*/
package org.sonar.server.usergroups.ws;
+import org.sonar.api.server.ws.Change;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService.NewAction;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.organization.OrganizationDto;
+import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserGroupDto;
import org.sonar.server.user.UserSession;
"Requires the following permission: 'Administer System'.", PARAM_GROUP_ID, PARAM_GROUP_NAME))
.setHandler(this)
.setPost(true)
- .setSince("5.2");
+ .setSince("5.2")
+ .setChangelog(new Change("6.4", "It's no longer possible to add a user to the default group"));
defineGroupWsParameters(action);
defineLoginWsParameter(action);
@Override
public void handle(Request request, Response response) throws Exception {
try (DbSession dbSession = dbClient.openSession(false)) {
- GroupId groupId = support.findGroup(dbSession, request);
+ GroupDto groupId = support.findGroupDto(dbSession, request);
userSession.checkLoggedIn().checkPermission(ADMINISTER, groupId.getOrganizationUuid());
String login = request.mandatoryParam(PARAM_LOGIN);
OrganizationDto organization = support.findOrganizationByKey(dbSession, request.param(PARAM_ORGANIZATION_KEY));
checkMembership(dbSession, organization, user);
+ support.checkGroupIsNotDefault(groupId);
if (!isMemberOf(dbSession, user, groupId)) {
UserGroupDto membershipDto = new UserGroupDto().setGroupId(groupId.getId()).setUserId(user.getId());
}
}
- private boolean isMemberOf(DbSession dbSession, UserDto user, GroupId groupId) {
+ private boolean isMemberOf(DbSession dbSession, UserDto user, GroupDto groupId) {
return dbClient.groupMembershipDao().selectGroupIdsByUserId(dbSession, user.getId()).contains(groupId.getId());
}
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.OrganizationPermission;
+import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.user.UserSession;
userSession.checkLoggedIn();
try (DbSession dbSession = dbClient.openSession(false)) {
- GroupId group = support.findGroup(dbSession, request);
+ GroupDto group = support.findGroupDto(dbSession, request);
userSession.checkPermission(OrganizationPermission.ADMINISTER, group.getOrganizationUuid());
+ support.checkGroupIsNotDefault(group);
String login = request.mandatoryParam(PARAM_LOGIN);
UserDto user = getUser(dbSession, login);
/**
* Ensure that there are still users with admin global permission if user is removed from the group.
*/
- private void ensureLastAdminIsNotRemoved(DbSession dbSession, GroupId group, UserDto user) {
+ private void ensureLastAdminIsNotRemoved(DbSession dbSession, GroupDto group, UserDto user) {
int remainingAdmins = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroupMember(dbSession,
group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId(), user.getId());
checkRequest(remainingAdmins > 0, "The last administrator user cannot be removed");
.execute();
}
+ @Test
+ public void fail_to_add_user_to_default_group() throws Exception {
+ OrganizationDto organization = db.organizations().insert();
+ UserDto user = db.users().insertUser();
+ addUserAsMemberOfOrganization(organization, user);
+ GroupDto group = db.users().insertGroup(organization, "sonar-users");
+ loginAsAdmin(organization);
+
+ expectedException.expect(IllegalArgumentException.class);
+ expectedException.expectMessage("Default group 'sonar-users' cannot be used to perform this action");
+
+ newRequest()
+ .setParam("id", Integer.toString(group.getId()))
+ .setParam(PARAM_LOGIN, user.getLogin())
+ .execute();
+ }
+
private void executeRequest(GroupDto groupDto, UserDto userDto) throws Exception {
newRequest()
.setParam("id", groupDto.getId().toString())
.execute();
}
+ @Test
+ public void fail_to_remove_user_from_default_group() throws Exception {
+ OrganizationDto organization = db.organizations().insert();
+ UserDto user = db.users().insertUser();
+ GroupDto group = db.users().insertGroup(organization, "sonar-users");
+ db.users().insertMember(group, user);
+ loginAsAdmin(organization);
+
+ expectedException.expect(IllegalArgumentException.class);
+ expectedException.expectMessage("Default group 'sonar-users' cannot be used to perform this action");
+
+ newRequest()
+ .setParam("id", Integer.toString(group.getId()))
+ .setParam(PARAM_LOGIN, user.getLogin())
+ .execute();
+ }
+
private TestRequest newRequest() {
return ws.newRequest();
}