From: Simon Brandhof <simon.brandhof@sonarsource.com>
Date: Sun, 5 Feb 2017 15:13:33 +0000 (+0100)
Subject: SONAR-8716 remove usages of UserSessionRule#setGlobalPermissions()
X-Git-Tag: 6.3-RC1~139
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=1b6a668e28ef481564ef0ac73c8c2860974d9eab;p=sonarqube.git

SONAR-8716 remove usages of UserSessionRule#setGlobalPermissions()
---

diff --git a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/ComponentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/ComponentActionTest.java
index 42f126d376a..0f7d102132a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/ComponentActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/ComponentActionTest.java
@@ -24,7 +24,6 @@ import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.core.util.Protobuf;
 import org.sonar.db.DbTester;
 import org.sonar.db.ce.CeActivityDto;
@@ -110,7 +109,7 @@ public class ComponentActionTest {
   @Test
   public void search_tasks_by_component_key() {
     ComponentDto project = componentDbTester.insertProject();
-    setUserWithBrowsePermission(project);
+    logInWithBrowsePermission(project);
     insertActivity("T1", project.uuid(), CeActivityDto.Status.SUCCESS);
 
     TestResponse wsResponse = ws.newRequest()
@@ -156,11 +155,12 @@ public class ComponentActionTest {
   }
 
   @Test
-  public void fail_when_insufficient_permissions() {
+  public void throw_ForbiddenException_if_user_cant_access_project() {
     ComponentDto project = componentDbTester.insertProject();
-    userSession.setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION);
+    userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
+    expectedException.expectMessage("Insufficient privileges");
 
     ws.newRequest()
       .setParam(PARAM_COMPONENT_ID, project.uuid())
@@ -170,13 +170,13 @@ public class ComponentActionTest {
   @Test
   public void fail_when_no_component_parameter() {
     expectedException.expect(IllegalArgumentException.class);
-    setUserWithBrowsePermission(componentDbTester.insertProject());
+    logInWithBrowsePermission(componentDbTester.insertProject());
 
     ws.newRequest().execute();
   }
 
-  private void setUserWithBrowsePermission(ComponentDto project) {
-    userSession.addProjectUuidPermissions(UserRole.USER, project.uuid());
+  private void logInWithBrowsePermission(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
   }
 
   private CeQueueDto insertQueue(String taskUuid, String componentUuid, CeQueueDto.Status status) {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
index dff0f9b0ab4..43886fe5c16 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java
@@ -42,9 +42,7 @@ import org.sonarqube.ws.WsCe;
 
 import static java.util.Collections.singleton;
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
 import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonarqube.ws.MediaTypes.PROTOBUF;
 
 public class TaskActionTest {
@@ -74,7 +72,7 @@ public class TaskActionTest {
 
   @Test
   public void task_is_in_queue() throws Exception {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     CeQueueDto queueDto = new CeQueueDto();
     queueDto.setTaskType(CeTaskTypes.REPORT);
@@ -103,7 +101,7 @@ public class TaskActionTest {
 
   @Test
   public void task_is_archived() throws Exception {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     CeActivityDto activityDto = createActivityDto(SOME_TASK_UUID);
     persist(activityDto);
@@ -128,7 +126,7 @@ public class TaskActionTest {
 
   @Test
   public void return_stacktrace_of_failed_activity_with_stacktrace_when_additionalField_is_set() {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     CeActivityDto activityDto = createActivityDto(SOME_TASK_UUID)
       .setErrorMessage("error msg")
@@ -151,7 +149,7 @@ public class TaskActionTest {
 
   @Test
   public void do_not_return_stacktrace_of_failed_activity_with_stacktrace_when_additionalField_is_not_set() {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     CeActivityDto activityDto = createActivityDto(SOME_TASK_UUID)
       .setErrorMessage("error msg")
@@ -172,7 +170,7 @@ public class TaskActionTest {
 
   @Test
   public void return_scannerContext_of_activity_with_scannerContext_when_additionalField_is_set() {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     String scannerContext = "this is some scanner context, yeah!";
     persist(createActivityDto(SOME_TASK_UUID));
@@ -192,7 +190,7 @@ public class TaskActionTest {
 
   @Test
   public void do_not_return_scannerContext_of_activity_with_scannerContext_when_additionalField_is_not_set() {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     String scannerContext = "this is some scanner context, yeah!";
     persist(createActivityDto(SOME_TASK_UUID));
@@ -212,7 +210,7 @@ public class TaskActionTest {
 
   @Test
   public void do_not_return_stacktrace_of_failed_activity_without_stacktrace() {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     CeActivityDto activityDto = createActivityDto(SOME_TASK_UUID)
       .setErrorMessage("error msg");
@@ -232,7 +230,7 @@ public class TaskActionTest {
 
   @Test
   public void task_not_found() throws Exception {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     expectedException.expect(NotFoundException.class);
     ws.newRequest()
@@ -242,7 +240,7 @@ public class TaskActionTest {
 
   @Test
   public void not_fail_on_queue_task_not_linked_on_project_with_system_admin_permissions() {
-    userSession.logIn("john").setGlobalPermissions(SYSTEM_ADMIN);
+    logInAsRoot();
 
     CeQueueDto queueDto = new CeQueueDto();
     queueDto.setTaskType("fake");
@@ -258,7 +256,7 @@ public class TaskActionTest {
 
   @Test
   public void not_fail_on_queue_task_not_linked_on_project_with_global_scan_permissions() {
-    userSession.logIn("john").setGlobalPermissions(SCAN_EXECUTION);
+    logInAsRoot();
 
     CeQueueDto queueDto = new CeQueueDto();
     queueDto.setTaskType("fake");
@@ -274,8 +272,6 @@ public class TaskActionTest {
 
   @Test
   public void fail_on_queue_task_not_linked_on_project_if_not_admin_nor_scan_permission() {
-    userSession.logIn("john").setGlobalPermissions(PROVISIONING);
-
     CeQueueDto queueDto = new CeQueueDto();
     queueDto.setTaskType("fake");
     queueDto.setUuid(SOME_TASK_UUID);
@@ -283,6 +279,7 @@ public class TaskActionTest {
     persist(queueDto);
 
     expectedException.expect(ForbiddenException.class);
+
     ws.newRequest()
       .setMediaType(PROTOBUF)
       .setParam("id", SOME_TASK_UUID)
@@ -291,7 +288,7 @@ public class TaskActionTest {
 
   @Test
   public void not_fail_on_queue_task_linked_on_project_with_project_scan_permission() {
-    userSession.logIn("john").addProjectUuidPermissions(SCAN_EXECUTION, project.uuid());
+    userSession.logIn().addProjectUuidPermissions(SCAN_EXECUTION, project.uuid());
 
     CeQueueDto queueDto = new CeQueueDto();
     queueDto.setTaskType("fake");
@@ -308,7 +305,7 @@ public class TaskActionTest {
 
   @Test
   public void not_fail_on_archived_task_linked_on_project_with_project_scan_permission() throws Exception {
-    userSession.logIn("john").addProjectUuidPermissions(SCAN_EXECUTION, project.uuid());
+    userSession.logIn().addProjectUuidPermissions(SCAN_EXECUTION, project.uuid());
 
     CeActivityDto activityDto = createActivityDto(SOME_TASK_UUID)
       .setComponentUuid(project.uuid());
@@ -348,4 +345,8 @@ public class TaskActionTest {
     dbTester.commit();
   }
 
+  private void logInAsRoot() {
+    userSession.logIn().setRoot();
+  }
+
 }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/component/ComponentServiceUpdateKeyTest.java b/server/sonar-server/src/test/java/org/sonar/server/component/ComponentServiceUpdateKeyTest.java
index a715e26308b..c8142d55c3a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/component/ComponentServiceUpdateKeyTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/component/ComponentServiceUpdateKeyTest.java
@@ -25,7 +25,6 @@ import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -132,7 +131,7 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_old_key_and_new_key_are_the_same() {
-    setGlobalAdminPermission();
+    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
     ComponentDto anotherProject = componentDb.insertProject();
 
@@ -144,7 +143,7 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_new_key_is_empty() {
-    setGlobalAdminPermission();
+    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
 
     expectedException.expect(BadRequestException.class);
@@ -155,7 +154,7 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_new_key_is_not_formatted_correctly() {
-    setGlobalAdminPermission();
+    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
 
     expectedException.expect(BadRequestException.class);
@@ -166,7 +165,7 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_update_is_not_on_module_or_project() {
-    setGlobalAdminPermission();
+    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
     ComponentDto file = componentDb.insertComponent(newFileDto(project, null));
 
@@ -202,8 +201,8 @@ public class ComponentServiceUpdateKeyTest {
     assertThat(dbClient.componentDao().selectByKey(dbSession, key)).isPresent();
   }
 
-  private void setGlobalAdminPermission() {
-    userSession.setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+  private void logInAsRoot() {
+    userSession.logIn().setRoot();
   }
 
   private ComponentDto insertSampleRootProject() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/component/ws/BulkUpdateKeyActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/component/ws/BulkUpdateKeyActionTest.java
index 0b74934b3c6..719e447e401 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/component/ws/BulkUpdateKeyActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/component/ws/BulkUpdateKeyActionTest.java
@@ -30,7 +30,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.config.MapSettings;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -95,7 +94,7 @@ public class BulkUpdateKeyActionTest {
 
   @Before
   public void setUp() {
-    userSession.setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSession.logIn().setRoot();
   }
 
   @Test
@@ -241,12 +240,13 @@ public class BulkUpdateKeyActionTest {
   }
 
   @Test
-  public void fail_if_insufficient_privileges() {
-    expectedException.expect(ForbiddenException.class);
+  public void throw_ForbiddenException_if_not_root_administrator() {
     userSession.anonymous();
-
     ComponentDto project = insertMyProject();
 
+    expectedException.expect(ForbiddenException.class);
+
+
     callDryRunByUuid(project.uuid(), FROM, TO);
   }
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/component/ws/ShowActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/component/ws/ShowActionTest.java
index 065484a276b..f1155139f8c 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/component/ws/ShowActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/component/ws/ShowActionTest.java
@@ -29,7 +29,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.resources.Qualifiers;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDbTester;
 import org.sonar.db.component.ComponentDto;
@@ -51,12 +50,11 @@ import static org.sonar.test.JsonAssert.assertJson;
 import static org.sonarqube.ws.client.component.ComponentsWsParameters.PARAM_ID;
 import static org.sonarqube.ws.client.component.ComponentsWsParameters.PARAM_KEY;
 
-
 public class ShowActionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+  public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot();
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
 
@@ -78,7 +76,7 @@ public class ShowActionTest {
 
   @Test
   public void show_with_browse_permission() {
-    userSession.anonymous().addProjectUuidPermissions(UserRole.USER, "project-uuid");
+    userSession.logIn().addProjectUuidPermissions(UserRole.USER, "project-uuid");
     componentDb.insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), "project-uuid"));
 
     ShowWsResponse response = newRequest("project-uuid", null);
@@ -97,7 +95,8 @@ public class ShowActionTest {
 
   @Test
   public void fail_if_not_enough_privilege() {
-    userSession.anonymous().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+    userSession.anonymous();
+
     expectedException.expect(ForbiddenException.class);
     componentDb.insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), "project-uuid"));
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/component/ws/TreeActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/component/ws/TreeActionTest.java
index 255f69968d1..535304c8b3b 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/component/ws/TreeActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/component/ws/TreeActionTest.java
@@ -40,7 +40,6 @@ import org.sonar.api.resources.Qualifiers;
 import org.sonar.api.server.ws.WebService.Param;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDbTester;
@@ -90,7 +89,6 @@ public class TreeActionTest {
   @Before
   public void setUp() {
     userSession.logIn().setRoot();
-    userSession.setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
     ws = new WsActionTester(new TreeAction(dbClient, new ComponentFinder(dbClient), resourceTypes, userSession, Mockito.mock(I18n.class)));
     resourceTypes.setChildrenQualifiers(Qualifiers.MODULE, Qualifiers.FILE, Qualifiers.DIRECTORY);
     resourceTypes.setLeavesQualifiers(Qualifiers.FILE, Qualifiers.UNIT_TEST_FILE);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/issue/IssueServiceMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/issue/IssueServiceMediumTest.java
index b3a93c68a77..90c03498360 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/issue/IssueServiceMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/issue/IssueServiceMediumTest.java
@@ -28,7 +28,6 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.sonar.api.issue.Issue;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.component.ComponentDao;
@@ -273,7 +272,7 @@ public class IssueServiceMediumTest {
     ComponentDto project = ComponentTesting.newProjectDto(organization);
     tester.get(ComponentDao.class).insert(session, project);
 
-    userSessionRule.logIn("admin").addProjectPermissions(UserRole.USER, project.key()).setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSessionRule.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
     session.commit();
 
     // project can be seen by group "anyone"
diff --git a/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionComponentsMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionComponentsMediumTest.java
index 7066c712161..235907431f5 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionComponentsMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionComponentsMediumTest.java
@@ -31,7 +31,6 @@ import org.sonar.api.rule.RuleStatus;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.utils.DateUtils;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.component.ComponentDto;
@@ -670,7 +669,7 @@ public class SearchActionComponentsMediumTest {
   }
 
   private void setAnyoneProjectPermission(ComponentDto project, String permission) {
-    userSessionRule.logIn("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSessionRule.logIn().setRoot();
     // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
     // for each organization
     GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid()));
diff --git a/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionMediumTest.java
index 44852baafa5..35f18c62916 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionMediumTest.java
@@ -31,7 +31,6 @@ import org.sonar.api.rule.RuleStatus;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.utils.DateUtils;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.core.util.stream.Collectors;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
@@ -700,7 +699,7 @@ public class SearchActionMediumTest {
 
   private void setDefaultProjectPermission(ComponentDto project) {
     // project can be seen by anyone and by code viewer
-    userSessionRule.logIn("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSessionRule.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
     // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
     // for each organization
     GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid()));
diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/CreateActionTest.java
index eb4e87540c0..52379c3491a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/CreateActionTest.java
@@ -31,7 +31,6 @@ import org.sonar.api.measures.Metric;
 import org.sonar.api.measures.Metric.ValueType;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -91,7 +90,7 @@ public class CreateActionTest {
   public void setUp() {
     ws = new WsTester(new CustomMeasuresWs(new CreateAction(dbClient, userSession, System2.INSTANCE, new CustomMeasureValidator(newFullTypeValidations()),
       new CustomMeasureJsonWriter(new UserJsonWriter(userSession)), new ComponentFinder(dbClient))));
-    userSession.logIn("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSession.logIn("login").setRoot();
 
     db.getDbClient().userDao().insert(dbSession, new UserDto()
       .setLogin("login")
diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/MetricsActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/MetricsActionTest.java
index 2b6d356fd94..3120e7bb82d 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/MetricsActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/MetricsActionTest.java
@@ -27,7 +27,6 @@ import org.sonar.api.config.MapSettings;
 import org.sonar.api.measures.Metric;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -76,8 +75,8 @@ public class MetricsActionTest {
       .setEmail("login@login.com")
       .setActive(true));
     ws = new WsTester(new CustomMeasuresWs(new MetricsAction(dbClient, userSession, new ComponentFinder(dbClient))));
-    userSession.logIn("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
     defaultProject = insertDefaultProject();
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, defaultProject.uuid());
   }
 
   @Test
diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/SearchActionTest.java
index bdce7d4e520..fdad7d7d267 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/SearchActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/SearchActionTest.java
@@ -31,7 +31,6 @@ import org.sonar.api.server.ws.WebService;
 import org.sonar.api.utils.DateUtils;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -82,7 +81,7 @@ public class SearchActionTest {
     CustomMeasureJsonWriter customMeasureJsonWriter = new CustomMeasureJsonWriter(new UserJsonWriter(userSessionRule));
     ws = new WsTester(new CustomMeasuresWs(new SearchAction(dbClient, customMeasureJsonWriter, userSessionRule, new ComponentFinder(dbClient))));
     defaultProject = insertDefaultProject();
-    userSessionRule.logIn("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSessionRule.logIn().addProjectUuidPermissions(UserRole.ADMIN, defaultProject.uuid());
 
     db.getDbClient().userDao().insert(dbSession, new UserDto()
       .setLogin("login")
diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/UpdateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/UpdateActionTest.java
index f084ffb3291..2ae57e992e7 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/UpdateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/UpdateActionTest.java
@@ -26,7 +26,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.config.MapSettings;
 import org.sonar.api.measures.Metric.ValueType;
 import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -76,7 +75,7 @@ public class UpdateActionTest {
     CustomMeasureValidator validator = new CustomMeasureValidator(newFullTypeValidations());
 
     ws = new WsTester(new CustomMeasuresWs(new UpdateAction(dbClient, userSessionRule, system, validator, new CustomMeasureJsonWriter(new UserJsonWriter(userSessionRule)))));
-    userSessionRule.logIn("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSessionRule.logIn("login").setRoot();
 
     db.getDbClient().userDao().insert(dbSession, new UserDto()
       .setLogin("login")
@@ -239,7 +238,7 @@ public class UpdateActionTest {
 
   @Test
   public void fail_if_insufficient_privileges() throws Exception {
-    userSessionRule.logIn("login").setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION);
+    userSessionRule.logIn();
     expectedException.expect(ForbiddenException.class);
     MetricDto metric = MetricTesting.newMetricDto().setEnabled(true).setValueType(ValueType.STRING.name());
     dbClient.metricDao().insert(dbSession, metric);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java
index 0ab0f4ee561..4e61608a7a4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentActionTest.java
@@ -29,7 +29,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.resources.Qualifiers;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -51,7 +50,6 @@ import org.sonarqube.ws.WsMeasures.ComponentWsResponse;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.sonar.api.utils.DateUtils.parseDateTime;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.db.component.ComponentTesting.newDeveloper;
 import static org.sonar.db.component.ComponentTesting.newFileDto;
 import static org.sonar.db.component.ComponentTesting.newProjectCopy;
@@ -84,7 +82,7 @@ public class ComponentActionTest {
 
   @Before
   public void setUp() {
-    userSession.logIn().setRoot().setGlobalPermissions(SYSTEM_ADMIN);
+    userSession.logIn().setRoot();
   }
 
   @Test
@@ -232,7 +230,7 @@ public class ComponentActionTest {
 
   @Test
   public void fail_when_not_enough_permission() {
-    userSession.logIn().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+    userSession.logIn();
     componentDb.insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), PROJECT_UUID));
     insertNclocMetric();
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java
index d463407a3f5..678d8f3d4ef 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/measure/ws/ComponentTreeActionTest.java
@@ -32,7 +32,6 @@ import org.sonar.api.resources.Qualifiers;
 import org.sonar.api.server.ws.WebService.Param;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -106,7 +105,7 @@ public class ComponentTreeActionTest {
 
   @Before
   public void setUp() {
-    userSession.logIn().setRoot().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSession.logIn().setRoot();
     resourceTypes.setChildrenQualifiers(Qualifiers.MODULE, Qualifiers.FILE, Qualifiers.DIRECTORY);
     resourceTypes.setLeavesQualifiers(Qualifiers.FILE, Qualifiers.UNIT_TEST_FILE);
   }
@@ -574,7 +573,7 @@ public class ComponentTreeActionTest {
 
   @Test
   public void fail_when_insufficient_privileges() {
-    userSession.anonymous().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+    userSession.logIn();
     componentDb.insertProjectAndSnapshot(newProjectDto(db.getDefaultOrganization(), "project-uuid"));
     expectedException.expect(ForbiddenException.class);
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java
index 04ffc23e1ad..e964afb00da 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java
@@ -25,7 +25,6 @@ import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.component.ComponentDto;
 import org.sonar.db.permission.PermissionQuery;
 import org.sonar.db.permission.template.PermissionTemplateDto;
@@ -179,7 +178,6 @@ public class ApplyTemplateActionTest extends BasePermissionWsTest<ApplyTemplateA
     userSession.logIn().addOrganizationPermission("otherOrg", SYSTEM_ADMIN);
 
     expectedException.expect(ForbiddenException.class);
-    userSession.logIn().setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION);
 
     newRequest(template1.getUuid(), project.uuid(), null);
   }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java
index a9777d5ca90..426137be865 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveProjectCreatorFromTemplateActionTest.java
@@ -111,9 +111,10 @@ public class RemoveProjectCreatorFromTemplateActionTest extends BasePermissionWs
 
   @Test
   public void fail_if_not_authenticated() throws Exception {
-    expectedException.expect(UnauthorizedException.class);
     userSession.anonymous();
 
+    expectedException.expect(UnauthorizedException.class);
+
     newRequest()
       .setParam(PARAM_PERMISSION, UserRole.ADMIN)
       .setParam(PARAM_TEMPLATE_ID, template.getUuid())
@@ -122,8 +123,9 @@ public class RemoveProjectCreatorFromTemplateActionTest extends BasePermissionWs
 
   @Test
   public void fail_if_insufficient_privileges() throws Exception {
+    userSession.logIn();
+
     expectedException.expect(ForbiddenException.class);
-    userSession.logIn().setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN);
 
     newRequest()
       .setParam(PARAM_PERMISSION, UserRole.ADMIN)
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java
index 7c36eaa2577..8e713c70d72 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/RemoveUserFromTemplateActionTest.java
@@ -113,67 +113,75 @@ public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<Remov
 
   @Test
   public void fail_if_not_a_project_permission() throws Exception {
+    loginAsAdmin(db.getDefaultOrganization());
+
     expectedException.expect(IllegalArgumentException.class);
 
-    loginAsAdmin(db.getDefaultOrganization());
     newRequest(user.getLogin(), template.getUuid(), GlobalPermissions.PROVISIONING);
   }
 
   @Test
   public void fail_if_insufficient_privileges() throws Exception {
+    userSession.logIn();
+
     expectedException.expect(ForbiddenException.class);
-    userSession.logIn("john").setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 
     newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
   }
 
   @Test
   public void fail_if_not_logged_in() throws Exception {
-    expectedException.expect(UnauthorizedException.class);
     userSession.anonymous();
 
+    expectedException.expect(UnauthorizedException.class);
+
     newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
   }
 
   @Test
   public void fail_if_user_missing() throws Exception {
+    loginAsAdmin(db.getDefaultOrganization());
+
     expectedException.expect(IllegalArgumentException.class);
 
-    loginAsAdmin(db.getDefaultOrganization());
     newRequest(null, template.getUuid(), DEFAULT_PERMISSION);
   }
 
   @Test
   public void fail_if_permission_missing() throws Exception {
+    loginAsAdmin(db.getDefaultOrganization());
+
     expectedException.expect(IllegalArgumentException.class);
 
-    loginAsAdmin(db.getDefaultOrganization());
     newRequest(user.getLogin(), template.getUuid(), null);
   }
 
   @Test
   public void fail_if_template_missing() throws Exception {
+    loginAsAdmin(db.getDefaultOrganization());
+
     expectedException.expect(BadRequestException.class);
 
-    loginAsAdmin(db.getDefaultOrganization());
     newRequest(user.getLogin(), null, DEFAULT_PERMISSION);
   }
 
   @Test
   public void fail_if_user_does_not_exist() throws Exception {
+    loginAsAdmin(db.getDefaultOrganization());
+
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("User with login 'unknown-login' is not found");
 
-    loginAsAdmin(db.getDefaultOrganization());
     newRequest("unknown-login", template.getUuid(), DEFAULT_PERMISSION);
   }
 
   @Test
   public void fail_if_template_key_does_not_exist() throws Exception {
+    loginAsAdmin(db.getDefaultOrganization());
+
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
 
-    loginAsAdmin(db.getDefaultOrganization());
     newRequest(user.getLogin(), "unknown-key", DEFAULT_PERMISSION);
   }
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SetDefaultTemplateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SetDefaultTemplateActionTest.java
index ab30a58a403..b40364a671f 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SetDefaultTemplateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/SetDefaultTemplateActionTest.java
@@ -22,7 +22,6 @@ package org.sonar.server.permission.ws.template;
 import javax.annotation.Nullable;
 import org.junit.Test;
 import org.sonar.api.resources.Qualifiers;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.organization.DefaultTemplates;
@@ -127,7 +126,7 @@ public class SetDefaultTemplateActionTest extends BasePermissionWsTest<SetDefaul
   public void fail_if_not_admin() throws Exception {
     OrganizationDto organization = db.organizations().insert();
     PermissionTemplateDto template = insertTemplate(organization);
-    userSession.logIn().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+    userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java
index 3e0ee7ad05b..2bbd7b7f5b5 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java
@@ -53,7 +53,6 @@ import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
 import static org.sonar.core.util.Protobuf.setNullable;
 import static org.sonar.server.project.ws.ProjectsWsSupport.PARAM_ORGANIZATION;
 import static org.sonar.test.JsonAssert.assertJson;
@@ -148,7 +147,6 @@ public class CreateActionTest {
 
   @Test
   public void fail_when_missing_project_parameter() throws Exception {
-    userSession.setGlobalPermissions(PROVISIONING);
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'project' parameter is missing");
 
@@ -157,7 +155,6 @@ public class CreateActionTest {
 
   @Test
   public void fail_when_missing_name_parameter() throws Exception {
-    userSession.setGlobalPermissions(PROVISIONING);
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'name' parameter is missing");
 
@@ -166,7 +163,6 @@ public class CreateActionTest {
 
   @Test
   public void fail_when_missing_create_project_permission() throws Exception {
-    userSession.setGlobalPermissions(QUALITY_GATE_ADMIN);
     expectedException.expect(ForbiddenException.class);
 
     call(CreateRequest.builder().setKey(DEFAULT_PROJECT_KEY).setName(DEFAULT_PROJECT_NAME).build());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
index 4e9685fd48c..79362a8d9d7 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java
@@ -77,10 +77,10 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void global_admin_deletes_project_by_id() throws Exception {
+  public void root_administrator_deletes_project_by_id() throws Exception {
     ComponentDto project = componentDbTester.insertProject();
 
-    userSessionRule.logIn().setGlobalPermissions(UserRole.ADMIN);
+    userSessionRule.logIn().setRoot();
     WsTester.TestRequest request = newRequest().setParam(PARAM_ID, project.uuid());
     call(request);
 
@@ -88,10 +88,10 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void global_admin_deletes_project_by_key() throws Exception {
+  public void root_administrator_deletes_project_by_key() throws Exception {
     ComponentDto project = componentDbTester.insertProject();
 
-    userSessionRule.logIn().setGlobalPermissions(UserRole.ADMIN);
+    userSessionRule.logIn().setRoot();
     call(newRequest().setParam(PARAM_KEY, project.key()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteActionTest.java
index 917ae8947eb..7524768a830 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteActionTest.java
@@ -25,7 +25,6 @@ import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -48,7 +47,7 @@ public class DeleteActionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+  public UserSessionRule userSession = UserSessionRule.standalone();
   @Rule
   public DbTester db = DbTester.create();
   private DbClient dbClient = db.getDbClient();
@@ -57,10 +56,11 @@ public class DeleteActionTest {
   private WsActionTester ws = new WsActionTester(new DeleteAction(dbClient, userSession));
 
   @Test
-  public void delete_as_global_admin() {
+  public void root_administrator_deletes_analysis() {
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false).setStatus(STATUS_PROCESSED));
     db.components().insertSnapshot(newAnalysis(project).setUuid("A2").setLast(true).setStatus(STATUS_PROCESSED));
+    userSession.logIn().setRoot();
 
     call("A1");
 
@@ -71,11 +71,11 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void delete_as_project_admin() {
+  public void project_administrator_deletes_analysis() {
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false).setStatus(STATUS_PROCESSED));
     db.components().insertSnapshot(newAnalysis(project).setUuid("A2").setLast(true).setStatus(STATUS_PROCESSED));
-    userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
     call("A1");
 
@@ -95,9 +95,10 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void fail_when_last_analysis() {
+  public void last_analysis_cannot_be_deleted() {
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(true));
+    userSession.logIn().setRoot();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The last analysis 'A1' cannot be deleted");
@@ -107,6 +108,8 @@ public class DeleteActionTest {
 
   @Test
   public void fail_when_analysis_not_found() {
+    userSession.logIn().setRoot();
+
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Analysis 'A42' not found");
 
@@ -115,6 +118,7 @@ public class DeleteActionTest {
 
   @Test
   public void fail_when_analysis_is_unprocessed() {
+    userSession.logIn().setRoot();
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false).setStatus(STATUS_UNPROCESSED));
 
@@ -126,7 +130,7 @@ public class DeleteActionTest {
 
   @Test
   public void fail_when_not_enough_permission() {
-    userSession.anonymous();
+    userSession.logIn();
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false));
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteEventActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteEventActionTest.java
index dd84c7e9ff4..1b0e93d740a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteEventActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteEventActionTest.java
@@ -28,7 +28,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -52,7 +51,7 @@ public class DeleteEventActionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+  public UserSessionRule userSession = UserSessionRule.standalone();
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
   private DbClient dbClient = db.getDbClient();
@@ -62,9 +61,11 @@ public class DeleteEventActionTest {
 
   @Test
   public void delete_event() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    ComponentDto project = newProjectDto(db.organizations().insert());
+    SnapshotDto analysis = db.components().insertProjectAndSnapshot(project);
     db.events().insertEvent(newEvent(analysis).setUuid("E1"));
     db.events().insertEvent(newEvent(analysis).setUuid("E2"));
+    logInAsProjectAdministrator(project);
 
     call("E2");
 
@@ -77,6 +78,7 @@ public class DeleteEventActionTest {
     ComponentDto project = db.components().insertProject();
     SnapshotDto analysis = db.components().insertSnapshot(newAnalysis(project).setVersion("5.6.3").setLast(false));
     db.events().insertEvent(newEvent(analysis).setUuid("E1").setCategory(VERSION.getLabel()));
+    logInAsProjectAdministrator(project);
 
     call("E1");
 
@@ -84,22 +86,12 @@ public class DeleteEventActionTest {
     assertThat(newAnalysis.getVersion()).isNull();
   }
 
-  @Test
-  public void delete_event_as_project_admin() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), "P1"));
-    db.events().insertEvent(newEvent(analysis).setUuid("E1"));
-    userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, "P1");
-
-    call("E1");
-
-    assertThat(db.countRowsOfTable("events")).isEqualTo(0);
-  }
-
   @Test
   public void fail_if_version_for_last_analysis() {
     ComponentDto project = db.components().insertProject();
     SnapshotDto analysis = db.components().insertSnapshot(newAnalysis(project).setVersion("5.6.3").setLast(true));
     db.events().insertEvent(newEvent(analysis).setUuid("E1").setCategory(VERSION.getLabel()));
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Cannot delete the version event of last analysis");
@@ -109,8 +101,10 @@ public class DeleteEventActionTest {
 
   @Test
   public void fail_if_category_different_than_other_and_version() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), "P1"));
+    ComponentDto project = newProjectDto(db.organizations().insert(), "P1");
+    SnapshotDto analysis = db.components().insertProjectAndSnapshot(project);
     db.events().insertEvent(newEvent(analysis).setUuid("E1").setCategory("Profile"));
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Event of category 'QUALITY_PROFILE' cannot be modified. Authorized categories: VERSION, OTHER");
@@ -130,7 +124,7 @@ public class DeleteEventActionTest {
   public void fail_if_not_enough_permission() {
     SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
     db.events().insertEvent(newEvent(analysis).setUuid("E1"));
-    userSession.anonymous();
+    userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -161,4 +155,8 @@ public class DeleteEventActionTest {
 
     request.execute();
   }
+
+  private void logInAsProjectAdministrator(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+  }
 }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/SearchActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/SearchActionTest.java
index 31d596da1f8..a0b508db37e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/SearchActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/SearchActionTest.java
@@ -32,7 +32,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.server.ws.WebService.Param;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDto;
@@ -74,7 +73,7 @@ public class SearchActionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+  public UserSessionRule userSession = UserSessionRule.standalone();
   @Rule
   public DbTester db = DbTester.create();
   private DbClient dbClient = db.getDbClient();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/UpdateEventActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/UpdateEventActionTest.java
index ed476ef8993..8d714b774bc 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/UpdateEventActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/UpdateEventActionTest.java
@@ -29,7 +29,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.server.ws.WebService;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -59,14 +58,14 @@ import static org.sonarqube.ws.client.projectanalysis.ProjectAnalysesWsParameter
 
 public class UpdateEventActionTest {
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+  public UserSessionRule userSession = UserSessionRule.standalone();
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
+
   private DbClient dbClient = db.getDbClient();
   private DbSession dbSession = db.getSession();
-
   private WsActionTester ws = new WsActionTester(new UpdateEventAction(dbClient, userSession));
 
   @Test
@@ -78,6 +77,7 @@ public class UpdateEventActionTest {
       .setCategory(OTHER.getLabel())
       .setName("Original Name")
       .setDescription("Original Description"));
+    logInAsProjectAdministrator(project);
 
     String result = ws.newRequest()
       .setParam(PARAM_EVENT, "E1")
@@ -86,10 +86,9 @@ public class UpdateEventActionTest {
 
     assertJson(result).isSimilarTo(getClass().getResource("update_event-example.json"));
   }
-
   @Test
   public void update_name_in_db() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     EventDto originalEvent = db.events().insertEvent(newEvent(analysis).setUuid("E1").setName("Original Name"));
 
     call("E1", "name");
@@ -104,7 +103,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void ws_response_with_updated_name() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     EventDto originalEvent = db.events().insertEvent(newEvent(analysis).setUuid("E1").setName("Original Name"));
 
     ProjectAnalyses.Event result = call("E1", "name").getEvent();
@@ -118,8 +117,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void update_VERSION_event_update_analysis_version() {
-    ComponentDto project = db.components().insertProject();
-    SnapshotDto analysis = db.components().insertSnapshot(newAnalysis(project).setVersion("5.6"));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     db.events().insertEvent(newEvent(analysis).setUuid("E1").setCategory(VERSION.getLabel()));
 
     call("E1", "6.3");
@@ -130,8 +128,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void update_OTHER_event_does_not_update_analysis_version() {
-    ComponentDto project = db.components().insertProject();
-    SnapshotDto analysis = db.components().insertSnapshot(newAnalysis(project).setVersion("5.6"));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     db.events().insertEvent(newEvent(analysis).setUuid("E1").setCategory(OTHER.getLabel()));
 
     call("E1", "6.3");
@@ -142,7 +139,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void update_name_only_in_db() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     EventDto originalEvent = db.events().insertEvent(newEvent(analysis).setUuid("E1").setName("Original Name").setDescription("Original Description"));
 
     call("E1", "name");
@@ -153,20 +150,7 @@ public class UpdateEventActionTest {
   }
 
   @Test
-  public void update_as_project_admin() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), "P1"));
-    db.events().insertEvent(newEvent(analysis).setUuid("E1").setName("Original Name"));
-    userSession.anonymous().addProjectUuidPermissions(UserRole.ADMIN, "P1");
-
-    call("E1", "name");
-
-    EventDto newEvent = dbClient.eventDao().selectByUuid(dbSession, "E1").get();
-    assertThat(newEvent.getName()).isEqualTo("name");
-    assertThat(newEvent.getDescription()).isNull();
-  }
-
-  @Test
-  public void ws_definition() {
+  public void test_ws_definition() {
     WebService.Action definition = ws.getDef();
 
     assertThat(definition.key()).isEqualTo("update_event");
@@ -177,10 +161,11 @@ public class UpdateEventActionTest {
   }
 
   @Test
-  public void fail_if_insufficient_permissions() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+  public void throw_ForbiddenException_if_not_project_administrator() {
+    ComponentDto project = newProjectDto(db.organizations().insert());
+    SnapshotDto analysis = db.components().insertProjectAndSnapshot(project);
     db.events().insertEvent(newEvent(analysis).setUuid("E1"));
-    userSession.anonymous();
+    userSession.logIn().addProjectUuidPermissions(project.uuid(), UserRole.USER);
 
     expectedException.expect(ForbiddenException.class);
 
@@ -189,6 +174,8 @@ public class UpdateEventActionTest {
 
   @Test
   public void fail_if_event_is_not_found() {
+    userSession.logIn().setRoot();
+
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Event 'E42' not found");
 
@@ -197,7 +184,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void fail_if_no_name() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     db.events().insertEvent(newEvent(analysis).setUuid("E1"));
 
     expectedException.expect(NullPointerException.class);
@@ -207,7 +194,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void fail_if_blank_name() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     db.events().insertEvent(newEvent(analysis).setUuid("E1"));
 
     expectedException.expect(IllegalArgumentException.class);
@@ -218,7 +205,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void fail_if_category_other_than_other_or_version() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     db.events().insertEvent(newEvent(analysis).setUuid("E1").setCategory("Profile"));
 
     expectedException.expect(IllegalArgumentException.class);
@@ -229,7 +216,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void fail_if_other_event_with_same_name_on_same_analysis() {
-    SnapshotDto analysis = db.components().insertProjectAndSnapshot(newProjectDto(db.organizations().insert()));
+    SnapshotDto analysis = createAnalysisAndLogInAsProjectAdministrator("5.6");
     db.events().insertEvent(newEvent(analysis).setUuid("E1").setCategory(OTHER.getLabel()).setName("E1 name"));
     db.events().insertEvent(newEvent(analysis).setUuid("E2").setCategory(OTHER.getLabel()).setName("E2 name"));
 
@@ -252,4 +239,15 @@ public class UpdateEventActionTest {
       throw Throwables.propagate(e);
     }
   }
+
+  private void logInAsProjectAdministrator(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+  }
+
+  private SnapshotDto createAnalysisAndLogInAsProjectAdministrator(String version) {
+    ComponentDto project = db.components().insertProject();
+    SnapshotDto analysis = db.components().insertSnapshot(newAnalysis(project).setVersion(version));
+    logInAsProjectAdministrator(project);
+    return analysis;
+  }
 }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/CreateActionTest.java
index 9d7ae2cf65c..5a0ff5d74d1 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/CreateActionTest.java
@@ -43,7 +43,6 @@ import org.sonar.server.ws.WsActionTester;
 import org.sonarqube.ws.WsProjectLinks;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01;
 import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
 import static org.sonar.test.JsonAssert.assertJson;
@@ -79,7 +78,7 @@ public class CreateActionTest {
     underTest = new CreateAction(dbClient, userSession, componentFinder);
     ws = new WsActionTester(underTest);
 
-    userSession.logIn("login").setGlobalPermissions(SYSTEM_ADMIN);
+    userSession.logIn().setRoot();
   }
 
   @Test
@@ -110,18 +109,10 @@ public class CreateActionTest {
     assertJson(result).ignoreFields("id").isSimilarTo(getClass().getResource("create-example.json"));
   }
 
-  @Test
-  public void global_admin() throws IOException {
-    userSession.logIn().setGlobalPermissions(SYSTEM_ADMIN);
-    ComponentDto project = insertProject();
-    createAndTest(project);
-  }
-
   @Test
   public void require_project_admin() throws IOException {
-    userSession.logIn();
     ComponentDto project = insertProject();
-    userSession.addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
     createAndTest(project);
   }
 
diff --git a/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/DeleteActionTest.java
index f65eec209b8..004899603c9 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/DeleteActionTest.java
@@ -19,7 +19,6 @@
  */
 package org.sonar.server.projectlink.ws;
 
-import java.io.IOException;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -40,7 +39,6 @@ import org.sonar.server.ws.TestResponse;
 import org.sonar.server.ws.WsActionTester;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01;
 import static org.sonar.server.ws.KeyExamples.KEY_PROJECT_EXAMPLE_001;
 import static org.sonarqube.ws.client.projectlinks.ProjectLinksWsParameters.PARAM_ID;
@@ -69,14 +67,13 @@ public class DeleteActionTest {
   public void setUp() {
     underTest = new DeleteAction(dbClient, userSession);
     ws = new WsActionTester(underTest);
-
-    userSession.logIn("login").setGlobalPermissions(SYSTEM_ADMIN);
   }
 
   @Test
   public void no_response() {
     ComponentDto project = insertProject();
     ComponentLinkDto link = insertCustomLink(project.uuid());
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
     TestResponse response = deleteLink(link.getId());
 
@@ -89,20 +86,7 @@ public class DeleteActionTest {
     ComponentDto project = insertProject();
     ComponentLinkDto link = insertCustomLink(project.uuid());
     long id = link.getId();
-
-    deleteLink(id);
-    assertLinkIsDeleted(id);
-  }
-
-  @Test
-  public void project_admin() throws IOException {
-    userSession.logIn("login");
-
-    ComponentDto project = insertProject();
-    userSession.addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
-
-    ComponentLinkDto link = insertCustomLink(project.uuid());
-    long id = link.getId();
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
     deleteLink(id);
     assertLinkIsDeleted(id);
@@ -116,6 +100,7 @@ public class DeleteActionTest {
     ComponentLinkDto customLink2 = insertCustomLink(project2.uuid());
     Long id1 = customLink1.getId();
     Long id2 = customLink2.getId();
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project1.uuid(), project2.uuid());
 
     deleteLink(id1);
     assertLinkIsDeleted(id1);
@@ -126,14 +111,17 @@ public class DeleteActionTest {
   public void fail_when_delete_provided_link() {
     ComponentDto project = insertProject();
     ComponentLinkDto link = insertHomepageLink(project.uuid());
+    userSession.logIn().setRoot();
 
     expectedException.expect(BadRequestException.class);
+
     deleteLink(link.getId());
   }
 
   @Test
   public void fail_when_no_link() {
     expectedException.expect(NotFoundException.class);
+
     deleteLink("175");
   }
 
@@ -145,12 +133,13 @@ public class DeleteActionTest {
     ComponentLinkDto link = insertCustomLink(project.uuid());
 
     expectedException.expect(ForbiddenException.class);
+
     deleteLink(link.getId());
   }
 
   @Test
   public void fail_if_not_project_admin() {
-    userSession.logIn("login");
+    userSession.logIn();
 
     ComponentDto project = insertProject();
     ComponentLinkDto link = insertCustomLink(project.uuid());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
index f430aea4eb9..f1f3f095812 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java
@@ -43,7 +43,6 @@ import org.sonar.server.ws.WsActionTester;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
 import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.server.qualitygate.QualityGates.SONAR_QUALITYGATE_PROPERTY;
 
 public class DeselectActionTest {
@@ -126,18 +125,6 @@ public class DeselectActionTest {
     assertDeselected(project.getId());
   }
 
-  @Test
-  public void system_admin() throws Exception {
-    String gateId = String.valueOf(gate.getId());
-    associateProjectToQualityGate(project.getId(), gateId);
-
-    userSession.logIn().setGlobalPermissions(SYSTEM_ADMIN);
-
-    callByKey(gateId, project.getKey());
-
-    assertDeselected(project.getId());
-  }
-
   @Test
   public void fail_when_no_quality_gate() throws Exception {
     expectedException.expect(NotFoundException.class);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java
index 490891a3a24..1c65969faa4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/GetByProjectActionTest.java
@@ -28,7 +28,6 @@ import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -57,7 +56,7 @@ import static org.sonarqube.ws.client.qualitygate.QualityGatesWsParameters.PARAM
 
 public class GetByProjectActionTest {
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+  public UserSessionRule userSession = UserSessionRule.standalone();
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
@@ -75,6 +74,7 @@ public class GetByProjectActionTest {
     ComponentDto project = componentDb.insertComponent(newProjectDto(organizationDto));
     QualityGateDto qualityGate = insertQualityGate("My team QG");
     associateProjectToQualityGate(project.getId(), qualityGate.getId());
+    logInAsProjectUser(project);
 
     String result = ws.newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).execute().getInput();
 
@@ -87,6 +87,7 @@ public class GetByProjectActionTest {
   public void empty_response() {
     ComponentDto project = componentDb.insertProject();
     insertQualityGate("Another QG");
+    logInAsProjectUser(project);
 
     String result = ws.newRequest().setParam(PARAM_PROJECT_ID, project.uuid()).execute().getInput();
 
@@ -98,6 +99,7 @@ public class GetByProjectActionTest {
     ComponentDto project = componentDb.insertComponent(newProjectDto(db.organizations().insert()));
     QualityGateDto dbQualityGate = insertQualityGate("Sonar way");
     setDefaultQualityGate(dbQualityGate.getId());
+    logInAsProjectUser(project);
 
     GetByProjectWsResponse result = callByUuid(project.uuid());
 
@@ -114,6 +116,7 @@ public class GetByProjectActionTest {
     QualityGateDto dbQualityGate = insertQualityGate("My team QG");
     setDefaultQualityGate(defaultDbQualityGate.getId());
     associateProjectToQualityGate(project.getId(), dbQualityGate.getId());
+    logInAsProjectUser(project);
 
     GetByProjectWsResponse result = callByUuid(project.uuid());
 
@@ -127,6 +130,7 @@ public class GetByProjectActionTest {
     ComponentDto project = componentDb.insertComponent(newProjectDto(db.organizations().insert()));
     QualityGateDto dbQualityGate = insertQualityGate("My team QG");
     associateProjectToQualityGate(project.getId(), dbQualityGate.getId());
+    logInAsProjectUser(project);
 
     GetByProjectWsResponse result = callByKey(project.key());
 
@@ -159,13 +163,13 @@ public class GetByProjectActionTest {
 
   @Test
   public void fail_when_insufficient_permission() {
-    expectedException.expect(ForbiddenException.class);
-
     ComponentDto project = componentDb.insertComponent(newProjectDto(db.getDefaultOrganization()));
-    userSession.anonymous().setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION);
+    userSession.logIn();
     QualityGateDto dbQualityGate = insertQualityGate("Sonar way");
     setDefaultQualityGate(dbQualityGate.getId());
 
+    expectedException.expect(ForbiddenException.class);
+
     callByUuid(project.uuid());
   }
 
@@ -239,4 +243,8 @@ public class GetByProjectActionTest {
       .setValue(String.valueOf(qualityGateId)));
     db.commit();
   }
+
+  private void logInAsProjectUser(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
+  }
 }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/RuleActivatorMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/RuleActivatorMediumTest.java
index 74eb8c77dc1..12e0d1350b4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/RuleActivatorMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/qualityprofile/RuleActivatorMediumTest.java
@@ -33,7 +33,6 @@ import org.junit.Test;
 import org.sonar.api.rule.RuleKey;
 import org.sonar.api.rule.RuleStatus;
 import org.sonar.api.server.rule.RuleParamType;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.qualityprofile.ActiveRuleDto;
@@ -188,7 +187,7 @@ public class RuleActivatorMediumTest {
     activation.setSeverity(BLOCKER);
     activation.setParameter("max", "7");
     activation.setParameter("min", "3");
-    userSessionRule.logIn().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+    userSessionRule.logIn().setRoot();
     List<ActiveRuleChange> changes = ruleActivator.activate(dbSession, activation, profileDto);
     dbSession.commit();
     dbSession.clearCache();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/CreateActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/CreateActionMediumTest.java
index abec6d10127..4b590cad415 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/CreateActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/CreateActionMediumTest.java
@@ -29,7 +29,6 @@ import org.mockito.runners.MockitoJUnitRunner;
 import org.sonar.api.rule.RuleKey;
 import org.sonar.api.rule.RuleStatus;
 import org.sonar.api.rule.Severity;
-import org.sonar.core.permission.GlobalPermissions;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.rule.RuleDao;
@@ -47,8 +46,7 @@ public class CreateActionMediumTest {
   public static ServerTester tester = new ServerTester().withEsIndexes();
 
   @Rule
-  public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester).logIn()
-    .setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+  public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester).logIn().setRoot();
 
   WsTester wsTester;
   RuleDao ruleDao;
diff --git a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
index 69ed7033814..54c4f63c04e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/rule/ws/ShowActionMediumTest.java
@@ -41,6 +41,7 @@ import org.sonar.db.rule.RuleDto;
 import org.sonar.db.rule.RuleDto.Format;
 import org.sonar.db.rule.RuleParamDto;
 import org.sonar.db.rule.RuleTesting;
+import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.qualityprofile.index.ActiveRuleIndexer;
 import org.sonar.server.rule.NewCustomRule;
 import org.sonar.server.rule.RuleCreator;
@@ -60,7 +61,7 @@ public class ShowActionMediumTest {
 
   @Rule
   public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester).logIn()
-    .setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+    .addOrganizationPermission(tester.get(DefaultOrganizationProvider.class).get().getUuid(), GlobalPermissions.QUALITY_PROFILE_ADMIN);
 
   WsTester wsTester;