SONAR-8761 remove misleading UserSession#checkIsRoot()

server/sonar-ce/src/main/java/org/sonar/ce/user/CeUserSession.java

@@ -64,11 +64,6 @@ public class CeUserSession implements UserSession {
     throw notImplemented();
   }
 
-  @Override
-  public UserSession checkIsRoot() {
-    throw notImplemented();
-  }
-
   @Override
   public UserSession checkLoggedIn() {
     throw notImplemented();

server/sonar-server/src/main/java/org/sonar/server/ce/ws/ActivityAction.java

@@ -185,7 +185,7 @@ public class ActivityAction implements CeWsAction {
     userSession.checkLoggedIn();
 
     if (request.getComponentId() == null) {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
     } else {
       userSession.checkComponentUuidPermission(UserRole.ADMIN, request.getComponentId());
     }

server/sonar-server/src/main/java/org/sonar/server/ce/ws/ActivityStatusAction.java

@@ -104,7 +104,7 @@ public class ActivityStatusAction implements CeWsAction {
     if (component.isPresent()) {
       userSession.checkComponentPermission(UserRole.ADMIN, component.get());
     } else {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
     }
   }
 

server/sonar-server/src/main/java/org/sonar/server/ce/ws/CancelAction.java

@@ -56,7 +56,7 @@ public class CancelAction implements CeWsAction {
 
   @Override
   public void handle(Request wsRequest, Response wsResponse) {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
     String taskId = wsRequest.mandatoryParam(PARAM_TASK_ID);
     queue.cancel(taskId);
     wsResponse.noContent();

server/sonar-server/src/main/java/org/sonar/server/ce/ws/CancelAllAction.java

@@ -47,7 +47,7 @@ public class CancelAllAction implements CeWsAction {
 
   @Override
   public void handle(Request wsRequest, Response wsResponse) {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
     queue.cancelAll();
     wsResponse.noContent();
   }

server/sonar-server/src/main/java/org/sonar/server/ce/ws/TaskAction.java

@@ -125,7 +125,7 @@ public class TaskAction implements CeWsAction {
       }
 
     } else {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
     }
   }
 

server/sonar-server/src/main/java/org/sonar/server/email/ws/SendAction.java

@@ -71,7 +71,7 @@ public class SendAction implements EmailsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
     try {
       emailNotificationChannel.sendTestEmail(request.mandatoryParam(PARAM_TO), request.param(PARAM_SUBJECT), request.mandatoryParam(PARAM_MESSAGE));
     } catch (EmailException emailException) {

server/sonar-server/src/main/java/org/sonar/server/license/ws/ListAction.java

@@ -80,7 +80,7 @@ public class ListAction implements WsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     try (DbSession dbSession = dbClient.openSession(true)) {
       writeProtobuf(doHandle(dbSession), request, response);

server/sonar-server/src/main/java/org/sonar/server/metric/ws/CreateAction.java

@@ -93,7 +93,7 @@ public class CreateAction implements MetricsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkLoggedIn().checkIsRoot();
+    userSession.checkLoggedIn().checkIsSystemAdministrator();
     String key = request.mandatoryParam(PARAM_KEY);
 
     try (DbSession dbSession = dbClient.openSession(false)) {

server/sonar-server/src/main/java/org/sonar/server/metric/ws/DeleteAction.java

@@ -62,7 +62,7 @@ public class DeleteAction implements MetricsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkLoggedIn().checkIsRoot();
+    userSession.checkLoggedIn().checkIsSystemAdministrator();
 
     try (DbSession dbSession = dbClient.openSession(false)) {
       List<Integer> ids = loadIds(dbSession, request);

server/sonar-server/src/main/java/org/sonar/server/metric/ws/UpdateAction.java

@@ -95,7 +95,7 @@ public class UpdateAction implements MetricsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkLoggedIn().checkIsRoot();
+    userSession.checkLoggedIn().checkIsSystemAdministrator();
     int id = request.mandatoryParamAsInt(PARAM_ID);
 
     try (DbSession dbSession = dbClient.openSession(false)) {

server/sonar-server/src/main/java/org/sonar/server/organization/ws/CreateAction.java

@@ -89,7 +89,7 @@ public class CreateAction implements OrganizationsAction {
     if (settings.getBoolean(CorePropertyDefinitions.ORGANIZATIONS_ANYONE_CAN_CREATE)) {
       userSession.checkLoggedIn();
     } else {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
     }
 
     String name = wsSupport.getAndCheckMandatoryName(request);

server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java

@@ -88,7 +88,7 @@ public class DeleteAction implements OrganizationsAction {
         key);
 
       if (organizationDto.isGuarded()) {
-        userSession.checkIsRoot();
+        userSession.checkIsSystemAdministrator();
       } else {
         userSession.checkOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
       }

server/sonar-server/src/main/java/org/sonar/server/permission/ws/SearchProjectPermissionsAction.java

@@ -128,7 +128,7 @@ public class SearchProjectPermissionsAction implements PermissionsWsAction {
       ComponentDto project = wsSupport.getRootComponentOrModule(dbSession, projectRef.get());
       PermissionPrivilegeChecker.checkProjectAdmin(userSession, project.getOrganizationUuid(), Optional.of(new ProjectId(project)));
     } else {
-      userSession.checkLoggedIn().checkIsRoot();
+      userSession.checkLoggedIn().checkIsSystemAdministrator();
     }
   }
 

server/sonar-server/src/main/java/org/sonar/server/platform/ws/ChangeLogLevelAction.java

@@ -66,7 +66,7 @@ public class ChangeLogLevelAction implements SystemWsAction {
 
   @Override
   public void handle(Request wsRequest, Response wsResponse) {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     LoggerLevel level = LoggerLevel.valueOf(wsRequest.mandatoryParam(PARAM_LEVEL));
     db.enableSqlLogging(level.equals(LoggerLevel.TRACE));

server/sonar-server/src/main/java/org/sonar/server/platform/ws/InfoAction.java

@@ -59,7 +59,7 @@ public class InfoAction implements SystemWsAction {
 
   @Override
   public void handle(Request request, Response response) {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     JsonWriter json = response.newJsonWriter();
     writeJson(json);

server/sonar-server/src/main/java/org/sonar/server/platform/ws/LogsAction.java

@@ -66,7 +66,7 @@ public class LogsAction implements SystemWsAction {
 
   @Override
   public void handle(Request wsRequest, Response wsResponse) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     String processKey = wsRequest.mandatoryParam(PROCESS_PROPERTY);
     ProcessId processId = ProcessId.fromKey(processKey);

server/sonar-server/src/main/java/org/sonar/server/platform/ws/RestartAction.java

@@ -72,7 +72,7 @@ public class RestartAction implements SystemWsAction {
         restartFlagHolder.unset();
       }
     } else {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
 
       LOGGER.info("SonarQube restart requested by {}", userSession.getLogin());
       restartFlagHolder.set();

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/AvailableAction.java

@@ -71,7 +71,7 @@ public class AvailableAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     JsonWriter jsonWriter = response.newJsonWriter();
     jsonWriter.beginObject();

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/CancelAllAction.java

@@ -51,7 +51,7 @@ public class CancelAllAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     pluginDownloader.cancelDownloads();
     pluginRepository.cancelUninstalls();

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/InstallAction.java

@@ -71,7 +71,7 @@ public class InstallAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     String key = request.mandatoryParam(PARAM_KEY);
     PluginUpdate pluginUpdate = findAvailablePluginByKey(key);

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/InstalledAction.java

@@ -79,7 +79,7 @@ public class InstalledAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     Collection<PluginInfo> pluginInfoList = searchPluginInfoList();
 

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/PendingAction.java

@@ -80,7 +80,7 @@ public class PendingAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     ImmutableMap<String, Plugin> compatiblePluginsByKey = compatiblePluginsByKey(updateCenterMatrixFactory);
 

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/UninstallAction.java

@@ -58,7 +58,7 @@ public class UninstallAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     String key = request.mandatoryParam(PARAM_KEY);
     ensurePluginIsInstalled(key);

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/UpdateAction.java

@@ -72,7 +72,7 @@ public class UpdateAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     String key = request.mandatoryParam(PARAM_KEY);
     PluginUpdate pluginUpdate = findPluginUpdateByKey(key);

server/sonar-server/src/main/java/org/sonar/server/plugins/ws/UpdatesAction.java

@@ -84,7 +84,7 @@ public class UpdatesAction implements PluginsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     JsonWriter jsonWriter = response.newJsonWriter();
     jsonWriter.beginObject();

server/sonar-server/src/main/java/org/sonar/server/project/ws/BulkDeleteAction.java

@@ -97,7 +97,7 @@ public class BulkDeleteAction implements ProjectsWsAction {
 
   private Optional<OrganizationDto> loadOrganizationByKey(DbSession dbSession, @Nullable String orgKey) {
     if (orgKey == null) {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
       return Optional.empty();
     }
     OrganizationDto org = support.getOrganization(dbSession, orgKey);

server/sonar-server/src/main/java/org/sonar/server/qualitygate/QualityGates.java

@@ -80,7 +80,7 @@ public class QualityGates {
   }
 
   public QualityGateDto rename(long idToRename, String name) {
-    checkRoot();
+    checkIsSystemAdministrator();
     QualityGateDto toRename = getNonNullQgate(idToRename);
     validateQualityGate(idToRename, name);
     toRename.setName(name);
@@ -89,7 +89,7 @@ public class QualityGates {
   }
 
   public QualityGateDto copy(long sourceId, String destinationName) {
-    checkRoot();
+    checkIsSystemAdministrator();
     getNonNullQgate(sourceId);
     validateQualityGate(null, destinationName);
     QualityGateDto destinationGate = new QualityGateDto().setName(destinationName);
@@ -114,7 +114,7 @@ public class QualityGates {
   }
 
   public void delete(long idToDelete) {
-    checkRoot();
+    checkIsSystemAdministrator();
     QualityGateDto qGate = getNonNullQgate(idToDelete);
     DbSession session = dbClient.openSession(false);
     try {
@@ -130,7 +130,7 @@ public class QualityGates {
   }
 
   public void setDefault(DbSession dbSession, @Nullable Long idToUseAsDefault) {
-    checkRoot();
+    checkIsSystemAdministrator();
     if (idToUseAsDefault == null) {
       propertiesDao.deleteGlobalProperty(SONAR_QUALITYGATE_PROPERTY, dbSession);
     } else {
@@ -172,7 +172,7 @@ public class QualityGates {
   }
 
   public void deleteCondition(Long condId) {
-    checkRoot();
+    checkIsSystemAdministrator();
     conditionDao.delete(getNonNullCondition(condId));
   }
 
@@ -243,8 +243,8 @@ public class QualityGates {
     errors.check(isModifyingCurrentQgate || existingQgate == null, Validation.IS_ALREADY_USED_MESSAGE, "Name");
   }
 
-  private void checkRoot() {
-    userSession.checkIsRoot();
+  private void checkIsSystemAdministrator() {
+    userSession.checkIsSystemAdministrator();
   }
 
   private void checkProjectAdmin(ComponentDto project) {

server/sonar-server/src/main/java/org/sonar/server/root/ws/SearchAction.java

@@ -30,6 +30,7 @@ import org.sonar.db.user.UserDto;
 import org.sonar.server.user.UserSession;
 import org.sonarqube.ws.WsRoot;
 
+import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
 import static org.sonar.server.ws.WsUtils.writeProtobuf;
 
 public class SearchAction implements RootsWsAction {
@@ -54,7 +55,7 @@ public class SearchAction implements RootsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    checkIsRoot();
 
     try (DbSession dbSession = dbClient.openSession(false)) {
       List<UserDto> userDtos = dbClient.userDao().selectUsers(
@@ -85,4 +86,12 @@ public class SearchAction implements RootsWsAction {
     }
     return builder.build();
   }
+
+  private void checkIsRoot() {
+    if (!userSession.isRoot()) {
+      throw insufficientPrivilegesException();
+    }
+  }
+
+
 }

server/sonar-server/src/main/java/org/sonar/server/root/ws/SetRootAction.java

@@ -29,6 +29,7 @@ import org.sonar.server.exceptions.NotFoundException;
 import org.sonar.server.user.UserSession;
 
 import static java.lang.String.format;
+import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
 
 public class SetRootAction implements RootsWsAction {
   private static final String PARAM_LOGIN = "login";
@@ -60,7 +61,7 @@ public class SetRootAction implements RootsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    checkIsRoot();
 
     String login = request.mandatoryParam(PARAM_LOGIN);
     try (DbSession dbSession = dbClient.openSession(false)) {
@@ -76,4 +77,10 @@ public class SetRootAction implements RootsWsAction {
     }
     response.noContent();
   }
+
+  private void checkIsRoot() {
+    if (!userSession.isRoot()) {
+      throw insufficientPrivilegesException();
+    }
+  }
 }

server/sonar-server/src/main/java/org/sonar/server/root/ws/UnsetRootAction.java

@@ -30,6 +30,7 @@ import org.sonar.server.exceptions.NotFoundException;
 import org.sonar.server.user.UserSession;
 
 import static java.lang.String.format;
+import static org.sonar.server.user.AbstractUserSession.insufficientPrivilegesException;
 
 public class UnsetRootAction implements RootsWsAction {
   private static final String PARAM_LOGIN = "login";
@@ -61,7 +62,7 @@ public class UnsetRootAction implements RootsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    checkIsRoot();
 
     String login = request.mandatoryParam(PARAM_LOGIN);
     try (DbSession dbSession = dbClient.openSession(false)) {
@@ -80,4 +81,10 @@ public class UnsetRootAction implements RootsWsAction {
     }
     response.noContent();
   }
+
+  private void checkIsRoot() {
+    if (!userSession.isRoot()) {
+      throw insufficientPrivilegesException();
+    }
+  }
 }

server/sonar-server/src/main/java/org/sonar/server/serverid/ws/GenerateAction.java

@@ -77,7 +77,7 @@ public class GenerateAction implements ServerIdWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     try (DbSession dbSession = dbClient.openSession(true)) {
       writeProtobuf(doHandle(dbSession, toGenerateRequest(request)), request, response);

server/sonar-server/src/main/java/org/sonar/server/serverid/ws/ShowAction.java

@@ -71,7 +71,7 @@ public class ShowAction implements ServerIdWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
     try (DbSession dbSession = dbClient.openSession(true)) {
       Map<String, PropertyDto> properties = dbClient.propertiesDao().selectGlobalPropertiesByKeys(dbSession, SETTINGS_KEYS).stream()
         .collect(Collectors.uniqueIndex(PropertyDto::getKey, Function.identity()));

server/sonar-server/src/main/java/org/sonar/server/setting/ws/CheckSecretKeyAction.java

@@ -50,7 +50,7 @@ public class CheckSecretKeyAction implements SettingsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     writeProtobuf(CheckSecretKeyWsResponse.newBuilder().setSecretKeyAvailable(settings.getEncryption().hasSecretKey()).build(), request, response);
   }

server/sonar-server/src/main/java/org/sonar/server/setting/ws/EncryptAction.java

@@ -58,7 +58,7 @@ public class EncryptAction implements SettingsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     String value = request.mandatoryParam(PARAM_VALUE);
     checkRequest(!value.isEmpty(), "Parameter '%s' must not be empty", PARAM_VALUE);

server/sonar-server/src/main/java/org/sonar/server/setting/ws/GenerateSecretKeyAction.java

@@ -50,7 +50,7 @@ public class GenerateSecretKeyAction implements SettingsWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     writeProtobuf(GenerateSecretKeyWsResponse.newBuilder().setSecretKey(settings.getEncryption().generateRandomSecretKey()).build(), request, response);
   }

server/sonar-server/src/main/java/org/sonar/server/setting/ws/ResetAction.java

@@ -137,7 +137,7 @@ public class ResetAction implements SettingsWsAction {
     if (component.isPresent()) {
       userSession.checkComponentPermission(UserRole.ADMIN, component.get());
     } else {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
     }
   }
 }

server/sonar-server/src/main/java/org/sonar/server/setting/ws/SetAction.java

@@ -267,7 +267,7 @@ public class SetAction implements SettingsWsAction {
     if (component.isPresent()) {
       userSession.checkComponentPermission(UserRole.ADMIN, component.get());
     } else {
-      userSession.checkIsRoot();
+      userSession.checkIsSystemAdministrator();
     }
   }
 

server/sonar-server/src/main/java/org/sonar/server/updatecenter/ws/UploadAction.java

@@ -61,7 +61,7 @@ public class UploadAction implements UpdateCenterWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkIsRoot();
+    userSession.checkIsSystemAdministrator();
 
     Part part = request.mandatoryParamAsPart(PARAM_FILE);
     String fileName = part.getFileName();

server/sonar-server/src/main/java/org/sonar/server/user/AbstractUserSession.java

@@ -37,14 +37,6 @@ public abstract class AbstractUserSession implements UserSession {
     return this;
   }
 
-  @Override
-  public final UserSession checkIsRoot() {
-    if (!isRoot()) {
-      throw new ForbiddenException(INSUFFICIENT_PRIVILEGES_MESSAGE);
-    }
-    return this;
-  }
-
   @Override
   public final boolean hasOrganizationPermission(String organizationUuid, String permission) {
     return isRoot() || hasOrganizationPermissionImpl(organizationUuid, permission);

server/sonar-server/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java

@@ -85,12 +85,6 @@ public class ThreadLocalUserSession implements UserSession {
     return get().isRoot();
   }
 
-  @Override
-  public UserSession checkIsRoot() {
-    get().checkIsRoot();
-    return this;
-  }
-
   @Override
   public UserSession checkLoggedIn() {
     get().checkLoggedIn();

server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java

@@ -59,16 +59,11 @@ public interface UserSession {
   boolean isLoggedIn();
 
   /**
-   * Whether the user has root privileges when organizations are enabled.
-   * Always returns {@code false} when organizations are disabled.
+   * Whether the user has root privileges. If {@code true}, then user automatically
+   * benefits from all the permissions on all organizations and projects.
    */
   boolean isRoot();
 
-  /**
-   * Ensures that user is root otherwise throws {@link org.sonar.server.exceptions.ForbiddenException}.
-   */
-  UserSession checkIsRoot();
-
   /**
    * Ensures that user is logged in otherwise throws {@link org.sonar.server.exceptions.UnauthorizedException}.
    */
@@ -130,7 +125,7 @@ public interface UserSession {
   UserSession checkComponentUuidPermission(String permission, String componentUuid);
 
   /**
-   * Whether user can administrate system, for example to use cross-organizations services
+   * Whether user can administrate system, for example for using cross-organizations services
    * like update center, system info or management of users.
    *
    * Returns {@code true} if:

server/sonar-server/src/main/java/org/sonar/server/user/ws/ChangePasswordAction.java

@@ -84,7 +84,7 @@ public class ChangePasswordAction implements UsersWsAction {
         String previousPassword = request.mandatoryParam(PARAM_PREVIOUS_PASSWORD);
         checkCurrentPassword(dbSession, login, previousPassword);
       } else {
-        userSession.checkIsRoot();
+        userSession.checkIsSystemAdministrator();
       }
 
       String password = request.mandatoryParam(PARAM_PASSWORD);

server/sonar-server/src/main/java/org/sonar/server/user/ws/CreateAction.java

@@ -106,7 +106,7 @@ public class CreateAction implements UsersWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkLoggedIn().checkIsRoot();
+    userSession.checkLoggedIn().checkIsSystemAdministrator();
     writeProtobuf(doHandle(toWsRequest(request)), request, response);
   }
 

server/sonar-server/src/main/java/org/sonar/server/user/ws/DeactivateAction.java

@@ -80,7 +80,7 @@ public class DeactivateAction implements UsersWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkLoggedIn().checkIsRoot();
+    userSession.checkLoggedIn().checkIsSystemAdministrator();
 
     String login = request.mandatoryParam(PARAM_LOGIN);
     checkRequest(!login.equals(userSession.getLogin()), "Self-deactivation is not possible");

server/sonar-server/src/main/java/org/sonar/server/user/ws/GroupsAction.java

@@ -77,7 +77,7 @@ public class GroupsAction implements UsersWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkLoggedIn().checkIsRoot();
+    userSession.checkLoggedIn().checkIsSystemAdministrator();
 
     String login = request.mandatoryParam(PARAM_LOGIN);
     int pageSize = request.mandatoryParamAsInt(Param.PAGE_SIZE);

server/sonar-server/src/main/java/org/sonar/server/user/ws/UpdateAction.java

@@ -96,7 +96,7 @@ public class UpdateAction implements UsersWsAction {
 
   @Override
   public void handle(Request request, Response response) throws Exception {
-    userSession.checkLoggedIn().checkIsRoot();
+    userSession.checkLoggedIn().checkIsSystemAdministrator();
     UpdateRequest updateRequest = toWsRequest(request);
     try (DbSession dbSession = dbClient.openSession(false)) {
       doHandle(dbSession, toWsRequest(request));

server/sonar-server/src/test/java/org/sonar/server/ce/ws/ActivityActionTest.java

@@ -81,7 +81,7 @@ public class ActivityActionTest {
 
   @Test
   public void get_all_past_activity() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     OrganizationDto org1 = dbTester.organizations().insert();
     dbTester.components().insertProject(org1, "PROJECT_1");
     OrganizationDto org2 = dbTester.organizations().insert();
@@ -112,7 +112,7 @@ public class ActivityActionTest {
 
   @Test
   public void filter_by_status() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     dbTester.components().insertProject(dbTester.getDefaultOrganization(), "PROJECT_1");
     dbTester.components().insertProject(dbTester.getDefaultOrganization(), "PROJECT_2");
     insertActivity("T1", "PROJECT_1", CeActivityDto.Status.SUCCESS);
@@ -129,7 +129,7 @@ public class ActivityActionTest {
 
   @Test
   public void filter_by_max_executed_at_exclude() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     insertActivity("T1", "PROJECT_1", CeActivityDto.Status.SUCCESS);
     insertActivity("T2", "PROJECT_2", CeActivityDto.Status.FAILED);
     insertQueue("T3", "PROJECT_1", CeQueueDto.Status.IN_PROGRESS);
@@ -143,7 +143,7 @@ public class ActivityActionTest {
 
   @Test
   public void filter_by_min_submitted_and_max_executed_at_include_day() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     OrganizationDto organizationDto = dbTester.organizations().insert();
     dbTester.components().insertProject(organizationDto, "PROJECT_1");
     insertActivity("T1", "PROJECT_1", CeActivityDto.Status.SUCCESS);
@@ -159,7 +159,7 @@ public class ActivityActionTest {
   @Test
   public void filter_on_current_activities() {
     dbTester.components().insertProject(dbTester.organizations().insert(), "PROJECT_1");
-    logInAsRoot();
+    logInAsSystemAdministrator();
     // T2 is the current activity (the most recent one)
     insertActivity("T1", "PROJECT_1", CeActivityDto.Status.SUCCESS);
     insertActivity("T2", "PROJECT_1", CeActivityDto.Status.FAILED);
@@ -175,7 +175,7 @@ public class ActivityActionTest {
 
   @Test
   public void limit_results() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     OrganizationDto organizationDto = dbTester.organizations().insert();
     dbTester.components().insertProject(organizationDto, "PROJECT_1");
     dbTester.components().insertProject(organizationDto, "PROJECT_2");
@@ -237,7 +237,7 @@ public class ActivityActionTest {
     dbTester.components().insertProjectAndSnapshot(struts);
     dbTester.components().insertProjectAndSnapshot(zookeeper);
     dbTester.components().insertProjectAndSnapshot(eclipse);
-    logInAsRoot();
+    logInAsSystemAdministrator();
     insertActivity("T1", "P1", CeActivityDto.Status.SUCCESS);
     insertActivity("T2", "P2", CeActivityDto.Status.SUCCESS);
     insertActivity("T3", "P3", CeActivityDto.Status.SUCCESS);
@@ -254,7 +254,7 @@ public class ActivityActionTest {
     ComponentDto developer = newDeveloper(organizationDto, "Apache Developer").setUuid("D1").setProjectUuid("D1");
     dbTester.components().insertDeveloperAndSnapshot(developer);
     dbTester.components().insertViewAndSnapshot(apacheView);
-    logInAsRoot();
+    logInAsSystemAdministrator();
     insertActivity("T1", "D1", CeActivityDto.Status.SUCCESS);
     insertActivity("T2", "V1", CeActivityDto.Status.SUCCESS);
 
@@ -265,7 +265,7 @@ public class ActivityActionTest {
 
   @Test
   public void search_task_id_in_queue_ignoring_other_parameters() throws IOException {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     dbTester.components().insertProject(dbTester.getDefaultOrganization(), "PROJECT_1");
     insertQueue("T1", "PROJECT_1", CeQueueDto.Status.IN_PROGRESS);
 
@@ -280,7 +280,7 @@ public class ActivityActionTest {
 
   @Test
   public void search_task_id_in_activity() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     dbTester.components().insertProject(dbTester.getDefaultOrganization(), "PROJECT_1");
     insertActivity("T1", "PROJECT_1", CeActivityDto.Status.SUCCESS);
 
@@ -307,10 +307,10 @@ public class ActivityActionTest {
 
   @Test
   public void search_task_by_component_id() {
-    dbTester.components().insertProject(dbTester.getDefaultOrganization(), "PROJECT_1");
+    ComponentDto project = dbTester.components().insertProject(dbTester.getDefaultOrganization(), "PROJECT_1");
     insertQueue("T1", "PROJECT_1", CeQueueDto.Status.IN_PROGRESS);
     insertActivity("T1", "PROJECT_1", CeActivityDto.Status.SUCCESS);
-    logInAsRoot();
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
 
     ActivityResponse result = call(ws.newRequest()
       .setParam(PARAM_COMPONENT_ID, "PROJECT_1")
@@ -344,7 +344,7 @@ public class ActivityActionTest {
 
   @Test
   public void fail_if_date_is_not_well_formatted() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Date 'ill-formatted-date' cannot be parsed as either a date or date+time");
@@ -356,7 +356,7 @@ public class ActivityActionTest {
 
   @Test
   public void support_json_response() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     TestResponse wsResponse = ws.newRequest()
       .setMediaType(MediaTypes.JSON)
       .execute();
@@ -364,8 +364,8 @@ public class ActivityActionTest {
     JsonAssert.assertJson(wsResponse.getInput()).isSimilarTo("{\"tasks\":[]}");
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 
   private CeQueueDto insertQueue(String taskUuid, String componentUuid, CeQueueDto.Status status) {

server/sonar-server/src/test/java/org/sonar/server/ce/ws/ActivityStatusActionTest.java

@@ -56,7 +56,7 @@ public class ActivityStatusActionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot();
+  public UserSessionRule userSession = UserSessionRule.standalone().logIn().setSystemAdministrator();
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
 

server/sonar-server/src/test/java/org/sonar/server/ce/ws/CancelActionTest.java

@@ -44,7 +44,7 @@ public class CancelActionTest {
 
   @Test
   public void cancel_pending_task() {
-    userSession.logIn().setRoot();
+    logInAsSystemAdministrator();
 
     tester.newRequest()
       .setParam("id", "T1")
@@ -55,7 +55,7 @@ public class CancelActionTest {
 
   @Test
   public void throw_IllegalArgumentException_if_missing_id() {
-    userSession.logIn().setRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'id' parameter is missing");
@@ -66,8 +66,8 @@ public class CancelActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() {
-    userSession.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_not_system_administrator() {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");
@@ -78,4 +78,8 @@ public class CancelActionTest {
 
     verifyZeroInteractions(queue);
   }
+
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/ce/ws/CancelAllActionTest.java

@@ -45,7 +45,7 @@ public class CancelAllActionTest {
 
   @Test
   public void cancel_all_pending_tasks() {
-    userSession.logIn().setRoot();
+    userSession.logIn().setSystemAdministrator();
 
     call();
 
@@ -53,8 +53,8 @@ public class CancelAllActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() {
-    userSession.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_not_system_administrator() {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");

server/sonar-server/src/test/java/org/sonar/server/ce/ws/TaskActionTest.java

@@ -266,16 +266,16 @@ public class TaskActionTest {
   }
 
   @Test
-  public void getting_global_queue_task_requires_root_permission() {
-    userSession.logIn().setRoot();
+  public void getting_global_queue_task_requires_to_be_system_administrator() {
+    logInAsSystemAdministrator();
     CeQueueDto task = createAndPersistQueueTask(null);
 
     call(task.getUuid());
   }
 
   @Test
-  public void getting_global_queue_throws_ForbiddenException_if_not_root() {
-    userSession.logIn().setNonRoot();
+  public void getting_global_queue_throws_ForbiddenException_if_not_system_administrator() {
+    userSession.logIn().setNonSystemAdministrator();
     CeQueueDto task = createAndPersistQueueTask(null);
 
     expectedException.expect(ForbiddenException.class);
@@ -310,16 +310,16 @@ public class TaskActionTest {
   }
 
   @Test
-  public void getting_global_archived_task_requires_root_permission() {
-    userSession.logIn().setRoot();
+  public void getting_global_archived_task_requires_to_be_system_administrator() {
+    logInAsSystemAdministrator();
     CeActivityDto task = createAndPersistArchivedTask(null);
 
     call(task.getUuid());
   }
 
   @Test
-  public void getting_global_archived_throws_ForbiddenException_if_not_root() {
-    userSession.logIn().setNonRoot();
+  public void getting_global_archived_throws_ForbiddenException_if_not_system_administrator() {
+    userSession.logIn().setNonSystemAdministrator();
     CeActivityDto task = createAndPersistArchivedTask(null);
 
     expectedException.expect(ForbiddenException.class);
@@ -383,6 +383,10 @@ public class TaskActionTest {
     dbTester.commit();
   }
 
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
+  }
+
   private void logInAsRoot() {
     userSession.logIn().setRoot();
   }

server/sonar-server/src/test/java/org/sonar/server/component/ComponentServiceUpdateKeyTest.java

@@ -67,7 +67,7 @@ public class ComponentServiceUpdateKeyTest {
 
     dbSession.commit();
 
-    userSession.logIn("john").addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    logInAsProjectAdministrator(project);
     underTest.updateKey(dbSession, project, "sample2:root");
     dbSession.commit();
 
@@ -92,7 +92,7 @@ public class ComponentServiceUpdateKeyTest {
     ComponentDto file = ComponentTesting.newFileDto(module, null).setKey("sample:root:module:src/File.xoo");
     dbClient.componentDao().insert(dbSession, file);
     dbSession.commit();
-    userSession.logIn("john").addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    logInAsProjectAdministrator(project);
 
     underTest.updateKey(dbSession, module, "sample:root2:module");
     dbSession.commit();
@@ -110,7 +110,7 @@ public class ComponentServiceUpdateKeyTest {
 
     dbSession.commit();
 
-    userSession.logIn("john").addProjectUuidPermissions(UserRole.ADMIN, provisionedProject.uuid());
+    logInAsProjectAdministrator(provisionedProject);
     underTest.updateKey(dbSession, provisionedProject, "provisionedProject2");
     dbSession.commit();
 
@@ -130,9 +130,9 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_old_key_and_new_key_are_the_same() {
-    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
     ComponentDto anotherProject = componentDb.insertProject();
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Impossible to update key: a component with key \"" + anotherProject.key() + "\" already exists.");
@@ -142,8 +142,8 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_new_key_is_empty() {
-    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(BadRequestException.class);
     expectedException.expectMessage("Malformed key for ''. Allowed characters are alphanumeric, '-', '_', '.' and ':', with at least one non-digit.");
@@ -153,8 +153,8 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_new_key_is_not_formatted_correctly() {
-    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(BadRequestException.class);
     expectedException.expectMessage("Malformed key for 'sample?root'. Allowed characters are alphanumeric, '-', '_', '.' and ':', with at least one non-digit.");
@@ -164,9 +164,9 @@ public class ComponentServiceUpdateKeyTest {
 
   @Test
   public void fail_if_update_is_not_on_module_or_project() {
-    logInAsRoot();
     ComponentDto project = insertSampleRootProject();
     ComponentDto file = componentDb.insertComponent(newFileDto(project, null));
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Component updated must be a module or a key");
@@ -200,10 +200,6 @@ public class ComponentServiceUpdateKeyTest {
     assertThat(dbClient.componentDao().selectByKey(dbSession, key)).isPresent();
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
-  }
-
   private ComponentDto insertSampleRootProject() {
     return insertProject("sample:root");
   }
@@ -217,4 +213,8 @@ public class ComponentServiceUpdateKeyTest {
     assertThat(dbClient.componentDao().selectByKey(dbSession, oldKey)).isAbsent();
     assertThat(dbClient.componentDao().selectByKey(dbSession, newKey)).isPresent();
   }
+
+  private void logInAsProjectAdministrator(ComponentDto provisionedProject) {
+    userSession.logIn("john").addProjectUuidPermissions(UserRole.ADMIN, provisionedProject.uuid());
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/component/ws/BulkUpdateKeyActionTest.java

@@ -239,13 +239,12 @@ public class BulkUpdateKeyActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root_administrator() {
-    userSession.anonymous();
+  public void throw_ForbiddenException_if_not_project_administrator() {
+    userSession.logIn();
     ComponentDto project = insertMyProject();
 
     expectedException.expect(ForbiddenException.class);
 
-
     callDryRunByUuid(project.uuid(), FROM, TO);
   }
 

server/sonar-server/src/test/java/org/sonar/server/component/ws/ShowActionTest.java

@@ -54,7 +54,7 @@ public class ShowActionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   @Rule
-  public UserSessionRule userSession = UserSessionRule.standalone().logIn().setRoot();
+  public UserSessionRule userSession = UserSessionRule.standalone();
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
 
@@ -64,6 +64,7 @@ public class ShowActionTest {
 
   @Test
   public void json_example() throws IOException {
+    userSession.logIn().setRoot();
     insertJsonExampleComponentsAndSnapshots();
 
     String response = ws.newRequest()
@@ -86,6 +87,7 @@ public class ShowActionTest {
 
   @Test
   public void show_provided_project() {
+    userSession.logIn().setRoot();
     componentDb.insertComponent(newProjectDto(db.organizations().insert(), "project-uuid").setEnabled(false));
 
     ShowWsResponse response = newRequest("project-uuid", null);
@@ -94,8 +96,8 @@ public class ShowActionTest {
   }
 
   @Test
-  public void fail_if_not_enough_privilege() {
-    userSession.anonymous();
+  public void throw_ForbiddenException_if_user_doesnt_have_browse_permission_on_project() {
+    userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
     componentDb.insertProjectAndSnapshot(newProjectDto(db.organizations().insert(), "project-uuid"));

server/sonar-server/src/test/java/org/sonar/server/component/ws/TreeActionTest.java

@@ -88,7 +88,6 @@ public class TreeActionTest {
 
   @Before
   public void setUp() {
-    userSession.logIn().setRoot();
     ws = new WsActionTester(new TreeAction(dbClient, new ComponentFinder(dbClient), resourceTypes, userSession, Mockito.mock(I18n.class)));
     resourceTypes.setChildrenQualifiers(Qualifiers.MODULE, Qualifiers.FILE, Qualifiers.DIRECTORY);
     resourceTypes.setLeavesQualifiers(Qualifiers.FILE, Qualifiers.UNIT_TEST_FILE);
@@ -97,7 +96,7 @@ public class TreeActionTest {
   @Test
   public void json_example() throws IOException {
     ComponentDto project = initJsonExampleComponents();
-    userSession.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
+    logInWithBrowsePermission(project);
 
     String response = ws.newRequest()
       .setParam(PARAM_BASE_COMPONENT_ID, project.uuid())
@@ -122,6 +121,7 @@ public class TreeActionTest {
     componentDb.insertComponent(directory);
     componentDb.insertComponent(newFileDto(module, directory, 10));
     db.commit();
+    logInWithBrowsePermission(project);
 
     TreeWsResponse response = call(ws.newRequest()
       .setParam(PARAM_STRATEGY, "children")
@@ -151,6 +151,7 @@ public class TreeActionTest {
     componentDb.insertComponent(directory);
     componentDb.insertComponent(newFileDto(module, directory, 1));
     db.commit();
+    logInWithBrowsePermission(project);
 
     TreeWsResponse response = call(ws.newRequest()
       .setParam(PARAM_STRATEGY, "all")
@@ -174,6 +175,7 @@ public class TreeActionTest {
     componentDb.insertComponent(newFileDto(project, 2));
     componentDb.insertComponent(newModuleDto("module-uuid-1", project));
     db.commit();
+    logInWithBrowsePermission(project);
 
     TreeWsResponse response = call(ws.newRequest()
       .setParam(PARAM_STRATEGY, "all")
@@ -195,6 +197,7 @@ public class TreeActionTest {
     componentDb.insertComponent(directory);
     componentDb.insertComponent(newFileDto(module, directory, 3));
     db.commit();
+    logInWithBrowsePermission(project);
 
     TreeWsResponse response = call(ws.newRequest()
       .setParam(PARAM_STRATEGY, "leaves")
@@ -216,6 +219,7 @@ public class TreeActionTest {
     componentDb.insertComponent(module);
     componentDb.insertComponent(newDirectory(project, "path/directory/", "directory-uuid-1"));
     db.commit();
+    logInWithBrowsePermission(project);
 
     TreeWsResponse response = call(ws.newRequest()
       .setParam(PARAM_STRATEGY, "all")
@@ -235,6 +239,7 @@ public class TreeActionTest {
     componentDb.insertComponent(newProjectCopy("project-uuid-1-copy", project, view));
     componentDb.insertComponent(newSubView(view, "sub-view-uuid", "sub-view-key").setName("sub-view-name"));
     db.commit();
+    logInWithBrowsePermission(view);
 
     TreeWsResponse response = call(ws.newRequest()
       .setParam(PARAM_STRATEGY, "children")
@@ -248,7 +253,8 @@ public class TreeActionTest {
 
   @Test
   public void response_is_empty_on_provisioned_projects() {
-    componentDb.insertComponent(newProjectDto(db.getDefaultOrganization(), "project-uuid"));
+    ComponentDto project = componentDb.insertComponent(newProjectDto(db.getDefaultOrganization(), "project-uuid"));
+    logInWithBrowsePermission(project);
 
     TreeWsResponse response = call(ws.newRequest()
       .setParam(PARAM_BASE_COMPONENT_ID, "project-uuid"));
@@ -268,6 +274,7 @@ public class TreeActionTest {
     componentDb.insertDeveloperAndSnapshot(developer);
     componentDb.insertComponent(newDevProjectCopy("project-copy-uuid", project, developer));
     db.commit();
+    logInWithBrowsePermission(developer);
 
     TreeWsResponse response = call(ws.newRequest().setParam(PARAM_BASE_COMPONENT_ID, developer.uuid()));
 
@@ -284,6 +291,7 @@ public class TreeActionTest {
     ComponentDto view = newView(db.getDefaultOrganization(), "view-uuid");
     componentDb.insertViewAndSnapshot(view);
     componentDb.insertComponent(newProjectCopy("project-copy-uuid", project, view));
+    logInWithBrowsePermission(view);
 
     TreeWsResponse response = call(ws.newRequest().setParam(PARAM_BASE_COMPONENT_ID, view.uuid()));
 
@@ -295,12 +303,13 @@ public class TreeActionTest {
 
   @Test
   public void fail_when_not_enough_privileges() {
-    expectedException.expect(ForbiddenException.class);
-    userSession.anonymous().logIn()
+    userSession.logIn()
       .addProjectUuidPermissions(UserRole.CODEVIEWER, "project-uuid");
     componentDb.insertComponent(newProjectDto(db.organizations().insert(), "project-uuid"));
     db.commit();
 
+    expectedException.expect(ForbiddenException.class);
+
     ws.newRequest()
       .setParam(PARAM_BASE_COMPONENT_ID, "project-uuid")
       .execute();
@@ -426,4 +435,8 @@ public class TreeActionTest {
     JsonElement jsonElement = jsonObject.get(field);
     return jsonElement == null ? null : jsonElement.getAsString();
   }
+
+  private void logInWithBrowsePermission(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.USER, project.uuid());
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/email/ws/SendActionTest.java

@@ -54,7 +54,7 @@ public class SendActionTest {
 
   @Test
   public void send_test_email() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     executeRequest("john@doo.com", "Test Message from SonarQube", "This is a test message from SonarQube at http://localhost:9000");
 
@@ -63,7 +63,7 @@ public class SendActionTest {
 
   @Test
   public void does_not_fail_when_subject_param_is_missing() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     executeRequest("john@doo.com", null, "This is a test message from SonarQube at http://localhost:9000");
 
@@ -72,7 +72,7 @@ public class SendActionTest {
 
   @Test
   public void fail_when_to_param_is_missing() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -81,7 +81,7 @@ public class SendActionTest {
 
   @Test
   public void fail_when_message_param_is_missing() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -89,8 +89,8 @@ public class SendActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() {
-    userSession.logIn();
+  public void throw_ForbiddenException_if_not_system_administrator() {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");
@@ -100,7 +100,7 @@ public class SendActionTest {
 
   @Test
   public void fail_with_BadRequestException_when_EmailException_is_generated() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     IllegalArgumentException exception1 = new IllegalArgumentException("root cause");
     IllegalArgumentException exception2 = new IllegalArgumentException("parent cause", exception1);
     IllegalArgumentException exception3 = new IllegalArgumentException("child cause", exception2);
@@ -140,8 +140,8 @@ public class SendActionTest {
     request.execute();
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 
 }

server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionComponentsMediumTest.java

@@ -669,7 +669,7 @@ public class SearchActionComponentsMediumTest {
   }
 
   private void setAnyoneProjectPermission(ComponentDto project, String permission) {
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
     // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
     // for each organization
     GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid()));

server/sonar-server/src/test/java/org/sonar/server/license/ws/ListActionTest.java

@@ -78,7 +78,7 @@ public class ListActionTest {
 
   @Test
   public void return_licenses() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addServerIdSettings("12345");
     String data = createBase64License("SonarSource", "governance", "12345", "2099-01-01", "PRODUCTION", ImmutableMap.of("other", "value"));
     addLicenseSetting("sonar.governance.license.secured", "Governance", data);
@@ -104,7 +104,7 @@ public class ListActionTest {
 
   @Test
   public void return_licenses_even_if_no_value_set_in_database() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addServerIdSettings("12345");
     definitions.addComponent(PropertyDefinition.builder("sonar.governance.license.secured").type(LICENSE).build());
 
@@ -128,7 +128,7 @@ public class ListActionTest {
 
   @Test
   public void return_information_when_no_licence_set() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addServerIdSettings(SERVER_ID_SAMPLE);
     addLicenseSetting(LICENSE_KEY_SAMPLE, null, toBase64(""));
 
@@ -153,7 +153,7 @@ public class ListActionTest {
 
   @Test
   public void return_license_with_bad_product() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addServerIdSettings(SERVER_ID_SAMPLE);
     addLicenseSetting(LICENSE_KEY_SAMPLE, LICENSE_NAME_SAMPLE,
       createBase64License(ORGANIZATION_SAMPLE, "Other", SERVER_ID_SAMPLE, EXPIRATION_SAMPLE, TYPE_SAMPLE, Collections.emptyMap()));
@@ -170,7 +170,7 @@ public class ListActionTest {
 
   @Test
   public void return_license_with_bad_server_id() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addServerIdSettings(SERVER_ID_SAMPLE);
     addLicenseSetting(LICENSE_KEY_SAMPLE, LICENSE_NAME_SAMPLE,
       createBase64License(ORGANIZATION_SAMPLE, PRODUCT_SAMPLE, "Other", EXPIRATION_SAMPLE, TYPE_SAMPLE, Collections.emptyMap()));
@@ -187,7 +187,7 @@ public class ListActionTest {
 
   @Test
   public void return_bad_server_id_when_server_has_no_server_id() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addLicenseSetting(LICENSE_KEY_SAMPLE, LICENSE_NAME_SAMPLE,
       createBase64License(ORGANIZATION_SAMPLE, PRODUCT_SAMPLE, SERVER_ID_SAMPLE, EXPIRATION_SAMPLE, TYPE_SAMPLE, Collections.emptyMap()));
 
@@ -200,7 +200,7 @@ public class ListActionTest {
 
   @Test
   public void does_not_return_invalid_server_id_when_all_servers_accepted_and_no_server_id_setting() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addLicenseSetting(LICENSE_KEY_SAMPLE, LICENSE_NAME_SAMPLE,
       createBase64License(ORGANIZATION_SAMPLE, PRODUCT_SAMPLE, "*", EXPIRATION_SAMPLE, TYPE_SAMPLE, Collections.emptyMap()));
 
@@ -214,7 +214,7 @@ public class ListActionTest {
 
   @Test
   public void return_license_when_all_servers_are_accepted() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addServerIdSettings(SERVER_ID_SAMPLE);
     addLicenseSetting(LICENSE_KEY_SAMPLE, LICENSE_NAME_SAMPLE,
       createBase64License(ORGANIZATION_SAMPLE, PRODUCT_SAMPLE, "*", EXPIRATION_SAMPLE, TYPE_SAMPLE, Collections.emptyMap()));
@@ -229,7 +229,7 @@ public class ListActionTest {
 
   @Test
   public void return_license_when_expired() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     addServerIdSettings(SERVER_ID_SAMPLE);
     addLicenseSetting(LICENSE_KEY_SAMPLE, LICENSE_NAME_SAMPLE,
       createBase64License(ORGANIZATION_SAMPLE, PRODUCT_SAMPLE, SERVER_ID_SAMPLE, "2010-01-01", TYPE_SAMPLE, Collections.emptyMap()));
@@ -246,7 +246,7 @@ public class ListActionTest {
 
   @Test
   public void none_license_type_settings_are_not_returned() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     definitions.addComponent(PropertyDefinition.builder("foo").build());
     propertyDb.insertProperties(newGlobalPropertyDto().setKey("foo").setValue("value"));
 
@@ -256,8 +256,8 @@ public class ListActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() throws Exception {
-    userSession.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_not_system_administrator() throws Exception {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -284,8 +284,8 @@ public class ListActionTest {
     }
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 
   private void addLicenseSetting(String key, @Nullable String name, String value) {

server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/CreateActionTest.java

@@ -21,7 +21,6 @@ package org.sonar.server.measure.custom.ws;
 
 import java.util.List;
 import org.assertj.core.data.Offset;
-import org.junit.After;
 import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
@@ -90,20 +89,15 @@ public class CreateActionTest {
   public void setUp() {
     ws = new WsTester(new CustomMeasuresWs(new CreateAction(dbClient, userSession, System2.INSTANCE, new CustomMeasureValidator(newFullTypeValidations()),
       new CustomMeasureJsonWriter(new UserJsonWriter(userSession)), new ComponentFinder(dbClient))));
-    userSession.logIn("login").setRoot();
 
     db.getDbClient().userDao().insert(dbSession, new UserDto()
       .setLogin("login")
       .setName("Login")
       .setEmail("login@login.com")
-      .setActive(true)
-      );
+      .setActive(true));
     dbSession.commit();
-  }
 
-  @After
-  public void tearDown() {
-    dbSession.close();
+    userSession.logIn("login").addProjectUuidPermissions(UserRole.ADMIN, DEFAULT_PROJECT_UUID);
   }
 
   @Test
@@ -275,6 +269,7 @@ public class CreateActionTest {
     dbClient.componentDao().insert(dbSession, ComponentTesting.newView(db.organizations().insert(), viewUuid));
     dbSession.commit();
     MetricDto metric = insertMetric(BOOL);
+    userSession.logIn("login").addProjectUuidPermissions(UserRole.ADMIN, viewUuid);
 
     newRequest()
       .setParam(CreateAction.PARAM_PROJECT_ID, viewUuid)
@@ -298,6 +293,7 @@ public class CreateActionTest {
     dbClient.componentDao().insert(dbSession, ComponentTesting.newSubView(view, subViewUuid, "SUB_VIEW_KEY"));
     dbSession.commit();
     MetricDto metric = insertMetric(BOOL);
+    userSession.logIn("login").addProjectUuidPermissions(UserRole.ADMIN, view.uuid());
 
     newRequest()
       .setParam(CreateAction.PARAM_PROJECT_ID, subViewUuid)
@@ -457,12 +453,13 @@ public class CreateActionTest {
   }
 
   @Test
-  public void fail_when_not_enough_permission() throws Exception {
-    expectedException.expect(ForbiddenException.class);
-    userSession.logIn("login");
+  public void fail_when_not_project_administrator() throws Exception {
+    userSession.logIn();
     insertProject(DEFAULT_PROJECT_UUID);
     MetricDto metric = insertMetric(STRING);
 
+    expectedException.expect(ForbiddenException.class);
+
     newRequest()
       .setParam(CreateAction.PARAM_PROJECT_ID, DEFAULT_PROJECT_UUID)
       .setParam(CreateAction.PARAM_METRIC_ID, metric.getId().toString())

server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/DeleteActionTest.java

@@ -61,21 +61,6 @@ public class DeleteActionTest {
     ws = new WsTester(new CustomMeasuresWs(new DeleteAction(dbClient, userSession)));
   }
 
-  @Test
-  public void root_users_can_delete_custom_measures() throws Exception {
-    userSession.logIn().setRoot();
-    ComponentDto project = db.components().insertProject();
-
-    long id = insertCustomMeasure(project);
-    long anotherId = insertCustomMeasure(project);
-
-    WsTester.Result response = newRequest().setParam(PARAM_ID, valueOf(id)).execute();
-
-    assertThat(dbClient.customMeasureDao().selectById(dbSession, id)).isNull();
-    assertThat(dbClient.customMeasureDao().selectById(dbSession, anotherId)).isNotNull();
-    response.assertNoContent();
-  }
-
   @Test
   public void project_administrator_can_delete_custom_measures() throws Exception {
     ComponentDto project = db.components().insertProject();
@@ -95,17 +80,17 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_administrator() throws Exception {
+  public void throw_ForbiddenException_if_not_system_administrator() throws Exception {
     ComponentDto project = db.components().insertProject();
     long id = insertCustomMeasure(project);
-    userSession.logIn().setNonRoot();
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     newRequest().setParam(PARAM_ID, valueOf(id)).execute();
   }
 
   @Test
-  public void throw_UnauthorizedException_if_not_administrator() throws Exception {
+  public void throw_UnauthorizedException_if_not_logged_in() throws Exception {
     ComponentDto project = db.components().insertProject();
     long id = insertCustomMeasure(project);
     userSession.anonymous();

server/sonar-server/src/test/java/org/sonar/server/measure/custom/ws/UpdateActionTest.java

@@ -26,6 +26,7 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.config.MapSettings;
 import org.sonar.api.measures.Metric.ValueType;
 import org.sonar.api.utils.System2;
+import org.sonar.api.web.UserRole;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
@@ -65,17 +66,17 @@ public class UpdateActionTest {
   public DbTester db = DbTester.create(System2.INSTANCE);
   @Rule
   public EsTester es = new EsTester(new UserIndexDefinition(new MapSettings()));
-  DbClient dbClient = db.getDbClient();
-  DbSession dbSession = db.getSession();
-  System2 system = mock(System2.class);
-  WsTester ws;
+
+  private DbClient dbClient = db.getDbClient();
+  private DbSession dbSession = db.getSession();
+  private System2 system = mock(System2.class);
+  private WsTester ws;
 
   @Before
   public void setUp() {
     CustomMeasureValidator validator = new CustomMeasureValidator(newFullTypeValidations());
 
     ws = new WsTester(new CustomMeasuresWs(new UpdateAction(dbClient, userSessionRule, system, validator, new CustomMeasureJsonWriter(new UserJsonWriter(userSessionRule)))));
-    userSessionRule.logIn("login").setRoot();
 
     db.getDbClient().userDao().insert(dbSession, new UserDto()
       .setLogin("login")
@@ -96,12 +97,14 @@ public class UpdateActionTest {
     dbClient.customMeasureDao().insert(dbSession, customMeasure);
     dbSession.commit();
     when(system.now()).thenReturn(123_456_789L);
+    logInAsProjectAdministrator(component);
 
     ws.newPostRequest(CustomMeasuresWs.ENDPOINT, UpdateAction.ACTION)
       .setParam(PARAM_ID, String.valueOf(customMeasure.getId()))
       .setParam(PARAM_DESCRIPTION, "new-custom-measure-description")
       .setParam(PARAM_VALUE, "new-text-measure-value")
       .execute();
+    logInAsProjectAdministrator(component);
 
     CustomMeasureDto updatedCustomMeasure = dbClient.customMeasureDao().selectOrFail(dbSession, customMeasure.getId());
     assertThat(updatedCustomMeasure.getTextValue()).isEqualTo("new-text-measure-value");
@@ -120,6 +123,7 @@ public class UpdateActionTest {
       .setValue(42d);
     dbClient.customMeasureDao().insert(dbSession, customMeasure);
     dbSession.commit();
+    logInAsProjectAdministrator(component);
 
     ws.newPostRequest(CustomMeasuresWs.ENDPOINT, UpdateAction.ACTION)
       .setParam(PARAM_ID, String.valueOf(customMeasure.getId()))
@@ -149,6 +153,7 @@ public class UpdateActionTest {
     dbClient.customMeasureDao().insert(dbSession, customMeasure);
     dbSession.commit();
     when(system.now()).thenReturn(123_456_789L);
+    logInAsProjectAdministrator(component);
 
     WsTester.Result response = ws.newPostRequest(CustomMeasuresWs.ENDPOINT, UpdateAction.ACTION)
       .setParam(PARAM_ID, String.valueOf(customMeasure.getId()))
@@ -173,11 +178,13 @@ public class UpdateActionTest {
     dbClient.customMeasureDao().insert(dbSession, customMeasure);
     dbSession.commit();
     when(system.now()).thenReturn(123_456_789L);
+    logInAsProjectAdministrator(component);
 
     ws.newPostRequest(CustomMeasuresWs.ENDPOINT, UpdateAction.ACTION)
       .setParam(PARAM_ID, String.valueOf(customMeasure.getId()))
       .setParam(PARAM_DESCRIPTION, "new-custom-measure-description")
       .execute();
+    logInAsProjectAdministrator(component);
 
     CustomMeasureDto updatedCustomMeasure = dbClient.customMeasureDao().selectOrFail(dbSession, customMeasure.getId());
     assertThat(updatedCustomMeasure.getTextValue()).isEqualTo("text-measure-value");
@@ -200,6 +207,7 @@ public class UpdateActionTest {
     dbClient.customMeasureDao().insert(dbSession, customMeasure);
     dbSession.commit();
     when(system.now()).thenReturn(123_456_789L);
+    logInAsProjectAdministrator(component);
 
     ws.newPostRequest(CustomMeasuresWs.ENDPOINT, UpdateAction.ACTION)
       .setParam(PARAM_ID, String.valueOf(customMeasure.getId()))
@@ -239,7 +247,6 @@ public class UpdateActionTest {
   @Test
   public void fail_if_insufficient_privileges() throws Exception {
     userSessionRule.logIn();
-    expectedException.expect(ForbiddenException.class);
     MetricDto metric = MetricTesting.newMetricDto().setEnabled(true).setValueType(ValueType.STRING.name());
     dbClient.metricDao().insert(dbSession, metric);
     ComponentDto component = ComponentTesting.newProjectDto(db.getDefaultOrganization(), "project-uuid");
@@ -253,6 +260,8 @@ public class UpdateActionTest {
     dbClient.customMeasureDao().insert(dbSession, customMeasure);
     dbSession.commit();
 
+    expectedException.expect(ForbiddenException.class);
+
     ws.newPostRequest(CustomMeasuresWs.ENDPOINT, UpdateAction.ACTION)
       .setParam(PARAM_ID, String.valueOf(customMeasure.getId()))
       .setParam(PARAM_DESCRIPTION, "new-custom-measure-description")
@@ -317,4 +326,8 @@ public class UpdateActionTest {
       .setComponentUuid(project.uuid())
       .setCreatedAt(system.now());
   }
+
+  private void logInAsProjectAdministrator(ComponentDto component) {
+    userSessionRule.logIn("login").addProjectUuidPermissions(UserRole.ADMIN, component.uuid());
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/metric/ws/CreateActionTest.java

@@ -66,7 +66,7 @@ public class CreateActionTest {
   @Before
   public void setUp() {
     ws = new WsTester(new MetricsWs(new CreateAction(dbClient, userSessionRule)));
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
   }
 
   @Test
@@ -228,8 +228,8 @@ public class CreateActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() throws Exception {
-    userSessionRule.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_not_system_administrator() throws Exception {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");

server/sonar-server/src/test/java/org/sonar/server/metric/ws/DeleteActionTest.java

@@ -57,7 +57,7 @@ public class DeleteActionTest {
 
   @Before
   public void setUp() {
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
     ws = new WsTester(new MetricsWs(new DeleteAction(dbClient, userSessionRule)));
     metricDao = dbClient.metricDao();
   }
@@ -124,8 +124,8 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() throws Exception {
-    userSessionRule.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_not_system_administrator() throws Exception {
+    userSessionRule.logIn().setNonSystemAdministrator();
     insertCustomEnabledMetrics(1);
 
     expectedException.expect(ForbiddenException.class);

server/sonar-server/src/test/java/org/sonar/server/metric/ws/UpdateActionTest.java

@@ -66,7 +66,7 @@ public class UpdateActionTest {
   @Before
   public void setUp() {
     ws = new WsTester(new MetricsWs(new UpdateAction(dbClient, userSessionRule)));
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
   }
 
   @Test
@@ -182,8 +182,8 @@ public class UpdateActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() throws Exception {
-    userSessionRule.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_not_system_administrator() throws Exception {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");

server/sonar-server/src/test/java/org/sonar/server/organization/ws/CreateActionTest.java

@@ -131,7 +131,7 @@ public class CreateActionTest {
 
   @Test
   public void verify_response_example() throws URISyntaxException, IOException {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(Uuids.UUID_EXAMPLE_01, SOME_DATE);
 
     String response = executeJsonRequest("Foo Company", "foo-company", "The Foo company produces quality software for Bar.", "https://www.foo.com", "https://www.foo.com/foo.png");
@@ -161,7 +161,7 @@ public class CreateActionTest {
   }
 
   @Test
-  public void request_fails_if_user_is_not_root_and_logged_in_users_cannot_create_organizations() {
+  public void request_fails_if_user_is_not_system_administrator_and_logged_in_users_cannot_create_organizations() {
     userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
@@ -171,16 +171,16 @@ public class CreateActionTest {
   }
 
   @Test
-  public void request_succeeds_if_user_is_root_and_logged_in_users_cannot_create_organizations() {
-    logInAsRoot();
+  public void request_succeeds_if_user_is_system_administrator_and_logged_in_users_cannot_create_organizations() {
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     verifyResponseAndDb(executeRequest("foo"), SOME_UUID, "foo", "foo", SOME_DATE);
   }
 
   @Test
-  public void request_succeeds_if_user_is_root_and_logged_in_users_can_create_organizations() {
-    logInAsRoot();
+  public void request_succeeds_if_user_is_system_administrator_and_logged_in_users_can_create_organizations() {
+    logInAsSystemAdministrator();
     settings.setProperty(ORGANIZATIONS_ANYONE_CAN_CREATE, true);
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
@@ -188,7 +188,7 @@ public class CreateActionTest {
   }
 
   @Test
-  public void request_succeeds_if_user_is_not_root_and_logged_in_users_can_create_organizations() {
+  public void request_succeeds_if_user_is_not_system_administrator_and_logged_in_users_can_create_organizations() {
     userSession.logIn();
     settings.setProperty(ORGANIZATIONS_ANYONE_CAN_CREATE, true);
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
@@ -198,7 +198,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_name_param_is_missing() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'name' parameter is missing");
@@ -208,7 +208,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_name_is_one_char_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Name 'a' must be at least 2 chars long");
@@ -218,7 +218,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_name_is_two_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     verifyResponseAndDb(executeRequest("ab"), SOME_UUID, "ab", "ab", SOME_DATE);
@@ -226,7 +226,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_name_is_65_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Name '" + STRING_65_CHARS_LONG + "' must be at most 64 chars long");
@@ -236,7 +236,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_name_is_64_char_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     String name = STRING_65_CHARS_LONG.substring(0, 64);
@@ -246,7 +246,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_key_one_char_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Key 'a' must be at least 2 chars long");
@@ -256,7 +256,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_key_is_33_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     String key = STRING_65_CHARS_LONG.substring(0, 33);
 
@@ -268,7 +268,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_key_is_2_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     verifyResponseAndDb(executeRequest("foo", "ab"), SOME_UUID, "foo", "ab", SOME_DATE);
@@ -276,7 +276,7 @@ public class CreateActionTest {
 
   @Test
   public void requests_succeeds_if_key_is_32_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     String key = STRING_65_CHARS_LONG.substring(0, 32);
@@ -286,28 +286,28 @@ public class CreateActionTest {
 
   @Test
   public void requests_fails_if_key_contains_non_ascii_chars_but_dash() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     requestFailsWithInvalidCharInKey("ab@");
   }
 
   @Test
   public void request_fails_if_key_starts_with_a_dash() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     requestFailsWithInvalidCharInKey("-ab");
   }
 
   @Test
   public void request_fails_if_key_ends_with_a_dash() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     requestFailsWithInvalidCharInKey("ab-");
   }
 
   @Test
   public void request_fails_if_key_contains_space() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     requestFailsWithInvalidCharInKey("a b");
   }
@@ -321,7 +321,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_key_is_specified_and_already_exists_in_DB() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     OrganizationDto org = insertOrganization("the-key");
 
     expectedException.expect(IllegalArgumentException.class);
@@ -332,7 +332,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_key_computed_from_name_already_exists_in_DB() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     String key = STRING_65_CHARS_LONG.substring(0, 32);
     insertOrganization(key);
 
@@ -346,7 +346,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_description_url_and_avatar_are_not_specified() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     CreateWsResponse response = executeRequest("foo", "bar", null, null, null);
@@ -355,7 +355,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_description_url_and_avatar_are_specified() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     CreateWsResponse response = executeRequest("foo", "bar", "moo", "doo", "boo");
@@ -364,7 +364,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_to_generate_key_from_name_more_then_32_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     String name = STRING_65_CHARS_LONG.substring(0, 33);
@@ -375,7 +375,7 @@ public class CreateActionTest {
 
   @Test
   public void request_generates_key_ignoring_multiple_following_spaces() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
 
     String name = "ab   cd";
@@ -386,7 +386,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_description_is_257_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Description '" + STRING_257_CHARS_LONG + "' must be at most 256 chars long");
@@ -396,7 +396,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_description_is_256_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
     String description = STRING_257_CHARS_LONG.substring(0, 256);
 
@@ -406,7 +406,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_url_is_257_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Url '" + STRING_257_CHARS_LONG + "' must be at most 256 chars long");
@@ -416,7 +416,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_url_is_256_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
     String url = STRING_257_CHARS_LONG.substring(0, 256);
 
@@ -426,7 +426,7 @@ public class CreateActionTest {
 
   @Test
   public void request_fails_if_avatar_is_257_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Avatar '" + STRING_257_CHARS_LONG + "' must be at most 256 chars long");
@@ -436,7 +436,7 @@ public class CreateActionTest {
 
   @Test
   public void request_succeeds_if_avatar_is_256_chars_long() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
     String avatar = STRING_257_CHARS_LONG.substring(0, 256);
 
@@ -447,8 +447,8 @@ public class CreateActionTest {
   @Test
   public void request_creates_owners_group_with_all_permissions_for_new_organization_and_add_current_user_to_it() {
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
-    UserDto user = dbTester.users().makeRoot(dbTester.users().insertUser());
-    userSession.logIn(user).setRoot();
+    UserDto user = dbTester.users().insertUser();
+    userSession.logIn(user).setSystemAdministrator();
 
     executeRequest("orgFoo");
 
@@ -471,8 +471,8 @@ public class CreateActionTest {
   @Test
   public void request_creates_default_template_for_owner_group_and_anyone() {
     mockForSuccessfulInsert(SOME_UUID, SOME_DATE);
-    UserDto user = dbTester.users().makeRoot(dbTester.users().insertUser());
-    userSession.logIn(user).setRoot();
+    UserDto user = dbTester.users().insertUser();
+    userSession.logIn(user).setSystemAdministrator();
 
     executeRequest("orgFoo");
 
@@ -492,9 +492,9 @@ public class CreateActionTest {
   }
 
   @Test
-  public void request_fails_with_IllegalStateException_if_organization_feature_is_disabled() {
+  public void request_fails_with_IllegalStateException_if_organization_support_is_disabled() {
     organizationFlags.setEnabled(false);
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalStateException.class);
     expectedException.expectMessage("Organization support is disabled");
@@ -594,7 +594,7 @@ public class CreateActionTest {
     return dto;
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 }

server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java

@@ -89,7 +89,7 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void request_fails_with_IllegalStateException_if_organization_feature_is_disabled() {
+  public void request_fails_with_IllegalStateException_if_organization_support_is_disabled() {
     organizationFlags.setEnabled(false);
     userSession.logIn();
 
@@ -110,7 +110,7 @@ public class DeleteActionTest {
 
   @Test
   public void request_fails_with_IAE_if_key_param_is_missing() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'key' parameter is missing");
@@ -120,7 +120,7 @@ public class DeleteActionTest {
 
   @Test
   public void request_fails_with_IAE_if_key_is_the_one_of_default_organization() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Default Organization can't be deleted");
@@ -130,7 +130,7 @@ public class DeleteActionTest {
 
   @Test
   public void request_fails_with_NotFoundException_if_organization_with_specified_key_does_not_exist() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Organization with key 'foo' not found");
@@ -139,7 +139,7 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root_and_is_not_administrator_of_specified_organization() {
+  public void request_fails_with_ForbiddenException_when_user_is_not_administrator_of_specified_organization() {
     OrganizationDto organization = dbTester.organizations().insert();
     userSession.logIn();
 
@@ -150,7 +150,18 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root_and_is_administrator_of_other_organization() {
+  public void request_fails_with_ForbiddenException_when_user_is_system_administrator() {
+    OrganizationDto organization = dbTester.organizations().insert();
+    userSession.logIn().setSystemAdministrator();
+
+    expectedException.expect(ForbiddenException.class);
+    expectedException.expectMessage("Insufficient privileges");
+
+    sendRequest(organization);
+  }
+
+  @Test
+  public void request_fails_with_ForbiddenException_when_user_is_administrator_of_other_organization() {
     OrganizationDto organization = dbTester.organizations().insert();
     logInAsAdministrator(dbTester.getDefaultOrganization());
 
@@ -171,9 +182,9 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void request_deletes_specified_organization_if_exists_and_user_is_root() {
+  public void request_deletes_specified_organization_if_exists_and_user_is_organization_administrator() {
     OrganizationDto organization = dbTester.organizations().insert();
-    userSession.logIn().setRoot();
+    logInAsAdministrator(organization);
 
     sendRequest(organization);
 
@@ -181,9 +192,9 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void request_deletes_specified_guarded_organization_if_exists_and_user_is_root() {
+  public void request_deletes_specified_guarded_organization_if_exists_and_user_is_system_administrator() {
     OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
-    userSession.logIn().setRoot();
+    logInAsSystemAdministrator();
 
     sendRequest(organization);
 
@@ -192,8 +203,6 @@ public class DeleteActionTest {
 
   @Test
   public void request_also_deletes_components_of_specified_organization() {
-    logInAsRoot();
-
     OrganizationDto organization = dbTester.organizations().insert();
     ComponentDto project = dbTester.components().insertProject(organization);
     ComponentDto module = dbTester.components().insertComponent(ComponentTesting.newModuleDto(project));
@@ -204,6 +213,7 @@ public class DeleteActionTest {
     ComponentDto subview1 = dbTester.components().insertComponent(ComponentTesting.newSubView(view, "v1", "ksv1"));
     ComponentDto subview2 = dbTester.components().insertComponent(ComponentTesting.newSubView(subview1, "v2", "ksv2"));
     ComponentDto projectCopy = dbTester.components().insertComponent(ComponentTesting.newProjectCopy("pc1", project, subview1));
+    logInAsAdministrator(organization);
 
     sendRequest(organization);
 
@@ -215,8 +225,6 @@ public class DeleteActionTest {
 
   @Test
   public void request_also_deletes_permissions_templates_and_permissions_and_groups_of_specified_organization() {
-    logInAsRoot();
-
     OrganizationDto org = dbTester.organizations().insert();
     OrganizationDto otherOrg = dbTester.organizations().insert();
 
@@ -245,6 +253,7 @@ public class DeleteActionTest {
 
     PermissionTemplateDto templateDto = dbTester.permissionTemplates().insertTemplate(org);
     PermissionTemplateDto otherTemplateDto = dbTester.permissionTemplates().insertTemplate(otherOrg);
+    logInAsAdministrator(org);
 
     sendRequest(org);
 
@@ -281,8 +290,8 @@ public class DeleteActionTest {
       .execute();
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 
   private void logInAsAdministrator(OrganizationDto organization) {

server/sonar-server/src/test/java/org/sonar/server/organization/ws/UpdateActionTest.java

@@ -100,7 +100,7 @@ public class UpdateActionTest {
   }
 
   @Test
-  public void request_fails_with_IllegalStateException_if_organization_feature_is_disabled() {
+  public void request_fails_with_IllegalStateException_if_organization_support_is_disabled() {
     organizationFlags.setEnabled(false);
     userSession.logIn();
 
@@ -111,9 +111,9 @@ public class UpdateActionTest {
   }
 
   @Test
-  public void request_succeeds_if_user_is_root() {
-    logInAsRoot();
+  public void request_succeeds_if_user_is_organization_administrator() {
     OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    logInAsAdministrator(dto);
 
     verifyResponseAndDb(executeKeyRequest(dto.getKey(), "ab"), dto, "ab", DATE_2);
   }
@@ -135,7 +135,7 @@ public class UpdateActionTest {
   }
 
   @Test
-  public void request_fails_if_user_is_not_root_and_is_not_organization_administrator() {
+  public void request_fails_if_user_is_not_system_administrator_and_is_not_organization_administrator() {
     OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
     userSession.logIn();
 
@@ -158,7 +158,7 @@ public class UpdateActionTest {
 
   @Test
   public void request_fails_if_key_is_missing() {
-    logInAsRoot();
+    userSession.logIn();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'key' parameter is missing");
@@ -168,15 +168,15 @@ public class UpdateActionTest {
 
   @Test
   public void request_with_only_key_param_succeeds_and_updates_only_updateAt_field() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    logInAsAdministrator(org);
 
-    verifyResponseAndDb(executeKeyRequest(dto.getKey(), null), dto, dto.getName(), DATE_2);
+    verifyResponseAndDb(executeKeyRequest(org.getKey(), null), org, org.getName(), DATE_2);
   }
 
   @Test
   public void request_fails_if_name_is_one_char_long() {
-    logInAsRoot();
+    userSession.logIn();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Name 'a' must be at least 2 chars long");
@@ -186,15 +186,15 @@ public class UpdateActionTest {
 
   @Test
   public void request_succeeds_if_name_is_two_chars_long() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    logInAsAdministrator(org);
 
-    verifyResponseAndDb(executeKeyRequest(dto.getKey(), "ab"), dto, "ab", DATE_2);
+    verifyResponseAndDb(executeKeyRequest(org.getKey(), "ab"), org, "ab", DATE_2);
   }
 
   @Test
   public void request_fails_if_name_is_65_chars_long() {
-    logInAsRoot();
+    userSession.logIn();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Name '" + STRING_65_CHARS_LONG + "' must be at most 64 chars long");
@@ -204,35 +204,35 @@ public class UpdateActionTest {
 
   @Test
   public void request_succeeds_if_name_is_64_char_long() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    logInAsAdministrator(org);
 
     String name = STRING_65_CHARS_LONG.substring(0, 64);
 
-    verifyResponseAndDb(executeKeyRequest(dto.getKey(), name), dto, name, DATE_2);
+    verifyResponseAndDb(executeKeyRequest(org.getKey(), name), org, name, DATE_2);
   }
 
   @Test
   public void request_succeeds_if_description_url_and_avatar_are_not_specified() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    logInAsAdministrator(org);
 
-    Organizations.UpdateWsResponse response = executeKeyRequest(dto.getKey(), "bar", null, null, null);
-    verifyResponseAndDb(response, dto, "bar", DATE_2);
+    Organizations.UpdateWsResponse response = executeKeyRequest(org.getKey(), "bar", null, null, null);
+    verifyResponseAndDb(response, org, "bar", DATE_2);
   }
 
   @Test
   public void request_succeeds_if_description_url_and_avatar_are_specified() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    logInAsAdministrator(org);
 
-    Organizations.UpdateWsResponse response = executeKeyRequest(dto.getKey(), "bar", "moo", "doo", "boo");
-    verifyResponseAndDb(response, dto, "bar", "moo", "doo", "boo", DATE_2);
+    Organizations.UpdateWsResponse response = executeKeyRequest(org.getKey(), "bar", "moo", "doo", "boo");
+    verifyResponseAndDb(response, org, "bar", "moo", "doo", "boo", DATE_2);
   }
 
   @Test
   public void request_fails_if_description_is_257_chars_long() {
-    logInAsRoot();
+    userSession.logIn();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Description '" + STRING_257_CHARS_LONG + "' must be at most 256 chars long");
@@ -242,17 +242,17 @@ public class UpdateActionTest {
 
   @Test
   public void request_succeeds_if_description_is_256_chars_long() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
     String description = STRING_257_CHARS_LONG.substring(0, 256);
+    logInAsAdministrator(org);
 
-    Organizations.UpdateWsResponse response = executeKeyRequest(dto.getKey(), "bar", description, null, null);
-    verifyResponseAndDb(response, dto, "bar", description, dto.getUrl(), dto.getAvatarUrl(), DATE_2);
+    Organizations.UpdateWsResponse response = executeKeyRequest(org.getKey(), "bar", description, null, null);
+    verifyResponseAndDb(response, org, "bar", description, org.getUrl(), org.getAvatarUrl(), DATE_2);
   }
 
   @Test
   public void request_fails_if_url_is_257_chars_long() {
-    logInAsRoot();
+    userSession.logIn();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Url '" + STRING_257_CHARS_LONG + "' must be at most 256 chars long");
@@ -262,17 +262,17 @@ public class UpdateActionTest {
 
   @Test
   public void request_succeeds_if_url_is_256_chars_long() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
     String url = STRING_257_CHARS_LONG.substring(0, 256);
+    logInAsAdministrator(org);
 
-    Organizations.UpdateWsResponse response = executeKeyRequest(dto.getKey(), "bar", null, url, null);
-    verifyResponseAndDb(response, dto, "bar", dto.getDescription(), url, dto.getAvatarUrl(), DATE_2);
+    Organizations.UpdateWsResponse response = executeKeyRequest(org.getKey(), "bar", null, url, null);
+    verifyResponseAndDb(response, org, "bar", org.getDescription(), url, org.getAvatarUrl(), DATE_2);
   }
 
   @Test
   public void request_fails_if_avatar_is_257_chars_long() {
-    logInAsRoot();
+    userSession.logIn();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Avatar '" + STRING_257_CHARS_LONG + "' must be at most 256 chars long");
@@ -282,21 +282,21 @@ public class UpdateActionTest {
 
   @Test
   public void request_succeeds_if_avatar_is_256_chars_long() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
     String avatar = STRING_257_CHARS_LONG.substring(0, 256);
+    logInAsAdministrator(org);
 
-    Organizations.UpdateWsResponse response = executeKeyRequest(dto.getKey(), "bar", null, null, avatar);
-    verifyResponseAndDb(response, dto, "bar", dto.getDescription(), dto.getUrl(), avatar, DATE_2);
+    Organizations.UpdateWsResponse response = executeKeyRequest(org.getKey(), "bar", null, null, avatar);
+    verifyResponseAndDb(response, org, "bar", org.getDescription(), org.getUrl(), avatar, DATE_2);
   }
 
   @Test
   public void request_removes_optional_parameters_when_associated_parameter_are_empty() {
-    logInAsRoot();
-    OrganizationDto dto = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    OrganizationDto org = mockForSuccessfulUpdate(DATE_1, DATE_2);
+    logInAsAdministrator(org);
 
-    Organizations.UpdateWsResponse response = executeKeyRequest(dto.getKey(), "bla", "", "", "");
-    verifyResponseAndDb(response, dto, "bla", null, null, null, DATE_2);
+    Organizations.UpdateWsResponse response = executeKeyRequest(org.getKey(), "bla", "", "", "");
+    verifyResponseAndDb(response, org, "bla", null, null, null, DATE_2);
   }
 
   private OrganizationDto mockForSuccessfulUpdate(long createdAt, long nextNow) {
@@ -375,10 +375,6 @@ public class UpdateActionTest {
     assertThat(newDto.getUpdatedAt()).isEqualTo(updateAt);
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
-  }
-
   private void logInAsAdministrator(OrganizationDto organizationDto) {
     userSession.logIn().addOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
   }

server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchProjectPermissionsActionTest.java

@@ -57,7 +57,7 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea
   @Before
   public void setUp() {
     i18n.setProjectPermissions();
-    userSession.logIn().setRoot();
+    userSession.logIn().setSystemAdministrator();
   }
 
   @Override

server/sonar-server/src/test/java/org/sonar/server/platform/ws/ChangeLogLevelActionTest.java

@@ -56,8 +56,8 @@ public class ChangeLogLevelActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() {
-    userSession.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -66,7 +66,7 @@ public class ChangeLogLevelActionTest {
 
   @Test
   public void enable_debug_logs() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     actionTester.newRequest()
       .setParam("level", "DEBUG")
@@ -80,7 +80,7 @@ public class ChangeLogLevelActionTest {
 
   @Test
   public void enable_trace_logs() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     actionTester.newRequest()
       .setParam("level", "TRACE")
@@ -94,7 +94,7 @@ public class ChangeLogLevelActionTest {
 
   @Test
   public void fail_if_unsupported_level() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -106,7 +106,7 @@ public class ChangeLogLevelActionTest {
 
   @Test
   public void fail_if_missing_level() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -115,7 +115,7 @@ public class ChangeLogLevelActionTest {
       .execute();
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 }

server/sonar-server/src/test/java/org/sonar/server/platform/ws/InfoActionTest.java

@@ -67,8 +67,8 @@ public class InfoActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() {
-    userSessionRule.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -77,7 +77,7 @@ public class InfoActionTest {
 
   @Test
   public void write_json() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     Map<String, Object> attributes1 = new LinkedHashMap<>();
     attributes1.put("foo", "bar");
@@ -95,7 +95,7 @@ public class InfoActionTest {
     assertThat(response.getInput()).isEqualTo("{\"Monitor One\":{\"foo\":\"bar\"},\"Monitor Two\":{\"one\":1,\"two\":2}}");
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSessionRule.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSessionRule.logIn().setSystemAdministrator();
   }
 }

server/sonar-server/src/test/java/org/sonar/server/platform/ws/LogsActionTest.java

@@ -66,7 +66,7 @@ public class LogsActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() {
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() {
     userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
@@ -76,7 +76,7 @@ public class LogsActionTest {
 
   @Test
   public void get_app_logs_by_default() throws IOException {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     createAllLogsFiles();
 
@@ -87,7 +87,7 @@ public class LogsActionTest {
 
   @Test
   public void return_404_not_found_if_file_does_not_exist() throws IOException {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     createLogsDir();
 
@@ -97,7 +97,7 @@ public class LogsActionTest {
 
   @Test
   public void get_ce_logs() throws IOException {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     createAllLogsFiles();
 
@@ -110,7 +110,7 @@ public class LogsActionTest {
 
   @Test
   public void get_es_logs() throws IOException {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     createAllLogsFiles();
 
@@ -123,7 +123,7 @@ public class LogsActionTest {
 
   @Test
   public void get_web_logs() throws IOException {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     createAllLogsFiles();
 
@@ -136,7 +136,7 @@ public class LogsActionTest {
 
   @Test
   public void do_not_return_rotated_files() throws IOException {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     File dir = createLogsDir();
     FileUtils.write(new File(dir, "sonar.1.log"), "{old}");
@@ -164,7 +164,7 @@ public class LogsActionTest {
     return dir;
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 }

server/sonar-server/src/test/java/org/sonar/server/platform/ws/RestartActionTest.java

@@ -99,8 +99,8 @@ public class RestartActionTest {
   }
 
   @Test
-  public void request_fails_in_production_mode_with_ForbiddenException_when_user_is_not_root() {
-    userSessionRule.logIn();
+  public void request_fails_in_production_mode_with_ForbiddenException_when_user_is_not_system_administrator() {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -109,7 +109,7 @@ public class RestartActionTest {
 
   @Test
   public void calls_ProcessCommandWrapper_requestForSQRestart_in_production_mode() throws Exception {
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
 
     actionTester.newRequest().execute();
 
@@ -120,7 +120,7 @@ public class RestartActionTest {
   @Test
   public void logs_login_of_authenticated_user_requesting_the_restart_in_production_mode() throws Exception {
     String login = "BigBother";
-    userSessionRule.logIn(login).setRoot();
+    userSessionRule.logIn(login).setSystemAdministrator();
 
     actionTester.newRequest().execute();
 

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/AvailableActionTest.java

@@ -70,7 +70,7 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio
 
   @Test
   public void action_available_is_defined() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     WsTester wsTester = new WsTester();
     WebService.NewController newController = wsTester.context().createController(DUMMY_CONTROLLER_KEY);
 
@@ -94,8 +94,8 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
-    userSession.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -104,7 +104,7 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio
 
   @Test
   public void empty_array_is_returned_when_there_is_no_plugin_available() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     underTest.handle(request, response);
 
     assertJson(response.outputAsString()).withStrictArrayOrder().isSimilarTo(JSON_EMPTY_PLUGIN_LIST);
@@ -112,7 +112,7 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio
 
   @Test
   public void empty_array_is_returned_when_update_center_is_not_accessible() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenterFactory.getUpdateCenter(anyBoolean())).thenReturn(Optional.<UpdateCenter>absent());
 
     underTest.handle(request, response);
@@ -122,7 +122,7 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio
 
   @Test
   public void verify_properties_displayed_in_json_per_plugin() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenter.findAvailablePlugins()).thenReturn(of(
       pluginUpdate(FULL_PROPERTIES_PLUGIN_RELEASE, COMPATIBLE)));
 
@@ -133,25 +133,25 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio
 
   @Test
   public void status_COMPATIBLE_is_displayed_COMPATIBLE_in_JSON() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     checkStatusDisplayedInJson(COMPATIBLE, "COMPATIBLE");
   }
 
   @Test
   public void status_INCOMPATIBLE_is_displayed_INCOMPATIBLE_in_JSON() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     checkStatusDisplayedInJson(INCOMPATIBLE, "INCOMPATIBLE");
   }
 
   @Test
   public void status_REQUIRE_SONAR_UPGRADE_is_displayed_REQUIRES_SYSTEM_UPGRADE_in_JSON() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     checkStatusDisplayedInJson(REQUIRE_SONAR_UPGRADE, "REQUIRES_SYSTEM_UPGRADE");
   }
 
   @Test
   public void status_DEPENDENCIES_REQUIRE_SONAR_UPGRADE_is_displayed_DEPS_REQUIRE_SYSTEM_UPGRADE_in_JSON() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     checkStatusDisplayedInJson(DEPENDENCIES_REQUIRE_SONAR_UPGRADE, "DEPS_REQUIRE_SYSTEM_UPGRADE");
   }
 
@@ -173,8 +173,8 @@ public class AvailableActionTest extends AbstractUpdateCenterBasedPluginsWsActio
         "}");
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 
 }

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/CancelAllActionTest.java

@@ -78,8 +78,8 @@ public class CancelAllActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
-    userSessionRule.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");
@@ -89,7 +89,7 @@ public class CancelAllActionTest {
 
   @Test
   public void triggers_cancel_for_downloads_and_uninstalls() throws Exception {
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
 
     underTest.handle(request, response);
 

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/InstallActionTest.java

@@ -80,8 +80,8 @@ public class InstallActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
-    userSessionRule.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");
@@ -91,7 +91,7 @@ public class InstallActionTest {
 
   @Test
   public void action_install_is_defined() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     WsTester wsTester = new WsTester();
     WebService.NewController newController = wsTester.context().createController(DUMMY_CONTROLLER_KEY);
@@ -116,7 +116,7 @@ public class InstallActionTest {
 
   @Test
   public void IAE_is_raised_when_key_param_is_not_provided() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     expectedException.expect(IllegalArgumentException.class);
 
     invalidRequest.execute();
@@ -124,7 +124,7 @@ public class InstallActionTest {
 
   @Test
   public void IAE_is_raised_when_there_is_no_available_plugin_for_the_key() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("No plugin with key 'pluginKey'");
 
@@ -133,7 +133,7 @@ public class InstallActionTest {
 
   @Test
   public void IAE_is_raised_when_update_center_is_unavailable() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenterFactory.getUpdateCenter(anyBoolean())).thenReturn(Optional.<UpdateCenter>absent());
 
     expectedException.expect(IllegalArgumentException.class);
@@ -144,7 +144,7 @@ public class InstallActionTest {
 
   @Test
   public void if_plugin_is_found_available_download_is_triggered_with_latest_version_from_updatecenter() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     Version version = Version.create("1.0");
     when(updateCenter.findAvailablePlugins()).thenReturn(ImmutableList.of(
       PluginUpdate.createWithStatus(new Release(Plugin.factory(PLUGIN_KEY), version), PluginUpdate.Status.COMPATIBLE)
@@ -156,7 +156,7 @@ public class InstallActionTest {
     result.assertNoContent();
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSessionRule.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSessionRule.logIn().setSystemAdministrator();
   }
 }

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/InstalledActionTest.java

@@ -67,7 +67,7 @@ public class InstalledActionTest {
 
   @Test
   public void action_installed_is_defined() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     WsTester wsTester = new WsTester();
     WebService.NewController newController = wsTester.context().createController(DUMMY_CONTROLLER_KEY);
 
@@ -91,8 +91,8 @@ public class InstalledActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
-    userSession.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -101,7 +101,7 @@ public class InstalledActionTest {
 
   @Test
   public void empty_array_is_returned_when_there_is_not_plugin_installed() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     underTest.handle(request, response);
 
     assertJson(response.outputAsString()).withStrictArrayOrder().isSimilarTo(JSON_EMPTY_PLUGIN_LIST);
@@ -109,7 +109,7 @@ public class InstalledActionTest {
 
   @Test
   public void empty_array_when_update_center_is_unavailable() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenterMatrixFactory.getUpdateCenter(false)).thenReturn(Optional.<UpdateCenter>absent());
 
     underTest.handle(request, response);
@@ -119,7 +119,7 @@ public class InstalledActionTest {
 
   @Test
   public void empty_fields_are_not_serialized_to_json() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(pluginRepository.getPluginInfos()).thenReturn(
       of(new PluginInfo("").setName("")));
 
@@ -130,7 +130,7 @@ public class InstalledActionTest {
 
   @Test
   public void verify_properties_displayed_in_json_per_plugin() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     String jarFilename = getClass().getSimpleName() + "/" + "some.jar";
     when(pluginRepository.getPluginInfos()).thenReturn(of(
       new PluginInfo("plugKey")
@@ -173,7 +173,7 @@ public class InstalledActionTest {
 
   @Test
   public void category_is_returned_when_in_additional_fields() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     String jarFilename = getClass().getSimpleName() + "/" + "some.jar";
     when(pluginRepository.getPluginInfos()).thenReturn(of(
       new PluginInfo("plugKey")
@@ -225,7 +225,7 @@ public class InstalledActionTest {
 
   @Test
   public void plugins_are_sorted_by_name_then_key_and_only_one_plugin_can_have_a_specific_name() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(pluginRepository.getPluginInfos()).thenReturn(
       of(
         plugin("A", "name2"),
@@ -252,7 +252,7 @@ public class InstalledActionTest {
 
   @Test
   public void only_one_plugin_can_have_a_specific_name_and_key() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(pluginRepository.getPluginInfos()).thenReturn(
       of(
         plugin("A", "name2"),
@@ -277,8 +277,8 @@ public class InstalledActionTest {
     return new PluginInfo(key).setName(name).setVersion(Version.create("1.0"));
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 
 }

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/PendingActionTest.java

@@ -63,7 +63,7 @@ public class PendingActionTest {
 
   @Test
   public void action_pending_is_defined() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     WsTester wsTester = new WsTester();
     WebService.NewController newController = wsTester.context().createController(DUMMY_CONTROLLER_KEY);
 
@@ -87,8 +87,8 @@ public class PendingActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
-    userSession.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -97,7 +97,7 @@ public class PendingActionTest {
 
   @Test
   public void empty_arrays_are_returned_when_there_nothing_pending() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     underTest.handle(request, response);
 
     assertJson(response.outputAsString()).withStrictArrayOrder().isSimilarTo(
@@ -110,7 +110,7 @@ public class PendingActionTest {
 
   @Test
   public void empty_arrays_are_returned_when_update_center_is_unavailable() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenterMatrixFactory.getUpdateCenter(false)).thenReturn(Optional.<UpdateCenter>absent());
 
     underTest.handle(request, response);
@@ -125,7 +125,7 @@ public class PendingActionTest {
 
   @Test
   public void verify_properties_displayed_in_json_per_installing_plugin() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     newUpdateCenter("scmgit");
     when(pluginDownloader.getDownloadedPlugins()).thenReturn(of(newScmGitPluginInfo()));
 
@@ -156,7 +156,7 @@ public class PendingActionTest {
 
   @Test
   public void verify_properties_displayed_in_json_per_removing_plugin() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(serverPluginRepository.getUninstalledPlugins()).thenReturn(of(newScmGitPluginInfo()));
 
     underTest.handle(request, response);
@@ -185,7 +185,7 @@ public class PendingActionTest {
 
   @Test
   public void verify_properties_displayed_in_json_per_updating_plugin() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     newUpdateCenter("scmgit");
     when(serverPluginRepository.getPluginInfos()).thenReturn(of(newScmGitPluginInfo()));
     when(pluginDownloader.getDownloadedPlugins()).thenReturn(of(newScmGitPluginInfo()));
@@ -207,7 +207,7 @@ public class PendingActionTest {
 
   @Test
   public void verify_properties_displayed_in_json_per_installing_removing_and_updating_plugins() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     PluginInfo installed = newPluginInfo("java");
     PluginInfo removedPlugin = newPluginInfo("js");
     PluginInfo newPlugin = newPluginInfo("php");
@@ -244,7 +244,7 @@ public class PendingActionTest {
 
   @Test
   public void installing_plugins_are_sorted_by_name_then_key_and_are_unique() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(pluginDownloader.getDownloadedPlugins()).thenReturn(of(
       newPluginInfo(0).setName("Foo"),
       newPluginInfo(3).setName("Bar"),
@@ -276,7 +276,7 @@ public class PendingActionTest {
 
   @Test
   public void removing_plugins_are_sorted_and_unique() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(serverPluginRepository.getUninstalledPlugins()).thenReturn(of(
       newPluginInfo(0).setName("Foo"),
       newPluginInfo(3).setName("Bar"),
@@ -338,7 +338,7 @@ public class PendingActionTest {
     return new PluginInfo("key" + id).setName("name" + id);
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 }

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/PluginsWsMediumTest.java

@@ -51,7 +51,7 @@ public class PluginsWsMediumTest {
     WsTester wsTester = new WsTester(serverTester.get(PluginsWs.class));
 
     // 1 - check what's installed, available and pending
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
     wsTester.newGetRequest("api/plugins", "installed").execute().assertJson("{" +
       "  \"plugins\": [" +
       "    {" +
@@ -115,7 +115,7 @@ public class PluginsWsMediumTest {
     wsTester = restartServerTester();
 
     // 4 - make sure plugin is installed
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
     wsTester.newGetRequest("api/plugins", "installed").execute().assertJson("{" +
       "  \"plugins\": [" +
       "    {" +
@@ -148,7 +148,7 @@ public class PluginsWsMediumTest {
     wsTester = restartServerTester();
 
     // 7 - make sure plugin has been uninstalled
-    userSessionRule.logIn().setRoot();
+    userSessionRule.logIn().setSystemAdministrator();
     wsTester.newGetRequest("api/plugins", "installed").execute().assertJson("{" +
       "  \"plugins\": [" +
       "    {" +

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/UninstallActionTest.java

@@ -63,8 +63,8 @@ public class UninstallActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
-    userSessionRule.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");
@@ -74,7 +74,7 @@ public class UninstallActionTest {
 
   @Test
   public void action_uninstall_is_defined() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     WsTester wsTester = new WsTester();
     WebService.NewController newController = wsTester.context().createController(DUMMY_CONTROLLER_KEY);
@@ -99,7 +99,7 @@ public class UninstallActionTest {
 
   @Test
   public void IAE_is_raised_when_key_param_is_not_provided() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -108,7 +108,7 @@ public class UninstallActionTest {
 
   @Test
   public void IAE_is_raised_when_plugin_is_not_installed() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Plugin [findbugs] is not installed");
@@ -118,7 +118,7 @@ public class UninstallActionTest {
 
   @Test
   public void if_plugin_is_installed_uninstallation_is_triggered() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(pluginRepository.hasPlugin(PLUGIN_KEY)).thenReturn(true);
 
     underTest.handle(validRequest, response);
@@ -127,8 +127,8 @@ public class UninstallActionTest {
     assertThat(response.outputAsString()).isEmpty();
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSessionRule.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSessionRule.logIn().setSystemAdministrator();
   }
 
 }

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/UpdateActionTest.java

@@ -82,8 +82,8 @@ public class UpdateActionTest {
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
-    userSessionRule.logIn();
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
+    userSessionRule.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");
@@ -93,7 +93,7 @@ public class UpdateActionTest {
 
   @Test
   public void action_update_is_defined() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     WsTester wsTester = new WsTester();
     WebService.NewController newController = wsTester.context().createController(DUMMY_CONTROLLER_KEY);
@@ -118,7 +118,7 @@ public class UpdateActionTest {
 
   @Test
   public void IAE_is_raised_when_key_param_is_not_provided() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -127,7 +127,7 @@ public class UpdateActionTest {
 
   @Test
   public void IAE_is_raised_when_there_is_no_plugin_update_for_the_key() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("No plugin with key 'pluginKey'");
@@ -137,7 +137,7 @@ public class UpdateActionTest {
 
   @Test
   public void IAE_is_raised_when_update_center_is_unavailable() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenterFactory.getUpdateCenter(anyBoolean())).thenReturn(Optional.<UpdateCenter>absent());
 
     expectedException.expect(IllegalArgumentException.class);
@@ -148,7 +148,7 @@ public class UpdateActionTest {
 
   @Test
   public void if_plugin_has_an_update_download_is_triggered_with_latest_version_from_updatecenter() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     Version version = Version.create("1.0");
     when(updateCenter.findPluginUpdates()).thenReturn(ImmutableList.of(
       PluginUpdate.createWithStatus(new Release(Plugin.factory(PLUGIN_KEY), version), Status.COMPATIBLE)
@@ -160,8 +160,8 @@ public class UpdateActionTest {
     assertThat(response.outputAsString()).isEmpty();
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSessionRule.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSessionRule.logIn().setSystemAdministrator();
   }
 
 }

server/sonar-server/src/test/java/org/sonar/server/plugins/ws/UpdatesActionTest.java

@@ -84,7 +84,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT
 
   @Test
   public void action_updatable_is_defined() {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     WsTester wsTester = new WsTester();
     WebService.NewController newController = wsTester.context().createController(DUMMY_CONTROLLER_KEY);
@@ -109,7 +109,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT
   }
 
   @Test
-  public void request_fails_with_ForbiddenException_when_user_is_not_root() throws Exception {
+  public void request_fails_with_ForbiddenException_when_user_is_not_system_administrator() throws Exception {
     userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
@@ -118,7 +118,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT
 
   @Test
   public void empty_array_is_returned_when_there_is_no_plugin_available() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
 
     underTest.handle(request, response);
 
@@ -127,7 +127,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT
 
   @Test
   public void verify_response_against_example() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenter.findPluginUpdates()).thenReturn(of(
       pluginUpdate(ABAP_32, COMPATIBLE),
       pluginUpdate(ABAP_31, INCOMPATIBLE),
@@ -140,7 +140,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT
 
   @Test
   public void status_COMPATIBLE_is_displayed_COMPATIBLE_in_JSON() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenter.findPluginUpdates()).thenReturn(of(
       pluginUpdate(release(PLUGIN_1, "1.0.0"), COMPATIBLE)));
 
@@ -162,7 +162,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT
 
   @Test
   public void plugins_are_sorted_by_name_and_made_unique() throws Exception {
-    makeAuthenticatedUserRoot();
+    logInAsSystemAdministrator();
     when(updateCenter.findPluginUpdates()).thenReturn(of(
       pluginUpdate("key2", "name2"),
       pluginUpdate("key2", "name2"),
@@ -190,7 +190,7 @@ public class UpdatesActionTest extends AbstractUpdateCenterBasedPluginsWsActionT
         "}");
   }
 
-  private void makeAuthenticatedUserRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 }

server/sonar-server/src/test/java/org/sonar/server/project/ws/BulkDeleteActionTest.java

@@ -72,8 +72,8 @@ public class BulkDeleteActionTest {
   }
 
   @Test
-  public void root_deletes_projects_by_uuids_in_all_organizations() throws Exception {
-    userSession.logIn().setRoot();
+  public void system_administrator_deletes_projects_by_uuids_in_all_organizations() throws Exception {
+    userSession.logIn().setSystemAdministrator();
     ComponentDto toDeleteInOrg1 = db.components().insertProject(org1);
     ComponentDto toDeleteInOrg2 = db.components().insertProject(org2);
     ComponentDto toKeep = db.components().insertProject(org2);
@@ -87,8 +87,8 @@ public class BulkDeleteActionTest {
   }
 
   @Test
-  public void root_deletes_projects_by_keys_in_all_organizations() throws Exception {
-    userSession.logIn().setRoot();
+  public void system_administrator_deletes_projects_by_keys_in_all_organizations() throws Exception {
+    userSession.logIn().setSystemAdministrator();
     ComponentDto toDeleteInOrg1 = db.components().insertProject(org1);
     ComponentDto toDeleteInOrg2 = db.components().insertProject(org2);
     ComponentDto toKeep = db.components().insertProject(org2);
@@ -103,7 +103,7 @@ public class BulkDeleteActionTest {
 
   @Test
   public void projects_that_dont_exist_are_ignored_and_dont_break_bulk_deletion() throws Exception {
-    userSession.logIn().setRoot();
+    userSession.logIn().setSystemAdministrator();
     ComponentDto toDelete1 = db.components().insertProject(org1);
     ComponentDto toDelete2 = db.components().insertProject(org1);
 
@@ -157,8 +157,8 @@ public class BulkDeleteActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_param_organization_is_not_set_and_not_root() throws Exception {
-    userSession.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_param_organization_is_not_set_and_not_system_administrator() throws Exception {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
     expectedException.expectMessage("Insufficient privileges");

server/sonar-server/src/test/java/org/sonar/server/project/ws/DeleteActionTest.java

@@ -42,6 +42,7 @@ import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Matchers.any;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.verify;
+import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.server.project.ws.DeleteAction.PARAM_ID;
 import static org.sonar.server.project.ws.DeleteAction.PARAM_KEY;
 import static org.sonarqube.ws.client.project.ProjectsWsParameters.CONTROLLER;
@@ -77,10 +78,10 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void root_administrator_deletes_project_by_id() throws Exception {
+  public void organization_administrator_deletes_project_by_id() throws Exception {
     ComponentDto project = componentDbTester.insertProject();
+    userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
 
-    userSessionRule.logIn().setRoot();
     WsTester.TestRequest request = newRequest().setParam(PARAM_ID, project.uuid());
     call(request);
 
@@ -88,10 +89,10 @@ public class DeleteActionTest {
   }
 
   @Test
-  public void root_administrator_deletes_project_by_key() throws Exception {
+  public void organization_administrator_deletes_project_by_key() throws Exception {
     ComponentDto project = componentDbTester.insertProject();
+    userSessionRule.logIn().addOrganizationPermission(project.getOrganizationUuid(), SYSTEM_ADMIN);
 
-    userSessionRule.logIn().setRoot();
     call(newRequest().setParam(PARAM_KEY, project.key()));
 
     assertThat(verifyDeletedKey()).isEqualTo(project.key());

server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/DeleteActionTest.java

@@ -54,27 +54,12 @@ public class DeleteActionTest {
 
   private WsActionTester ws = new WsActionTester(new DeleteAction(dbClient, userSession));
 
-  @Test
-  public void root_administrator_deletes_analysis() {
-    ComponentDto project = db.components().insertProject();
-    db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false).setStatus(STATUS_PROCESSED));
-    db.components().insertSnapshot(newAnalysis(project).setUuid("A2").setLast(true).setStatus(STATUS_PROCESSED));
-    userSession.logIn().setRoot();
-
-    call("A1");
-
-    db.commit();
-    assertThat(dbClient.snapshotDao().selectByUuids(dbSession, newArrayList("A1", "A2"))).extracting(SnapshotDto::getUuid, SnapshotDto::getStatus).containsExactly(
-      tuple("A1", STATUS_UNPROCESSED),
-      tuple("A2", STATUS_PROCESSED));
-  }
-
   @Test
   public void project_administrator_deletes_analysis() {
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false).setStatus(STATUS_PROCESSED));
     db.components().insertSnapshot(newAnalysis(project).setUuid("A2").setLast(true).setStatus(STATUS_PROCESSED));
-    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    logInAsProjectAdministrator(project);
 
     call("A1");
 
@@ -97,7 +82,7 @@ public class DeleteActionTest {
   public void last_analysis_cannot_be_deleted() {
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(true));
-    userSession.logIn().setRoot();
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The last analysis 'A1' cannot be deleted");
@@ -117,9 +102,9 @@ public class DeleteActionTest {
 
   @Test
   public void fail_when_analysis_is_unprocessed() {
-    userSession.logIn().setRoot();
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false).setStatus(STATUS_UNPROCESSED));
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Analysis 'A1' not found");
@@ -129,9 +114,9 @@ public class DeleteActionTest {
 
   @Test
   public void fail_when_not_enough_permission() {
-    userSession.logIn();
     ComponentDto project = db.components().insertProject();
     db.components().insertSnapshot(newAnalysis(project).setUuid("A1").setLast(false));
+    userSession.logIn();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -143,4 +128,8 @@ public class DeleteActionTest {
       .setParam(PARAM_ANALYSIS, analysis)
       .execute();
   }
+
+  private void logInAsProjectAdministrator(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/projectanalysis/ws/UpdateEventActionTest.java

@@ -173,7 +173,7 @@ public class UpdateEventActionTest {
 
   @Test
   public void fail_if_event_is_not_found() {
-    userSession.logIn().setRoot();
+    userSession.logIn().setSystemAdministrator();
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Event 'E42' not found");

server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/CreateActionTest.java

@@ -77,13 +77,12 @@ public class CreateActionTest {
     ComponentFinder componentFinder = new ComponentFinder(dbClient);
     underTest = new CreateAction(dbClient, userSession, componentFinder);
     ws = new WsActionTester(underTest);
-
-    userSession.logIn().setRoot();
   }
 
   @Test
   public void example_with_key() {
     ComponentDto project = insertProject();
+    logInAsProjectAdministrator(project);
 
     String result = ws.newRequest()
         .setMethod("POST")
@@ -98,6 +97,7 @@ public class CreateActionTest {
   @Test
   public void example_with_id() {
     ComponentDto project = insertProject();
+    logInAsProjectAdministrator(project);
 
     String result = ws.newRequest()
         .setMethod("POST")
@@ -112,13 +112,14 @@ public class CreateActionTest {
   @Test
   public void require_project_admin() throws IOException {
     ComponentDto project = insertProject();
-    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    logInAsProjectAdministrator(project);
     createAndTest(project);
   }
 
   @Test
   public void with_long_name() throws IOException {
     ComponentDto project = insertProject();
+    logInAsProjectAdministrator(project);
 
     String longName = StringUtils.leftPad("", 60, "a");
     String expectedType = StringUtils.leftPad("", 20, "a");
@@ -128,6 +129,7 @@ public class CreateActionTest {
   @Test
   public void fail_if_no_name() {
     expectedException.expect(IllegalArgumentException.class);
+
     ws.newRequest()
         .setParam(PARAM_PROJECT_KEY, "unknown")
         .setParam(PARAM_URL, "http://example.org")
@@ -227,4 +229,8 @@ public class CreateActionTest {
   private void createAndTest(ComponentDto project) throws IOException {
     createAndTest(project, "Custom", "http://example.org", "custom");
   }
+
+  private void logInAsProjectAdministrator(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/DeleteActionTest.java

@@ -73,7 +73,7 @@ public class DeleteActionTest {
   public void no_response() {
     ComponentDto project = insertProject();
     ComponentLinkDto link = insertCustomLink(project.uuid());
-    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    logInAsProjectAdministrator(project);
 
     TestResponse response = deleteLink(link.getId());
 
@@ -86,7 +86,7 @@ public class DeleteActionTest {
     ComponentDto project = insertProject();
     ComponentLinkDto link = insertCustomLink(project.uuid());
     long id = link.getId();
-    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+    logInAsProjectAdministrator(project);
 
     deleteLink(id);
     assertLinkIsDeleted(id);
@@ -111,7 +111,7 @@ public class DeleteActionTest {
   public void fail_when_delete_provided_link() {
     ComponentDto project = insertProject();
     ComponentLinkDto link = insertHomepageLink(project.uuid());
-    userSession.logIn().setRoot();
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(BadRequestException.class);
 
@@ -203,4 +203,8 @@ public class DeleteActionTest {
   private void assertLinkIsNotDeleted(Long id) {
     assertThat(dbClient.componentLinkDao().selectById(dbSession, id)).isNotNull();
   }
+
+  private void logInAsProjectAdministrator(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/projectlink/ws/SearchActionTest.java

@@ -78,10 +78,10 @@ public class SearchActionTest {
 
   @Test
   public void example() {
-    logInAsRoot();
     ComponentDto project = insertProject();
     insertHomepageLink(project.uuid());
     insertCustomLink(project.uuid());
+    logInAsProjectAdministrator(project);
 
     String result = ws.newRequest()
       .setParam(PARAM_PROJECT_KEY, PROJECT_KEY)
@@ -92,9 +92,9 @@ public class SearchActionTest {
 
   @Test
   public void request_by_project_id() throws IOException {
-    logInAsRoot();
     ComponentDto project = insertProject();
     insertHomepageLink(project.uuid());
+    logInAsProjectAdministrator(project);
 
     SearchWsResponse response = callByUuid(project.uuid());
 
@@ -104,9 +104,9 @@ public class SearchActionTest {
 
   @Test
   public void request_by_project_key() throws IOException {
-    logInAsRoot();
     ComponentDto project = insertProject();
     insertHomepageLink(project.uuid());
+    logInAsProjectAdministrator(project);
 
     SearchWsResponse response = callByKey(project.key());
 
@@ -116,10 +116,10 @@ public class SearchActionTest {
 
   @Test
   public void response_fields() throws IOException {
-    logInAsRoot();
     ComponentDto project = insertProject();
     ComponentLinkDto homepageLink = insertHomepageLink(project.uuid());
     ComponentLinkDto customLink = insertCustomLink(project.uuid());
+    logInAsProjectAdministrator(project);
 
     SearchWsResponse response = callByKey(project.key());
 
@@ -132,11 +132,11 @@ public class SearchActionTest {
 
   @Test
   public void several_projects() throws IOException {
-    logInAsRoot();
     ComponentDto project1 = insertProject();
     ComponentDto project2 = insertProject("another", "abcd");
     ComponentLinkDto customLink1 = insertCustomLink(project1.uuid());
     insertCustomLink(project2.uuid());
+    userSession.logIn().setRoot();
 
     SearchWsResponse response = callByKey(project1.key());
 
@@ -146,20 +146,20 @@ public class SearchActionTest {
 
   @Test
   public void request_does_not_fail_when_link_has_no_name() throws IOException {
-    logInAsRoot();
     ComponentDto project = db.components().insertProject();
     ComponentLinkDto foo = new ComponentLinkDto().setComponentUuid(project.uuid()).setHref("foo").setType("type");
     insertLink(foo);
+    logInAsProjectAdministrator(project);
 
     callByKey(project.key());
   }
 
   @Test
   public void request_does_not_fail_when_link_has_no_type() throws IOException {
-    logInAsRoot();
     ComponentDto project = db.components().insertProject();
     ComponentLinkDto foo = new ComponentLinkDto().setComponentUuid(project.uuid()).setHref("foo").setName("name");
     insertLink(foo);
+    logInAsProjectAdministrator(project);
 
     callByKey(project.key());
   }
@@ -198,7 +198,7 @@ public class SearchActionTest {
   @Test
   public void fail_when_both_id_and_key_are_provided() {
     ComponentDto project = insertProject();
-    logInAsRoot();
+    logInAsProjectAdministrator(project);
 
     expectedException.expect(IllegalArgumentException.class);
     ws.newRequest()
@@ -272,7 +272,7 @@ public class SearchActionTest {
     assertThat(response.getLinks(0).getName()).isEqualTo("Homepage");
   }
 
-  private UserSessionRule logInAsRoot() {
-    return userSession.logIn().setRoot();
+  private void logInAsProjectAdministrator(ComponentDto project) {
+    userSession.logIn().addProjectUuidPermissions(UserRole.ADMIN, project.uuid());
   }
 }

server/sonar-server/src/test/java/org/sonar/server/property/ws/IndexActionTest.java

@@ -296,7 +296,7 @@ public class IndexActionTest {
 
   @Test
   public void return_secured_and_license_settings_when_system_admin() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     definitions.addComponents(asList(
       PropertyDefinition.builder("foo").build(),
       PropertyDefinition.builder("secret.secured").build(),
@@ -328,7 +328,7 @@ public class IndexActionTest {
 
   @Test
   public void return_secured_and_license_settings_in_property_set_when_system_admin() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     definitions.addComponent(PropertyDefinition
       .builder("foo")
       .type(PropertyType.PROPERTY_SET)
@@ -345,7 +345,7 @@ public class IndexActionTest {
 
   @Test
   public void return_all_settings_when_no_component_and_no_key() throws Exception {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     definitions.addComponents(asList(
       PropertyDefinition.builder("foo").build(),
       PropertyDefinition.builder("secret.secured").build(),
@@ -471,8 +471,8 @@ public class IndexActionTest {
     userSession.logIn().addProjectUuidPermissions(USER, project.uuid());
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 
   private void logInAsProjectAdmin() {

server/sonar-server/src/test/java/org/sonar/server/qualitygate/QualityGatesTest.java

@@ -95,7 +95,7 @@ public class QualityGatesTest {
 
     underTest = new QualityGates(dbClient, metricFinder, userSession);
 
-    userSession.logIn().setRoot();
+    userSession.logIn().setSystemAdministrator();
   }
 
   @Test

server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/DeselectActionTest.java

@@ -75,7 +75,7 @@ public class DeselectActionTest {
 
   @Test
   public void deselect_by_id() throws Exception {
-    userSession.logIn().setRoot();
+    logInAsRoot();
 
     ComponentDto anotherProject = db.components().insertProject();
     String gateId = String.valueOf(gate.getId());
@@ -90,7 +90,7 @@ public class DeselectActionTest {
 
   @Test
   public void deselect_by_uuid() throws Exception {
-    userSession.logIn().setRoot();
+    logInAsRoot();
 
     String gateId = String.valueOf(gate.getId());
     associateProjectToQualityGate(project.getId(), gateId);
@@ -102,7 +102,7 @@ public class DeselectActionTest {
 
   @Test
   public void deselect_by_key() throws Exception {
-    userSession.logIn().setRoot();
+    logInAsRoot();
 
     String gateId = String.valueOf(gate.getId());
     associateProjectToQualityGate(project.getId(), gateId);
@@ -223,4 +223,8 @@ public class DeselectActionTest {
   private void assertSelected(String qGateId, long projectId) {
     assertThat(dbClient.propertiesDao().selectProjectProperty(projectId, SONAR_QUALITYGATE_PROPERTY).getValue()).isEqualTo(qGateId);
   }
+
+  private void logInAsRoot() {
+    userSession.logIn().setRoot();
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/ProjectStatusActionTest.java

@@ -193,7 +193,7 @@ public class ProjectStatusActionTest {
 
   @Test
   public void fail_if_no_snapshot_id_found() {
-    userSession.logIn().setRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("Analysis with id 'task-uuid' is not found");
@@ -215,7 +215,7 @@ public class ProjectStatusActionTest {
 
   @Test
   public void fail_if_project_id_and_ce_task_id_provided() {
-    userSession.logIn().setRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(BadRequestException.class);
     expectedException.expectMessage("One (and only one) of the following parameters must be provided 'analysisId', 'projectId', 'projectKey'");
@@ -228,7 +228,7 @@ public class ProjectStatusActionTest {
 
   @Test
   public void fail_if_no_parameter_provided() {
-    userSession.logIn().setRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(BadRequestException.class);
     expectedException.expectMessage("One (and only one) of the following parameters must be provided 'analysisId', 'projectId', 'projectKey'");
@@ -259,4 +259,8 @@ public class ProjectStatusActionTest {
       throw Throwables.propagate(e);
     }
   }
+
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/qualitygate/ws/SelectActionTest.java

@@ -69,7 +69,7 @@ public class SelectActionTest {
 
   @Test
   public void select_by_id() throws Exception {
-    userSession.logIn().setRoot();
+    logInAsRoot();
     String gateId = String.valueOf(gate.getId());
 
     callById(gateId, project.getId());
@@ -79,7 +79,7 @@ public class SelectActionTest {
 
   @Test
   public void select_by_uuid() throws Exception {
-    userSession.logIn().setRoot();
+    logInAsRoot();
     String gateId = String.valueOf(gate.getId());
 
     callByUuid(gateId, project.uuid());
@@ -89,7 +89,7 @@ public class SelectActionTest {
 
   @Test
   public void select_by_key() throws Exception {
-    userSession.logIn().setRoot();
+    logInAsRoot();
     String gateId = String.valueOf(gate.getId());
 
     callByKey(gateId, project.getKey());
@@ -200,4 +200,8 @@ public class SelectActionTest {
   private void assertSelected(String gateId, Long projectId) {
     assertThat(dbClient.propertiesDao().selectProjectProperty(projectId, SONAR_QUALITYGATE_PROPERTY).getValue()).isEqualTo(gateId);
   }
+
+  private void logInAsRoot() {
+    userSession.logIn().setRoot();
+  }
 }

server/sonar-server/src/test/java/org/sonar/server/root/ws/SearchActionTest.java

@@ -88,14 +88,14 @@ public class SearchActionTest {
 
   @Test
   public void execute_returns_empty_list_of_root_when_DB_is_empty() {
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     assertThat(executeRequest()).isEmpty();
   }
 
   @Test
-  public void execute_does_not_fail_when_root_user_has_neither_email_nor_name() {
-    makeAuthenticatedUserRoot();
+  public void execute_succeeds_when_root_user_has_neither_email_nor_name() {
+    logInAsRoot();
     UserDto rootDto = userDao.insert(dbSession, UserTesting.newUserDto().setName(null).setEmail(null));
     userDao.setRoot(dbSession, rootDto.getLogin(), true);
     dbSession.commit();
@@ -110,7 +110,7 @@ public class SearchActionTest {
 
   @Test
   public void execute_returns_root_users_sorted_by_name() {
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
     userDao.insert(dbSession, UserTesting.newUserDto().setName("ddd"));
     UserDto root1 = userDao.insert(dbSession, UserTesting.newUserDto().setName("ccc"));
     userDao.setRoot(dbSession, root1.getLogin(), true);
@@ -124,7 +124,7 @@ public class SearchActionTest {
       .containsExactly("bbb", "ccc");
   }
 
-  private UserSessionRule makeAuthenticatedUserRoot() {
+  private UserSessionRule logInAsRoot() {
     return userSessionRule.logIn().setRoot();
   }
 

server/sonar-server/src/test/java/org/sonar/server/root/ws/SetRootActionTest.java

@@ -95,7 +95,7 @@ public class SetRootActionTest {
 
   @Test
   public void execute_fails_with_IAE_when_login_param_is_not_provided() {
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'login' parameter is missing");
@@ -109,7 +109,7 @@ public class SetRootActionTest {
     userDao.insert(dbSession, otherUser);
     userDao.insert(dbSession, UserTesting.newUserDto(SOME_LOGIN, "name", "email"));
     dbSession.commit();
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     executeRequest(SOME_LOGIN);
 
@@ -124,7 +124,7 @@ public class SetRootActionTest {
     userDao.insert(dbSession, UserTesting.newUserDto(SOME_LOGIN, "name", "email"));
     userDao.setRoot(dbSession, SOME_LOGIN, true);
     dbSession.commit();
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     executeRequest(SOME_LOGIN);
 
@@ -134,7 +134,7 @@ public class SetRootActionTest {
 
   @Test
   public void execute_fails_with_NotFoundException_when_user_for_specified_login_does_not_exist() {
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("User with login 'foo_bar' not found");
@@ -147,7 +147,7 @@ public class SetRootActionTest {
     UserDto userDto = UserTesting.newUserDto().setActive(false);
     userDao.insert(dbSession, userDto);
     dbSession.commit();
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("User with login '" + userDto.getLogin() + "' not found");
@@ -155,7 +155,7 @@ public class SetRootActionTest {
     executeRequest(userDto.getLogin());
   }
 
-  private void makeAuthenticatedUserRoot() {
+  private void logInAsRoot() {
     userSessionRule.logIn().setRoot();
   }
 

server/sonar-server/src/test/java/org/sonar/server/root/ws/UnsetRootActionTest.java

@@ -96,7 +96,7 @@ public class UnsetRootActionTest {
 
   @Test
   public void execute_fails_with_IAE_when_login_param_is_not_provided() {
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("The 'login' parameter is missing");
@@ -108,7 +108,7 @@ public class UnsetRootActionTest {
   public void execute_makes_user_with_specified_login_not_root_when_it_is() {
     UserDto otherUser = insertRootUser(newUserDto());
     insertRootUser(newUserDto(SOME_LOGIN, "name", "email"));
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     executeRequest(SOME_LOGIN);
 
@@ -120,7 +120,7 @@ public class UnsetRootActionTest {
   public void execute_has_no_effect_when_user_is_already_not_root() {
     UserDto otherUser = insertRootUser(newUserDto());
     insertNonRootUser(newUserDto(SOME_LOGIN, "name", "email"));
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     executeRequest(SOME_LOGIN);
 
@@ -132,7 +132,7 @@ public class UnsetRootActionTest {
   public void execute_fails_with_BadRequestException_when_attempting_to_unset_root_on_last_root_user() {
     insertRootUser(newUserDto(SOME_LOGIN, "name", "email"));
     insertNonRootUser(newUserDto());
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(BadRequestException.class);
     expectedException.expectMessage("Last root can't be unset");
@@ -144,7 +144,7 @@ public class UnsetRootActionTest {
   public void execute_fails_with_BadRequestException_when_attempting_to_unset_non_root_and_there_is_no_root_at_all() {
     UserDto userDto1 = newUserDto(SOME_LOGIN, "name", "email");
     insertNonRootUser(userDto1);
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(BadRequestException.class);
     expectedException.expectMessage("Last root can't be unset");
@@ -154,7 +154,7 @@ public class UnsetRootActionTest {
 
   @Test
   public void execute_fails_with_NotFoundException_when_user_for_specified_login_does_not_exist() {
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("User with login 'bar_foo' not found");
@@ -165,7 +165,7 @@ public class UnsetRootActionTest {
   @Test
   public void execute_fails_with_NotFoundException_when_user_for_specified_login_is_inactive() {
     UserDto userDto = insertRootUser(newUserDto().setActive(false));
-    makeAuthenticatedUserRoot();
+    logInAsRoot();
 
     expectedException.expect(NotFoundException.class);
     expectedException.expectMessage("User with login '" + userDto.getLogin() + "' not found");
@@ -186,7 +186,7 @@ public class UnsetRootActionTest {
     return dto;
   }
 
-  private void makeAuthenticatedUserRoot() {
+  private void logInAsRoot() {
     userSessionRule.logIn().setRoot();
   }
 

server/sonar-server/src/test/java/org/sonar/server/rule/ws/CreateActionMediumTest.java

@@ -46,7 +46,7 @@ public class CreateActionMediumTest {
   public static ServerTester tester = new ServerTester().withEsIndexes();
 
   @Rule
-  public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester).logIn().setRoot();
+  public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester).logIn().setSystemAdministrator();
 
   WsTester wsTester;
   RuleDao ruleDao;

server/sonar-server/src/test/java/org/sonar/server/serverid/ws/GenerateActionTest.java

@@ -68,7 +68,7 @@ public class GenerateActionTest {
 
   @Test
   public void persist_settings() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     when(generator.generate("SonarSource", "10.51.42.255")).thenReturn("server_id");
 
@@ -82,7 +82,7 @@ public class GenerateActionTest {
 
   @Test
   public void json_example() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     when(generator.generate("SonarSource", "127.0.0.1")).thenReturn("1818a1eefb26f9g");
 
@@ -96,7 +96,7 @@ public class GenerateActionTest {
 
   @Test
   public void log_message_when_id_generated() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
     when(generator.generate("SonarSource", "127.0.0.1")).thenReturn("server_id");
 
     call("SonarSource", "127.0.0.1");
@@ -117,8 +117,8 @@ public class GenerateActionTest {
   }
 
   @Test
-  public void throw_ForbiddenException_if_not_root() {
-    userSession.logIn().setNonRoot();
+  public void throw_ForbiddenException_if_not_system_administrator() {
+    userSession.logIn().setNonSystemAdministrator();
 
     expectedException.expect(ForbiddenException.class);
 
@@ -127,7 +127,7 @@ public class GenerateActionTest {
 
   @Test
   public void fail_if_no_organization() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -136,7 +136,7 @@ public class GenerateActionTest {
 
   @Test
   public void fail_if_empty_organization() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -145,7 +145,7 @@ public class GenerateActionTest {
 
   @Test
   public void fail_if_no_ip() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -154,7 +154,7 @@ public class GenerateActionTest {
 
   @Test
   public void fail_if_empty_ip() {
-    logInAsRoot();
+    logInAsSystemAdministrator();
 
     expectedException.expect(IllegalArgumentException.class);
 
@@ -189,7 +189,7 @@ public class GenerateActionTest {
     }
   }
 
-  private void logInAsRoot() {
-    userSession.logIn().setRoot();
+  private void logInAsSystemAdministrator() {
+    userSession.logIn().setSystemAdministrator();
   }
 }