SONAR-1330 Purge edit permissions when removing group

diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsDao.java
index c390e7afee0118f343408372801a80905261c287..ecb6b5355ab6da22e173f4aa654feaac01462aa0 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsDao.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsDao.java
@@ -76,6 +76,10 @@ public class QProfileEditGroupsDao implements Dao {
     executeLargeUpdates(qProfiles.stream().map(QProfileDto::getKee).collect(toList()), p -> mapper(dbSession).deleteByQProfiles(p));
   }
 
+  public void deleteByGroup(DbSession dbSession, GroupDto group) {
+    mapper(dbSession).deleteByGroup(group.getId());
+  }
+
   private static QProfileEditGroupsMapper mapper(DbSession dbSession) {
     return dbSession.getMapper(QProfileEditGroupsMapper.class);
   }

diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.java
index 561b0f850854c57617c7fc8225bcb3d15ff5c484..668a0a4999c1451741b9d058c5eee4aaab3c683d 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.java
@@ -40,4 +40,6 @@ public interface QProfileEditGroupsMapper {
 
   void deleteByQProfiles(@Param("qProfileUuids") Collection<String> qProfileUuids);
 
+  void deleteByGroup(@Param("groupId") int groupId);
+
 }

diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.xml
index 0ce45bd4ee7104acd0ea30155b7be13ff18e863f..9a023f45047d47f3ec7a457ee3601d8078ad8dbb 100644 (file)
--- a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.xml
+++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditGroupsMapper.xml
@@ -109,5 +109,10 @@
     where qprofile_uuid in <foreach collection="qProfileUuids" open="(" close=")" item="qProfileUuid" separator=",">#{qProfileUuid, jdbcType=VARCHAR}</foreach>
   </delete>
 
+  <delete id="deleteByGroup" parameterType="map">
+    delete from qprofile_edit_groups
+    where group_id = #{groupId, jdbcType=INTEGER}
+  </delete>
+
 </mapper>
 

diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditGroupsDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditGroupsDaoTest.java
index 82c2f91f882a0d32be3726a972ff764632bb80c0..003cf80e236a44cb4cf9488f7072b5db262fa7e0 100644 (file)
--- a/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditGroupsDaoTest.java
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditGroupsDaoTest.java
@@ -277,4 +277,27 @@ public class QProfileEditGroupsDaoTest {
     assertThat(underTest.exists(db.getSession(), anotherProfile, group1)).isTrue();
   }
 
+  @Test
+  public void deleteByGroup() {
+    OrganizationDto organization = db.organizations().insert();
+    OrganizationDto anotherOrganization = db.organizations().insert();
+    QProfileDto profile1 = db.qualityProfiles().insert(organization);
+    QProfileDto profile2 = db.qualityProfiles().insert(organization);
+    QProfileDto profile3 = db.qualityProfiles().insert(organization);
+    QProfileDto anotherProfile = db.qualityProfiles().insert(anotherOrganization);
+    GroupDto group1 = db.users().insertGroup(organization);
+    GroupDto group2 = db.users().insertGroup(organization);
+    db.qualityProfiles().addGroupPermission(profile1, group1);
+    db.qualityProfiles().addGroupPermission(profile2, group2);
+    db.qualityProfiles().addGroupPermission(profile3, group1);
+    db.qualityProfiles().addGroupPermission(anotherProfile, group1);
+
+    underTest.deleteByGroup(db.getSession(), group1);
+
+    assertThat(underTest.exists(db.getSession(), profile1, group1)).isFalse();
+    assertThat(underTest.exists(db.getSession(), profile2, group2)).isTrue();
+    assertThat(underTest.exists(db.getSession(), profile3, group1)).isFalse();
+    assertThat(underTest.exists(db.getSession(), anotherProfile, group1)).isFalse();
+  }
+
 }

diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
index 87661878417f304233497f46c94cf6e3627e011a..da36bbf108627e5cc9fc1307e51166e50596fa0f 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
@@ -72,6 +72,7 @@ public class DeleteAction implements UserGroupsWsAction {
       removeGroupPermissions(dbSession, group);
       removeFromPermissionTemplates(dbSession, group);
       removeGroupMembers(dbSession, group);
+      dbClient.qProfileEditGroupsDao().deleteByGroup(dbSession, group);
       dbClient.groupDao().deleteById(dbSession, group.getId());
 
       dbSession.commit();

diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
index 2585a18b9478ddf3f2ca7df28a3e8b26df2a9dcc..a56e800bd680518c692541862a1757cde31d53c7 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
@@ -31,6 +31,7 @@ import org.sonar.db.component.ComponentTesting;
 import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.template.PermissionTemplateDto;
 import org.sonar.db.permission.template.PermissionTemplateTesting;
+import org.sonar.db.qualityprofile.QProfileDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.exceptions.NotFoundException;
@@ -184,6 +185,22 @@ public class DeleteActionTest {
     assertThat(db.countRowsOfTable("perm_templates_groups")).isEqualTo(0);
   }
 
+  @Test
+  public void delete_qprofile_permissions() throws Exception {
+    addAdminToDefaultOrganization();
+    insertDefaultGroupOnDefaultOrganization();
+    GroupDto group = db.users().insertGroup();
+    QProfileDto profile = db.qualityProfiles().insert(db.getDefaultOrganization());
+    db.qualityProfiles().addGroupPermission(profile, group);
+    loginAsAdminOnDefaultOrganization();
+
+    newRequest()
+      .setParam("id", group.getId().toString())
+      .execute();
+
+    assertThat(db.countRowsOfTable("qprofile_edit_groups")).isZero();
+  }
+
   @Test
   public void fail_if_id_does_not_exist() throws Exception {
     addAdminToDefaultOrganization();