From: Teryk Bellahsene Date: Tue, 14 Mar 2017 14:18:17 +0000 (+0100) Subject: SONAR-8893 WS api/organizations/remove_member delete member permissions X-Git-Tag: 6.4-RC1~715 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=fc0ab880805a64f3a3c658521f199200aa9fc2f1;p=sonarqube.git SONAR-8893 WS api/organizations/remove_member delete member permissions --- diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java index 6ae036500f2..42f4886f7f4 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java @@ -141,6 +141,10 @@ public class UserPermissionDao implements Dao { mapper(dbSession).deleteByOrganization(organizationUuid); } + public void deleteOrganizationMemberPermissions(DbSession dbSession, String organizationUuid, int userId) { + mapper(dbSession).deleteOrganizationMemberPermissions(organizationUuid, userId); + } + private static UserPermissionMapper mapper(DbSession dbSession) { return dbSession.getMapper(UserPermissionMapper.class); } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java index 56209760616..0e48f71f9d9 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java @@ -61,4 +61,6 @@ public interface UserPermissionMapper { List selectProjectPermissionsOfUser(@Param("userId") int userId, @Param("projectId") long projectId); void deleteByOrganization(@Param("organizationUuid") String organizationUuid); + + void deleteOrganizationMemberPermissions(@Param("organizationUuid") String organizationUuid, @Param("userId") int login); } diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml index 18091c27aa0..c61f730a967 100644 --- a/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml +++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml @@ -123,4 +123,12 @@ where organization_uuid = #{organizationUuid,jdbcType=VARCHAR} + + + delete from + user_roles + where + organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and + user_id = #{userId,jdbcType=INTEGER} + diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java index 528cd03b971..cac3651c77a 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java @@ -28,6 +28,7 @@ import org.junit.Before; import org.junit.Rule; import org.junit.Test; import org.sonar.api.utils.System2; +import org.sonar.api.web.UserRole; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; @@ -37,6 +38,7 @@ import org.sonar.db.user.UserDto; import static java.util.Arrays.asList; import static org.assertj.core.api.Assertions.assertThat; +import static org.sonar.api.web.UserRole.CODEVIEWER; import static org.sonar.api.web.UserRole.ISSUE_ADMIN; import static org.sonar.api.web.UserRole.USER; import static org.sonar.core.permission.GlobalPermissions.PROVISIONING; @@ -394,6 +396,34 @@ public class UserPermissionDaoTest { verifyOrganizationUuidsInTable(); } + @Test + public void delete_permissions_of_an_organization_member() { + OrganizationDto organization1 = dbTester.organizations().insert(); + OrganizationDto organization2 = dbTester.organizations().insert(); + ComponentDto project = dbTester.components().insertProject(organization1); + UserDto user1 = dbTester.users().insertUser(); + UserDto user2 = dbTester.users().insertUser(); + // user 1 permissions + dbTester.users().insertPermissionOnUser(organization1, user1, OrganizationPermission.SCAN); + dbTester.users().insertPermissionOnUser(organization1, user1, OrganizationPermission.ADMINISTER); + dbTester.users().insertProjectPermissionOnUser(user1, UserRole.CODEVIEWER, project); + dbTester.users().insertPermissionOnUser(organization2, user1, OrganizationPermission.SCAN); + // user 2 permission + dbTester.users().insertPermissionOnUser(organization1, user2, OrganizationPermission.SCAN); + dbTester.users().insertProjectPermissionOnUser(user2, UserRole.CODEVIEWER, project); + + underTest.deleteOrganizationMemberPermissions(dbSession, organization1.getUuid(), user1.getId()); + dbSession.commit(); + + // user 1 permissions + assertOrgPermissionsOfUser(user1, organization1); + assertOrgPermissionsOfUser(user1, organization2, OrganizationPermission.SCAN); + assertProjectPermissionsOfUser(user1, project); + // user 2 permissions + assertOrgPermissionsOfUser(user2, organization1, OrganizationPermission.SCAN); + assertProjectPermissionsOfUser(user2, project, CODEVIEWER); + } + private void verifyOrganizationUuidsInTable(String... organizationUuids) { assertThat(dbTester.select("select organization_uuid as \"organizationUuid\" from user_roles")) .extracting((row) -> (String) row.get("organizationUuid")) @@ -453,4 +483,14 @@ public class UserPermissionDaoTest { private void assertThatProjectHasNoPermissions(ComponentDto project) { assertThat(dbTester.countSql(dbSession, "select count(id) from user_roles where resource_id=" + project.getId())).isEqualTo(0); } + + private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) { + assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid()).stream() + .map(OrganizationPermission::fromKey)) + .containsOnly(permissions); + } + + private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) { + assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getId(), project.getId())).containsOnly(permissions); + } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java index 14196531073..6ff2a10c59c 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java +++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java @@ -87,6 +87,8 @@ public class RemoveMemberAction implements OrganizationsWsAction { OrganizationMemberDto organizationMember = dbClient.organizationMemberDao().select(dbSession, organization.getUuid(), user.getId()) .orElseThrow(() -> BadRequestException.create(format("User '%s' is not a member of organization '%s'", user.getLogin(), organization.getKey()))); + dbClient.userPermissionDao().deleteOrganizationMemberPermissions(dbSession, organizationMember.getOrganizationUuid(), organizationMember.getUserId()); + dbClient.organizationMemberDao().delete(dbSession, organizationMember.getOrganizationUuid(), organizationMember.getUserId()); dbSession.commit(); } diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java index f50d7618a4b..aaf68807295 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/RemoveMemberActionTest.java @@ -29,7 +29,9 @@ import org.sonar.api.server.ws.WebService; import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; +import org.sonar.db.component.ComponentDto; import org.sonar.db.organization.OrganizationDto; +import org.sonar.db.permission.OrganizationPermission; import org.sonar.db.user.UserDto; import org.sonar.server.exceptions.BadRequestException; import org.sonar.server.exceptions.ForbiddenException; @@ -41,9 +43,12 @@ import org.sonar.server.ws.WsActionTester; import static java.net.HttpURLConnection.HTTP_NO_CONTENT; import static org.assertj.core.api.Assertions.assertThat; +import static org.sonar.api.web.UserRole.CODEVIEWER; +import static org.sonar.api.web.UserRole.USER; import static org.sonar.core.util.Protobuf.setNullable; import static org.sonar.db.permission.OrganizationPermission.ADMINISTER; import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES; +import static org.sonar.db.permission.OrganizationPermission.SCAN; import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION; public class RemoveMemberActionTest { @@ -59,6 +64,7 @@ public class RemoveMemberActionTest { private WsActionTester ws = new WsActionTester(new RemoveMemberAction(dbClient, userSession)); private OrganizationDto organization; + private ComponentDto project; private UserDto user; @Before @@ -66,6 +72,7 @@ public class RemoveMemberActionTest { organization = db.organizations().insert(); user = db.users().insertUser(); db.organizations().addMember(organization, user); + project = db.components().insertProject(organization); } @Test @@ -94,12 +101,33 @@ public class RemoveMemberActionTest { } @Test - public void remove_member_from_db() { + public void remove_member_from_db_and_all_dependencies() { + UserDto anotherUser = db.users().insertUser(); + OrganizationDto anotherOrganization = db.organizations().insert(); + ComponentDto anotherProject = db.components().insertProject(anotherOrganization); assertMember(organization.getUuid(), user.getId()); + db.users().insertPermissionOnUser(organization, user, ADMINISTER); + db.users().insertPermissionOnUser(organization, user, SCAN); + db.users().insertPermissionOnUser(anotherOrganization, user, ADMINISTER); + db.users().insertPermissionOnUser(anotherOrganization, user, SCAN); + db.users().insertPermissionOnUser(organization, anotherUser, ADMINISTER); + db.users().insertPermissionOnUser(organization, anotherUser, SCAN); + db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project); + db.users().insertProjectPermissionOnUser(user, USER, project); + db.users().insertProjectPermissionOnUser(user, CODEVIEWER, anotherProject); + db.users().insertProjectPermissionOnUser(user, USER, anotherProject); + db.users().insertProjectPermissionOnUser(anotherUser, CODEVIEWER, project); + db.users().insertProjectPermissionOnUser(anotherUser, USER, project); call(organization.getKey(), user.getLogin()); assertNotAMember(organization.getUuid(), user.getId()); + assertOrgPermissionsOfUser(user, organization); + assertOrgPermissionsOfUser(user, anotherOrganization, ADMINISTER, SCAN); + assertOrgPermissionsOfUser(anotherUser, organization, ADMINISTER, SCAN); + assertProjectPermissionsOfUser(user, project); + assertProjectPermissionsOfUser(user, anotherProject, CODEVIEWER, USER); + assertProjectPermissionsOfUser(anotherUser, project, CODEVIEWER, USER); } @Test @@ -185,4 +213,14 @@ public class RemoveMemberActionTest { private void assertMember(String organizationUuid, int userId) { assertThat(dbClient.organizationMemberDao().select(dbSession, organizationUuid, userId)).isPresent(); } + + private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) { + assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid()).stream() + .map(OrganizationPermission::fromKey)) + .containsOnly(permissions); + } + + private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) { + assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(dbSession, user.getId(), project.getId())).containsOnly(permissions); + } }