SONAR-5596 Purge permission on modules

salmankhalid · Feb 18, 2015 · d6c79a0 · d6c79a0
1 parent 235184a
commit d6c79a0
Show file tree

Hide file tree

Showing 10 changed files with 275 additions and 4 deletions.
diff --git a/server/sonar-server/src/main/java/org/sonar/server/db/migrations/DatabaseMigrations.java b/server/sonar-server/src/main/java/org/sonar/server/db/migrations/DatabaseMigrations.java
@@ -92,6 +92,7 @@ public interface DatabaseMigrations {
     FeedProjectMeasuresLongDates.class,
     FeedManualMeasuresLongDates.class,
     FeedEventsLongDates.class,
-    AddCharacteristicUsabilityAndSubCharacteristicsComplianceMigration.class
-  );
+    AddCharacteristicUsabilityAndSubCharacteristicsComplianceMigration.class,
+    RemovePermissionsOnModulesMigration.class
+    );
 }
diff --git a/...src/main/java/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigration.java b/...src/main/java/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigration.java
@@ -0,0 +1,68 @@
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+
+package org.sonar.server.db.migrations.v51;
+
+import org.sonar.core.persistence.Database;
+import org.sonar.server.db.migrations.BaseDataChange;
+import org.sonar.server.db.migrations.MassUpdate;
+import org.sonar.server.db.migrations.Select;
+import org.sonar.server.db.migrations.SqlStatement;
+
+import java.sql.SQLException;
+
+/**
+ * See http://jira.codehaus.org/browse/SONAR-5596
+ *
+ * It's no possible to set permission on a module or a sub-view, but the batch was setting default permission on it on their creation.
+ * As now it's no more the case, we need to purge this useless data.
+ *
+ * @since 5.1
+ */
+public class RemovePermissionsOnModulesMigration extends BaseDataChange {
+
+  public RemovePermissionsOnModulesMigration(Database db) {
+    super(db);
+  }
+
+  @Override
+  public void execute(Context context) throws SQLException {
+    removeUserRolePermissions(context, "user_roles", "user roles");
+    removeUserRolePermissions(context, "group_roles", "group roles");
+  }
+
+  private void removeUserRolePermissions(Context context, String tableName, String pluralName) throws SQLException {
+    MassUpdate massUpdate = context.prepareMassUpdate();
+    massUpdate.select("SELECT r.id " +
+      "FROM " + tableName + " r " +
+      "  INNER JOIN projects ON projects.id = r.resource_id " +
+      "WHERE projects.module_uuid IS NOT NULL;");
+    massUpdate.update("DELETE FROM " + tableName + " WHERE id=?");
+    massUpdate.rowPluralName(pluralName);
+    massUpdate.execute(new MassUpdate.Handler() {
+      @Override
+      public boolean handle(Select.Row row, SqlStatement update) throws SQLException {
+        update.setLong(1, row.getLong(1));
+        return true;
+      }
+    });
+  }
+
+}
diff --git a/...test/java/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest.java b/...test/java/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest.java
@@ -0,0 +1,58 @@
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.server.db.migrations.v51;
+
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Test;
+import org.sonar.core.persistence.DbTester;
+import org.sonar.server.db.migrations.DatabaseMigration;
+
+public class RemovePermissionsOnModulesMigrationTest {
+
+  @ClassRule
+  public static DbTester db = new DbTester().schema(RemovePermissionsOnModulesMigrationTest.class, "schema.sql");
+
+  DatabaseMigration migration;
+
+  @Before
+  public void setUp() throws Exception {
+    migration = new RemovePermissionsOnModulesMigration(db.database());
+  }
+
+  @Test
+  public void execute() throws Exception {
+    db.prepareDbUnit(getClass(), "migrate.xml");
+
+    migration.execute();
+
+    db.assertDbUnit(getClass(), "migrate-result.xml", "user_roles", "group_roles");
+  }
+
+  @Test
+  public void nothing_to_do_when_already_migrated() throws Exception {
+    db.prepareDbUnit(getClass(), "nothing_to_do_when_already_migrated.xml");
+
+    migration.execute();
+
+    db.assertDbUnit(getClass(), "nothing_to_do_when_already_migrated.xml", "user_roles", "group_roles");
+  }
+
+}
diff --git a/...sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest/migrate-result.xml b/...sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest/migrate-result.xml
@@ -0,0 +1,20 @@
+<dataset>
+
+  <projects id="100" root_id="[null]" scope="PRJ" qualifier="TRK" kee="org.struts:struts" name="Struts" description="the description" long_name="Apache Struts"
+            enabled="[true]" language="java" copy_resource_id="[null]" person_id="[null]" path="[null]" authorization_updated_at="123456789"/>
+
+  <projects id="101" root_id="[null]" scope="PRJ" qualifier="BRC" kee="org.struts:struts-server" name="Struts Server" description="the description" long_name="Apache Struts Server"
+            enabled="[true]" language="java" copy_resource_id="[null]" person_id="[null]" path="[null]" authorization_updated_at="123456789"/>
+
+  <!-- Permissions on project -->
+  <user_roles id="1" user_id="200" resource_id="100" role="user"/>
+  <user_roles id="2" user_id="200" resource_id="100" role="admin"/>
+  <group_roles id="1" group_id="100" resource_id="100" role="codeviewer"/>
+
+  <!-- No more permissions on module -->
+
+  <!-- Global permissions -->
+  <user_roles id="10" user_id="200" resource_id="[null]" role="admin"/>
+  <group_roles id="10" group_id="200" resource_id="[null]" role="admin"/>
+
+</dataset>
diff --git a/...es/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest/migrate.xml b/...es/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest/migrate.xml
@@ -0,0 +1,25 @@
+<dataset>
+
+  <projects id="100" uuid="ABCD" module_uuid="[null]" project_uuid="ABCD" module_uuid_path=".ABCD." root_id="[null]"
+            scope="PRJ" qualifier="TRK" kee="org.struts:struts" name="Struts" description="the description" long_name="Apache Struts"
+            enabled="[true]" language="java" copy_resource_id="[null]" person_id="[null]" path="[null]" authorization_updated_at="123456789"/>
+
+  <projects id="101" uuid="BCDE" module_uuid="ABCD" project_uuid="ABCD" module_uuid_path=".ABCD.BCDE." root_id="100"
+            scope="PRJ" qualifier="BRC" kee="org.struts:struts-server" name="Struts Server" description="the description" long_name="Apache Struts Server"
+            enabled="[true]" language="java" copy_resource_id="[null]" person_id="[null]" path="[null]" authorization_updated_at="123456789"/>
+
+  <!-- Permissions on project -->
+  <user_roles id="1" user_id="200" resource_id="100" role="user"/>
+  <user_roles id="2" user_id="200" resource_id="100" role="admin"/>
+  <group_roles id="1" group_id="100" resource_id="100" role="codeviewer"/>
+
+  <!-- Permissions on module : should be deleted -->
+  <user_roles id="3" user_id="200" resource_id="101" role="user"/>
+  <user_roles id="4" user_id="200" resource_id="101" role="admin"/>
+  <group_roles id="2" group_id="100" resource_id="101" role="codeviewer"/>
+
+  <!-- Global permissions -->
+  <user_roles id="10" user_id="200" resource_id="[null]" role="admin"/>
+  <group_roles id="10" group_id="200" resource_id="[null]" role="admin"/>
+
+</dataset>
diff --git a/...tions/v51/RemovePermissionsOnModulesMigrationTest/nothing_to_do_when_already_migrated.xml b/...tions/v51/RemovePermissionsOnModulesMigrationTest/nothing_to_do_when_already_migrated.xml
@@ -0,0 +1,18 @@
+<dataset>
+
+  <projects id="100" root_id="[null]" scope="PRJ" qualifier="TRK" kee="org.struts:struts" name="Struts" description="the description" long_name="Apache Struts"
+            enabled="[true]" language="java" copy_resource_id="[null]" person_id="[null]" path="[null]" authorization_updated_at="123456789"/>
+
+  <projects id="101" root_id="[null]" scope="PRJ" qualifier="BRC" kee="org.struts:struts-server" name="Struts Server" description="the description" long_name="Apache Struts Server"
+            enabled="[true]" language="java" copy_resource_id="[null]" person_id="[null]" path="[null]" authorization_updated_at="123456789"/>
+
+  <!-- Permissions on project -->
+  <user_roles id="1" user_id="200" resource_id="100" role="user"/>
+  <user_roles id="2" user_id="200" resource_id="100" role="admin"/>
+  <group_roles id="1" group_id="100" resource_id="100" role="codeviewer"/>
+
+  <!-- Global permissions -->
+  <user_roles id="10" user_id="200" resource_id="[null]" role="admin"/>
+  <group_roles id="10" group_id="200" resource_id="[null]" role="admin"/>
+
+</dataset>
diff --git a/...ces/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest/schema.sql b/...ces/org/sonar/server/db/migrations/v51/RemovePermissionsOnModulesMigrationTest/schema.sql
@@ -0,0 +1,49 @@
+CREATE TABLE "USER_ROLES" (
+  "ID" INTEGER NOT NULL GENERATED BY DEFAULT AS IDENTITY (START WITH 1, INCREMENT BY 1),
+  "USER_ID" INTEGER,
+  "RESOURCE_ID" INTEGER,
+  "ROLE" VARCHAR(64) NOT NULL
+);
+
+CREATE INDEX "USER_ROLES_RESOURCE" ON "USER_ROLES" ("RESOURCE_ID");
+
+CREATE INDEX "USER_ROLES_USER" ON "USER_ROLES" ("USER_ID");
+
+CREATE TABLE "GROUP_ROLES" (
+  "ID" INTEGER NOT NULL GENERATED BY DEFAULT AS IDENTITY (START WITH 1, INCREMENT BY 1),
+  "GROUP_ID" INTEGER,
+  "RESOURCE_ID" INTEGER,
+  "ROLE" VARCHAR(64) NOT NULL
+);
+
+CREATE INDEX "GROUP_ROLES_RESOURCE" ON "GROUP_ROLES" ("RESOURCE_ID");
+
+CREATE INDEX "GROUP_ROLES_GROUP" ON "GROUP_ROLES" ("GROUP_ID");
+
+CREATE INDEX "GROUP_ROLES_ROLE" ON "GROUP_ROLES" ("ROLE");
+
+CREATE UNIQUE INDEX "UNIQ_GROUP_ROLES" ON "GROUP_ROLES" ("GROUP_ID", "RESOURCE_ID", "ROLE");
+
+CREATE TABLE "PROJECTS" (
+  "ID" INTEGER NOT NULL GENERATED BY DEFAULT AS IDENTITY (START WITH 1, INCREMENT BY 1),
+  "KEE" VARCHAR(400),
+  "ROOT_ID" INTEGER,
+  "UUID" VARCHAR(50),
+  "PROJECT_UUID" VARCHAR(50),
+  "MODULE_UUID" VARCHAR(50),
+  "MODULE_UUID_PATH" VARCHAR(4000),
+  "NAME" VARCHAR(256),
+  "DESCRIPTION" VARCHAR(2000),
+  "ENABLED" BOOLEAN NOT NULL DEFAULT TRUE,
+  "SCOPE" VARCHAR(3),
+  "QUALIFIER" VARCHAR(10),
+  "DEPRECATED_KEE" VARCHAR(400),
+  "PATH" VARCHAR(2000),
+  "LANGUAGE" VARCHAR(20),
+  "COPY_RESOURCE_ID" INTEGER,
+  "LONG_NAME" VARCHAR(256),
+  "PERSON_ID" INTEGER,
+  "CREATED_AT" TIMESTAMP,
+  "AUTHORIZATION_UPDATED_AT" BIGINT
+);
+
diff --git a/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/795_remove_permissions_on_modules.rb b/server/sonar-web/src/main/webapp/WEB-INF/db/migrate/795_remove_permissions_on_modules.rb
@@ -0,0 +1,31 @@
+#
+# SonarQube, open source software quality management tool.
+# Copyright (C) 2008-2014 SonarSource
+# mailto:contact AT sonarsource DOT com
+#
+# SonarQube is free software; you can redistribute it and/or
+# modify it under the terms of the GNU Lesser General Public
+# License as published by the Free Software Foundation; either
+# version 3 of the License, or (at your option) any later version.
+#
+# SonarQube is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# Lesser General Public License for more details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program; if not, write to the Free Software Foundation,
+# Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+#
+
+#
+# SonarQube 5.1
+# SONAR-5596
+#
+class RemovePermissionsOnModules < ActiveRecord::Migration
+
+  def self.up
+    execute_java_migration 'org.sonar.server.db.migrations.v51.RemovePermissionsOnModulesMigration'
+  end
+
+end
diff --git a/sonar-core/src/main/java/org/sonar/core/persistence/DatabaseVersion.java b/sonar-core/src/main/java/org/sonar/core/persistence/DatabaseVersion.java
@@ -33,7 +33,7 @@
  */
 public class DatabaseVersion implements BatchComponent, ServerComponent {
 
-  public static final int LAST_VERSION = 794;
+  public static final int LAST_VERSION = 795;
 
   /**
    * List of all the tables.n
@@ -88,7 +88,7 @@ public class DatabaseVersion implements BatchComponent, ServerComponent {
     "user_roles",
     "widgets",
     "widget_properties"
-  );
+    );
   private MyBatis mybatis;
 
   public DatabaseVersion(MyBatis mybatis) {

diff --git a/sonar-core/src/main/resources/org/sonar/core/persistence/rows-h2.sql b/sonar-core/src/main/resources/org/sonar/core/persistence/rows-h2.sql
@@ -321,6 +321,7 @@ INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('791');
 INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('792');
 INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('793');
 INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('794');
+INSERT INTO SCHEMA_MIGRATIONS(VERSION) VALUES ('795');
 
 INSERT INTO USERS(ID, LOGIN, NAME, EMAIL, CRYPTED_PASSWORD, SALT, CREATED_AT, UPDATED_AT, REMEMBER_TOKEN, REMEMBER_TOKEN_EXPIRES_AT) VALUES (1, 'admin', 'Administrator', '', 'a373a0e667abb2604c1fd571eb4ad47fe8cc0878', '48bc4b0d93179b5103fd3885ea9119498e9d161b', '1418215735482', '1418215735482', null, null);
 ALTER TABLE USERS ALTER COLUMN ID RESTART WITH 2;