SONAR-1330 Purge edit permissions when removing organization member

diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java
index c41940af852b1ef2e0e13b9a36bfdb30ffae777a..6a8350fb0944c36732af89ac6e22f0baa28731ca 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java
@@ -70,6 +70,10 @@ public class QProfileEditUsersDao implements Dao {
     mapper(dbSession).deleteByUser(user.getId());
   }
 
+  public void deleteByOrganizationAndUser(DbSession dbSession, OrganizationDto organization, UserDto user) {
+    mapper(dbSession).deleteByOrganizationAndUser(organization.getUuid(), user.getId());
+  }
+
   private static QProfileEditUsersMapper mapper(DbSession dbSession) {
     return dbSession.getMapper(QProfileEditUsersMapper.class);
   }

diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java
index 399a0e58f4d71700e59d20677c6e499c15172675..25b2b18907e63f9c840699b25e329332da8ef27f 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java
@@ -41,4 +41,6 @@ public interface QProfileEditUsersMapper {
   void deleteByQProfiles(@Param("qProfileUuids") Collection<String> qProfileUuids);
 
   void deleteByUser(@Param("userId") int userId);
+
+  void deleteByOrganizationAndUser(@Param("organizationUuid") String organizationUuid, @Param("userId") int userId);
 }

diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml
index 2365902336a37bede653b86284e99932adaf6136..0256e05d9a2281c3859211cf45bdf26a1f9173ad 100644 (file)
--- a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml
+++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml
@@ -115,5 +115,17 @@
     where user_id = #{userId, jdbcType=INTEGER}
   </delete>
 
+  <delete id="deleteByOrganizationAndUser" parameterType="map">
+    delete from qprofile_edit_users
+    <where>
+      user_id=#{userId, jdbcType=INTEGER}
+      and qprofile_uuid in (
+        select oq.uuid
+        from org_qprofiles oq
+        where oq.organization_uuid=#{organizationUuid, jdbcType=VARCHAR}
+      )
+    </where>
+  </delete>
+
 </mapper>
 

diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java
index 35c8ee81f3dc76400b8fc2b5270a0981307cc395..67f9f1ca1d0bb8ec2891fdf1599d400aaaffccd9 100644 (file)
--- a/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java
@@ -329,4 +329,22 @@ public class QProfileEditUsersDaoTest {
     assertThat(underTest.exists(db.getSession(), profile2, user1)).isFalse();
     assertThat(underTest.exists(db.getSession(), profile3, user2)).isTrue();
   }
+
+  @Test
+  public void deleteByOrganizationAndUser() {
+    OrganizationDto organization1 = db.organizations().insert();
+    OrganizationDto organization2 = db.organizations().insert();
+    QProfileDto profile1 = db.qualityProfiles().insert(organization1);
+    QProfileDto profile2 = db.qualityProfiles().insert(organization2);
+    UserDto user = db.users().insertUser();
+    db.organizations().addMember(organization1, user);
+    db.organizations().addMember(organization2, user);
+    db.qualityProfiles().addUserPermission(profile1, user);
+    db.qualityProfiles().addUserPermission(profile2, user);
+
+    underTest.deleteByOrganizationAndUser(db.getSession(), organization1, user);
+
+    assertThat(underTest.exists(db.getSession(), profile1, user)).isFalse();
+    assertThat(underTest.exists(db.getSession(), profile2, user)).isTrue();
+  }
 }

diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java
index a927bdfcbd51ae3208619df717cf45f37b397f65..688e2dbdba942b95fdcae50d72b359bb837056ed 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java
@@ -98,6 +98,7 @@ public class RemoveMemberAction implements OrganizationsWsAction {
     String organizationUuid = organization.getUuid();
     dbClient.userPermissionDao().deleteOrganizationMemberPermissions(dbSession, organizationUuid, userId);
     dbClient.permissionTemplateDao().deleteUserPermissionsByOrganization(dbSession, organizationUuid, userId);
+    dbClient.qProfileEditUsersDao().deleteByOrganizationAndUser(dbSession, organization, user);
     dbClient.userGroupDao().deleteByOrganizationAndUser(dbSession, organizationUuid, userId);
     dbClient.propertiesDao().deleteByOrganizationAndUser(dbSession, organizationUuid, userId);
     dbClient.propertiesDao().deleteByOrganizationAndMatchingLogin(dbSession, organizationUuid, user.getLogin(), singletonList(DEFAULT_ISSUE_ASSIGNEE));

diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java
index fe6a84f5132aabbb0f693d43e20ed428711ede85..a6bfbb750497afa8c0cc26f88e5bd58fa5c4cf2e 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java
@@ -38,6 +38,7 @@ import org.sonar.db.permission.template.PermissionTemplateDto;
 import org.sonar.db.permission.template.PermissionTemplateUserDto;
 import org.sonar.db.property.PropertyDto;
 import org.sonar.db.property.PropertyQuery;
+import org.sonar.db.qualityprofile.QProfileDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.es.EsTester;
@@ -185,6 +186,21 @@ public class RemoveMemberActionTest {
       .containsOnly(user.getId());
   }
 
+  @Test
+  public void remove_qprofiles_user_permission() {
+    OrganizationDto anotherOrganization = db.organizations().insert();
+    db.organizations().addMember(anotherOrganization, user);
+    QProfileDto profile = db.qualityProfiles().insert(organization);
+    QProfileDto anotherProfile = db.qualityProfiles().insert(anotherOrganization);
+    db.qualityProfiles().addUserPermission(profile, user);
+    db.qualityProfiles().addUserPermission(anotherProfile, user);
+
+    call(organization.getKey(), user.getLogin());
+
+    assertThat(db.getDbClient().qProfileEditUsersDao().exists(dbSession, profile, user)).isFalse();
+    assertThat(db.getDbClient().qProfileEditUsersDao().exists(dbSession, anotherProfile, user)).isTrue();
+  }
+
   @Test
   public void remove_from_organization_groups() {
     OrganizationDto anotherOrganization = db.organizations().insert();