org.sonar.db.permission.AuthorizationMapper.xml Maven / Gradle / Ivy
The newest version!
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "mybatis-3-mapper.dtd">
<mapper namespace="org.sonar.db.permission.AuthorizationMapper">
<select id="selectOrganizationPermissions" parameterType="map" resultType="string">
select gr.role
from group_roles gr
inner join groups_users gu on gr.group_id=gu.group_id
where
gr.organization_uuid=#{organizationUuid,jdbcType=VARCHAR} and
gr.resource_id is null and
gu.user_id=#{userId,jdbcType=INTEGER}
union
select gr.role
from group_roles gr
where
gr.organization_uuid=#{organizationUuid,jdbcType=VARCHAR} and
gr.group_id is null and
gr.resource_id is null
union
select ur.role
from user_roles ur
where
ur.organization_uuid=#{organizationUuid,jdbcType=VARCHAR} and
ur.user_id=#{userId,jdbcType=INTEGER}
and ur.resource_id is null
</select>
<select id="selectOrganizationPermissionsOfAnonymous" parameterType="map" resultType="string">
select gr.role
from group_roles gr
where
gr.organization_uuid=#{organizationUuid,jdbcType=VARCHAR} and
gr.resource_id is null and
gr.group_id is null
</select>
<select id="countUsersWithGlobalPermissionExcludingGroup" parameterType="map" resultType="int">
select count(1) from
(
select gu.user_id
from groups_users gu
inner join group_roles gr on gr.group_id = gu.group_id
where
gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
gr.role = #{permission,jdbcType=VARCHAR} and
gr.resource_id is null and
gr.group_id is not null and
gr.group_id != #{excludedGroupId,jdbcType=INTEGER}
union
select ur.user_id
from user_roles ur
where
ur.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
ur.resource_id is null and
ur.role = #{permission,jdbcType=VARCHAR}
) remaining
</select>
<select id="countUsersWithGlobalPermissionExcludingUser" parameterType="map" resultType="int">
select count(1) from
(
select gu.user_id
from groups_users gu
inner join group_roles gr on gr.group_id = gu.group_id
where
gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
gr.role = #{permission,jdbcType=VARCHAR} and
gr.resource_id is null and
gr.group_id is not null and
gu.user_id != #{excludedUserId,jdbcType=INTEGER}
union
select ur.user_id
from user_roles ur
where
ur.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
ur.resource_id is null and
ur.role = #{permission,jdbcType=VARCHAR} and
ur.user_id != #{excludedUserId,jdbcType=INTEGER}
) remaining
</select>
<select id="countUsersWithGlobalPermissionExcludingGroupMember" parameterType="map" resultType="int">
select count(1) from
(
select gu.user_id
from groups_users gu
inner join group_roles gr on gr.group_id = gu.group_id
where
gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
gr.role = #{permission,jdbcType=VARCHAR} and
gr.resource_id is null and
gr.group_id is not null and
(gu.group_id != #{groupId,jdbcType=INTEGER} or gu.user_id != #{userId,jdbcType=INTEGER})
union
select ur.user_id
from user_roles ur
where
ur.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
ur.resource_id is null and
ur.role = #{permission,jdbcType=VARCHAR}
) remaining
</select>
<select id="countUsersWithGlobalPermissionExcludingUserPermission" parameterType="map" resultType="int">
select count(1) from
(
select gu.user_id
from groups_users gu
inner join group_roles gr on gr.group_id = gu.group_id
where
gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
gr.role = #{permission,jdbcType=VARCHAR} and
gr.resource_id is null and
gr.group_id is not null
union
select ur.user_id
from user_roles ur
where
ur.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
ur.resource_id is null and
ur.role = #{permission,jdbcType=VARCHAR} and
ur.user_id != #{userId,jdbcType=INTEGER}
) remaining
</select>
<select id="selectOrganizationUuidsOfUserWithGlobalPermission" parameterType="map" resultType="String">
select gr.organization_uuid
from group_roles gr
inner join groups_users gu on gr.group_id = gu.group_id
where
gr.role = #{permission,jdbcType=VARCHAR} and
gr.resource_id is null and
gr.group_id is not null and
gu.user_id = #{userId,jdbcType=INTEGER}
union
select ur.organization_uuid
from user_roles ur
where
ur.resource_id is null and
ur.role = #{permission,jdbcType=VARCHAR} and
ur.user_id = #{userId,jdbcType=INTEGER}
</select>
<select id="keepAuthorizedProjectIdsForUser" parameterType="map" resultType="long">
select
gr.resource_id
from
group_roles gr
where
gr.role=#{role,jdbcType=VARCHAR}
and (
gr.group_id is null
or exists (
select
1
from
groups_users gu
where
gu.user_id = #{userId, jdbcType=INTEGER}
and gr.group_id = gu.group_id
)
)
and <foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
gr.resource_id=#{element,jdbcType=BIGINT}
</foreach>
union
select
p.id
from
user_roles ur
inner join projects p on
p.id = ur.resource_id
where
ur.role=#{role,jdbcType=VARCHAR}
and ur.user_id=#{userId,jdbcType=INTEGER}
and <foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
p.id=#{element,jdbcType=BIGINT}
</foreach>
union
<include refid="sqlSelectPublicProjectsIfRole"/>
</select>
<select id="keepAuthorizedProjectIdsForAnonymous" parameterType="map" resultType="long">
select
gr.resource_id
from
group_roles gr
where
gr.role=#{role,jdbcType=VARCHAR}
and gr.group_id is null
and <foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
gr.resource_id=#{element,jdbcType=BIGINT}
</foreach>
union
<include refid="sqlSelectPublicProjectsIfRole"/>
</select>
<sql id="sqlSelectPublicProjectsIfRole">
select
p.id
from
projects p
where
<foreach collection="componentIds" open="(" close=")" item="element" index="index" separator=" or ">
p.id=#{element,jdbcType=BIGINT}
</foreach>
and p.private = ${_false}
and #{role,jdbcType=VARCHAR} in ('user','codeviewer')
</sql>
<select id="keepAuthorizedProjectUuidsForUser" parameterType="map" resultType="String">
select p.uuid
from projects p
inner join group_roles gr on p.id = gr.resource_id
where
gr.role = #{permission,jdbcType=VARCHAR}
and (gr.group_id is null or exists (
select 1 from groups_users gu
where
gu.user_id = #{userId, jdbcType=INTEGER}
and gr.group_id = gu.group_id)
)
and p.uuid in <foreach collection="projectUuids" open="(" close=")" item="projectUuid" index="index" separator=",">#{projectUuid,jdbcType=VARCHAR}</foreach>
union
select p.uuid
from projects p
inner join user_roles ur on p.id = ur.resource_id
where
ur.role=#{permission,jdbcType=VARCHAR}
and ur.user_id=#{userId,jdbcType=INTEGER}
and p.uuid in <foreach collection="projectUuids" open="(" close=")" item="projectUuid" index="index" separator=",">#{projectUuid,jdbcType=VARCHAR}</foreach>
<if test="permission == 'user' or permission == 'codeviewer'">
union
select p.uuid
from projects p
where
p.uuid in <foreach collection="projectUuids" open="(" close=")" item="projectUuid" index="index" separator=",">#{projectUuid,jdbcType=VARCHAR}</foreach>
and p.private = ${_false}
</if>
</select>
<select id="keepAuthorizedProjectUuidsForAnonymous" parameterType="map" resultType="String">
select p.uuid
from projects p
inner join group_roles gr on p.id = gr.resource_id
where
gr.role=#{permission,jdbcType=VARCHAR}
and gr.group_id is null
and p.uuid in <foreach collection="projectUuids" open="(" close=")" item="projectUuid" index="index" separator=",">#{projectUuid,jdbcType=VARCHAR}</foreach>
<if test="permission == 'user' or permission == 'codeviewer'">
union
select p.uuid
from projects p
where
p.uuid in <foreach collection="projectUuids" open="(" close=")" item="projectUuid" index="index" separator=",">#{projectUuid,jdbcType=VARCHAR}</foreach>
and p.private = ${_false}
</if>
</select>
<select id="keepAuthorizedUsersForRoleAndProject" parameterType="map" resultType="int">
select
gu.user_id
from
groups_users gu
inner join group_roles gr on
gr.group_id=gu.group_id
where
gr.resource_id=#{componentId,jdbcType=BIGINT}
and gr.role=#{role,jdbcType=VARCHAR}
and gu.user_id in
<foreach collection="userIds" open="(" close=")" item="id" separator=",">
#{id,jdbcType=BIGINT}
</foreach>
union
select
ur.user_id
from
user_roles ur
where
ur.resource_id=#{componentId,jdbcType=BIGINT}
and ur.role=#{role,jdbcType=VARCHAR}
and ur.user_id IN
<foreach collection="userIds" open="(" close=")" item="id" separator=",">
#{id,jdbcType=BIGINT}
</foreach>
union
select
u.id
from
users u
where
u.id in
<foreach collection="userIds" open="(" close=")" item="id" separator=",">
#{id,jdbcType=BIGINT}
</foreach>
and exists (
select
1
from
projects p
where
p.id =#{componentId,jdbcType=BIGINT}
and p.private = ${_false}
and #{role,jdbcType=VARCHAR} in ('user','codeviewer')
)
</select>
<select id="selectProjectPermissions" parameterType="map" resultType="String">
select ur.role
from user_roles ur
inner join projects p on p.id = ur.resource_id
where
p.uuid = #{projectUuid,jdbcType=VARCHAR} and
p.organization_uuid = ur.organization_uuid and
ur.user_id = #{userId,jdbcType=BIGINT}
union
select gr.role
from group_roles gr
inner join groups_users gu on gr.group_id = gu.group_id
inner join projects p on p.id = gr.resource_id
where
p.uuid = #{projectUuid,jdbcType=VARCHAR} and
p.organization_uuid = gr.organization_uuid and
gu.user_id = #{userId,jdbcType=BIGINT}
union
<include refid="sql_selectProjectPermissionsOfAnonymous"/>
</select>
<select id="selectProjectPermissionsOfAnonymous" parameterType="map" resultType="String">
<include refid="sql_selectProjectPermissionsOfAnonymous"/>
</select>
<sql id="sql_selectProjectPermissionsOfAnonymous">
select
gr.role
from
group_roles gr
inner join projects p on
p.id = gr.resource_id
where
p.uuid = #{projectUuid,jdbcType=VARCHAR}
and p.organization_uuid = gr.organization_uuid
and gr.group_id is null
</sql>
<select id="selectLoginsWithGlobalPermission" parameterType="map" resultType="String">
select u.login
from user_roles ur
inner join users u on u.id=ur.user_id
where
ur.role=#{permission,jdbcType=VARCHAR}
and ur.resource_id is null
union
select u.login
from group_roles gr
inner join groups_users gu on gr.group_id = gu.group_id
inner join users u on u.id=gu.user_id
where
gr.role = #{permission,jdbcType=VARCHAR} and
gr.resource_id is null and
gr.group_id is not null
</select>
<select id="keepAuthorizedLoginsOnProject" parameterType="map" resultType="String">
SELECT u.login
FROM users u
INNER JOIN user_roles ur ON ur.user_id = u.id
INNER JOIN projects p ON p.kee = #{projectKey,jdbcType=VARCHAR}
WHERE
ur.organization_uuid = p.organization_uuid
AND ur.resource_id = p.id
AND ur.role = #{permission,jdbcType=VARCHAR}
AND u.login IN <foreach collection="logins" open="(" close=")" item="login" separator=",">#{login}</foreach>
UNION
SELECT u.login
FROM users u
INNER JOIN projects p ON p.kee = #{projectKey,jdbcType=VARCHAR}
INNER JOIN group_roles gr ON gr.organization_uuid = p.organization_uuid
INNER JOIN groups_users gu ON gr.group_id = gu.group_id
WHERE
gu.user_id = u.id
AND gr.role = #{permission,jdbcType=VARCHAR}
AND u.login IN <foreach collection="logins" open="(" close=")" item="login" separator=",">#{login}</foreach>
<if test="permission == 'user' or permission == 'codeviewer'">
UNION
SELECT u.login
FROM users u
INNER JOIN projects p ON p.kee = #{projectKey,jdbcType=VARCHAR}
WHERE
p.private = ${_false}
AND u.login IN <foreach collection="logins" open="(" close=")" item="login" separator=",">#{login}</foreach>
</if>
</select>
</mapper>
© 2015 - 2025 Weber Informatics LLC | Privacy Policy