import org.junit.Rule;
import org.junit.Test;
import org.sonar.api.utils.System2;
+import org.sonar.api.web.UserRole;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import static java.util.Arrays.asList;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
import static org.sonar.api.web.UserRole.USER;
import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
verifyOrganizationUuidsInTable();
}
+ @Test
+ public void delete_permissions_of_an_organization_member() {
+ OrganizationDto organization1 = dbTester.organizations().insert();
+ OrganizationDto organization2 = dbTester.organizations().insert();
+ ComponentDto project = dbTester.components().insertProject(organization1);
+ UserDto user1 = dbTester.users().insertUser();
+ UserDto user2 = dbTester.users().insertUser();
+ // user 1 permissions
+ dbTester.users().insertPermissionOnUser(organization1, user1, OrganizationPermission.SCAN);
+ dbTester.users().insertPermissionOnUser(organization1, user1, OrganizationPermission.ADMINISTER);
+ dbTester.users().insertProjectPermissionOnUser(user1, UserRole.CODEVIEWER, project);
+ dbTester.users().insertPermissionOnUser(organization2, user1, OrganizationPermission.SCAN);
+ // user 2 permission
+ dbTester.users().insertPermissionOnUser(organization1, user2, OrganizationPermission.SCAN);
+ dbTester.users().insertProjectPermissionOnUser(user2, UserRole.CODEVIEWER, project);
+
+ underTest.deleteOrganizationMemberPermissions(dbSession, organization1.getUuid(), user1.getId());
+ dbSession.commit();
+
+ // user 1 permissions
+ assertOrgPermissionsOfUser(user1, organization1);
+ assertOrgPermissionsOfUser(user1, organization2, OrganizationPermission.SCAN);
+ assertProjectPermissionsOfUser(user1, project);
+ // user 2 permissions
+ assertOrgPermissionsOfUser(user2, organization1, OrganizationPermission.SCAN);
+ assertProjectPermissionsOfUser(user2, project, CODEVIEWER);
+ }
+
private void verifyOrganizationUuidsInTable(String... organizationUuids) {
assertThat(dbTester.select("select organization_uuid as \"organizationUuid\" from user_roles"))
.extracting((row) -> (String) row.get("organizationUuid"))
private void assertThatProjectHasNoPermissions(ComponentDto project) {
assertThat(dbTester.countSql(dbSession, "select count(id) from user_roles where resource_id=" + project.getId())).isEqualTo(0);
}
+
+ private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) {
+ assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid()).stream()
+ .map(OrganizationPermission::fromKey))
+ .containsOnly(permissions);
+ }
+
+ private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {
+ assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getId(), project.getId())).containsOnly(permissions);
+ }
}
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
+import org.sonar.db.component.ComponentDto;
import org.sonar.db.organization.OrganizationDto;
+import org.sonar.db.permission.OrganizationPermission;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import static java.net.HttpURLConnection.HTTP_NO_CONTENT;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.web.UserRole.CODEVIEWER;
+import static org.sonar.api.web.UserRole.USER;
import static org.sonar.core.util.Protobuf.setNullable;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
+import static org.sonar.db.permission.OrganizationPermission.SCAN;
import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION;
public class RemoveMemberActionTest {
private WsActionTester ws = new WsActionTester(new RemoveMemberAction(dbClient, userSession));
private OrganizationDto organization;
+ private ComponentDto project;
private UserDto user;
@Before
organization = db.organizations().insert();
user = db.users().insertUser();
db.organizations().addMember(organization, user);
+ project = db.components().insertProject(organization);
}
@Test
}
@Test
- public void remove_member_from_db() {
+ public void remove_member_from_db_and_all_dependencies() {
+ UserDto anotherUser = db.users().insertUser();
+ OrganizationDto anotherOrganization = db.organizations().insert();
+ ComponentDto anotherProject = db.components().insertProject(anotherOrganization);
assertMember(organization.getUuid(), user.getId());
+ db.users().insertPermissionOnUser(organization, user, ADMINISTER);
+ db.users().insertPermissionOnUser(organization, user, SCAN);
+ db.users().insertPermissionOnUser(anotherOrganization, user, ADMINISTER);
+ db.users().insertPermissionOnUser(anotherOrganization, user, SCAN);
+ db.users().insertPermissionOnUser(organization, anotherUser, ADMINISTER);
+ db.users().insertPermissionOnUser(organization, anotherUser, SCAN);
+ db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project);
+ db.users().insertProjectPermissionOnUser(user, USER, project);
+ db.users().insertProjectPermissionOnUser(user, CODEVIEWER, anotherProject);
+ db.users().insertProjectPermissionOnUser(user, USER, anotherProject);
+ db.users().insertProjectPermissionOnUser(anotherUser, CODEVIEWER, project);
+ db.users().insertProjectPermissionOnUser(anotherUser, USER, project);
call(organization.getKey(), user.getLogin());
assertNotAMember(organization.getUuid(), user.getId());
+ assertOrgPermissionsOfUser(user, organization);
+ assertOrgPermissionsOfUser(user, anotherOrganization, ADMINISTER, SCAN);
+ assertOrgPermissionsOfUser(anotherUser, organization, ADMINISTER, SCAN);
+ assertProjectPermissionsOfUser(user, project);
+ assertProjectPermissionsOfUser(user, anotherProject, CODEVIEWER, USER);
+ assertProjectPermissionsOfUser(anotherUser, project, CODEVIEWER, USER);
}
@Test
private void assertMember(String organizationUuid, int userId) {
assertThat(dbClient.organizationMemberDao().select(dbSession, organizationUuid, userId)).isPresent();
}
+
+ private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) {
+ assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid()).stream()
+ .map(OrganizationPermission::fromKey))
+ .containsOnly(permissions);
+ }
+
+ private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {
+ assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getId(), project.getId())).containsOnly(permissions);
+ }
}