import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;
public class OrganizationAction implements NavigationWsAction {
private static final String PARAM_ORGANIZATION = "organization";
private final DbClient dbClient;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
private final UserSession userSession;
- public OrganizationAction(DbClient dbClient, DefaultOrganizationProvider defaultOrganizationProvider, UserSession userSession) {
+ public OrganizationAction(DbClient dbClient, UserSession userSession) {
this.dbClient = dbClient;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
this.userSession = userSession;
}
}
private void writeOrganization(JsonWriter json, OrganizationDto organization) {
+ String organizationUuid = organization.getUuid();
json.name("organization")
.beginObject()
- .prop("isDefault", organization.getKey().equals(defaultOrganizationProvider.get().getKey()))
- .prop("canAdmin", userSession.hasOrganizationPermission(organization.getUuid(), GlobalPermissions.SYSTEM_ADMIN))
- .prop("canProvisionProjects", userSession.hasOrganizationPermission(organization.getUuid(), GlobalPermissions.PROVISIONING))
+ .prop("canAdmin", userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN))
+ .prop("canProvisionProjects", userSession.hasOrganizationPermission(organizationUuid, GlobalPermissions.PROVISIONING))
+ .prop("canDelete", organization.isGuarded() ? userSession.isSystemAdministrator() : userSession.hasOrganizationPermission(organizationUuid, SYSTEM_ADMIN))
.endObject();
}
}
import org.sonar.db.DbClient;
import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
-import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.TestResponse;
import org.sonar.server.ws.WsActionTester;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.test.JsonAssert.assertJson;
public class OrganizationActionTest {
public ExpectedException expectedException = ExpectedException.none();
private DbClient dbClient = dbTester.getDbClient();
- private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(dbTester);
- private WsActionTester underTest = new WsActionTester(new OrganizationAction(dbClient, defaultOrganizationProvider, userSession));
+ private WsActionTester underTest = new WsActionTester(new OrganizationAction(dbClient, userSession));
@Test
public void verify_definition() {
@Test
public void verify_example() {
- OrganizationDto defaultOrganization = dbTester.getDefaultOrganization();
+ OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
userSession.logIn()
- .addOrganizationPermission(defaultOrganization, "admin")
- .addOrganizationPermission(defaultOrganization, "provisioning");
+ .addOrganizationPermission(organization, "admin")
+ .addOrganizationPermission(organization, "provisioning");
- TestResponse response = executeRequest(defaultOrganization);
+ TestResponse response = executeRequest(organization);
assertJson(response.getInput())
.isSimilarTo(underTest.getDef().responseExampleAsString());
}
@Test
- public void returns_non_admin_and_default_true_when_user_not_logged_in_and_key_is_the_default_organization() {
+ public void returns_non_admin_and_canDelete_false_when_user_not_logged_in_and_key_is_the_default_organization() {
TestResponse response = executeRequest(dbTester.getDefaultOrganization());
- verifyResponse(response, true, false, false);
+ verifyResponse(response, false, false, false);
}
@Test
- public void returns_non_admin_and_default_true_when_user_logged_in_but_not_admin_and_key_is_the_default_organization() {
+ public void returns_non_admin_and_canDelete_false_when_user_logged_in_but_not_admin_and_key_is_the_default_organization() {
userSession.logIn();
TestResponse response = executeRequest(dbTester.getDefaultOrganization());
- verifyResponse(response, true, false, false);
+ verifyResponse(response, false, false, false);
}
@Test
- public void returns_admin_and_default_true_when_user_logged_in_and_admin_and_key_is_the_default_organization() {
+ public void returns_admin_and_canDelete_true_when_user_logged_in_and_admin_and_key_is_the_default_organization() {
OrganizationDto defaultOrganization = dbTester.getDefaultOrganization();
userSession.logIn().addOrganizationPermission(defaultOrganization.getUuid(), "admin");
TestResponse response = executeRequest(defaultOrganization);
- verifyResponse(response, true, true, false);
+ verifyResponse(response, true, false, true);
}
@Test
- public void returns_non_admin_and_default_true_when_user_not_logged_in_and_key_is_not_the_default_organization() {
+ public void returns_non_admin_and_canDelete_false_when_user_not_logged_in_and_key_is_not_the_default_organization() {
OrganizationDto organization = dbTester.organizations().insert();
TestResponse response = executeRequest(organization);
}
@Test
- public void returns_non_admin_and_default_false_when_user_not_logged_in_and_key_is_not_the_default_organization() {
+ public void returns_non_admin_and_canDelete_false_when_user_logged_in_but_not_admin_and_key_is_not_the_default_organization() {
OrganizationDto organization = dbTester.organizations().insert();
+ userSession.logIn();
TestResponse response = executeRequest(organization);
}
@Test
- public void returns_non_admin_and_default_false_when_user_logged_in_but_not_admin_and_key_is_not_the_default_organization() {
+ public void returns_admin_and_canDelete_true_when_user_logged_in_and_admin_and_key_is_not_the_default_organization() {
OrganizationDto organization = dbTester.organizations().insert();
- userSession.logIn();
+ userSession.logIn().addOrganizationPermission(organization.getUuid(), "admin");
TestResponse response = executeRequest(organization);
- verifyResponse(response, false, false, false);
+ verifyResponse(response, true, false, true);
}
@Test
- public void returns_admin_and_default_false_when_user_logged_in_and_admin_and_key_is_not_the_default_organization() {
- OrganizationDto organization = dbTester.organizations().insert();
- userSession.logIn().addOrganizationPermission(organization.getUuid(), "admin");
+ public void returns_admin_and_canDelete_false_when_user_logged_in_and_admin_and_key_is_guarded_organization() {
+ OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
+ userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+
+ TestResponse response = executeRequest(organization);
+
+ verifyResponse(response, true, false, false);
+ }
+
+ @Test
+ public void returns_only_canDelete_true_when_user_is_system_administrator_and_key_is_guarded_organization() {
+ OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
+ userSession.logIn().setSystemAdministrator();
TestResponse response = executeRequest(organization);
- verifyResponse(response, false, true, false);
+ verifyResponse(response, false, false, true);
}
@Test
userSession.logIn().addOrganizationPermission(org2, "provisioning");
verifyResponse(executeRequest(org1), false, false, false);
- verifyResponse(executeRequest(org2), false, false, true);
+ verifyResponse(executeRequest(org2), false, true, false);
}
private TestResponse executeRequest(@Nullable OrganizationDto organization) {
return request.execute();
}
- private static void verifyResponse(TestResponse response, boolean isDefault, boolean canAdmin, boolean canProvisionProjects) {
+ private static void verifyResponse(TestResponse response, boolean canAdmin, boolean canProvisionProjects, boolean canDelete) {
assertJson(response.getInput())
.isSimilarTo("{" +
" \"organization\": {" +
- " \"isDefault\": " + isDefault + "," +
" \"canAdmin\": " + canAdmin + "," +
- " \"canProvisionProjects\": " + canProvisionProjects +
+ " \"canProvisionProjects\": " + canProvisionProjects + "," +
+ " \"canDelete\": " + canDelete +
" }" +
"}");
}
projects / sonarqube.git / commitdiff