SONAR-8893 WS api/organizations/remove_member delete member permissions

author Teryk Bellahsene <teryk.bellahsene@sonarsource.com>

Tue, 14 Mar 2017 14:18:17 +0000 (15:18 +0100)

committer Julien Lancelot <julien.lancelot@sonarsource.com>

Tue, 21 Mar 2017 12:05:50 +0000 (13:05 +0100)
author Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Tue, 14 Mar 2017 14:18:17 +0000 (15:18 +0100)
committer Julien Lancelot <julien.lancelot@sonarsource.com>
Tue, 21 Mar 2017 12:05:50 +0000 (13:05 +0100)
diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java

index 6ae036500f29a40d517d56081fff85ade0865704..42f4886f7f434a99b86dff83cd226bfbb5d21d29 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java
@@ -141,6 +141,10 @@ public class UserPermissionDao implements Dao {
      mapper(dbSession).deleteByOrganization(organizationUuid);
    }
  
+  public void deleteOrganizationMemberPermissions(DbSession dbSession, String organizationUuid, int userId) {
+    mapper(dbSession).deleteOrganizationMemberPermissions(organizationUuid, userId);
+  }
+
    private static UserPermissionMapper mapper(DbSession dbSession) {
      return dbSession.getMapper(UserPermissionMapper.class);
    }
diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java

index 56209760616aad6b6ef60b77e8df3fbd65041af9..0e48f71f9d9ad92ff6aa59c4cf8d88e6ec6be319 100644 (file)
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java
@@ -61,4 +61,6 @@ public interface UserPermissionMapper {
    List<String> selectProjectPermissionsOfUser(@Param("userId") int userId, @Param("projectId") long projectId);
  
    void deleteByOrganization(@Param("organizationUuid") String organizationUuid);
+
+  void deleteOrganizationMemberPermissions(@Param("organizationUuid") String organizationUuid, @Param("userId") int login);
  }
diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml

index 18091c27aa01d6913f6d887e5f440952eb3013c8..c61f730a967c66c77a95610c56a830ab5718d168 100644 (file)
--- a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml
+++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml
@@ -123,4 +123,12 @@
      where
        organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
    </delete>
+
+  <delete id="deleteOrganizationMemberPermissions" parameterType="map">
+    delete from
+      user_roles
+    where
+      organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
+      user_id = #{userId,jdbcType=INTEGER}
+  </delete>
  </mapper>
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java

index 528cd03b971686a5c30cac456f4f5f942ef0f400..cac3651c77a58122177b714a857a8932a3f0c990 100644 (file)
--- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java
@@ -28,6 +28,7 @@ import org.junit.Before;
  import org.junit.Rule;
  import org.junit.Test;
  import org.sonar.api.utils.System2;
+import org.sonar.api.web.UserRole;
  import org.sonar.db.DbClient;
  import org.sonar.db.DbSession;
  import org.sonar.db.DbTester;
@@ -37,6 +38,7 @@ import org.sonar.db.user.UserDto;
  
  import static java.util.Arrays.asList;
  import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.web.UserRole.CODEVIEWER;
  import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
  import static org.sonar.api.web.UserRole.USER;
  import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
@@ -394,6 +396,34 @@ public class UserPermissionDaoTest {
      verifyOrganizationUuidsInTable();
    }
  
+  @Test
+  public void delete_permissions_of_an_organization_member() {
+    OrganizationDto organization1 = dbTester.organizations().insert();
+    OrganizationDto organization2 = dbTester.organizations().insert();
+    ComponentDto project = dbTester.components().insertProject(organization1);
+    UserDto user1 = dbTester.users().insertUser();
+    UserDto user2 = dbTester.users().insertUser();
+    // user 1 permissions
+    dbTester.users().insertPermissionOnUser(organization1, user1, OrganizationPermission.SCAN);
+    dbTester.users().insertPermissionOnUser(organization1, user1, OrganizationPermission.ADMINISTER);
+    dbTester.users().insertProjectPermissionOnUser(user1, UserRole.CODEVIEWER, project);
+    dbTester.users().insertPermissionOnUser(organization2, user1, OrganizationPermission.SCAN);
+    // user 2 permission
+    dbTester.users().insertPermissionOnUser(organization1, user2, OrganizationPermission.SCAN);
+    dbTester.users().insertProjectPermissionOnUser(user2, UserRole.CODEVIEWER, project);
+
+    underTest.deleteOrganizationMemberPermissions(dbSession, organization1.getUuid(), user1.getId());
+    dbSession.commit();
+
+    // user 1 permissions
+    assertOrgPermissionsOfUser(user1, organization1);
+    assertOrgPermissionsOfUser(user1, organization2, OrganizationPermission.SCAN);
+    assertProjectPermissionsOfUser(user1, project);
+    // user 2 permissions
+    assertOrgPermissionsOfUser(user2, organization1, OrganizationPermission.SCAN);
+    assertProjectPermissionsOfUser(user2, project, CODEVIEWER);
+  }
+
    private void verifyOrganizationUuidsInTable(String... organizationUuids) {
      assertThat(dbTester.select("select organization_uuid as \"organizationUuid\" from user_roles"))
        .extracting((row) -> (String) row.get("organizationUuid"))
@@ -453,4 +483,14 @@ public class UserPermissionDaoTest {
    private void assertThatProjectHasNoPermissions(ComponentDto project) {
      assertThat(dbTester.countSql(dbSession, "select count(id) from user_roles where resource_id=" + project.getId())).isEqualTo(0);
    }
+
+  private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) {
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid()).stream()
+      .map(OrganizationPermission::fromKey))
+        .containsOnly(permissions);
+  }
+
+  private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {
+    assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getId(), project.getId())).containsOnly(permissions);
+  }
  }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java

index 141965310733e1d3aaa943d5018af737b377e745..6ff2a10c59cabe6cae6594d4d279688bc10d9aee 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java
@@ -87,6 +87,8 @@ public class RemoveMemberAction implements OrganizationsWsAction {
        OrganizationMemberDto organizationMember = dbClient.organizationMemberDao().select(dbSession, organization.getUuid(), user.getId())
          .orElseThrow(() -> BadRequestException.create(format("User '%s' is not a member of organization '%s'", user.getLogin(), organization.getKey())));
  
+      dbClient.userPermissionDao().deleteOrganizationMemberPermissions(dbSession, organizationMember.getOrganizationUuid(), organizationMember.getUserId());
+
        dbClient.organizationMemberDao().delete(dbSession, organizationMember.getOrganizationUuid(), organizationMember.getUserId());
        dbSession.commit();
      }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java

index f50d7618a4b15f63691a1ab8338fb5255181e969..aaf68807295e3fcd6f609d76ccd68d981a900155 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java
@@ -29,7 +29,9 @@ import org.sonar.api.server.ws.WebService;
  import org.sonar.db.DbClient;
  import org.sonar.db.DbSession;
  import org.sonar.db.DbTester;
+import org.sonar.db.component.ComponentDto;
  import org.sonar.db.organization.OrganizationDto;
+import org.sonar.db.permission.OrganizationPermission;
  import org.sonar.db.user.UserDto;
  import org.sonar.server.exceptions.BadRequestException;
  import org.sonar.server.exceptions.ForbiddenException;
@@ -41,9 +43,12 @@ import org.sonar.server.ws.WsActionTester;
  
  import static java.net.HttpURLConnection.HTTP_NO_CONTENT;
  import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.web.UserRole.CODEVIEWER;
+import static org.sonar.api.web.UserRole.USER;
  import static org.sonar.core.util.Protobuf.setNullable;
  import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
  import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
+import static org.sonar.db.permission.OrganizationPermission.SCAN;
  import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION;
  
  public class RemoveMemberActionTest {
@@ -59,6 +64,7 @@ public class RemoveMemberActionTest {
    private WsActionTester ws = new WsActionTester(new RemoveMemberAction(dbClient, userSession));
  
    private OrganizationDto organization;
+  private ComponentDto project;
    private UserDto user;
  
    @Before
@@ -66,6 +72,7 @@ public class RemoveMemberActionTest {
      organization = db.organizations().insert();
      user = db.users().insertUser();
      db.organizations().addMember(organization, user);
+    project = db.components().insertProject(organization);
    }
  
    @Test
@@ -94,12 +101,33 @@ public class RemoveMemberActionTest {
    }
  
    @Test
-  public void remove_member_from_db() {
+  public void remove_member_from_db_and_all_dependencies() {
+    UserDto anotherUser = db.users().insertUser();
+    OrganizationDto anotherOrganization = db.organizations().insert();
+    ComponentDto anotherProject = db.components().insertProject(anotherOrganization);
      assertMember(organization.getUuid(), user.getId());
+    db.users().insertPermissionOnUser(organization, user, ADMINISTER);
+    db.users().insertPermissionOnUser(organization, user, SCAN);
+    db.users().insertPermissionOnUser(anotherOrganization, user, ADMINISTER);
+    db.users().insertPermissionOnUser(anotherOrganization, user, SCAN);
+    db.users().insertPermissionOnUser(organization, anotherUser, ADMINISTER);
+    db.users().insertPermissionOnUser(organization, anotherUser, SCAN);
+    db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project);
+    db.users().insertProjectPermissionOnUser(user, USER, project);
+    db.users().insertProjectPermissionOnUser(user, CODEVIEWER, anotherProject);
+    db.users().insertProjectPermissionOnUser(user, USER, anotherProject);
+    db.users().insertProjectPermissionOnUser(anotherUser, CODEVIEWER, project);
+    db.users().insertProjectPermissionOnUser(anotherUser, USER, project);
  
      call(organization.getKey(), user.getLogin());
  
      assertNotAMember(organization.getUuid(), user.getId());
+    assertOrgPermissionsOfUser(user, organization);
+    assertOrgPermissionsOfUser(user, anotherOrganization, ADMINISTER, SCAN);
+    assertOrgPermissionsOfUser(anotherUser, organization, ADMINISTER, SCAN);
+    assertProjectPermissionsOfUser(user, project);
+    assertProjectPermissionsOfUser(user, anotherProject, CODEVIEWER, USER);
+    assertProjectPermissionsOfUser(anotherUser, project, CODEVIEWER, USER);
    }
  
    @Test
@@ -185,4 +213,14 @@ public class RemoveMemberActionTest {
    private void assertMember(String organizationUuid, int userId) {
      assertThat(dbClient.organizationMemberDao().select(dbSession, organizationUuid, userId)).isPresent();
    }
+
+  private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) {
+    assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid()).stream()
+      .map(OrganizationPermission::fromKey))
+      .containsOnly(permissions);
+  }
+
+  private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {
+    assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getId(), project.getId())).containsOnly(permissions);
+  }
  }
author	Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
	Tue, 14 Mar 2017 14:18:17 +0000 (15:18 +0100)
committer	Julien Lancelot <julien.lancelot@sonarsource.com>
	Tue, 21 Mar 2017 12:05:50 +0000 (13:05 +0100)
server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java		patch \| blob \| history
server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java		patch \| blob \| history
server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml		patch \| blob \| history
server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java		patch \| blob \| history
server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java		patch \| blob \| history
server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java		patch \| blob \| history