SONAR-9037 Do not associate users to default group when organizations are disabled

server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java

@@ -40,6 +40,7 @@ import org.sonar.db.user.UserDto;
 import org.sonar.db.user.UserGroupDto;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.OrganizationCreation;
+import org.sonar.server.organization.OrganizationFlags;
 import org.sonar.server.user.index.UserIndexer;
 import org.sonar.server.usergroups.DefaultGroupFinder;
 import org.sonar.server.util.Validation;
@@ -71,16 +72,18 @@ public class UserUpdater {
   private final DbClient dbClient;
   private final UserIndexer userIndexer;
   private final System2 system2;
+  private final OrganizationFlags organizationFlags;
   private final DefaultOrganizationProvider defaultOrganizationProvider;
   private final OrganizationCreation organizationCreation;
   private final DefaultGroupFinder defaultGroupFinder;
 
-  public UserUpdater(NewUserNotifier newUserNotifier, DbClient dbClient, UserIndexer userIndexer, System2 system2,
+  public UserUpdater(NewUserNotifier newUserNotifier, DbClient dbClient, UserIndexer userIndexer, System2 system2, OrganizationFlags organizationFlags,
     DefaultOrganizationProvider defaultOrganizationProvider, OrganizationCreation organizationCreation, DefaultGroupFinder defaultGroupFinder) {
     this.newUserNotifier = newUserNotifier;
     this.dbClient = dbClient;
     this.userIndexer = userIndexer;
     this.system2 = system2;
+    this.organizationFlags = organizationFlags;
     this.defaultOrganizationProvider = defaultOrganizationProvider;
     this.organizationCreation = organizationCreation;
     this.defaultGroupFinder = defaultGroupFinder;
@@ -114,8 +117,7 @@ public class UserUpdater {
     existingUser.setLocal(true);
     updateUserDto(dbSession, updateUser, existingUser);
     updateUser(dbSession, existingUser);
-    addDefaultGroup(dbSession, existingUser);
-    addUserToDefaultOrganization(dbSession, existingUser);
+    addUserToDefaultOrganizationAndDefaultGroup(dbSession, existingUser);
     dbSession.commit();
   }
 
@@ -345,8 +347,7 @@ public class UserUpdater {
     long now = system2.now();
     userDto.setActive(true).setCreatedAt(now).setUpdatedAt(now);
     UserDto res = dbClient.userDao().insert(dbSession, userDto);
-    addDefaultGroup(dbSession, userDto);
-    addUserToDefaultOrganization(dbSession, userDto);
+    addUserToDefaultOrganizationAndDefaultGroup(dbSession, userDto);
     organizationCreation.createForUser(dbSession, userDto);
     dbSession.commit();
     userIndexer.index(userDto.getLogin());
@@ -378,6 +379,23 @@ public class UserUpdater {
       .build());
   }
 
+  private static boolean isUserAlreadyMemberOfDefaultGroup(GroupDto defaultGroup, List<GroupDto> userGroups) {
+    return userGroups.stream().anyMatch(group -> defaultGroup.getId().equals(group.getId()));
+  }
+
+  private void addUserToDefaultOrganizationAndDefaultGroup(DbSession dbSession, UserDto userDto) {
+    if (organizationFlags.isEnabled(dbSession)) {
+      return;
+    }
+    addUserToDefaultOrganization(dbSession, userDto);
+    addDefaultGroup(dbSession, userDto);
+  }
+
+  private void addUserToDefaultOrganization(DbSession dbSession, UserDto userDto) {
+    String defOrgUuid = defaultOrganizationProvider.get().getUuid();
+    dbClient.organizationMemberDao().insert(dbSession, new OrganizationMemberDto().setOrganizationUuid(defOrgUuid).setUserId(userDto.getId()));
+  }
+
   private void addDefaultGroup(DbSession dbSession, UserDto userDto) {
     String defOrgUuid = defaultOrganizationProvider.get().getUuid();
     List<GroupDto> userGroups = dbClient.groupDao().selectByUserLogin(dbSession, userDto.getLogin());
@@ -387,13 +405,4 @@ public class UserUpdater {
     }
     dbClient.userGroupDao().insert(dbSession, new UserGroupDto().setUserId(userDto.getId()).setGroupId(defaultGroup.getId()));
   }
-
-  private static boolean isUserAlreadyMemberOfDefaultGroup(GroupDto defaultGroup, List<GroupDto> userGroups) {
-    return userGroups.stream().anyMatch(group -> defaultGroup.getId().equals(group.getId()));
-  }
-
-  private void addUserToDefaultOrganization(DbSession dbSession, UserDto userDto) {
-    String defOrgUuid = defaultOrganizationProvider.get().getUuid();
-    dbClient.organizationMemberDao().insert(dbSession, new OrganizationMemberDto().setOrganizationUuid(defOrgUuid).setUserId(userDto.getId()));
-  }
 }

server/sonar-server/src/test/java/org/sonar/server/authentication/SsoAuthenticatorTest.java

@@ -43,6 +43,7 @@ import org.sonar.server.authentication.event.AuthenticationEvent;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.OrganizationCreation;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
+import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.NewUserNotifier;
 import org.sonar.server.user.UserUpdater;
 import org.sonar.server.user.index.UserIndexer;
@@ -95,11 +96,12 @@ public class SsoAuthenticatorTest {
   private System2 system2 = mock(System2.class);
   private Settings settings = new MapSettings();
   private OrganizationCreation organizationCreation = mock(OrganizationCreation.class);
-
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
+  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
+
   private UserIdentityAuthenticator userIdentityAuthenticator = new UserIdentityAuthenticator(
     db.getDbClient(),
-    new UserUpdater(mock(NewUserNotifier.class), db.getDbClient(), mock(UserIndexer.class), System2.INSTANCE, defaultOrganizationProvider, organizationCreation,
+    new UserUpdater(mock(NewUserNotifier.class), db.getDbClient(), mock(UserIndexer.class), System2.INSTANCE, organizationFlags, defaultOrganizationProvider, organizationCreation,
       new DefaultGroupFinder(db.getDbClient())),
     defaultOrganizationProvider, new DefaultGroupFinder(db.getDbClient()));
 

server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java

@@ -36,6 +36,7 @@ import org.sonar.db.user.UserDto;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.OrganizationCreation;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
+import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.NewUserNotifier;
 import org.sonar.server.user.UserUpdater;
 import org.sonar.server.user.index.UserIndexer;
@@ -75,11 +76,14 @@ public class UserIdentityAuthenticatorTest {
 
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
   private OrganizationCreation organizationCreation = mock(OrganizationCreation.class);
+  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
+
   private UserUpdater userUpdater = new UserUpdater(
     mock(NewUserNotifier.class),
     db.getDbClient(),
     mock(UserIndexer.class),
     System2.INSTANCE,
+    organizationFlags,
     defaultOrganizationProvider,
     organizationCreation,
     new DefaultGroupFinder(db.getDbClient()));
@@ -118,6 +122,18 @@ public class UserIdentityAuthenticatorTest {
     checkGroupMembership(user.get(), group1, group2, defaultGroup);
   }
 
+  @Test
+  public void authenticate_new_user_and_force_default_group() throws Exception {
+    UserDto user = db.users().insertUser();
+    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
+    db.users().insertMember(group1, user);
+    db.users().insertMember(defaultGroup, user);
+
+    authenticate(user.getLogin(), "group1");
+
+    checkGroupMembership(user, group1, defaultGroup);
+  }
+
   @Test
   public void authenticate_existing_user() throws Exception {
     db.users().insertUser(newUserDto()

server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java

@@ -44,6 +44,7 @@ import org.sonar.server.exceptions.BadRequestException;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.OrganizationCreation;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
+import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.index.UserIndexDefinition;
 import org.sonar.server.user.index.UserIndexer;
 import org.sonar.server.usergroups.DefaultGroupFinder;
@@ -88,7 +89,8 @@ public class UserUpdaterTest {
   private UserIndexer userIndexer = new UserIndexer(dbClient, es.client());
   private OrganizationCreation organizationCreation = mock(OrganizationCreation.class);
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
-  private UserUpdater underTest = new UserUpdater(newUserNotifier, dbClient, userIndexer, system2, defaultOrganizationProvider, organizationCreation,
+  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
+  private UserUpdater underTest = new UserUpdater(newUserNotifier, dbClient, userIndexer, system2, organizationFlags, defaultOrganizationProvider, organizationCreation,
     new DefaultGroupFinder(dbClient));
 
   @Before
@@ -442,7 +444,8 @@ public class UserUpdaterTest {
   }
 
   @Test
-  public void associate_default_group_when_creating_user() {
+  public void associate_default_group_when_creating_user_and_organizations_are_disabled() {
+    organizationFlags.setEnabled(false);
     GroupDto defaultGroup = createDefaultGroup();
 
     underTest.create(db.getSession(), NewUser.builder()
@@ -450,13 +453,28 @@ public class UserUpdaterTest {
       .setName("User")
       .setEmail("user@mail.com")
       .setPassword("password")
-      .setScmAccounts(newArrayList("u1", "u_1"))
       .build());
 
     Multimap<String, String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(session, asList("user"));
     assertThat(groups.get("user")).containsOnly(defaultGroup.getName());
   }
 
+  @Test
+  public void does_not_associate_default_group_when_creating_user_and_organizations_are_enabled() {
+    organizationFlags.setEnabled(true);
+    createDefaultGroup();
+
+    underTest.create(db.getSession(), NewUser.builder()
+      .setLogin("user")
+      .setName("User")
+      .setEmail("user@mail.com")
+      .setPassword("password")
+      .build());
+
+    Multimap<String, String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(session, asList("user"));
+    assertThat(groups.get("user")).isEmpty();
+  }
+
   @Test
   public void fail_to_associate_default_group_when_default_group_does_not_exist() {
     expectedException.expect(IllegalStateException.class);
@@ -486,7 +504,8 @@ public class UserUpdaterTest {
   }
 
   @Test
-  public void add_user_as_member_of_default_organization_when_creating_user() {
+  public void add_user_as_member_of_default_organization_when_creating_user_and_organizations_are_disabled() {
+    organizationFlags.setEnabled(false);
     createDefaultGroup();
 
     UserDto dto = underTest.create(db.getSession(), NewUser.builder()
@@ -499,6 +518,21 @@ public class UserUpdaterTest {
     assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getId())).isPresent();
   }
 
+  @Test
+  public void does_not_add_user_as_member_of_default_organization_when_creating_user_and_organizations_are_enabled() {
+    organizationFlags.setEnabled(true);
+    createDefaultGroup();
+
+    UserDto dto = underTest.create(db.getSession(), NewUser.builder()
+      .setLogin("user")
+      .setName("User")
+      .setEmail("user@mail.com")
+      .setPassword("PASSWORD")
+      .build());
+
+    assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getId())).isNotPresent();
+  }
+
   @Test
   public void reactivate_user_when_creating_user_with_existing_login() {
     db.users().insertUser(newDisabledUser(DEFAULT_LOGIN)
@@ -596,7 +630,32 @@ public class UserUpdaterTest {
   }
 
   @Test
-  public void associate_default_groups_when_reactivating_user() {
+  public void associate_default_groups_when_reactivating_user_and_organizations_are_disabled() {
+    organizationFlags.setEnabled(false);
+    UserDto userDto = db.users().insertUser(newDisabledUser(DEFAULT_LOGIN)
+      .setLocal(true)
+      .setCreatedAt(PAST)
+      .setUpdatedAt(PAST));
+    db.organizations().insertForUuid("org1");
+    GroupDto groupDto = db.users().insertGroup(GroupTesting.newGroupDto().setName("sonar-devs").setOrganizationUuid("org1"));
+    db.users().insertMember(groupDto, userDto);
+    GroupDto defaultGroup = createDefaultGroup();
+
+    underTest.create(db.getSession(), NewUser.builder()
+      .setLogin(DEFAULT_LOGIN)
+      .setName("Marius2")
+      .setEmail("marius2@mail.com")
+      .setPassword("password2")
+      .build());
+    session.commit();
+
+    Multimap<String, String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(session, asList(DEFAULT_LOGIN));
+    assertThat(groups.get(DEFAULT_LOGIN).stream().anyMatch(g -> g.equals(defaultGroup.getName()))).isTrue();
+  }
+
+  @Test
+  public void does_not_associate_default_groups_when_reactivating_user_and_organizations_are_enabled() {
+    organizationFlags.setEnabled(true);
     UserDto userDto = db.users().insertUser(newDisabledUser(DEFAULT_LOGIN)
       .setLocal(true)
       .setCreatedAt(PAST)
@@ -615,11 +674,12 @@ public class UserUpdaterTest {
     session.commit();
 
     Multimap<String, String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(session, asList(DEFAULT_LOGIN));
-    assertThat(groups.get(DEFAULT_LOGIN).stream().anyMatch(g -> g.equals(groupDto.getName()))).isTrue();
+    assertThat(groups.get(DEFAULT_LOGIN).stream().anyMatch(g -> g.equals(defaultGroup.getName()))).isFalse();
   }
 
   @Test
-  public void add_user_as_member_of_default_organization_when_reactivating_user() {
+  public void add_user_as_member_of_default_organization_when_reactivating_user_and_organizations_are_disabled() {
+    organizationFlags.setEnabled(false);
     db.users().insertUser(newDisabledUser(DEFAULT_LOGIN));
     createDefaultGroup();
 
@@ -629,6 +689,18 @@ public class UserUpdaterTest {
     assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getId())).isPresent();
   }
 
+  @Test
+  public void does_not_add_user_as_member_of_default_organization_when_reactivating_user_and_organizations_are_enabled() {
+    organizationFlags.setEnabled(true);
+    db.users().insertUser(newDisabledUser(DEFAULT_LOGIN));
+    createDefaultGroup();
+
+    UserDto dto = underTest.create(db.getSession(), NewUser.builder().setLogin(DEFAULT_LOGIN).setName("Name").build());
+    session.commit();
+
+    assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getId())).isNotPresent();
+  }
+
   @Test
   public void update_user() {
     UserDto user = db.users().insertUser(newLocalUser(DEFAULT_LOGIN, "Marius", "marius@email.com")

server/sonar-server/src/test/java/org/sonar/server/user/ws/ChangePasswordActionTest.java

@@ -32,6 +32,7 @@ import org.sonar.server.exceptions.ForbiddenException;
 import org.sonar.server.exceptions.NotFoundException;
 import org.sonar.server.organization.OrganizationCreation;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
+import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.tester.UserSessionRule;
 import org.sonar.server.user.ExternalIdentity;
 import org.sonar.server.user.NewUser;
@@ -56,8 +57,11 @@ public class ChangePasswordActionTest {
   @Rule
   public UserSessionRule userSessionRule = UserSessionRule.standalone().logIn();
 
+  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
+
   private UserUpdater userUpdater = new UserUpdater(mock(NewUserNotifier.class), db.getDbClient(), new UserIndexer(db.getDbClient(), esTester.client()),
     System2.INSTANCE,
+    organizationFlags,
     TestDefaultOrganizationProvider.from(db),
     mock(OrganizationCreation.class),
     new DefaultGroupFinder(db.getDbClient()));

server/sonar-server/src/test/java/org/sonar/server/user/ws/CreateActionTest.java

@@ -41,6 +41,7 @@ import org.sonar.server.exceptions.ForbiddenException;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.OrganizationCreation;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
+import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.tester.UserSessionRule;
 import org.sonar.server.user.NewUserNotifier;
 import org.sonar.server.user.UserUpdater;
@@ -83,11 +84,12 @@ public class CreateActionTest {
   private UserIndexer userIndexer = new UserIndexer(db.getDbClient(), esTester.client());
   private GroupDto defaultGroupInDefaultOrg;
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
+  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
 
   private OrganizationCreation organizationCreation = mock(OrganizationCreation.class);
   private WsActionTester tester = new WsActionTester(new CreateAction(
     db.getDbClient(),
-    new UserUpdater(mock(NewUserNotifier.class), db.getDbClient(), userIndexer, system2, defaultOrganizationProvider,
+    new UserUpdater(mock(NewUserNotifier.class), db.getDbClient(), userIndexer, system2, organizationFlags, defaultOrganizationProvider,
       organizationCreation, new DefaultGroupFinder(db.getDbClient())),
     userSessionRule));
 

server/sonar-server/src/test/java/org/sonar/server/user/ws/UpdateActionTest.java

@@ -35,6 +35,7 @@ import org.sonar.server.exceptions.NotFoundException;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.OrganizationCreation;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
+import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.tester.UserSessionRule;
 import org.sonar.server.user.NewUserNotifier;
 import org.sonar.server.user.UserUpdater;
@@ -68,13 +69,14 @@ public class UpdateActionTest {
   private WsTester tester;
   private UserIndexer userIndexer;
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(dbTester);
+  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
 
   @Before
   public void setUp() {
     dbTester.users().insertDefaultGroup(dbTester.getDefaultOrganization(), "sonar-users");
     userIndexer = new UserIndexer(dbClient, esTester.client());
     tester = new WsTester(new UsersWs(new UpdateAction(
-      new UserUpdater(mock(NewUserNotifier.class), dbClient, userIndexer, system2, defaultOrganizationProvider, ORGANIZATION_CREATION_NOT_USED_FOR_UPDATE,
+      new UserUpdater(mock(NewUserNotifier.class), dbClient, userIndexer, system2, organizationFlags, defaultOrganizationProvider, ORGANIZATION_CREATION_NOT_USED_FOR_UPDATE,
         new DefaultGroupFinder(dbTester.getDbClient())),
       userSessionRule,
       new UserJsonWriter(userSessionRule), dbClient)));