From cda8c59c2de3372eb3da1d39176445b2443c1998 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ren=C3=A9=20Pfeuffer?= <rene.pfeuffer@cloudogu.com>
Date: Mon, 21 Jan 2019 10:01:29 +0100
Subject: [PATCH] Accept already assigned permissions even when they are not
 available

---
 .../main/java/sonia/scm/security/PermissionAssigner.java | 6 +++---
 .../java/sonia/scm/security/PermissionAssignerTest.java  | 9 ++++++++-
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java b/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java
index 22b3cd1e2c..faa25d7817 100644
--- a/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/PermissionAssigner.java
@@ -68,15 +68,15 @@ public class PermissionAssigner {
     Collection<PermissionDescriptor> availablePermissions = this.getAvailablePermissions();
 
     permissions.stream()
-      .filter(permissionExists(availablePermissions))
+      .filter(permissionExists(availablePermissions, existingPermissions))
       .map(p -> new AssignedPermission(id, groupPermission, p))
       .filter(p -> !existingPermissions.contains(p))
       .forEach(securitySystem::addPermission);
   }
 
-  private Predicate<PermissionDescriptor> permissionExists(Collection<PermissionDescriptor> availablePermissions) {
+  private Predicate<PermissionDescriptor> permissionExists(Collection<PermissionDescriptor> availablePermissions, Collection<AssignedPermission> existingPermissions) {
     return p -> {
-      if (!availablePermissions.contains(p)) {
+      if (!availablePermissions.contains(p) && existingPermissions.stream().map(AssignedPermission::getPermission).noneMatch(e -> e.equals(p))) {
         throw NotFoundException.notFound(ContextEntry.ContextBuilder.entity("permission", p.getValue()));
       }
       return true;
diff --git a/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java b/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java
index 8ab2ef8c8e..366c16f6b8 100644
--- a/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/security/PermissionAssignerTest.java
@@ -100,6 +100,13 @@ public class PermissionAssignerTest {
   @Test
   public void shouldFailForNotExistingPermissions() {
     expectedException.expect(NotFoundException.class);
-    permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:5"), new PermissionDescriptor("perm:read:4")));
+    permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:4"), new PermissionDescriptor("perm:read:5")));
+  }
+
+  @Test
+  public void shouldAcceptNotExistingPermissionsWhenTheyWereAssignedBefore() {
+    securitySystem.addPermission(new AssignedPermission("2", "perm:read:5"));
+
+    permissionAssigner.setPermissionsForUser("2", asList(new PermissionDescriptor("perm:read:5")));
   }
 }