SONAR-8100 /api/organizations/delete prevents default orga deletion

diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
index 371e86a0aa5d20009d46f63c4bc2d2f896333749..49fd78a4bee14ae873960efcb2de6bb479f1731c 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
@@ -19,14 +19,18 @@
  */
 package org.sonar.server.organization.ws;
 
+import javax.annotation.Nullable;
 import org.sonar.api.server.ws.Request;
 import org.sonar.api.server.ws.Response;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
+import org.sonar.server.organization.DefaultOrganization;
+import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.user.UserSession;
 
+import static com.google.common.base.Preconditions.checkArgument;
 import static java.lang.String.format;
 import static org.sonar.core.util.Uuids.UUID_EXAMPLE_03;
 import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ID;
@@ -38,11 +42,13 @@ public class DeleteAction implements OrganizationsAction {
   private final OrganizationsWsSupport wsSupport;
   private final UserSession userSession;
   private final DbClient dbClient;
+  private final DefaultOrganizationProvider defaultOrganizationProvider;
 
-  public DeleteAction(OrganizationsWsSupport wsSupport, UserSession userSession, DbClient dbClient) {
+  public DeleteAction(OrganizationsWsSupport wsSupport, UserSession userSession, DbClient dbClient, DefaultOrganizationProvider defaultOrganizationProvider) {
     this.wsSupport = wsSupport;
     this.userSession = userSession;
     this.dbClient = dbClient;
+    this.defaultOrganizationProvider = defaultOrganizationProvider;
   }
 
   @Override
@@ -76,6 +82,7 @@ public class DeleteAction implements OrganizationsAction {
     String uuid = request.param(PARAM_ID);
     String key = request.param(PARAM_KEY);
     wsSupport.checkKeyOrId(uuid, key);
+    preventDeletionOfDefaultOrganization(uuid, key, defaultOrganizationProvider.get());
 
     try (DbSession dbSession = dbClient.openSession(false)) {
       if (uuid != null) {
@@ -88,4 +95,9 @@ public class DeleteAction implements OrganizationsAction {
       response.noContent();
     }
   }
+
+  private static void preventDeletionOfDefaultOrganization(@Nullable String uuid, @Nullable String key, DefaultOrganization defaultOrganization) {
+    checkArgument(uuid == null || !defaultOrganization.getUuid().equals(uuid), "Default Organization can't be deleted");
+    checkArgument(key == null || !defaultOrganization.getKey().equals(key), "Default Organization can't be deleted");
+  }
 }

diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
index ce29c6f51792fca6f5dff786fbdafa796be3b17f..c3df3a3872bbaf985490ef67e03f69e20e14506e 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
@@ -29,6 +29,7 @@ import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbTester;
 import org.sonar.db.organization.OrganizationDto;
 import org.sonar.server.exceptions.ForbiddenException;
+import org.sonar.server.organization.DefaultOrganizationProviderRule;
 import org.sonar.server.tester.UserSessionRule;
 import org.sonar.server.ws.TestRequest;
 import org.sonar.server.ws.WsActionTester;
@@ -36,6 +37,7 @@ import org.sonarqube.ws.MediaTypes;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.sonar.core.util.Uuids.UUID_EXAMPLE_03;
+import static org.sonar.server.organization.DefaultOrganizationProviderRule.someDefaultOrganization;
 import static org.sonar.server.organization.ws.OrganizationsWsTestSupport.setParam;
 
 public class DeleteActionTest {
@@ -50,8 +52,10 @@ public class DeleteActionTest {
   public DbTester dbTester = DbTester.create(System2.INSTANCE);
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
+  @Rule
+  public DefaultOrganizationProviderRule defaultOrganizationProvider = someDefaultOrganization();
 
-  private DeleteAction underTest = new DeleteAction(new OrganizationsWsSupport(), userSession, dbTester.getDbClient());
+  private DeleteAction underTest = new DeleteAction(new OrganizationsWsSupport(), userSession, dbTester.getDbClient(), defaultOrganizationProvider);
   private WsActionTester wsTester = new WsActionTester(underTest);
 
   @Test
@@ -167,6 +171,26 @@ public class DeleteActionTest {
     assertThat(dbTester.countRowsOfTable(ORGANIZATIONS_TABLE)).isEqualTo(1);
   }
 
+  @Test
+  public void request_fails_when_attempting_to_delete_Default_Organization_by_uuid() {
+    giveUserSystemAdminPermission();
+
+    expectedException.expect(IllegalArgumentException.class);
+    expectedException.expectMessage("Default Organization can't be deleted");
+
+    executeIdRequest(defaultOrganizationProvider.get().getUuid());
+  }
+
+  @Test
+  public void request_fails_when_attempting_to_delete_Default_Organization_by_key() {
+    giveUserSystemAdminPermission();
+
+    expectedException.expect(IllegalArgumentException.class);
+    expectedException.expectMessage("Default Organization can't be deleted");
+
+    executeKeyRequest(defaultOrganizationProvider.get().getKey());
+  }
+
   private OrganizationDto insertOrganization(String uuid) {
     OrganizationDto dto = new OrganizationDto()
         .setUuid(uuid)