles ON group_roles.resource_id = projects.id AND group_roles.role = 'user' " +
" INNER JOIN groups ON groups.id = group_roles.group_id " +
Expand All @@ -153,7 +165,8 @@ private enum RowKind {
" projects.authorization_updated_at AS updated_at, " +
" projects.qualifier AS qualifier, " +
" NULL AS user_id, " +
" NULL AS permission_group " +
" NULL AS group_name, " +
" NULL AS group_id " +
" FROM projects " +
" INNER JOIN group_roles ON group_roles.resource_id = projects.id AND group_roles.role='user' " +
" WHERE " +
Expand Down Expand Up @@ -216,23 +229,18 @@ private static void processRow(ResultSet rs, Map<String, Dto> dtosByProjectUuid)

Dto dto = dtosByProjectUuid.get(projectUuid);
if (dto == null) {
long updatedAt = rs.getLong(5);
String qualifier = rs.getString(6);
long updatedAt = rs.getLong(6);
String qualifier = rs.getString(7);
dto = new Dto(projectUuid, updatedAt, qualifier);
dtosByProjectUuid.put(projectUuid, dto);
}
switch (rowKind) {
case USER:
Long userId = rs.getLong(3);
if (!rs.wasNull()) {
dto.addUser(userId);
}
dto.addUser(rs.getLong(3));
break;
case GROUP:
String group = rs.getString(4);
if (!rs.wasNull()) {
dto.addGroup(group);
}
dto.addGroupName(rs.getString(4));
dto.addGroupId(rs.getLong(5));
break;
case ANYONE:
dto.allowAnyone();
Expand Down
2 changes: 1 addition & 1 deletion server/sonar-server/src/test/java/org/sonar/server/batch/IssuesActionTest.java
View file
Expand Up @@ -328,7 +328,7 @@ private void indexIssues(IssueDoc... issues) {
private void addIssueAuthorization(String projectUuid, @Nullable String group, @Nullable Long user) {
PermissionIndexerDao.Dto access = new PermissionIndexerDao.Dto(projectUuid, system2.now(), Qualifiers.PROJECT);
if (group != null) {
access.addGroup(group);
access.addGroupName(group);
}
if (user != null) {
access.addUser(user);
Expand Down
2 changes: 1 addition & 1 deletion server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexDebtTest.java
View file
Expand Up @@ -290,7 +290,7 @@ private void indexIssues(IssueDoc... issues) {
private void addIssueAuthorization(String projectUuid, @Nullable String group, @Nullable Long user) {
PermissionIndexerDao.Dto access = new PermissionIndexerDao.Dto(projectUuid, system2.now(), Qualifiers.PROJECT);
if (group != null) {
access.addGroup(group);
access.addGroupName(group);
}
if (user != null) {
access.addUser(user);
Expand Down
2 changes: 1 addition & 1 deletion server/sonar-server/src/test/java/org/sonar/server/issue/index/IssueIndexTest.java
View file
Expand Up @@ -1319,7 +1319,7 @@ public void search_issues_for_batch_return_only_authorized_issues() {
private void indexIssues(IssueDoc... issues) {
issueIndexer.index(Arrays.asList(issues).iterator());
for (IssueDoc issue : issues) {
authorizationIndexerTester.allow(new PermissionIndexerDao.Dto(issue.projectUuid(), system2.now(), "TRK").addGroup("Anyone"));
authorizationIndexerTester.allow(new PermissionIndexerDao.Dto(issue.projectUuid(), system2.now(), "TRK").addGroupName("Anyone"));
}
}

Expand Down
2 changes: 1 addition & 1 deletion ...r/sonar-server/src/test/java/org/sonar/server/measure/index/ProjectMeasuresIndexTest.java
View file
Expand Up @@ -877,7 +877,7 @@ private void addDocs(@Nullable Long authorizeUser, @Nullable String authorizedGr
for (ProjectMeasuresDoc doc : docs) {
PermissionIndexerDao.Dto access = new PermissionIndexerDao.Dto(doc.getId(), System.currentTimeMillis(), Qualifiers.PROJECT);
if (authorizedGroup != null) {
access.addGroup(authorizedGroup);
access.addGroupName(authorizedGroup);
}
if (authorizeUser != null) {
access.addUser(authorizeUser);
Expand Down
16 changes: 8 additions & 8 deletions ...onar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java
View file
Expand Up @@ -87,28 +87,28 @@ public void select_all() {
assertThat(dtos).hasSize(4);

PermissionIndexerDao.Dto project1Authorization = getByProjectUuid(project1.uuid(), dtos);
assertThat(project1Authorization.getGroups()).containsOnly(group.getName());
assertThat(project1Authorization.getGroupNames()).containsOnly(group.getName());
assertThat(project1Authorization.isAllowAnyone()).isTrue();
assertThat(project1Authorization.getUsers()).containsOnly(user1.getId());
assertThat(project1Authorization.getUpdatedAt()).isNotNull();
assertThat(project1Authorization.getQualifier()).isEqualTo(PROJECT);

PermissionIndexerDao.Dto view1Authorization = getByProjectUuid(view1.uuid(), dtos);
assertThat(view1Authorization.getGroups()).containsOnly(group.getName());
assertThat(view1Authorization.getGroupNames()).containsOnly(group.getName());
assertThat(view1Authorization.isAllowAnyone()).isTrue();
assertThat(view1Authorization.getUsers()).containsOnly(user1.getId());
assertThat(view1Authorization.getUpdatedAt()).isNotNull();
assertThat(view1Authorization.getQualifier()).isEqualTo(VIEW);

PermissionIndexerDao.Dto project2Authorization = getByProjectUuid(project2.uuid(), dtos);
assertThat(project2Authorization.getGroups()).isEmpty();
assertThat(project2Authorization.getGroupNames()).isEmpty();
assertThat(project2Authorization.isAllowAnyone()).isTrue();
assertThat(project2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId());
assertThat(project2Authorization.getUpdatedAt()).isNotNull();
assertThat(project2Authorization.getQualifier()).isEqualTo(PROJECT);

PermissionIndexerDao.Dto view2Authorization = getByProjectUuid(view2.uuid(), dtos);
assertThat(view2Authorization.getGroups()).isEmpty();
assertThat(view2Authorization.getGroupNames()).isEmpty();
assertThat(view2Authorization.isAllowAnyone()).isTrue();
assertThat(view2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId());
assertThat(view2Authorization.getUpdatedAt()).isNotNull();
Expand All @@ -125,28 +125,28 @@ public void selectByUuids() throws Exception {
assertThat(dtos).hasSize(4);

PermissionIndexerDao.Dto project1Authorization = dtos.get(project1.uuid());
assertThat(project1Authorization.getGroups()).containsOnly(group.getName());
assertThat(project1Authorization.getGroupNames()).containsOnly(group.getName());
assertThat(project1Authorization.isAllowAnyone()).isTrue();
assertThat(project1Authorization.getUsers()).containsOnly(user1.getId());
assertThat(project1Authorization.getUpdatedAt()).isNotNull();
assertThat(project1Authorization.getQualifier()).isEqualTo(PROJECT);

PermissionIndexerDao.Dto view1Authorization = dtos.get(view1.uuid());
assertThat(view1Authorization.getGroups()).containsOnly(group.getName());
assertThat(view1Authorization.getGroupNames()).containsOnly(group.getName());
assertThat(view1Authorization.isAllowAnyone()).isTrue();
assertThat(view1Authorization.getUsers()).containsOnly(user1.getId());
assertThat(view1Authorization.getUpdatedAt()).isNotNull();
assertThat(view1Authorization.getQualifier()).isEqualTo(VIEW);

PermissionIndexerDao.Dto project2Authorization = dtos.get(project2.uuid());
assertThat(project2Authorization.getGroups()).isEmpty();
assertThat(project2Authorization.getGroupNames()).isEmpty();
assertThat(project2Authorization.isAllowAnyone()).isTrue();
assertThat(project2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId());
assertThat(project2Authorization.getUpdatedAt()).isNotNull();
assertThat(project2Authorization.getQualifier()).isEqualTo(PROJECT);

PermissionIndexerDao.Dto view2Authorization = dtos.get(view2.uuid());
assertThat(view2Authorization.getGroups()).isEmpty();
assertThat(view2Authorization.getGroupNames()).isEmpty();
assertThat(view2Authorization.isAllowAnyone()).isTrue();
assertThat(view2Authorization.getUsers()).containsOnly(user1.getId(), user2.getId());
assertThat(view2Authorization.getUpdatedAt()).isNotNull();
Expand Down
4 changes: 2 additions & 2 deletions ...sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerTester.java
View file
Expand Up @@ -38,7 +38,7 @@ public PermissionIndexerTester(EsTester esTester, NeedAuthorizationIndexer index

public PermissionIndexerTester allowOnlyAnyone(ComponentDto project) {
PermissionIndexerDao.Dto dto = new PermissionIndexerDao.Dto(project.uuid(), System.currentTimeMillis(), project.qualifier())
.addGroup("Anyone");
.addGroupName("Anyone");
permissionIndexer.index(asList(dto));
return this;
}
Expand All @@ -52,7 +52,7 @@ public PermissionIndexerTester allowOnlyUser(ComponentDto project, long userId)

public PermissionIndexerTester allowOnlyGroup(ComponentDto project, String groupName) {
PermissionIndexerDao.Dto dto = new PermissionIndexerDao.Dto(project.uuid(), System.currentTimeMillis(), project.qualifier())
.addGroup(groupName);
.addGroupName(groupName);
permissionIndexer.index(asList(dto));
return this;
}
Expand Down

0 comments on commit cff2885

Please sign in to comment.