From d64a04c89a6c31839faac5b78a556cb4e3fed5ee Mon Sep 17 00:00:00 2001 From: Zipeng WU Date: Wed, 20 Oct 2021 09:17:36 +0200 Subject: [PATCH] SONAR-15442 Deactivate an user should remove its permission on Quality Gate --- .../QualityGateUserPermissionsDao.java | 4 ++ .../QualityGateUserPermissionsMapper.java | 2 + .../QualityGateUserPermissionsMapper.xml | 5 +++ .../QualityGateUserPermissionsDaoTest.java | 19 +++++++++ .../server/user/ws/DeactivateAction.java | 1 + .../server/user/ws/DeactivateActionTest.java | 41 +++++++++++++------ 6 files changed, 59 insertions(+), 13 deletions(-) diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java index 407893ff023..5d383b5f5b8 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java @@ -64,6 +64,10 @@ public class QualityGateUserPermissionsDao implements Dao { return mapper(dbSession).countByQuery(query); } + public void deleteByUser(DbSession dbSession, UserDto user) { + mapper(dbSession).deleteByUser(user.getUuid()); + } + public void deleteByQualityGate(DbSession dbSession, QualityGateDto qualityGate) { mapper(dbSession).deleteByQualityGate(qualityGate.getUuid()); } diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java index 93fbcf889f3..8f3a7c8e268 100644 --- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java +++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java @@ -35,6 +35,8 @@ public interface QualityGateUserPermissionsMapper { int countByQuery(@Param("query") SearchPermissionQuery query); + void deleteByUser(@Param("userUuid") String userUuid); + void deleteByQualityGate(@Param("qualityGateUuid") String qualityGateUuid); } diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml index 28445e07760..628a828f1f7 100644 --- a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml +++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml @@ -92,6 +92,11 @@ + + delete from qgate_user_permissions + where user_uuid = #{userUuid} + + delete from qgate_user_permissions where quality_gate_uuid = #{qualityGateUuid, jdbcType=VARCHAR} diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java index bcf971e30b3..048be73e898 100644 --- a/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java +++ b/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java @@ -207,6 +207,25 @@ public class QualityGateUserPermissionsDaoTest { .containsExactly(user1.getUuid(), user2.getUuid(), user3.getUuid()); } + @Test + public void deleteByUser() { + QualityGateDto qualityGateDto1 = db.qualityGates().insertQualityGate(); + QualityGateDto qualityGateDto2 = db.qualityGates().insertQualityGate(); + QualityGateDto qualityGateDto3 = db.qualityGates().insertQualityGate(); + + UserDto user1 = db.users().insertUser(u -> u.setName("user1")); + UserDto user2 = db.users().insertUser(u -> u.setName("user2")); + db.qualityGates().addUserPermission(qualityGateDto1, user1); + db.qualityGates().addUserPermission(qualityGateDto2, user2); + db.qualityGates().addUserPermission(qualityGateDto3, user1); + + underTest.deleteByUser(dbSession, user1); + + assertThat(underTest.exists(dbSession, qualityGateDto1, user1)).isFalse(); + assertThat(underTest.exists(dbSession, qualityGateDto2, user2)).isTrue(); + assertThat(underTest.exists(dbSession, qualityGateDto3, user1)).isFalse(); + } + @Test public void deleteByQualityGate() { QualityGateDto qualityGateDto1 = qualityGateDbTester.insertQualityGate(); diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java index 4951247e445..d66cd8bc608 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java @@ -96,6 +96,7 @@ public class DeactivateAction implements UsersWsAction { dbClient.almPatDao().deleteByUser(dbSession, user); dbClient.sessionTokensDao().deleteByUser(dbSession, user); dbClient.userDismissedMessagesDao().deleteByUser(dbSession, user); + dbClient.qualityGateUserPermissionDao().deleteByUser(dbSession, user); dbClient.userDao().deactivateUser(dbSession, user); userIndexer.commitAndIndex(dbSession, user); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java index 29350829f84..4bed9a39c92 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java @@ -38,6 +38,7 @@ import org.sonar.db.permission.template.PermissionTemplateUserDto; import org.sonar.db.project.ProjectDto; import org.sonar.db.property.PropertyDto; import org.sonar.db.property.PropertyQuery; +import org.sonar.db.qualitygate.QualityGateDto; import org.sonar.db.qualityprofile.QProfileDto; import org.sonar.db.user.GroupDto; import org.sonar.db.user.SessionTokenDto; @@ -89,7 +90,7 @@ public class DeactivateActionTest { private final WsActionTester ws = new WsActionTester(new DeactivateAction(dbClient, userIndexer, userSession, new UserJsonWriter(userSession))); @Test - public void deactivate_user_and_delete_his_related_data() { + public void deactivate_user_and_delete_their_related_data() { createAdminUser(); UserDto user = db.users().insertUser(u -> u .setLogin("ada.lovelace") @@ -110,7 +111,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_group_membership() { + public void deactivate_user_deletes_their_group_membership() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -124,7 +125,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_tokens() { + public void deactivate_user_deletes_their_tokens() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -138,13 +139,13 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_properties() { + public void deactivate_user_deletes_their_properties() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); ComponentDto project = db.components().insertPrivateProject(); db.properties().insertProperty(newUserPropertyDto(user), null, null, null, user.getLogin()); - db.properties().insertProperty(newUserPropertyDto(user), null,null, null, user.getLogin()); + db.properties().insertProperty(newUserPropertyDto(user), null, null, null, user.getLogin()); db.properties().insertProperty(newUserPropertyDto(user).setComponentUuid(project.uuid()), project.getKey(), project.name(), project.qualifier(), user.getLogin()); @@ -155,7 +156,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_permissions() { + public void deactivate_user_deletes_their_permissions() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -172,7 +173,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_permission_templates() { + public void deactivate_user_deletes_their_permission_templates() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -190,7 +191,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_qprofiles_permissions() { + public void deactivate_user_deletes_their_qprofiles_permissions() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -203,7 +204,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_default_assignee_settings() { + public void deactivate_user_deletes_their_default_assignee_settings() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -223,7 +224,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_user_settings() { + public void deactivate_user_deletes_their_user_settings() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -239,7 +240,21 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_alm_pat() { + public void deactivate_user_deletes_their_qgate_permissions() { + createAdminUser(); + logInAsSystemAdministrator(); + UserDto user = db.users().insertUser(); + QualityGateDto qualityGate = db.qualityGates().insertQualityGate(); + db.qualityGates().addUserPermission(qualityGate, user); + assertThat(db.countRowsOfTable("qgate_user_permissions")).isEqualTo(1); + + deactivate(user.getLogin()); + + assertThat(db.countRowsOfTable("qgate_user_permissions")).isZero(); + } + + @Test + public void deactivate_user_deletes_their_alm_pat() { createAdminUser(); logInAsSystemAdministrator(); AlmSettingDto almSettingDto = db.almSettings().insertBitbucketAlmSetting(); @@ -255,7 +270,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_session_tokens() { + public void deactivate_user_deletes_their_session_tokens() { createAdminUser(); logInAsSystemAdministrator(); UserDto user = db.users().insertUser(); @@ -272,7 +287,7 @@ public class DeactivateActionTest { } @Test - public void deactivate_user_deletes_his_dismissed_messages() { + public void deactivate_user_deletes_their_dismissed_messages() { createAdminUser(); logInAsSystemAdministrator(); ProjectDto project1 = db.components().insertPrivateProjectDto(); -- 2.39.5