private Set<String> searchOrganizationWithAdminPermission(DbSession dbSession) { Integer userId = userSession.getUserId(); return userId == null ? emptySet() : dbClient.organizationDao().selectByPermission(dbSession, userId, ADMINISTER.getKey()).stream().map(OrganizationDto::getUuid).collect(toSet()); }
private Set<String> searchOrganizationWithProvisionPermission(DbSession dbSession) { Integer userId = userSession.getUserId(); return userId == null ? emptySet() : dbClient.organizationDao().selectByPermission(dbSession, userId, PROVISION_PROJECTS.getKey()).stream().map(OrganizationDto::getUuid).collect(toSet()); }
@Test public void selectByPermission_returns_organization_when_user_has_ADMIN_user_permission_on_some_organization() { UserDto user = db.users().insertUser(); OrganizationDto organization1 = db.organizations().insert(); db.users().insertPermissionOnUser(organization1, user, PERMISSION_2); OrganizationDto organization2 = db.organizations().insert(); db.users().insertPermissionOnUser(organization2, user, PERMISSION_2); UserDto otherUser = db.users().insertUser(); OrganizationDto organization3 = db.organizations().insert(); db.users().insertPermissionOnUser(organization3, otherUser, PERMISSION_2); assertThat(underTest.selectByPermission(dbSession, user.getId(), PERMISSION_2)) .extracting(OrganizationDto::getUuid) .containsOnly(organization1.getUuid(), organization2.getUuid()); assertThat(underTest.selectByPermission(dbSession, otherUser.getId(), PERMISSION_2)) .extracting(OrganizationDto::getUuid) .containsOnly(organization3.getUuid()); assertThat(underTest.selectByPermission(dbSession, 1234, PERMISSION_2)) .isEmpty(); }
@Test public void selectByPermission_returns_organization_only_if_user_has_specific_permission_by_user_permission() { OrganizationDto organization = db.organizations().insert(); OrganizationDto otherOrganization = db.organizations().insert(); UserDto user = db.users().insertUser(); db.users().insertPermissionOnUser(organization, user, PERMISSION_1); db.users().insertPermissionOnUser(otherOrganization, user, PERMISSION_2); UserDto otherUser = db.users().insertUser(); db.users().insertPermissionOnUser(organization, otherUser, PERMISSION_2); db.users().insertPermissionOnUser(otherOrganization, otherUser, PERMISSION_1); assertThat(underTest.selectByPermission(dbSession, user.getId(), PERMISSION_1)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(organization.getUuid()); assertThat(underTest.selectByPermission(dbSession, user.getId(), PERMISSION_2)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(otherOrganization.getUuid()); assertThat(underTest.selectByPermission(dbSession, otherUser.getId(), PERMISSION_1)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(otherOrganization.getUuid()); assertThat(underTest.selectByPermission(dbSession, otherUser.getId(), PERMISSION_2)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(organization.getUuid()); }
@Test public void selectByPermission_returns_organization_when_user_has_ADMIN_group_permission_on_some_organization() { UserDto user = db.users().insertUser(); OrganizationDto organization1 = db.organizations().insert(); GroupDto defaultGroup = db.users().insertGroup(organization1); db.users().insertPermissionOnGroup(defaultGroup, PERMISSION_1); db.users().insertMember(defaultGroup, user); OrganizationDto organization2 = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(organization2); db.users().insertPermissionOnGroup(group1, PERMISSION_1); db.users().insertMember(group1, user); UserDto otherUser = db.users().insertUser(); OrganizationDto organization3 = db.organizations().insert(); GroupDto group2 = db.users().insertGroup(organization3); db.users().insertPermissionOnGroup(group2, PERMISSION_1); db.users().insertMember(group2, otherUser); assertThat(underTest.selectByPermission(dbSession, user.getId(), PERMISSION_1)) .extracting(OrganizationDto::getUuid) .containsOnly(organization1.getUuid(), organization2.getUuid()); assertThat(underTest.selectByPermission(dbSession, otherUser.getId(), PERMISSION_1)) .extracting(OrganizationDto::getUuid) .containsOnly(organization3.getUuid()); assertThat(underTest.selectByPermission(dbSession, 1234, PERMISSION_1)) .isEmpty(); }
db.users().insertMember(otherGroup1, otherUser); assertThat(underTest.selectByPermission(dbSession, user.getId(), PERMISSION_1)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(organization.getUuid()); assertThat(underTest.selectByPermission(dbSession, user.getId(), PERMISSION_2)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(otherOrganization.getUuid()); assertThat(underTest.selectByPermission(dbSession, otherUser.getId(), PERMISSION_1)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(otherOrganization.getUuid()); assertThat(underTest.selectByPermission(dbSession, otherUser.getId(), PERMISSION_2)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(organization.getUuid());
@Test public void selectByPermission_return_organization_only_once_even_if_user_has_ADMIN_permission_twice_or_more() { String permission = "destroy"; UserDto user = db.users().insertUser(); OrganizationDto organization = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(organization); db.users().insertPermissionOnGroup(group1, permission); db.users().insertMember(group1, user); GroupDto group2 = db.users().insertGroup(organization); db.users().insertPermissionOnGroup(group2, permission); db.users().insertMember(group2, user); db.users().insertPermissionOnUser(organization, user, permission); assertThat(underTest.selectByPermission(dbSession, user.getId(), permission)) .extracting(OrganizationDto::getUuid) .containsOnlyOnce(organization.getUuid()); }
private Set<String> searchOrganizationWithAdminPermission(DbSession dbSession) { Integer userId = userSession.getUserId(); return userId == null ? emptySet() : dbClient.organizationDao().selectByPermission(dbSession, userId, ADMINISTER.getKey()).stream().map(OrganizationDto::getUuid).collect(toSet()); }