SONAR-13936 Drop some Organization code related to Users/Groups/Permission

server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/DefaultAssignee.java

@@ -22,7 +22,6 @@ package org.sonar.ce.task.projectanalysis.issue;
 import javax.annotation.CheckForNull;
 import org.sonar.api.utils.log.Logger;
 import org.sonar.api.utils.log.Loggers;
-import org.sonar.ce.task.projectanalysis.analysis.AnalysisMetadataHolder;
 import org.sonar.ce.task.projectanalysis.component.ConfigurationRepository;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
@@ -41,15 +40,13 @@ public class DefaultAssignee {
 
   private final DbClient dbClient;
   private final ConfigurationRepository configRepository;
-  private final AnalysisMetadataHolder analysisMetadataHolder;
 
   private boolean loaded = false;
   private String userUuid = null;
 
-  public DefaultAssignee(DbClient dbClient, ConfigurationRepository configRepository, AnalysisMetadataHolder analysisMetadataHolder) {
+  public DefaultAssignee(DbClient dbClient, ConfigurationRepository configRepository) {
     this.dbClient = dbClient;
     this.configRepository = configRepository;
-    this.analysisMetadataHolder = analysisMetadataHolder;
   }
 
   @CheckForNull
@@ -72,15 +69,8 @@ public class DefaultAssignee {
         LOG.info("Property {} is set with an unknown login: {}", DEFAULT_ISSUE_ASSIGNEE, login);
         return null;
       }
-      if (!isUserMemberOfOrganization(dbSession, user)) {
-        LOG.info("Property {} is set with a user which is not member of the organization of the project : {}", DEFAULT_ISSUE_ASSIGNEE, login);
-        return null;
-      }
       return user.getUuid();
     }
   }
 
-  private boolean isUserMemberOfOrganization(DbSession dbSession, UserDto user) {
-    return dbClient.organizationMemberDao().select(dbSession, analysisMetadataHolder.getOrganization().getUuid(), user.getUuid()).isPresent();
-  }
 }

server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/ScmAccountToUserLoader.java

@@ -26,7 +26,6 @@ import java.util.List;
 import java.util.Map;
 import org.sonar.api.utils.log.Logger;
 import org.sonar.api.utils.log.Loggers;
-import org.sonar.ce.task.projectanalysis.analysis.AnalysisMetadataHolder;
 import org.sonar.ce.task.projectanalysis.util.cache.CacheLoader;
 import org.sonar.core.util.stream.MoreCollectors;
 import org.sonar.server.user.index.UserDoc;
@@ -40,16 +39,14 @@ public class ScmAccountToUserLoader implements CacheLoader<String, String> {
   private static final Logger LOGGER = Loggers.get(ScmAccountToUserLoader.class);
 
   private final UserIndex index;
-  private final AnalysisMetadataHolder analysisMetadataHolder;
 
-  public ScmAccountToUserLoader(UserIndex index, AnalysisMetadataHolder analysisMetadataHolder) {
+  public ScmAccountToUserLoader(UserIndex index) {
     this.index = index;
-    this.analysisMetadataHolder = analysisMetadataHolder;
   }
 
   @Override
   public String load(String scmAccount) {
-    List<UserDoc> users = index.getAtMostThreeActiveUsersForScmAccount(scmAccount, analysisMetadataHolder.getOrganization().getUuid());
+    List<UserDoc> users = index.getAtMostThreeActiveUsersForScmAccount(scmAccount);
     if (users.size() == 1) {
       return users.get(0).uuid();
     }

server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/DefaultAssigneeTest.java

@@ -24,39 +24,31 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.sonar.api.CoreProperties;
 import org.sonar.api.config.internal.MapSettings;
-import org.sonar.ce.task.projectanalysis.analysis.AnalysisMetadataHolderImpl;
-import org.sonar.ce.task.projectanalysis.analysis.Organization;
 import org.sonar.ce.task.projectanalysis.component.ConfigurationRepository;
 import org.sonar.ce.task.projectanalysis.component.TestSettingsRepository;
-import org.sonar.core.platform.PlatformEditionProvider;
 import org.sonar.db.DbTester;
 import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.UserDto;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
 
 public class DefaultAssigneeTest {
 
   public static final String PROJECT_KEY = "PROJECT_KEY";
   public static final String ORGANIZATION_UUID = "ORGANIZATION_UUID";
-  public static final String QUALITY_GATE_UUID = "QUALITY_GATE_UUID";
 
   @Rule
   public DbTester db = DbTester.create();
 
   private MapSettings settings = new MapSettings();
   private ConfigurationRepository settingsRepository = new TestSettingsRepository(settings.asConfig());
-  private AnalysisMetadataHolderImpl analysisMetadataHolder = new AnalysisMetadataHolderImpl(mock(PlatformEditionProvider.class));
   private OrganizationDto organizationDto;
 
-  private DefaultAssignee underTest = new DefaultAssignee(db.getDbClient(), settingsRepository, analysisMetadataHolder);
+  private DefaultAssignee underTest = new DefaultAssignee(db.getDbClient(), settingsRepository);
 
   @Before
-  public void setUp() throws Exception {
+  public void setUp() {
     organizationDto = db.organizations().insertForUuid(ORGANIZATION_UUID);
-    analysisMetadataHolder.setOrganization(Organization.from(
-      new OrganizationDto().setUuid(ORGANIZATION_UUID).setKey("Organization key").setName("Organization name").setDefaultQualityGateUuid(QUALITY_GATE_UUID)));
   }
 
   @Test
@@ -88,16 +80,6 @@ public class DefaultAssigneeTest {
     assertThat(underTest.loadDefaultAssigneeUuid()).isNull();
   }
 
-  @Test
-  public void configured_login_is_not_member_of_organization() {
-    settings.setProperty(CoreProperties.DEFAULT_ISSUE_ASSIGNEE, "erik");
-    OrganizationDto otherOrganization = db.organizations().insert();
-    UserDto userDto = db.users().insertUser("erik");
-    db.organizations().addMember(otherOrganization, userDto);
-
-    assertThat(underTest.loadDefaultAssigneeUuid()).isNull();
-  }
-
   @Test
   public void default_assignee_is_cached() {
     settings.setProperty(CoreProperties.DEFAULT_ISSUE_ASSIGNEE, "erik");

server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/ScmAccountToUserLoaderTest.java

@@ -24,10 +24,7 @@ import org.junit.Test;
 import org.sonar.api.utils.System2;
 import org.sonar.api.utils.log.LogTester;
 import org.sonar.api.utils.log.LoggerLevel;
-import org.sonar.ce.task.projectanalysis.analysis.AnalysisMetadataHolderRule;
-import org.sonar.ce.task.projectanalysis.analysis.Organization;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.es.EsTester;
 import org.sonar.server.user.index.UserIndex;
@@ -49,21 +46,15 @@ public class ScmAccountToUserLoaderTest {
   @Rule
   public LogTester logTester = new LogTester();
 
-  @Rule
-  public AnalysisMetadataHolderRule analysisMetadataHolder = new AnalysisMetadataHolderRule();
-
   private UserIndexer userIndexer = new UserIndexer(db.getDbClient(), es.client());
 
   @Test
   public void load_login_for_scm_account() {
     UserDto user = db.users().insertUser(u -> u.setScmAccounts(asList("charlie", "jesuis@charlie.com")));
-    OrganizationDto organization = db.organizations().insert(o -> o.setUuid(ORGANIZATION_UUID));
-    analysisMetadataHolder.setOrganization(Organization.from(organization));
-    db.organizations().addMember(organization, user);
     userIndexer.indexOnStartup(null);
 
     UserIndex index = new UserIndex(es.client(), System2.INSTANCE);
-    ScmAccountToUserLoader underTest = new ScmAccountToUserLoader(index, analysisMetadataHolder);
+    ScmAccountToUserLoader underTest = new ScmAccountToUserLoader(index);
 
     assertThat(underTest.load("missing")).isNull();
     assertThat(underTest.load("jesuis@charlie.com")).isEqualTo(user.getUuid());
@@ -71,15 +62,12 @@ public class ScmAccountToUserLoaderTest {
 
   @Test
   public void warn_if_multiple_users_share_the_same_scm_account() {
-    UserDto user1 = db.users().insertUser(u -> u.setLogin("charlie").setScmAccounts(asList("charlie", "jesuis@charlie.com")));
-    UserDto user2 = db.users().insertUser(u -> u.setLogin("another.charlie").setScmAccounts(asList("charlie")));
-    OrganizationDto organization = db.organizations().insert(o -> o.setUuid(ORGANIZATION_UUID));
-    analysisMetadataHolder.setOrganization(Organization.from(organization));
-    db.organizations().addMember(organization, user1, user2);
+    db.users().insertUser(u -> u.setLogin("charlie").setScmAccounts(asList("charlie", "jesuis@charlie.com")));
+    db.users().insertUser(u -> u.setLogin("another.charlie").setScmAccounts(asList("charlie")));
     userIndexer.indexOnStartup(null);
 
     UserIndex index = new UserIndex(es.client(), System2.INSTANCE);
-    ScmAccountToUserLoader underTest = new ScmAccountToUserLoader(index, analysisMetadataHolder);
+    ScmAccountToUserLoader underTest = new ScmAccountToUserLoader(index);
 
     assertThat(underTest.load("charlie")).isNull();
     assertThat(logTester.logs(LoggerLevel.WARN)).contains("Multiple users share the SCM account 'charlie': another.charlie, charlie");
@@ -88,7 +76,7 @@ public class ScmAccountToUserLoaderTest {
   @Test
   public void load_by_multiple_scm_accounts_is_not_supported_yet() {
     UserIndex index = new UserIndex(es.client(), System2.INSTANCE);
-    ScmAccountToUserLoader underTest = new ScmAccountToUserLoader(index, analysisMetadataHolder);
+    ScmAccountToUserLoader underTest = new ScmAccountToUserLoader(index);
     try {
       underTest.loadAll(emptyList());
       fail();

server/sonar-db-dao/src/main/java/org/sonar/db/organization/OrganizationHelper.java

@@ -37,11 +37,11 @@ public class OrganizationHelper {
 
   public List<OrganizationDto> selectOrganizationsWithLastAdmin(DbSession dbSession, String userUuid) {
     return dbClient.organizationDao().selectByPermission(dbSession, userUuid, ADMIN_PERMISSION).stream()
-      .filter(org -> isLastAdmin(dbSession, org, userUuid))
+      .filter(org -> isLastAdmin(dbSession, userUuid))
       .collect(Collectors.toList());
   }
 
-  private boolean isLastAdmin(DbSession dbSession, OrganizationDto org, String userUuid) {
-    return dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, org.getUuid(), ADMIN_PERMISSION, userUuid) == 0;
+  private boolean isLastAdmin(DbSession dbSession, String userUuid) {
+    return dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, ADMIN_PERMISSION, userUuid) == 0;
   }
 }

server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationDao.java

@@ -42,17 +42,17 @@ import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_
 public class AuthorizationDao implements Dao {
 
   /**
-  * Loads all the permissions granted to user for the specified organization
-  */
-  public Set<String> selectOrganizationPermissions(DbSession dbSession, String organizationUuid, String userUuid) {
-    return mapper(dbSession).selectOrganizationPermissions(organizationUuid, userUuid);
+   * Loads all the global permissions granted to user
+   */
+  public Set<String> selectGlobalPermissions(DbSession dbSession, String userUuid) {
+    return mapper(dbSession).selectGlobalPermissions(userUuid);
   }
 
   /**
    * Loads all the permissions granted to anonymous user for the specified organization
    */
-  public Set<String> selectOrganizationPermissionsOfAnonymous(DbSession dbSession, String organizationUuid) {
-    return mapper(dbSession).selectOrganizationPermissionsOfAnonymous(organizationUuid);
+  public Set<String> selectGlobalPermissionsOfAnonymous(DbSession dbSession) {
+    return mapper(dbSession).selectGlobalPermissionsOfAnonymous();
   }
 
   /**
@@ -81,59 +81,44 @@ public class AuthorizationDao implements Dao {
    * The number of users who will still have the permission if the group {@code excludedGroupUuid}
    * is deleted. The anyone virtual group is not taken into account.
    */
-  public int countUsersWithGlobalPermissionExcludingGroup(DbSession dbSession, String organizationUuid,
-    String permission, String excludedGroupUuid) {
-    return mapper(dbSession).countUsersWithGlobalPermissionExcludingGroup(organizationUuid, permission, excludedGroupUuid);
+  public int countUsersWithGlobalPermissionExcludingGroup(DbSession dbSession, String permission, String excludedGroupUuid) {
+    return mapper(dbSession).countUsersWithGlobalPermissionExcludingGroup(permission, excludedGroupUuid);
   }
 
   /**
    * The number of users who will still have the permission if the user {@code excludedUserId}
    * is deleted. The anyone virtual group is not taken into account.
    */
-  public int countUsersWithGlobalPermissionExcludingUser(DbSession dbSession, String organizationUuid,
-    String permission, String excludedUserUuid) {
-    return mapper(dbSession).countUsersWithGlobalPermissionExcludingUser(organizationUuid, permission, excludedUserUuid);
+  public int countUsersWithGlobalPermissionExcludingUser(DbSession dbSession, String permission, String excludedUserUuid) {
+    return mapper(dbSession).countUsersWithGlobalPermissionExcludingUser(permission, excludedUserUuid);
   }
 
   /**
    * The list of users who have the global permission.
    * The anyone virtual group is not taken into account.
    */
-  public List<String> selectUserUuidsWithGlobalPermission(DbSession dbSession, String organizationUuid, String permission) {
-    return mapper(dbSession).selectUserUuidsWithGlobalPermission(organizationUuid, permission);
+  public List<String> selectUserUuidsWithGlobalPermission(DbSession dbSession, String permission) {
+    return mapper(dbSession).selectUserUuidsWithGlobalPermission(permission);
   }
 
   /**
    * The number of users who will still have the permission if the user {@code userId}
    * is removed from group {@code groupUuid}. The anyone virtual group is not taken into account.
-   * Contrary to {@link #countUsersWithGlobalPermissionExcludingUser(DbSession, String, String, String)}, user
+   * Contrary to {@link #countUsersWithGlobalPermissionExcludingUser(DbSession, String, String)}, user
    * still exists and may have the permission directly or through other groups.
    */
-  public int countUsersWithGlobalPermissionExcludingGroupMember(DbSession dbSession, String organizationUuid,
-    String permission, String groupUuid, String userUuid) {
-    return mapper(dbSession).countUsersWithGlobalPermissionExcludingGroupMember(organizationUuid, permission, groupUuid, userUuid);
+  public int countUsersWithGlobalPermissionExcludingGroupMember(DbSession dbSession, String permission, String groupUuid, String userUuid) {
+    return mapper(dbSession).countUsersWithGlobalPermissionExcludingGroupMember(permission, groupUuid, userUuid);
   }
 
   /**
    * The number of users who will still have the permission if the permission {@code permission}
    * is removed from user {@code userId}. The anyone virtual group is not taken into account.
-   * Contrary to {@link #countUsersWithGlobalPermissionExcludingUser(DbSession, String, String, String)}, user
+   * Contrary to {@link #countUsersWithGlobalPermissionExcludingUser(DbSession, String, String)}, user
    * still exists and may have the permission through groups.
    */
-  public int countUsersWithGlobalPermissionExcludingUserPermission(DbSession dbSession, String organizationUuid,
-    String permission, String userUuid) {
-    return mapper(dbSession).countUsersWithGlobalPermissionExcludingUserPermission(organizationUuid, permission, userUuid);
-  }
-
-  /**
-   * The UUIDs of all the organizations in which the specified user has the specified global permission. An empty
-   * set is returned if user or permission do not exist. An empty set is also returned if the user is not involved
-   * in any organization.
-   * <br/>
-   * Group membership is taken into account. Anonymous privileges are ignored.
-   */
-  public Set<String> selectOrganizationUuidsOfUserWithGlobalPermission(DbSession dbSession, String userUuid, String permission) {
-    return mapper(dbSession).selectOrganizationUuidsOfUserWithGlobalPermission(userUuid, permission);
+  public int countUsersWithGlobalPermissionExcludingUserPermission(DbSession dbSession, String permission, String userUuid) {
+    return mapper(dbSession).countUsersWithGlobalPermissionExcludingUserPermission(permission, userUuid);
   }
 
   public Set<String> keepAuthorizedProjectUuids(DbSession dbSession, Collection<String> projectUuids, @Nullable String userUuid, String permission) {

server/sonar-db-dao/src/main/java/org/sonar/db/permission/AuthorizationMapper.java

@@ -30,25 +30,20 @@ import org.sonar.db.EmailSubscriberDto;
  */
 public interface AuthorizationMapper {
 
-  Set<String> selectOrganizationPermissions(@Param("organizationUuid") String organizationUuid, @Param("userUuid") String userUuid);
+  Set<String> selectGlobalPermissions(@Param("userUuid") String userUuid);
 
-  Set<String> selectOrganizationPermissionsOfAnonymous(@Param("organizationUuid") String organizationUuid);
+  Set<String> selectGlobalPermissionsOfAnonymous();
 
-  int countUsersWithGlobalPermissionExcludingGroup(@Param("organizationUuid") String organizationUuid,
-    @Param("permission") String permission, @Param("excludedGroupUuid") String excludedGroupUuid);
+  int countUsersWithGlobalPermissionExcludingGroup(@Param("permission") String permission, @Param("excludedGroupUuid") String excludedGroupUuid);
 
-  int countUsersWithGlobalPermissionExcludingUser(@Param("organizationUuid") String organizationUuid, @Param("permission") String permission,
+  int countUsersWithGlobalPermissionExcludingUser(@Param("permission") String permission,
     @Param("excludedUserUuid") String excludedUserUuid);
 
-  List<String> selectUserUuidsWithGlobalPermission(@Param("organizationUuid") String organizationUuid, @Param("permission") String permission);
+  List<String> selectUserUuidsWithGlobalPermission(@Param("permission") String permission);
 
-  int countUsersWithGlobalPermissionExcludingGroupMember(@Param("organizationUuid") String organizationUuid,
-    @Param("permission") String permission, @Param("groupUuid") String groupUuid, @Param("userUuid") String userUuid);
+  int countUsersWithGlobalPermissionExcludingGroupMember(@Param("permission") String permission, @Param("groupUuid") String groupUuid, @Param("userUuid") String userUuid);
 
-  int countUsersWithGlobalPermissionExcludingUserPermission(@Param("organizationUuid") String organizationUuid,
-    @Param("permission") String permission, @Param("userUuid") String userUuid);
-
-  Set<String> selectOrganizationUuidsOfUserWithGlobalPermission(@Param("userUuid") String userUuid, @Param("permission") String permission);
+  int countUsersWithGlobalPermissionExcludingUserPermission(@Param("permission") String permission, @Param("userUuid") String userUuid);
 
   List<String> keepAuthorizedUsersForRoleAndProject(@Param("role") String role, @Param("componentUuid") String componentUuid, @Param("userUuids") List<String> userUuids);
 

server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDao.java

@@ -29,10 +29,7 @@ import org.apache.ibatis.session.RowBounds;
 import org.sonar.api.security.DefaultGroups;
 import org.sonar.db.Dao;
 import org.sonar.db.DbSession;
-import org.sonar.db.component.ComponentMapper;
-import org.sonar.db.user.GroupMapper;
 
-import static com.google.common.base.Preconditions.checkArgument;
 import static org.sonar.db.DatabaseUtils.executeLargeInputs;
 import static org.sonar.db.DatabaseUtils.executeLargeInputsWithoutOutput;
 
@@ -61,16 +58,16 @@ public class GroupPermissionDao implements Dao {
    * Select global or project permission of given groups and organization. Anyone virtual group is supported
    * through the value "zero" (0L) in {@code groupUuids}.
    */
-  public List<GroupPermissionDto> selectByGroupUuids(DbSession dbSession, String organizationUuid, List<String> groupUuids, @Nullable String projectUuid) {
-    return executeLargeInputs(groupUuids, groups -> mapper(dbSession).selectByGroupUuids(organizationUuid, groups, projectUuid));
+  public List<GroupPermissionDto> selectByGroupUuids(DbSession dbSession, List<String> groupUuids, @Nullable String projectUuid) {
+    return executeLargeInputs(groupUuids, groups -> mapper(dbSession).selectByGroupUuids(groups, projectUuid));
   }
 
   /**
    * Select global and project permissions of a given group (Anyone group is NOT supported)
    * Each row returns a {@link GroupPermissionDto}
    */
-  public void selectAllPermissionsByGroupUuid(DbSession dbSession, String organizationUuid, String groupUuid, ResultHandler resultHandler) {
-    mapper(dbSession).selectAllPermissionsByGroupUuid(organizationUuid, groupUuid, resultHandler);
+  public void selectAllPermissionsByGroupUuid(DbSession dbSession, String groupUuid, ResultHandler resultHandler) {
+    mapper(dbSession).selectAllPermissionsByGroupUuid(groupUuid, resultHandler);
   }
 
   /**
@@ -92,16 +89,16 @@ public class GroupPermissionDao implements Dao {
    * Selects the global permissions granted to group. An empty list is returned if the
    * group does not exist.
    */
-  public List<String> selectGlobalPermissionsOfGroup(DbSession session, String organizationUuid, @Nullable String groupUuid) {
-    return mapper(session).selectGlobalPermissionsOfGroup(organizationUuid, groupUuid);
+  public List<String> selectGlobalPermissionsOfGroup(DbSession session, @Nullable String groupUuid) {
+    return mapper(session).selectGlobalPermissionsOfGroup(groupUuid);
   }
 
   /**
    * Selects the permissions granted to group and project. An empty list is returned if the
    * group or project do not exist.
    */
-  public List<String> selectProjectPermissionsOfGroup(DbSession session, String organizationUuid, @Nullable String groupUuid, String projectUuid) {
-    return mapper(session).selectProjectPermissionsOfGroup(organizationUuid, groupUuid, projectUuid);
+  public List<String> selectProjectPermissionsOfGroup(DbSession session, @Nullable String groupUuid, String projectUuid) {
+    return mapper(session).selectProjectPermissionsOfGroup(groupUuid, projectUuid);
   }
 
   /**
@@ -114,33 +111,9 @@ public class GroupPermissionDao implements Dao {
   }
 
   public void insert(DbSession dbSession, GroupPermissionDto dto) {
-    ensureComponentPermissionConsistency(dbSession, dto);
-    ensureGroupPermissionConsistency(dbSession, dto);
     mapper(dbSession).insert(dto);
   }
 
-  private static void ensureComponentPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
-    if (dto.getComponentUuid() == null) {
-      return;
-    }
-    ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
-    checkArgument(
-      componentMapper.countComponentByOrganizationAndUuid(dto.getOrganizationUuid(), dto.getComponentUuid()) == 1,
-      "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
-      dto.getRole(), dto.getComponentUuid(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
-  }
-
-  private static void ensureGroupPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
-    if (dto.getGroupUuid() == null) {
-      return;
-    }
-    GroupMapper groupMapper = dbSession.getMapper(GroupMapper.class);
-    checkArgument(
-      groupMapper.countGroupByOrganizationAndUuid(dto.getOrganizationUuid(), dto.getGroupUuid()) == 1,
-      "Can't insert permission '%s' for group with id '%s' in organization with uuid '%s' because this group does not belong to organization with uuid '%s'",
-      dto.getRole(), dto.getGroupUuid(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
-  }
-
   /**
    * Delete all the permissions associated to a root component (project)
    */
@@ -173,16 +146,11 @@ public class GroupPermissionDao implements Dao {
    * </ul>
    * @param dbSession
    * @param permission the kind of permission
-   * @param organizationUuid UUID of organization, even if parameter {@code groupUuid} is not null
    * @param groupUuid if null, then anyone, else uuid of group
    * @param rootComponentUuid if null, then global permission, otherwise the uuid of root component (project)
    */
-  public void delete(DbSession dbSession, String permission, String organizationUuid, @Nullable String groupUuid, @Nullable String rootComponentUuid) {
-    mapper(dbSession).delete(permission, organizationUuid, groupUuid, rootComponentUuid);
-  }
-
-  public void deleteByOrganization(DbSession dbSession, String organizationUuid) {
-    mapper(dbSession).deleteByOrganization(organizationUuid);
+  public void delete(DbSession dbSession, String permission, @Nullable String groupUuid, @Nullable String rootComponentUuid) {
+    mapper(dbSession).delete(permission, groupUuid, rootComponentUuid);
   }
 
   private static GroupPermissionMapper mapper(DbSession session) {

server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionDto.java

@@ -23,7 +23,6 @@ import javax.annotation.Nullable;
 
 public class GroupPermissionDto {
   private String uuid;
-  private String organizationUuid;
   private String groupUuid;
   private String componentUuid;
   private String role;
@@ -41,15 +40,6 @@ public class GroupPermissionDto {
     return groupUuid;
   }
 
-  public String getOrganizationUuid() {
-    return organizationUuid;
-  }
-
-  public GroupPermissionDto setOrganizationUuid(String s) {
-    this.organizationUuid = s;
-    return this;
-  }
-
   /**
    * Null when Anyone
    */

server/sonar-db-dao/src/main/java/org/sonar/db/permission/GroupPermissionMapper.java

@@ -33,24 +33,19 @@ public interface GroupPermissionMapper {
 
   int countGroupsByQuery(@Param("query") PermissionQuery query);
 
-  List<GroupPermissionDto> selectByGroupUuids(@Param("organizationUuid") String organizationUuid,
-    @Param("groupUuids") List<String> groupUuids, @Nullable @Param("projectUuid") String projectUuid);
+  List<GroupPermissionDto> selectByGroupUuids(@Param("groupUuids") List<String> groupUuids, @Nullable @Param("projectUuid") String projectUuid);
 
   void groupsCountByProjectUuidAndPermission(Map<String, Object> parameters, ResultHandler resultHandler);
 
   void insert(GroupPermissionDto dto);
 
-  void delete(@Param("permission") String permission, @Param("organizationUuid") String organizationUuid,
-    @Nullable @Param("groupUuid") String groupUuid, @Nullable @Param("rootComponentUuid") String rootComponentUuid);
+  void delete(@Param("permission") String permission, @Nullable @Param("groupUuid") String groupUuid, @Nullable @Param("rootComponentUuid") String rootComponentUuid);
 
-  List<String> selectGlobalPermissionsOfGroup(@Param("organizationUuid") String organizationUuid,
-    @Nullable @Param("groupUuid") String groupUuid);
+  List<String> selectGlobalPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid);
 
-  List<String> selectProjectPermissionsOfGroup(@Param("organizationUuid") String organizationUuid,
-    @Nullable @Param("groupUuid") String groupUuid, @Param("projectUuid") String projectUuid);
+  List<String> selectProjectPermissionsOfGroup(@Nullable @Param("groupUuid") String groupUuid, @Param("projectUuid") String projectUuid);
 
-  void selectAllPermissionsByGroupUuid(@Param("organizationUuid") String organizationUuid,
-    @Param("groupUuid") String groupUuid, ResultHandler resultHandler);
+  void selectAllPermissionsByGroupUuid(@Param("groupUuid") String groupUuid, ResultHandler resultHandler);
 
   /**
    * Lists uuid of groups with at least one permission on the specified root component but which do not have the specified
@@ -59,8 +54,6 @@ public interface GroupPermissionMapper {
    */
   Set<String> selectGroupUuidsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("role") String permission);
 
-  void deleteByOrganization(@Param("organizationUuid") String organizationUuid);
-
   void deleteByRootComponentUuid(@Param("rootComponentUuid") String rootComponentUuid);
 
   int deleteByRootComponentUuidAndGroupUuid(@Param("rootComponentUuid") String rootComponentUuid, @Nullable @Param("groupUuid") String groupUuid);

server/sonar-db-dao/src/main/java/org/sonar/db/permission/PermissionQuery.java

@@ -28,7 +28,6 @@ import org.sonar.db.component.ComponentDto;
 
 import static com.google.common.base.MoreObjects.firstNonNull;
 import static com.google.common.base.Preconditions.checkArgument;
-import static java.util.Objects.requireNonNull;
 import static org.apache.commons.lang.StringUtils.defaultIfBlank;
 import static org.sonar.api.utils.Paging.offset;
 import static org.sonar.db.DaoUtils.buildLikeValue;
@@ -43,8 +42,6 @@ public class PermissionQuery {
   public static final int DEFAULT_PAGE_SIZE = 20;
   public static final int DEFAULT_PAGE_INDEX = 1;
 
-  // filter: return only the users or groups that are members of the organization
-  private final String organizationUuid;
   // filter: return only the users or groups who have this permission
   private final String permission;
   // filter on project, else filter org permissions
@@ -63,7 +60,6 @@ public class PermissionQuery {
   private final int pageOffset;
 
   private PermissionQuery(Builder builder) {
-    this.organizationUuid = builder.organizationUuid;
     this.permission = builder.permission;
     this.withAtLeastOnePermission = builder.withAtLeastOnePermission;
     this.componentUuid = builder.componentUuid;
@@ -74,10 +70,6 @@ public class PermissionQuery {
     this.pageOffset = offset(builder.pageIndex, builder.pageSize);
   }
 
-  public String getOrganizationUuid() {
-    return organizationUuid;
-  }
-
   @CheckForNull
   public String getPermission() {
     return permission;
@@ -121,7 +113,6 @@ public class PermissionQuery {
 
   public static class Builder {
     private String permission;
-    private String organizationUuid;
     private String componentUuid;
     private String searchQuery;
     private boolean withAtLeastOnePermission;
@@ -148,11 +139,6 @@ public class PermissionQuery {
       return this;
     }
 
-    public Builder setOrganizationUuid(String organizationUuid) {
-      this.organizationUuid = organizationUuid;
-      return this;
-    }
-
     public Builder setSearchQuery(@Nullable String s) {
       this.searchQuery = defaultIfBlank(s, null);
       return this;
@@ -174,7 +160,6 @@ public class PermissionQuery {
     }
 
     public PermissionQuery build() {
-      requireNonNull(organizationUuid, "Organization UUID cannot be null");
       this.pageIndex = firstNonNull(pageIndex, DEFAULT_PAGE_INDEX);
       this.pageSize = firstNonNull(pageSize, DEFAULT_PAGE_SIZE);
       checkArgument(searchQuery == null || searchQuery.length() >= SEARCH_QUERY_MIN_LENGTH, "Search query should contains at least %s characters", SEARCH_QUERY_MIN_LENGTH);

server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDao.java

@@ -26,7 +26,6 @@ import org.sonar.core.util.stream.MoreCollectors;
 import org.sonar.db.Dao;
 import org.sonar.db.DatabaseUtils;
 import org.sonar.db.DbSession;
-import org.sonar.db.component.ComponentMapper;
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static java.util.Collections.emptyList;
@@ -85,8 +84,8 @@ public class UserPermissionDao implements Dao {
    *
    * @return the global permissions. An empty list is returned if user or organization do not exist.
    */
-  public List<String> selectGlobalPermissionsOfUser(DbSession dbSession, String userUuid, String organizationUuid) {
-    return mapper(dbSession).selectGlobalPermissionsOfUser(userUuid, organizationUuid);
+  public List<String> selectGlobalPermissionsOfUser(DbSession dbSession, String userUuid) {
+    return mapper(dbSession).selectGlobalPermissionsOfUser(userUuid);
   }
 
   /**
@@ -102,27 +101,15 @@ public class UserPermissionDao implements Dao {
     return mapper(session).selectUserUuidsWithPermissionOnProjectBut(projectUuid, permission);
   }
 
-  public void insert(DbSession dbSession, UserPermissionDto dto) {
-    ensureComponentPermissionConsistency(dbSession, dto);
-    mapper(dbSession).insert(dto);
-  }
-
-  private static void ensureComponentPermissionConsistency(DbSession dbSession, UserPermissionDto dto) {
-    if (dto.getComponentUuid() == null) {
-      return;
-    }
-    ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
-    checkArgument(
-      componentMapper.countComponentByOrganizationAndUuid(dto.getOrganizationUuid(), dto.getComponentUuid()) == 1,
-      "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
-      dto.getPermission(), dto.getComponentUuid(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+  public void insert(DbSession dbSession, UserPermissionDto dto, String defaultOrgUuid) {
+    mapper(dbSession).insert(dto, defaultOrgUuid);
   }
 
   /**
    * Removes a single global permission from user
    */
-  public void deleteGlobalPermission(DbSession dbSession, String userUuid, String permission, String organizationUuid) {
-    mapper(dbSession).deleteGlobalPermission(userUuid, permission, organizationUuid);
+  public void deleteGlobalPermission(DbSession dbSession, String userUuid, String permission) {
+    mapper(dbSession).deleteGlobalPermission(userUuid, permission);
   }
 
   /**
@@ -146,14 +133,6 @@ public class UserPermissionDao implements Dao {
     return mapper(dbSession).deleteProjectPermissionOfAnyUser(projectUuid, permission);
   }
 
-  public void deleteByOrganization(DbSession dbSession, String organizationUuid) {
-    mapper(dbSession).deleteByOrganization(organizationUuid);
-  }
-
-  public void deleteOrganizationMemberPermissions(DbSession dbSession, String organizationUuid, String userUuid) {
-    mapper(dbSession).deleteOrganizationMemberPermissions(organizationUuid, userUuid);
-  }
-
   public void deleteByUserUuid(DbSession dbSession, String userUuid) {
     mapper(dbSession).deleteByUserUuid(userUuid);
   }

server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionDto.java

@@ -24,7 +24,6 @@ import javax.annotation.Nullable;
 
 public class UserPermissionDto {
   private String uuid;
-  private String organizationUuid;
   private String permission;
   private String userUuid;
   private String componentUuid;
@@ -33,9 +32,8 @@ public class UserPermissionDto {
     // used by MyBatis
   }
 
-  public UserPermissionDto(String uuid, String organizationUuid, String permission, String userUuid, @Nullable String componentUuid) {
+  public UserPermissionDto(String uuid, String permission, String userUuid, @Nullable String componentUuid) {
     this.uuid = uuid;
-    this.organizationUuid = organizationUuid;
     this.permission = permission;
     this.userUuid = userUuid;
     this.componentUuid = componentUuid;
@@ -53,10 +51,6 @@ public class UserPermissionDto {
     return userUuid;
   }
 
-  public String getOrganizationUuid() {
-    return organizationUuid;
-  }
-
   /**
    * @return {@code null} if it's a global permission, otherwise return the project uiid.
    */
@@ -70,7 +64,6 @@ public class UserPermissionDto {
     StringBuilder sb = new StringBuilder("UserPermissionDto{");
     sb.append("permission='").append(permission).append('\'');
     sb.append(", userUuid=").append(userUuid);
-    sb.append(", organizationUuid=").append(organizationUuid);
     sb.append(", componentUuid=").append(componentUuid);
     sb.append('}');
     return sb.toString();

server/sonar-db-dao/src/main/java/org/sonar/db/permission/UserPermissionMapper.java

@@ -52,10 +52,9 @@ public interface UserPermissionMapper {
    */
   Set<String> selectUserUuidsWithPermissionOnProjectBut(@Param("projectUuid") String projectUuid, @Param("permission") String permission);
 
-  void insert(UserPermissionDto dto);
+  void insert(@Param("dto")UserPermissionDto dto, @Param("defaultOrgUuid") String defaultOrgUuid);
 
-  void deleteGlobalPermission(@Param("userUuid") String userUuid, @Param("permission") String permission,
-    @Param("organizationUuid") String organizationUuid);
+  void deleteGlobalPermission(@Param("userUuid") String userUuid, @Param("permission") String permission);
 
   void deleteProjectPermission(@Param("userUuid") String userUuid, @Param("permission") String permission,
     @Param("projectUuid") String projectUuid);
@@ -64,13 +63,9 @@ public interface UserPermissionMapper {
 
   int deleteProjectPermissionOfAnyUser(@Param("projectUuid") String projectUuid, @Param("permission") String permission);
 
-  List<String> selectGlobalPermissionsOfUser(@Param("userUuid") String userUuid, @Param("organizationUuid") String organizationUuid);
+  List<String> selectGlobalPermissionsOfUser(@Param("userUuid") String userUuid);
 
   List<String> selectProjectPermissionsOfUser(@Param("userUuid") String userUuid, @Param("projectUuid") String projectUuid);
 
-  void deleteByOrganization(@Param("organizationUuid") String organizationUuid);
-
-  void deleteOrganizationMemberPermissions(@Param("organizationUuid") String organizationUuid, @Param("userUuid") String userUuid);
-
   void deleteByUserUuid(@Param("userUuid") String userUuid);
 }

server/sonar-db-dao/src/main/java/org/sonar/db/permission/template/PermissionTemplateDao.java

@@ -76,8 +76,8 @@ public class PermissionTemplateDao implements Dao {
     return mapper(session).selectGroupNamesByQueryAndTemplate(templateUuid, query, new RowBounds(query.getPageOffset(), query.getPageSize()));
   }
 
-  public int countGroupNamesByQueryAndTemplate(DbSession session, PermissionQuery query, String organizationUuid, String templateUuid) {
-    return mapper(session).countGroupNamesByQueryAndTemplate(organizationUuid, query, templateUuid);
+  public int countGroupNamesByQueryAndTemplate(DbSession session, PermissionQuery query, String templateUuid) {
+    return mapper(session).countGroupNamesByQueryAndTemplate(query, templateUuid);
   }
 
   public List<PermissionTemplateGroupDto> selectGroupPermissionsByTemplateIdAndGroupNames(DbSession dbSession, String templateUuid, List<String> groups) {
@@ -100,9 +100,9 @@ public class PermissionTemplateDao implements Dao {
     return mapper(session).selectByUuid(templateUuid);
   }
 
-  public List<PermissionTemplateDto> selectAll(DbSession session, String organizationUuid, @Nullable String nameMatch) {
+  public List<PermissionTemplateDto> selectAll(DbSession session, @Nullable String nameMatch) {
     String upperCaseNameLikeSql = nameMatch != null ? toUppercaseSqlQuery(nameMatch) : null;
-    return mapper(session).selectAll(organizationUuid, upperCaseNameLikeSql);
+    return mapper(session).selectAll(upperCaseNameLikeSql);
   }
 
   private static String toUppercaseSqlQuery(String nameMatch) {
@@ -186,10 +186,6 @@ public class PermissionTemplateDao implements Dao {
     session.commit();
   }
 
-  public void deleteUserPermissionsByOrganization(DbSession dbSession, String organizationUuid, String userUuid) {
-    mapper(dbSession).deleteUserPermissionsByOrganization(organizationUuid, userUuid);
-  }
-
   public void deleteUserPermissionsByUserUuid(DbSession dbSession, String userUuid) {
     mapper(dbSession).deleteUserPermissionsByUserUuid(userUuid);
   }
@@ -218,8 +214,8 @@ public class PermissionTemplateDao implements Dao {
     session.commit();
   }
 
-  public PermissionTemplateDto selectByName(DbSession dbSession, String organizationUuid, String name) {
-    return mapper(dbSession).selectByName(organizationUuid, name.toUpperCase(Locale.ENGLISH));
+  public PermissionTemplateDto selectByName(DbSession dbSession, String name) {
+    return mapper(dbSession).selectByName(name.toUpperCase(Locale.ENGLISH));
   }
 
   public List<String> selectPotentialPermissionsByUserUuidAndTemplateUuid(DbSession dbSession, @Nullable String currentUserUuid, String templateUuid) {
@@ -240,16 +236,4 @@ public class PermissionTemplateDao implements Dao {
   private static PermissionTemplateMapper mapper(DbSession session) {
     return session.getMapper(PermissionTemplateMapper.class);
   }
-
-  public void deleteByOrganization(DbSession dbSession, String organizationUuid) {
-    PermissionTemplateMapper templateMapper = mapper(dbSession);
-    PermissionTemplateCharacteristicMapper templateCharacteristicMapper = dbSession.getMapper(PermissionTemplateCharacteristicMapper.class);
-    List<String> templateUuids = templateMapper.selectTemplateUuidsByOrganization(organizationUuid);
-    executeLargeInputsWithoutOutput(templateUuids, subList -> {
-      templateCharacteristicMapper.deleteByTemplateUuids(subList);
-      templateMapper.deleteGroupPermissionsByTemplateUuids(subList);
-      templateMapper.deleteUserPermissionsByTemplateUuids(subList);
-      templateMapper.deleteByUuids(subList);
-    });
-  }
 }

server/sonar-db-dao/src/main/java/org/sonar/db/permission/template/PermissionTemplateDto.java

@@ -24,24 +24,14 @@ import javax.annotation.CheckForNull;
 import javax.annotation.Nullable;
 
 public class PermissionTemplateDto {
-
-  private String name;
   private String organizationUuid;
+  private String name;
   private String uuid;
   private String description;
   private String keyPattern;
   private Date createdAt;
   private Date updatedAt;
 
-  public String getOrganizationUuid() {
-    return organizationUuid;
-  }
-
-  public PermissionTemplateDto setOrganizationUuid(String s) {
-    this.organizationUuid = s;
-    return this;
-  }
-
   public String getName() {
     return name;
   }
@@ -51,6 +41,11 @@ public class PermissionTemplateDto {
     return this;
   }
 
+  public PermissionTemplateDto setOrganizationUuid(String uuid) {
+    this.organizationUuid = uuid;
+    return this;
+  }
+
   /**
    * @since 5.2 the kee column is a proper uuid. Before that it was build on the name + timestamp
    */

server/sonar-db-dao/src/main/java/org/sonar/db/permission/template/PermissionTemplateMapper.java

@@ -44,8 +44,6 @@ public interface PermissionTemplateMapper {
 
   void deleteUserPermissionsByTemplateUuids(@Param("templateUuids") List<String> templateUuids);
 
-  void deleteUserPermissionsByOrganization(@Param("organizationUuid") String organizationUuid, @Param("userUuid") String userUuid);
-
   void deleteUserPermissionsByUserUuid(@Param("userUuid") String userUuid);
 
   void deleteUserPermission(PermissionTemplateUserDto permissionTemplateUser);
@@ -68,7 +66,7 @@ public interface PermissionTemplateMapper {
 
   void deleteByGroupUuid(String groupUuid);
 
-  PermissionTemplateDto selectByName(@Param("organizationUuid") String organizationUuid, @Param("name") String name);
+  PermissionTemplateDto selectByName(@Param("name") String name);
 
   List<String> selectUserLoginsByQueryAndTemplate(@Param("query") PermissionQuery query, @Param("templateUuid") String templateUuid, RowBounds rowBounds);
 
@@ -76,9 +74,9 @@ public interface PermissionTemplateMapper {
 
   List<String> selectGroupNamesByQueryAndTemplate(@Param("templateUuid") String templateUuid, @Param("query") PermissionQuery query, RowBounds rowBounds);
 
-  int countGroupNamesByQueryAndTemplate(@Param("organizationUuid") String organizationUuid, @Param("query") PermissionQuery query, @Param("templateUuid") String templateUuid);
+  int countGroupNamesByQueryAndTemplate(@Param("query") PermissionQuery query, @Param("templateUuid") String templateUuid);
 
-  List<PermissionTemplateDto> selectAll(@Param("organizationUuid") String organizationUuid, @Nullable @Param("upperCaseNameLikeSql") String upperCaseNameLikeSql);
+  List<PermissionTemplateDto> selectAll(@Nullable @Param("upperCaseNameLikeSql") String upperCaseNameLikeSql);
 
   void usersCountByTemplateUuidAndPermission(Map<String, Object> parameters, ResultHandler<CountByTemplateAndPermissionDto> resultHandler);
 
@@ -88,7 +86,7 @@ public interface PermissionTemplateMapper {
 
   int countGroupsWithPermission(@Param("templateUuid") String templateUuid, @Param("permission") String permission, @Nullable @Param("groupUuid") String groupUuid);
 
-  List<String> selectTemplateUuidsByOrganization(@Param("organizationUuid") String organizationUuid);
+  List<String> selectTemplateUuids();
 
   List<PermissionTemplateGroupDto> selectAllGroupPermissionTemplatesByGroupUuid(@Param("groupUuid") String groupUuid);
 

server/sonar-db-dao/src/main/java/org/sonar/db/user/GroupDao.java

@@ -46,16 +46,15 @@ public class GroupDao implements Dao {
 
   /**
    * @param dbSession
-   * @param organizationUuid non-null UUID of organization (no support of "default" organization)
    * @param name non-null group name
    * @return the group with the given organization key and name
    */
-  public Optional<GroupDto> selectByName(DbSession dbSession, String organizationUuid, String name) {
-    return Optional.ofNullable(mapper(dbSession).selectByName(organizationUuid, name));
+  public Optional<GroupDto> selectByName(DbSession dbSession, String name) {
+    return Optional.ofNullable(mapper(dbSession).selectByName(name));
   }
 
-  public List<GroupDto> selectByNames(DbSession dbSession, String organizationUuid, Collection<String> names) {
-    return executeLargeInputs(names, pageOfNames -> mapper(dbSession).selectByNames(organizationUuid, pageOfNames));
+  public List<GroupDto> selectByNames(DbSession dbSession, Collection<String> names) {
+    return executeLargeInputs(names, pageOfNames -> mapper(dbSession).selectByNames(pageOfNames));
   }
 
   @CheckForNull
@@ -71,16 +70,12 @@ public class GroupDao implements Dao {
     mapper(dbSession).deleteByUuid(groupUuid);
   }
 
-  public void deleteByOrganization(DbSession dbSession, String organizationUuid) {
-    mapper(dbSession).deleteByOrganization(organizationUuid);
+  public int countByQuery(DbSession session, @Nullable String query) {
+    return mapper(session).countByQuery(groupSearchToSql(query));
   }
 
-  public int countByQuery(DbSession session, String organizationUuid, @Nullable String query) {
-    return mapper(session).countByQuery(organizationUuid, groupSearchToSql(query));
-  }
-
-  public List<GroupDto> selectByQuery(DbSession session, String organizationUuid, @Nullable String query, int offset, int limit) {
-    return mapper(session).selectByQuery(organizationUuid, groupSearchToSql(query), new RowBounds(offset, limit));
+  public List<GroupDto> selectByQuery(DbSession session, @Nullable String query, int offset, int limit) {
+    return mapper(session).selectByQuery(groupSearchToSql(query), new RowBounds(offset, limit));
   }
 
   public GroupDto insert(DbSession session, GroupDto item) {
@@ -111,10 +106,6 @@ public class GroupDao implements Dao {
     return DaoUtils.buildLikeValue(upperCasedNameQuery, WildcardPosition.BEFORE_AND_AFTER);
   }
 
-  public List<GroupDto> selectByOrganizationUuid(DbSession dbSession, String organizationUuid) {
-    return mapper(dbSession).selectByOrganizationUuid(organizationUuid);
-  }
-
   private static GroupMapper mapper(DbSession session) {
     return session.getMapper(GroupMapper.class);
   }

server/sonar-db-dao/src/main/java/org/sonar/db/user/GroupDto.java

@@ -28,7 +28,6 @@ public class GroupDto {
   private String uuid;
   private String name;
   private String description;
-  private String organizationUuid;
   private Date createdAt;
   private Date updatedAt;
 
@@ -60,15 +59,6 @@ public class GroupDto {
     return this;
   }
 
-  public String getOrganizationUuid() {
-    return organizationUuid;
-  }
-
-  public GroupDto setOrganizationUuid(String s) {
-    this.organizationUuid = s;
-    return this;
-  }
-
   public GroupDto setCreatedAt(Date d) {
     this.createdAt = d;
     return this;
@@ -93,7 +83,6 @@ public class GroupDto {
     sb.append("id=").append(uuid);
     sb.append(", name='").append(name).append('\'');
     sb.append(", description='").append(description).append('\'');
-    sb.append(", organizationUuid='").append(organizationUuid).append('\'');
     sb.append(", createdAt=").append(createdAt);
     sb.append(", updatedAt=").append(updatedAt);
     sb.append('}');

server/sonar-db-dao/src/main/java/org/sonar/db/user/GroupMapper.java

@@ -32,31 +32,20 @@ public interface GroupMapper {
 
   List<GroupDto> selectByUserLogin(String userLogin);
 
-  List<GroupDto> selectByNames(@Param("organizationUuid") String organizationUuid, @Param("names") List<String> names);
+  List<GroupDto> selectByNames(@Param("names") List<String> names);
 
   void insert(GroupDto groupDto);
 
   void update(GroupDto item);
 
-  List<GroupDto> selectByQuery(@Param("organizationUuid") String organizationUuid, @Nullable @Param("query") String query, RowBounds rowBounds);
+  List<GroupDto> selectByQuery(@Nullable @Param("query") String query, RowBounds rowBounds);
 
-  int countByQuery(@Param("organizationUuid") String organizationUuid, @Nullable @Param("query") String query);
-
-  /**
-   * Counts the number of groups with the specified id belonging to the specified organization.
-   *
-   * @return 1 or 0. Either because the organization uuid is not the one of the group or because the group does not exist
-   */
-  int countGroupByOrganizationAndUuid(@Param("organizationUuid") String organizationUuid, @Param("groupUuid") String groupUuid);
+  int countByQuery(@Nullable @Param("query") String query);
 
   void deleteByUuid(String groupUuid);
 
-  void deleteByOrganization(@Param("organizationUuid") String organizationUuid);
-
   @CheckForNull
-  GroupDto selectByName(@Param("organizationUuid") String organizationUuid, @Param("name") String name);
-
-  List<GroupDto> selectByOrganizationUuid(@Param("organizationUuid") String organizationUuid);
+  GroupDto selectByName(@Param("name") String name);
 
   List<GroupDto> selectByUuids(@Param("uuids") List<String> uuids);
 }

server/sonar-db-dao/src/main/java/org/sonar/db/user/GroupMembershipDao.java

@@ -22,7 +22,6 @@ package org.sonar.db.user;
 import com.google.common.collect.ArrayListMultimap;
 import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.Multimap;
-import com.google.common.collect.Multiset;
 import java.util.Collection;
 import java.util.HashMap;
 import java.util.List;
@@ -36,22 +35,22 @@ import static org.sonar.db.DatabaseUtils.executeLargeInputs;
 public class GroupMembershipDao implements Dao {
 
   public List<GroupMembershipDto> selectGroups(DbSession session, GroupMembershipQuery query, String userUuid, int offset, int limit) {
-    Map<String, Object> params = ImmutableMap.of("query", query, "userUuid", userUuid, "organizationUuid", query.organizationUuid());
+    Map<String, Object> params = ImmutableMap.of("query", query, "userUuid", userUuid);
     return mapper(session).selectGroups(params, new RowBounds(offset, limit));
   }
 
   public int countGroups(DbSession session, GroupMembershipQuery query, String userUuid) {
-    Map<String, Object> params = ImmutableMap.of("query", query, "userUuid", userUuid, "organizationUuid", query.organizationUuid());
+    Map<String, Object> params = ImmutableMap.of("query", query, "userUuid", userUuid);
     return mapper(session).countGroups(params);
   }
 
   public List<UserMembershipDto> selectMembers(DbSession session, UserMembershipQuery query, int offset, int limit) {
-    Map<String, Object> params = ImmutableMap.of("query", query, "groupUuid", query.groupUuid(), "organizationUuid", query.organizationUuid());
+    Map<String, Object> params = ImmutableMap.of("query", query, "groupUuid", query.groupUuid());
     return mapper(session).selectMembers(params, new RowBounds(offset, limit));
   }
 
   public int countMembers(DbSession session, UserMembershipQuery query) {
-    Map<String, Object> params = ImmutableMap.of("query", query, "groupUuid", query.groupUuid(), "organizationUuid", query.organizationUuid());
+    Map<String, Object> params = ImmutableMap.of("query", query, "groupUuid", query.groupUuid());
     return mapper(session).countMembers(params);
   }
 
@@ -70,23 +69,17 @@ public class GroupMembershipDao implements Dao {
     return result;
   }
 
-  public List<String> selectGroupUuidsByUserUuid(DbSession dbSession, String userUuid) {
-    return mapper(dbSession).selectGroupUuidsByUserUuid(userUuid);
+  public Map<String, Integer> countGroupsByUsers(DbSession dbSession, List<String> logins) {
+    List<LoginGroupCount> loginGroupCount = mapper(dbSession).countGroupsByUsers(logins);
+    Map<String, Integer> map = new HashMap<>();
+    for (LoginGroupCount l : loginGroupCount) {
+      map.put(l.login(), l.groupCount());
+    }
+    return map;
   }
 
-  public Multiset<String> countGroupByLoginsAndOrganization(DbSession dbSession, Collection<String> logins, String organizationUuid) {
-    Multimap<String, String> result = ArrayListMultimap.create();
-    executeLargeInputs(
-      logins,
-      input -> {
-        List<LoginGroup> groupMemberships = mapper(dbSession).selectGroupsByLoginsAndOrganization(input, organizationUuid);
-        for (LoginGroup membership : groupMemberships) {
-          result.put(membership.login(), membership.groupName());
-        }
-        return groupMemberships;
-      });
-
-    return result.keys();
+  public List<String> selectGroupUuidsByUserUuid(DbSession dbSession, String userUuid) {
+    return mapper(dbSession).selectGroupUuidsByUserUuid(userUuid);
   }
 
   public Multimap<String, String> selectGroupsByLogins(DbSession session, Collection<String> logins) {

server/sonar-db-dao/src/main/java/org/sonar/db/user/GroupMembershipMapper.java

@@ -36,9 +36,9 @@ public interface GroupMembershipMapper {
 
   List<GroupUserCount> countUsersByGroup(@Param("groupUuids") List<String> groupUuids);
 
-  List<LoginGroup> selectGroupsByLogins(@Param("logins") List<String> logins);
+  List<LoginGroupCount> countGroupsByUsers(@Param("logins") List<String> logins);
 
-  List<LoginGroup> selectGroupsByLoginsAndOrganization(@Param("logins") List<String> logins, @Param("organizationUuid") String organizationUuid);
+  List<LoginGroup> selectGroupsByLogins(@Param("logins") List<String> logins);
 
   List<String> selectGroupUuidsByUserUuid(@Param("userUuid") String userUuid);
 }

server/sonar-db-dao/src/main/java/org/sonar/db/user/GroupMembershipQuery.java

@@ -27,7 +27,6 @@ import org.apache.commons.lang.StringUtils;
 
 import static com.google.common.base.MoreObjects.firstNonNull;
 import static com.google.common.base.Preconditions.checkArgument;
-import static com.google.common.base.Preconditions.checkNotNull;
 
 public class GroupMembershipQuery {
 
@@ -39,7 +38,6 @@ public class GroupMembershipQuery {
   public static final String OUT = "OUT";
   public static final Set<String> AVAILABLE_MEMBERSHIP = ImmutableSet.of(ANY, IN, OUT);
 
-  private final String organizationUuid;
   private final String membership;
 
   private final String groupSearch;
@@ -53,10 +51,9 @@ public class GroupMembershipQuery {
   // index of selected page. Start with 1.
   private final int pageIndex;
 
-  private GroupMembershipQuery(Builder builder, String organizationUuid) {
+  private GroupMembershipQuery(Builder builder) {
     this.membership = builder.membership;
     this.groupSearch = builder.groupSearch;
-    this.organizationUuid = organizationUuid;
     this.groupSearchSql = groupSearchToSql(groupSearch);
 
     this.pageSize = builder.pageSize;
@@ -73,10 +70,6 @@ public class GroupMembershipQuery {
     return sql;
   }
 
-  public String organizationUuid() {
-    return organizationUuid;
-  }
-
   @CheckForNull
   public String membership() {
     return membership;
@@ -103,7 +96,6 @@ public class GroupMembershipQuery {
   }
 
   public static class Builder {
-    private String organizationUuid;
     private String membership;
     private String groupSearch;
 
@@ -114,11 +106,6 @@ public class GroupMembershipQuery {
     private Builder() {
     }
 
-    public Builder organizationUuid(String organizationUuid) {
-      this.organizationUuid = organizationUuid;
-      return this;
-    }
-
     public Builder membership(@Nullable String membership) {
       this.membership = membership;
       return this;
@@ -155,11 +142,10 @@ public class GroupMembershipQuery {
     }
 
     public GroupMembershipQuery build() {
-      checkNotNull(organizationUuid, "Organization uuid cant be null");
       initMembership();
       initPageIndex();
       initPageSize();
-      return new GroupMembershipQuery(this, organizationUuid);
+      return new GroupMembershipQuery(this);
     }
   }
 }

server/sonar-webserver-webapi/src/test/java/org/sonar/server/organization/ws/OrganizationsWsTestSupport.java → server/sonar-db-dao/src/main/java/org/sonar/db/user/LoginGroupCount.java

@@ -17,19 +17,17 @@
  * along with this program; if not, write to the Free Software Foundation,
  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  */
-package org.sonar.server.organization.ws;
+package org.sonar.db.user;
 
-import javax.annotation.Nullable;
-import org.sonar.server.ws.TestRequest;
+public class LoginGroupCount {
+  private String login;
+  private int groupCount;
 
-public class OrganizationsWsTestSupport {
-
-  static final String STRING_65_CHARS_LONG = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyz1234567890-ab";
-  static final String STRING_257_CHARS_LONG = String.format("%1$257.257s", "a").replace(" ", "a");
+  public String login() {
+    return login;
+  }
 
-  static void setParam(TestRequest request, String param, @Nullable String value) {
-    if (value != null) {
-      request.setParam(param, value);
-    }
+  public int groupCount() {
+    return groupCount;
   }
 }

server/sonar-db-dao/src/main/java/org/sonar/db/user/UserGroupDao.java

@@ -37,10 +37,6 @@ public class UserGroupDao implements Dao {
     mapper(session).deleteByGroupUuid(groupUuid);
   }
 
-  public void deleteByOrganizationAndUser(DbSession dbSession, String organizationUuid, String userUuid) {
-    mapper(dbSession).deleteByOrganizationAndUser(organizationUuid, userUuid);
-  }
-
   public void deleteByUserUuid(DbSession dbSession, String userUuid) {
     mapper(dbSession).deleteByUserUuid(userUuid);
   }

server/sonar-db-dao/src/main/java/org/sonar/db/user/UserGroupMapper.java

@@ -29,7 +29,5 @@ public interface UserGroupMapper {
 
   void deleteByGroupUuid(@Param("groupUuid") String groupUuid);
 
-  void deleteByOrganizationAndUser(@Param("organizationUuid") String organizationUuid, @Param("userUuid") String userUuid);
-
   void deleteByUserUuid(@Param("userUuid") String userUuid);
 }

server/sonar-db-dao/src/main/java/org/sonar/db/user/UserMembershipQuery.java

@@ -43,7 +43,6 @@ public class UserMembershipQuery {
   public static final Set<String> AVAILABLE_MEMBERSHIPS = ImmutableSet.of(ANY, IN, OUT);
 
   private final String groupUuid;
-  private final String organizationUuid;
   private final String membership;
 
   private final String memberSearch;
@@ -60,7 +59,6 @@ public class UserMembershipQuery {
 
   private UserMembershipQuery(Builder builder) {
     this.groupUuid = builder.groupUuid;
-    this.organizationUuid = builder.organizationUuid;
     this.membership = builder.membership;
     this.memberSearch = builder.memberSearch;
     this.memberSearchSql = memberSearch == null ? null : buildLikeValue(memberSearch, BEFORE_AND_AFTER);
@@ -73,10 +71,6 @@ public class UserMembershipQuery {
     return groupUuid;
   }
 
-  public String organizationUuid() {
-    return organizationUuid;
-  }
-
   @CheckForNull
   public String membership() {
     return membership;
@@ -104,7 +98,6 @@ public class UserMembershipQuery {
 
   public static class Builder {
     private String groupUuid;
-    private String organizationUuid;
     private String membership;
     private String memberSearch;
 
@@ -119,11 +112,6 @@ public class UserMembershipQuery {
       return this;
     }
 
-    public Builder organizationUuid(String organizationUuid) {
-      this.organizationUuid = organizationUuid;
-      return this;
-    }
-
     public Builder membership(@Nullable String membership) {
       this.membership = membership;
       return this;
@@ -161,7 +149,6 @@ public class UserMembershipQuery {
 
     public UserMembershipQuery build() {
       requireNonNull(groupUuid, "Group ID cant be null.");
-      requireNonNull(organizationUuid, "Organization UUID cannot be null");
       initMembership();
       initPageIndex();
       initPageSize();

server/sonar-db-dao/src/main/resources/org/sonar/db/permission/AuthorizationMapper.xml

@@ -3,12 +3,11 @@
 
 <mapper namespace="org.sonar.db.permission.AuthorizationMapper">
 
-  <select id="selectOrganizationPermissions" parameterType="map" resultType="string">
+  <select id="selectGlobalPermissions" parameterType="map" resultType="string">
     select gr.role
     from group_roles gr
     inner join groups_users gu on gr.group_uuid=gu.group_uuid
     where
-    gr.organization_uuid=#{organizationUuid, jdbcType=VARCHAR} and
     gr.component_uuid is null and
     gu.user_uuid=#{userUuid, jdbcType=VARCHAR}
 
@@ -17,7 +16,6 @@
     select gr.role
     from group_roles gr
     where
-    gr.organization_uuid=#{organizationUuid, jdbcType=VARCHAR} and
     gr.group_uuid is null and
     gr.component_uuid is null
 
@@ -26,16 +24,14 @@
     select ur.role
     from user_roles ur
     where
-    ur.organization_uuid=#{organizationUuid, jdbcType=VARCHAR} and
     ur.user_uuid=#{userUuid, jdbcType=VARCHAR}
     and ur.component_uuid is null
   </select>
 
-  <select id="selectOrganizationPermissionsOfAnonymous" parameterType="map" resultType="string">
+    <select id="selectGlobalPermissionsOfAnonymous" parameterType="map" resultType="string">
     select gr.role
     from group_roles gr
     where
-    gr.organization_uuid=#{organizationUuid, jdbcType=VARCHAR} and
     gr.component_uuid is null and
     gr.group_uuid is null
   </select>
@@ -47,7 +43,6 @@
       from groups_users gu
       inner join group_roles gr on gr.group_uuid = gu.group_uuid
       where
-      gr.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
       gr.role = #{permission, jdbcType=VARCHAR} and
       gr.component_uuid is null and
       gr.group_uuid is not null and
@@ -58,7 +53,6 @@
       select ur.user_uuid
       from user_roles ur
       where
-      ur.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
       ur.component_uuid is null and
       ur.role = #{permission, jdbcType=VARCHAR}
     ) remaining
@@ -71,7 +65,6 @@
     from groups_users gu
     inner join group_roles gr on gr.group_uuid = gu.group_uuid
     where
-    gr.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     gr.role = #{permission, jdbcType=VARCHAR} and
     gr.component_uuid is null and
     gr.group_uuid is not null and
@@ -82,7 +75,6 @@
     select ur.user_uuid
     from user_roles ur
     where
-    ur.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     ur.component_uuid is null and
     ur.role = #{permission, jdbcType=VARCHAR} and
     ur.user_uuid != #{excludedUserUuid, jdbcType=VARCHAR}
@@ -94,7 +86,6 @@
     from groups_users gu
     inner join group_roles gr on gr.group_uuid = gu.group_uuid
     where
-    gr.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     gr.role = #{permission, jdbcType=VARCHAR} and
     gr.component_uuid is null and
     gr.group_uuid is not null
@@ -104,7 +95,6 @@
     select ur.user_uuid
     from user_roles ur
     where
-    ur.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     ur.component_uuid is null and
     ur.role = #{permission, jdbcType=VARCHAR}
   </select>
@@ -116,7 +106,6 @@
     from groups_users gu
     inner join group_roles gr on gr.group_uuid = gu.group_uuid
     where
-    gr.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     gr.role = #{permission, jdbcType=VARCHAR} and
     gr.component_uuid is null and
     gr.group_uuid is not null and
@@ -127,7 +116,6 @@
     select ur.user_uuid
     from user_roles ur
     where
-    ur.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     ur.component_uuid is null and
     ur.role = #{permission, jdbcType=VARCHAR}
     ) remaining
@@ -140,7 +128,6 @@
     from groups_users gu
     inner join group_roles gr on gr.group_uuid = gu.group_uuid
     where
-    gr.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     gr.role = #{permission, jdbcType=VARCHAR} and
     gr.component_uuid is null and
     gr.group_uuid is not null
@@ -150,33 +137,12 @@
     select ur.user_uuid
     from user_roles ur
     where
-    ur.organization_uuid = #{organizationUuid, jdbcType=VARCHAR} and
     ur.component_uuid is null and
     ur.role = #{permission, jdbcType=VARCHAR} and
     ur.user_uuid != #{userUuid, jdbcType=VARCHAR}
     ) remaining
   </select>
 
-  <select id="selectOrganizationUuidsOfUserWithGlobalPermission" parameterType="map" resultType="String">
-    select gr.organization_uuid
-    from group_roles gr
-    inner join groups_users gu on gr.group_uuid = gu.group_uuid
-    where
-    gr.role = #{permission, jdbcType=VARCHAR} and
-    gr.component_uuid is null and
-    gr.group_uuid is not null and
-    gu.user_uuid = #{userUuid, jdbcType=VARCHAR}
-
-    union
-
-    select ur.organization_uuid
-    from user_roles ur
-    where
-    ur.component_uuid is null and
-    ur.role = #{permission, jdbcType=VARCHAR} and
-    ur.user_uuid = #{userUuid, jdbcType=VARCHAR}
-  </select>
-
   <select id="keepAuthorizedProjectUuidsForUser" parameterType="map" resultType="String">
     select
       gr.component_uuid
@@ -308,7 +274,6 @@
     inner join components p on p.uuid = ur.component_uuid
     where
       p.uuid = #{projectUuid, jdbcType=VARCHAR} and
-      p.organization_uuid = ur.organization_uuid and
       ur.user_uuid = #{userUuid, jdbcType=VARCHAR}
 
     union
@@ -319,7 +284,6 @@
     inner join components p on p.uuid = gr.component_uuid
     where
       p.uuid = #{projectUuid, jdbcType=VARCHAR} and
-      p.organization_uuid = gr.organization_uuid and
       gu.user_uuid = #{userUuid, jdbcType=VARCHAR}
 
     union
@@ -340,7 +304,6 @@
       p.uuid = gr.component_uuid
     where
       p.uuid = #{projectUuid, jdbcType=VARCHAR}
-      and p.organization_uuid = gr.organization_uuid
       and gr.group_uuid is null
   </sql>
 
@@ -385,7 +348,7 @@
         exists (
           select 1
           from user_roles ur
-          inner join components p on p.uuid = ur.component_uuid and p.organization_uuid = ur.organization_uuid
+          inner join components p on p.uuid = ur.component_uuid
           where
             p.kee =  #{projectKey, jdbcType=VARCHAR}
             and ur.role = #{permission, jdbcType=VARCHAR}
@@ -393,7 +356,7 @@
         ) or exists (
           select 1
           from components p
-          inner join group_roles gr on gr.component_uuid = p.uuid and gr.organization_uuid = p.organization_uuid
+          inner join group_roles gr on gr.component_uuid = p.uuid
           inner join groups_users gu on gu.group_uuid = gr.group_uuid
           where
             p.kee  =  #{projectKey, jdbcType=VARCHAR}

server/sonar-db-dao/src/main/resources/org/sonar/db/permission/GroupPermissionMapper.xml

@@ -41,7 +41,7 @@
 
   <select id="selectGroupNamesByQuery" parameterType="map" resultType="string">
     select sub.name, lower(sub.name), sub.groupUuid
-    <include refid="groupsByQuery" />
+    <include refid="groupsByQuery"/>
     group by sub.name, lower(sub.name), sub.groupUuid
     order by case when (count(sub.permission) > 0) then 1 else 2 end asc, lower(sub.name), sub.name, sub.groupUuid
   </select>
@@ -50,7 +50,7 @@
     select count(1)
     from (
       select distinct sub.groupUuid
-      <include refid="groupsByQuery" />) g
+      <include refid="groupsByQuery"/>) g
   </select>
 
   <sql id="groupsByQuery">
@@ -64,8 +64,6 @@
       <if test="query.componentUuid != null">
         and gr.component_uuid = #{query.componentUuid,jdbcType=VARCHAR}
       </if>
-      where
-        g.organization_uuid = #{query.organizationUuid,jdbcType=VARCHAR}
 
     union all
 
@@ -79,8 +77,7 @@
         and gr.component_uuid = #{query.componentUuid,jdbcType=VARCHAR}
       </if>
       <if test="query.withAtLeastOnePermission()">
-        and gr.organization_uuid = #{query.organizationUuid,jdbcType=VARCHAR} and
-        gr.group_uuid is null
+        and gr.group_uuid is null
       </if>
     </where>
 
@@ -107,22 +104,20 @@
   </sql>
 
   <select id="selectByGroupUuids" parameterType="map" resultType="GroupPermission">
-    select sub.groupUuid as groupUuid, sub.componentUuid as componentUuid, sub.permission as role, sub.organizationUuid as organizationUuid
+    select sub.groupUuid as groupUuid, sub.componentUuid as componentUuid, sub.permission as role
     from
       (
-      select gr.group_uuid as groupUuid, gr.component_uuid as componentUuid, gr.role as permission, g.name as name, gr.organization_uuid as organizationUuid
+      select gr.group_uuid as groupUuid, gr.component_uuid as componentUuid, gr.role as permission, g.name as name
       from group_roles gr
       inner join groups g ON g.uuid = gr.group_uuid
-      where gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
-      gr.group_uuid is not null
+      where gr.group_uuid is not null
 
       union all
 
-      select 'Anyone' as groupUuid, gr.component_uuid as componentUuid, gr.role as permission, 'Anyone' as name, gr.organization_uuid as organizationUuid
+      select 'Anyone' as groupUuid, gr.component_uuid as componentUuid, gr.role as permission, 'Anyone' as name
       from group_roles gr
       where
-      gr.group_uuid is null and
-      gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
+      gr.group_uuid is null
       ) sub
     where
       sub.groupUuid in
@@ -141,7 +136,6 @@
     select gr.role
     from group_roles gr
     where
-    gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
     gr.component_uuid is null and
     <choose>
       <when test="groupUuid != null">
@@ -157,7 +151,6 @@
     select gr.role
     from group_roles gr
     where
-    gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
     gr.component_uuid = #{projectUuid,jdbcType=VARCHAR} and
     <choose>
       <when test="groupUuid != null">
@@ -170,10 +163,9 @@
   </select>
 
   <select id="selectAllPermissionsByGroupUuid" parameterType="map" resultType="GroupPermission">
-    select gr.group_uuid as groupUuid, gr.component_uuid as componentUuid, gr.role as role, gr.organization_uuid as organizationUuid
+    select gr.group_uuid as groupUuid, gr.component_uuid as componentUuid, gr.role as role
     from group_roles gr
-    where gr.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
-    and gr.group_uuid = #{groupUuid,jdbcType=VARCHAR}
+    where gr.group_uuid = #{groupUuid,jdbcType=VARCHAR}
   </select>
 
   <select id="selectGroupUuidsWithPermissionOnProjectBut" resultType="string">
@@ -198,14 +190,14 @@
 
   <insert id="insert" parameterType="GroupPermission">
     insert into group_roles (
-    uuid,
     organization_uuid,
+    uuid,
     group_uuid,
     component_uuid,
     role
     ) values (
+    'asd',
     #{uuid,jdbcType=VARCHAR},
-    #{organizationUuid,jdbcType=VARCHAR},
     #{groupUuid,jdbcType=VARCHAR},
     #{componentUuid,jdbcType=BIGINT},
     #{role,jdbcType=VARCHAR}
@@ -244,7 +236,6 @@
     delete from group_roles
     where
     role=#{permission,jdbcType=VARCHAR} and
-    organization_uuid=#{organizationUuid,jdbcType=VARCHAR} and
     <choose>
       <when test="rootComponentUuid != null">
         component_uuid=#{rootComponentUuid,jdbcType=BIGINT}
@@ -263,12 +254,4 @@
       </otherwise>
     </choose>
   </delete>
-
-  <delete id="deleteByOrganization" parameterType="String">
-    delete from
-      group_roles
-    where
-      organization_uuid=#{organizationUuid,jdbcType=VARCHAR}
-  </delete>
-
 </mapper>

server/sonar-db-dao/src/main/resources/org/sonar/db/permission/UserPermissionMapper.xml

@@ -6,22 +6,21 @@
   <select id="selectUserPermissionsByQueryAndUserUuids" parameterType="map" resultType="org.sonar.db.permission.UserPermissionDto">
     select
       u.uuid as userUuid,
-      ur.organization_uuid as organizationUuid,
       ur.component_uuid as componentUuid,
       ur.role as permission
-    <include refid="sqlQueryJoins" />
+    <include refid="sqlQueryJoins"/>
     <where>
       u.uuid in <foreach collection="userUuids" open="(" close=")" item="userUuid" separator=",">#{userUuid,jdbcType=VARCHAR}</foreach>
-      <include refid="sqlQueryFilters" />
+      <include refid="sqlQueryFilters"/>
     </where>
   </select>
 
   <select id="selectUserUuidsByQuery" parameterType="map" resultType="String">
     select
       u.uuid, lower(u.name)
-    <include refid="sqlQueryJoins" />
+    <include refid="sqlQueryJoins"/>
     <where>
-      <include refid="sqlQueryFilters" />
+      <include refid="sqlQueryFilters"/>
     </where>
     group by u.uuid, lower(u.name)
     order by case when (count(ur.role) > 0) then 1 else 2 end asc, lower(u.name) asc
@@ -31,7 +30,7 @@
     select
     u.uuid, lower(u.name)
     from users u
-    left join user_roles ur on ur.user_uuid = u.uuid and ur.organization_uuid=#{query.organizationUuid,jdbcType=VARCHAR}
+    left join user_roles ur on ur.user_uuid = u.uuid
     <choose>
       <when test="query.componentUuid == null">
         and ur.component_uuid is null
@@ -41,9 +40,8 @@
       </otherwise>
     </choose>
     left join components p on ur.component_uuid = p.uuid
-    inner join organization_members om on u.uuid=om.user_uuid and om.organization_uuid=#{query.organizationUuid,jdbcType=VARCHAR}
     <where>
-      <include refid="sqlQueryFilters" />
+      <include refid="sqlQueryFilters"/>
     </where>
     group by u.uuid, lower(u.name)
     order by case when (count(distinct ur.role) > 0) then 1 else 2 end asc, lower(u.name) asc
@@ -51,9 +49,9 @@
 
   <select id="countUsersByQuery" parameterType="map" resultType="int">
     select count(distinct(u.uuid))
-    <include refid="sqlQueryJoins" />
+    <include refid="sqlQueryJoins"/>
     <where>
-      <include refid="sqlQueryFilters" />
+      <include refid="sqlQueryFilters"/>
     </where>
   </select>
 
@@ -61,7 +59,6 @@
     from users u
     left join user_roles ur on ur.user_uuid = u.uuid
     left join components p on ur.component_uuid = p.uuid
-    inner join organization_members om on u.uuid=om.user_uuid and om.organization_uuid=#{query.organizationUuid,jdbcType=VARCHAR}
   </sql>
 
   <sql id="sqlQueryFilters">
@@ -74,7 +71,6 @@
     </if>
     <!-- filter rows with user permissions -->
     <if test="query.withAtLeastOnePermission()">
-      and ur.organization_uuid = om.organization_uuid
       and ur.role is not null
       <if test="query.componentUuid==null">
         and ur.component_uuid is null
@@ -92,7 +88,6 @@
     select ur.role
     from user_roles ur
     where
-    ur.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
     ur.user_uuid = #{userUuid,jdbcType=VARCHAR} and
     ur.component_uuid is null
   </select>
@@ -137,17 +132,17 @@
 
   <insert id="insert" parameterType="org.sonar.db.permission.UserPermissionDto" useGeneratedKeys="false">
     insert into user_roles (
-    uuid,
     organization_uuid,
+    uuid,
     user_uuid,
     component_uuid,
     role
     ) values (
-    #{uuid,jdbcType=VARCHAR},
-    #{organizationUuid,jdbcType=VARCHAR},
-    #{userUuid,jdbcType=VARCHAR},
-    #{componentUuid,jdbcType=VARCHAR},
-    #{permission,jdbcType=VARCHAR}
+    #{defaultOrgUuid,jdbcType=VARCHAR},
+    #{dto.uuid,jdbcType=VARCHAR},
+    #{dto.userUuid,jdbcType=VARCHAR},
+    #{dto.componentUuid,jdbcType=VARCHAR},
+    #{dto.permission,jdbcType=VARCHAR}
     )
   </insert>
 
@@ -156,7 +151,6 @@
     where
     role = #{permission,jdbcType=VARCHAR} and
     user_uuid = #{userUuid,jdbcType=VARCHAR} and
-    organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
     component_uuid is null
   </delete>
 
@@ -182,21 +176,6 @@
       and role = #{permission,jdbcType=VARCHAR}
   </delete>
 
-  <delete id="deleteByOrganization" parameterType="String">
-    delete from
-      user_roles
-    where
-      organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
-  </delete>
-
-  <delete id="deleteOrganizationMemberPermissions" parameterType="map">
-    delete from
-      user_roles
-    where
-      organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
-      user_uuid = #{userUuid,jdbcType=VARCHAR}
-  </delete>
-
   <delete id="deleteByUserUuid" parameterType="String">
     DELETE FROM user_roles WHERE user_uuid=#{userUuid,jdbcType=VARCHAR}
   </delete>

server/sonar-db-dao/src/main/resources/org/sonar/db/permission/template/PermissionTemplateMapper.xml

@@ -58,13 +58,6 @@
     AND permission_reference = #{permission}
   </delete>
 
-  <delete id="deleteUserPermissionsByOrganization" parameterType="map">
-    delete from perm_templates_users
-    where
-    user_uuid = #{userUuid,jdbcType=VARCHAR}
-    and template_uuid in (select uuid from permission_templates where organization_uuid=#{organizationUuid,jdbcType=VARCHAR})
-  </delete>
-
   <delete id="deleteUserPermissionsByUserUuid" parameterType="String">
     delete from perm_templates_users
     where
@@ -140,10 +133,7 @@
 
   <sql id="userLoginsByQueryAndTemplate">
     FROM users u
-    LEFT JOIN perm_templates_users ptu ON ptu.user_uuid=u.uuid
-      AND ptu.template_uuid=#{templateUuid}
-    INNER JOIN organization_members om ON u.uuid=om.user_uuid
-      AND om.organization_uuid=#{query.organizationUuid}
+    LEFT JOIN perm_templates_users ptu ON ptu.user_uuid=u.uuid AND ptu.template_uuid=#{templateUuid}
     <where>
       u.active = ${_true}
       <if test="query.getSearchQueryToSql() != null">
@@ -160,7 +150,7 @@
 
   <select id="selectGroupNamesByQueryAndTemplate" parameterType="map" resultType="string">
     select groups.name, lower(groups.name), groups.group_uuid
-    <include refid="groupNamesByQueryAndTemplate" />
+    <include refid="groupNamesByQueryAndTemplate"/>
     group by groups.name, lower(groups.name), groups.group_uuid
     order by case when (count(groups.permission) > 0) then 1 else 2 end asc, lower(groups.name), groups.name, groups.group_uuid
   </select>
@@ -169,7 +159,7 @@
     SELECT COUNT(1)
     FROM (
       SELECT DISTINCT group_uuid
-      <include refid="groupNamesByQueryAndTemplate" />) g
+      <include refid="groupNamesByQueryAndTemplate"/>) g
   </select>
 
   <sql id="groupNamesByQueryAndTemplate">
@@ -183,8 +173,6 @@
     LEFT JOIN perm_templates_groups ptg ON
         ptg.group_uuid=g.uuid
       AND ptg.template_uuid=#{templateUuid}
-    where
-      g.organization_uuid=#{query.organizationUuid,jdbcType=VARCHAR}
     UNION ALL
     SELECT
       'Anyone' AS group_uuid,
@@ -194,12 +182,11 @@
     FROM groups g
     LEFT JOIN perm_templates_groups ptg ON
       ptg.template_uuid=#{templateUuid}
+          <if test="query.withAtLeastOnePermission()">
     <where>
-      g.organization_uuid=#{query.organizationUuid,jdbcType=VARCHAR}
-      <if test="query.withAtLeastOnePermission()">
-        AND ptg.group_uuid IS NULL
-      </if>
+      ptg.group_uuid IS NULL
     </where>
+          </if>
     ) groups
     <where>
       <if test="query.searchQueryToSql != null">
@@ -216,7 +203,7 @@
   </sql>
 
   <sql id="templateColumns">
-    organization_uuid as organizationUuid, name, uuid, description, key_pattern AS keyPattern, created_at AS createdAt, updated_at AS updatedAt
+    name, uuid, description, key_pattern AS keyPattern, created_at AS createdAt, updated_at AS updatedAt
   </sql>
 
   <select id="selectByUuid" parameterType="String" resultType="PermissionTemplate">
@@ -230,10 +217,8 @@
     select
     <include refid="templateColumns"/>
     from permission_templates
-    where
-    organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
     <if test="upperCaseNameLikeSql != null">
-        and upper(name) like #{upperCaseNameLikeSql} escape '/'
+        where upper(name) like #{upperCaseNameLikeSql} escape '/'
     </if>
     order by upper(name), name
   </select>
@@ -243,7 +228,6 @@
     <include refid="templateColumns"/>
     from permission_templates
     where
-    organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
     upper(name) = #{name,jdbcType=VARCHAR}
   </select>
 
@@ -404,13 +388,11 @@
     </if>
   </select>
 
-  <select id="selectTemplateUuidsByOrganization" resultType="String">
+  <select id="selectTemplateUuidsn" resultType="String">
     select
       uuid
     from
       permission_templates
-    where
-      organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
   </select>
 
   <select id="selectAllGroupPermissionTemplatesByGroupUuid" parameterType="string" resultType="PermissionTemplateGroup">

server/sonar-db-dao/src/main/resources/org/sonar/db/user/GroupMapper.xml

@@ -8,7 +8,6 @@
     g.uuid as uuid,
     g.name as name,
     g.description as description,
-    g.organization_uuid as organizationUuid,
     g.created_at as "createdAt",
     g.updated_at as "updatedAt"
   </sql>
@@ -17,7 +16,7 @@
     select
     <include refid="groupColumns"/>
     from groups g
-    where g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and g.name = #{name,jdbcType=VARCHAR}
+    where g.name = #{name,jdbcType=VARCHAR}
   </select>
 
   <select id="selectByUuids" parameterType="String" resultType="Group">
@@ -46,13 +45,6 @@
     </where>
   </delete>
 
-  <delete id="deleteByOrganization" parameterType="String">
-    delete from
-      groups
-    where
-      organization_uuid=#{organizationUuid,jdbcType=VARCHAR}
-  </delete>
-
   <select id="selectByUserLogin" parameterType="string" resultType="Group">
     select
     <include refid="groupColumns"/>
@@ -67,7 +59,6 @@
     <include refid="groupColumns"/>
     from groups g
     where
-      g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR} and
       g.name in
       <foreach item="name" index="index" collection="names" open="(" separator="," close=")">
         #{name,jdbcType=VARCHAR}
@@ -84,7 +75,7 @@
     updated_at
     ) values (
     #{uuid,jdbcType=VARCHAR},
-    #{organizationUuid,jdbcType=VARCHAR},
+    'asd',
     #{name,jdbcType=VARCHAR},
     #{description,jdbcType=VARCHAR},
     #{createdAt,jdbcType=TIMESTAMP},
@@ -104,10 +95,8 @@
     select
     <include refid="groupColumns"/>
     from groups g
-    where
-    organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
     <if test="query!=null">
-      and upper(g.name) like #{query,jdbcType=VARCHAR} escape '/'
+      where upper(g.name) like #{query,jdbcType=VARCHAR} escape '/'
     </if>
     order by upper(g.name)
   </select>
@@ -115,28 +104,8 @@
   <select id="countByQuery" parameterType="map" resultType="int">
     select count(1)
     from groups g
-    where
-    organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
     <if test="query!=null">
-      and upper(g.name) like #{query,jdbcType=VARCHAR} escape '/'
+          where upper(g.name) like #{query,jdbcType=VARCHAR} escape '/'
     </if>
   </select>
-
-  <select id="countGroupByOrganizationAndUuid" parameterType="map" resultType="int">
-    select
-      count(1)
-    from groups g
-    where
-      g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
-      and g.uuid = #{groupUuid,jdbcType=VARCHAR}
-  </select>
-
-  <select id="selectByOrganizationUuid" parameterType="map" resultType="Group">
-    select
-    <include refid="groupColumns"/>
-    from groups g
-    where g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
-    order by upper(g.name)
-  </select>
-
 </mapper>

server/sonar-db-dao/src/main/resources/org/sonar/db/user/GroupMembershipMapper.xml

@@ -7,7 +7,6 @@
     FROM groups g
     LEFT JOIN groups_users gu ON gu.group_uuid=g.uuid AND gu.user_uuid=#{userUuid}
     <where>
-      AND g.organization_uuid=#{organizationUuid}
       <choose>
         <when test="query.membership() == 'IN'">
           AND gu.user_uuid IS NOT NULL
@@ -46,7 +45,7 @@
     GROUP BY g.name
   </select>
 
-  <select id="selectGroupsByLogins" parameterType="string" resultType="org.sonar.db.user.LoginGroup">
+    <select id="selectGroupsByLogins" parameterType="string" resultType="org.sonar.db.user.LoginGroup">
     SELECT u.login as login, g.name as groupName
     FROM users u
     LEFT JOIN groups_users gu ON gu.user_uuid=u.uuid
@@ -60,25 +59,22 @@
     ORDER BY u.login, g.name, g.created_at
   </select>
 
-  <select id="selectGroupsByLoginsAndOrganization" parameterType="map" resultType="org.sonar.db.user.LoginGroup">
-    SELECT u.login as login, g.name as groupName
+    <select id="countGroupsByLogins" parameterType="string" resultType="org.sonar.db.user.LoginGroupCount">
+    SELECT u.login as login, count(gu.group_uuid) as groupCount
     FROM users u
     LEFT JOIN groups_users gu ON gu.user_uuid=u.uuid
-    INNER JOIN groups g ON gu.group_uuid=g.uuid
     <where>
       u.login in
       <foreach collection="logins" open="(" close=")" item="login" separator=",">
         #{login}
       </foreach>
-      and g.organization_uuid=#{organizationUuid,jdbcType=VARCHAR}
     </where>
-    ORDER BY u.login, g.name, g.created_at
+      group by g.uuid
   </select>
 
   <sql id="userCommonClauses">
     FROM users u
     LEFT JOIN groups_users gu ON gu.user_uuid=u.uuid AND gu.group_uuid=#{groupUuid}
-    INNER JOIN organization_members om ON u.uuid=om.user_uuid AND om.organization_uuid=#{organizationUuid}
     <where>
       <choose>
         <when test="query.membership() == 'IN'">
@@ -114,4 +110,6 @@
     from groups_users
     where user_uuid = #{userUuid}
   </select>
+
+
 </mapper>

server/sonar-db-dao/src/main/resources/org/sonar/db/user/UserGroupMapper.xml

@@ -24,12 +24,6 @@
     where group_uuid = #{groupUuid,jdbcType=VARCHAR}
   </delete>
 
-  <delete id="deleteByOrganizationAndUser" parameterType="map">
-    delete from groups_users
-    where user_uuid = #{userUuid,jdbcType=VARCHAR} and
-    group_uuid in (select uuid from groups where organization_uuid=#{organizationUuid,jdbcType=VARCHAR})
-  </delete>
-
   <delete id="deleteByUserUuid" parameterType="String">
     DELETE FROM groups_users WHERE user_uuid=#{userUuid,jdbcType=VARCHAR}
   </delete>

server/sonar-db-dao/src/test/java/org/sonar/db/organization/OrganizationHelperTest.java

@@ -1,141 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2020 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.db.organization;
-
-import com.tngtech.java.junit.dataprovider.DataProvider;
-import com.tngtech.java.junit.dataprovider.DataProviderRunner;
-import com.tngtech.java.junit.dataprovider.UseDataProvider;
-import java.util.List;
-import java.util.Random;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.junit.runner.RunWith;
-import org.sonar.api.utils.System2;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDto;
-
-import static java.util.Arrays.asList;
-import static java.util.Collections.emptyList;
-import static java.util.Collections.singletonList;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
-import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
-
-@RunWith(DataProviderRunner.class)
-public class OrganizationHelperTest {
-
-  private static final Random RANDOM = new Random();
-
-  @Rule
-  public DbTester db = DbTester.create(mock(System2.class)).setDisableDefaultOrganization(true);
-  public DbSession dbSession = db.getSession();
-
-  @Rule
-  public ExpectedException expectedException = ExpectedException.none();
-
-  private final OrganizationHelper underTest = new OrganizationHelper(db.getDbClient());
-
-  @Test
-  public void returns_empty_list_when_user_is_not_admin_of_any_orgs() {
-    UserDto user1 = db.users().insertUser();
-
-    OrganizationDto org1 = db.organizations().insert();
-    GroupDto group1 = db.users().insertGroup(org1);
-    db.users().insertMember(group1, user1);
-
-    assertThat(underTest.selectOrganizationsWithLastAdmin(dbSession, user1.getUuid())).isEmpty();
-  }
-
-  @Test
-  public void returns_orgs_where_user_is_last_admin() {
-    UserDto user1 = db.users().insertUser();
-    UserDto user2 = db.users().insertUser();
-
-    OrganizationDto org1 = db.organizations().insert();
-    OrganizationDto org2 = db.organizations().insert();
-
-    setAsDirectOrIndirectAdmin(user1, org1);
-    setAsDirectOrIndirectAdmin(user2, org1);
-    setAsDirectOrIndirectAdmin(user1, org2);
-
-    assertThat(underTest.selectOrganizationsWithLastAdmin(dbSession, user1.getUuid()))
-      .extracting(OrganizationDto::getKey)
-      .containsExactly(org2.getKey());
-  }
-
-  @Test
-  @UseDataProvider("adminUserCombinationsAndExpectedOrgKeys")
-  public void returns_correct_orgs_for_interesting_combinations_of_last_admin_or_not(
-    boolean user2IsAdminOfOrg1, boolean user1IsAdminOfOrg2, boolean user2IsAdminOfOrg2, List<String> expectedOrgKeys) {
-    UserDto user1 = db.users().insertUser();
-    UserDto user2 = db.users().insertUser();
-
-    OrganizationDto org1 = db.organizations().insert(o -> o.setKey("org1"));
-    OrganizationDto org2 = db.organizations().insert(o -> o.setKey("org2"));
-
-    setAsDirectOrIndirectAdmin(user1, org1);
-    if (user2IsAdminOfOrg1) {
-      setAsDirectOrIndirectAdmin(user2, org1);
-    }
-    if (user1IsAdminOfOrg2) {
-      setAsDirectOrIndirectAdmin(user1, org2);
-    }
-    if (user2IsAdminOfOrg2) {
-      setAsDirectOrIndirectAdmin(user2, org2);
-    }
-
-    assertThat(underTest.selectOrganizationsWithLastAdmin(dbSession, user1.getUuid()))
-      .extracting(OrganizationDto::getKey)
-      .containsExactlyInAnyOrderElementsOf(expectedOrgKeys);
-  }
-
-  @DataProvider
-  public static Object[][] adminUserCombinationsAndExpectedOrgKeys() {
-    return new Object[][] {
-      // note: user1 is always admin of org1
-      // param 1: user2 is admin of org1
-      // param 2: user1 is admin of org2
-      // param 3: user2 is admin of org2
-      // param 4: list of orgs preventing user1 to delete
-      {true, true, true, emptyList()},
-      {true, true, false, singletonList("org2")},
-      {true, false, true, emptyList()},
-      {true, false, false, emptyList()},
-      {false, true, true, singletonList("org1")},
-      {false, true, false, asList("org1", "org2")},
-      {false, false, true, singletonList("org1")},
-      {false, false, false, singletonList("org1")},
-    };
-  }
-
-  private void setAsDirectOrIndirectAdmin(UserDto user, OrganizationDto organization) {
-    boolean useDirectAdmin = RANDOM.nextBoolean();
-    if (useDirectAdmin) {
-      db.users().insertPermissionOnUser(organization, user, ADMINISTER);
-    } else {
-      GroupDto group = db.users().insertGroup(organization);
-      db.users().insertPermissionOnGroup(group, ADMINISTER);
-      db.users().insertMember(group, user);
-    }
-  }
-}

server/sonar-db-dao/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java

@@ -39,21 +39,16 @@ import org.sonar.db.DbTester;
 import org.sonar.db.EmailSubscriberDto;
 import org.sonar.db.component.BranchType;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 
 import static com.google.common.collect.Sets.newHashSet;
 import static java.util.Collections.singleton;
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
 import static org.sonar.core.permission.GlobalPermissions.QUALITY_PROFILE_ADMIN;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
-import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_GATES;
 import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
 import static org.sonar.db.permission.OrganizationPermission.PROVISION_PROJECTS;
-import static org.sonar.db.permission.OrganizationPermission.SCAN;
 
 public class AuthorizationDaoTest {
 
@@ -69,7 +64,6 @@ public class AuthorizationDaoTest {
   private final Random random = new Random();
   private DbSession dbSession = db.getSession();
   private AuthorizationDao underTest = new AuthorizationDao();
-  private OrganizationDto organization;
   private UserDto user;
   private GroupDto group1;
   private GroupDto group2;
@@ -80,18 +74,17 @@ public class AuthorizationDaoTest {
 
   @Before
   public void setUp() {
-    organization = db.organizations().insert();
     user = db.users().insertUser();
-    group1 = db.users().insertGroup(organization, "group1");
-    group2 = db.users().insertGroup(organization, "group2");
+    group1 = db.users().insertGroup("group1");
+    group2 = db.users().insertGroup("group2");
     randomExistingUserUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5)))
       .mapToObj(i -> db.users().insertUser().getUuid())
       .collect(MoreCollectors.toSet());
     randomPublicProjectUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5)))
-      .mapToObj(i -> db.components().insertPublicProject(organization).uuid())
+      .mapToObj(i -> db.components().insertPublicProject().uuid())
       .collect(MoreCollectors.toSet());
     randomPrivateProjectUuids = IntStream.range(0, 1 + Math.abs(random.nextInt(5)))
-      .mapToObj(i -> db.components().insertPrivateProject(organization).uuid())
+      .mapToObj(i -> db.components().insertPrivateProject().uuid())
       .collect(MoreCollectors.toSet());
   }
 
@@ -103,38 +96,21 @@ public class AuthorizationDaoTest {
    */
   @Test
   public void selectOrganizationPermissions_for_logged_in_user() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     db.users().insertMember(group1, user);
-    db.users().insertPermissionOnUser(organization, user, "perm1");
+    db.users().insertPermissionOnUser(user, "perm1");
     db.users().insertProjectPermissionOnUser(user, "perm42", project);
     db.users().insertPermissionOnGroup(group1, "perm2");
-    db.users().insertPermissionOnAnyone(organization, "perm3");
+    db.users().insertPermissionOnAnyone("perm3");
 
     // ignored permissions, user is not member of this group
     db.users().insertPermissionOnGroup(group2, "ignored");
 
-    Set<String> permissions = underTest.selectOrganizationPermissions(dbSession, organization.getUuid(), user.getUuid());
+    Set<String> permissions = underTest.selectGlobalPermissions(dbSession, user.getUuid());
 
     assertThat(permissions).containsOnly("perm1", "perm2", "perm3");
   }
 
-  /**
-   * Anonymous user only benefits from the permissions granted to
-   * "Anyone"
-   */
-  @Test
-  public void selectOrganizationPermissions_for_anonymous_user() {
-    db.users().insertPermissionOnAnyone(organization, "perm1");
-
-    // ignored permissions
-    db.users().insertPermissionOnUser(organization, user, "ignored");
-    db.users().insertPermissionOnGroup(group1, "ignored");
-
-    Set<String> permissions = underTest.selectOrganizationPermissionsOfAnonymous(dbSession, organization.getUuid());
-
-    assertThat(permissions).containsOnly("perm1");
-  }
-
   @Test
   public void countUsersWithGlobalPermissionExcludingGroup() {
     // users with global permission "perm1" :
@@ -148,46 +124,41 @@ public class AuthorizationDaoTest {
     UserDto user4 = db.users().insertUser();
     UserDto user5 = db.users().insertUser();
 
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto group1 = db.users().insertGroup(organization, "g1");
+    GroupDto group1 = db.users().insertGroup("g1");
     db.users().insertPermissionOnGroup(group1, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertMember(group1, user1);
     db.users().insertMember(group1, user2);
 
-    GroupDto group2 = db.users().insertGroup(organization, "g2");
+    GroupDto group2 = db.users().insertGroup("g2");
     db.users().insertPermissionOnGroup(group2, "perm1");
     db.users().insertPermissionOnGroup(group2, "perm2");
     db.users().insertMember(group2, user1);
     db.users().insertMember(group2, user3);
 
     // group3 has the permission "perm1" but has no users
-    GroupDto group3 = db.users().insertGroup(organization, "g2");
+    GroupDto group3 = db.users().insertGroup("g2");
     db.users().insertPermissionOnGroup(group3, "perm1");
 
-    db.users().insertPermissionOnUser(organization, user4, "perm1");
-    db.users().insertPermissionOnUser(organization, user4, "perm2");
-    db.users().insertPermissionOnAnyone(organization, "perm1");
-
-    // other organizations are ignored
-    OrganizationDto org2 = db.organizations().insert();
-    db.users().insertPermissionOnUser(org2, user1, "perm1");
+    db.users().insertPermissionOnUser(user4, "perm1");
+    db.users().insertPermissionOnUser(user4, "perm2");
+    db.users().insertPermissionOnAnyone("perm1");
 
     // excluding group "g1" -> remain u1, u3 and u4
     assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(),
-      organization.getUuid(), "perm1", group1.getUuid())).isEqualTo(3);
+      "perm1", group1.getUuid())).isEqualTo(3);
 
     // excluding group "g2" -> remain u1, u2 and u4
     assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(),
-      organization.getUuid(), "perm1", group2.getUuid())).isEqualTo(3);
+      "perm1", group2.getUuid())).isEqualTo(3);
 
     // excluding group "g3" -> remain u1, u2, u3 and u4
     assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(),
-      organization.getUuid(), "perm1", group3.getUuid())).isEqualTo(4);
+      "perm1", group3.getUuid())).isEqualTo(4);
 
     // nobody has the permission
     assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(),
-      organization.getUuid(), "missingPermission", group1.getUuid())).isEqualTo(0);
+      "missingPermission", group1.getUuid())).isEqualTo(0);
   }
 
   @Test
@@ -198,34 +169,29 @@ public class AuthorizationDaoTest {
     UserDto user2 = db.users().insertUser();
     UserDto user3 = db.users().insertUser();
 
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto group1 = db.users().insertGroup(organization, "g1");
+    GroupDto group1 = db.users().insertGroup("g1");
     db.users().insertPermissionOnGroup(group1, "p1");
     db.users().insertPermissionOnGroup(group1, "p2");
     db.users().insertMember(group1, user1);
     db.users().insertMember(group1, user2);
-    db.users().insertPermissionOnUser(organization, user3, "p1");
-    db.users().insertPermissionOnAnyone(organization, "p1");
-
-    // other organizations are ignored
-    OrganizationDto org2 = db.organizations().insert();
-    db.users().insertPermissionOnUser(org2, user1, "p1");
+    db.users().insertPermissionOnUser(user3, "p1");
+    db.users().insertPermissionOnAnyone("p1");
 
     // excluding user1 -> remain user2 and user3
     assertThat(underTest.countUsersWithGlobalPermissionExcludingUser(db.getSession(),
-      organization.getUuid(), "p1", user1.getUuid())).isEqualTo(2);
+      "p1", user1.getUuid())).isEqualTo(2);
 
     // excluding user3 -> remain the members of group g1
     assertThat(underTest.countUsersWithGlobalPermissionExcludingUser(db.getSession(),
-      organization.getUuid(), "p1", user3.getUuid())).isEqualTo(2);
+      "p1", user3.getUuid())).isEqualTo(2);
 
     // excluding unknown user
     assertThat(underTest.countUsersWithGlobalPermissionExcludingUser(db.getSession(),
-      organization.getUuid(), "p1", "-1")).isEqualTo(3);
+      "p1", "-1")).isEqualTo(3);
 
     // nobody has the permission
     assertThat(underTest.countUsersWithGlobalPermissionExcludingUser(db.getSession(),
-      organization.getUuid(), "missingPermission", user1.getUuid())).isEqualTo(0);
+      "missingPermission", user1.getUuid())).isEqualTo(0);
   }
 
   @Test
@@ -236,18 +202,17 @@ public class AuthorizationDaoTest {
     UserDto user2 = db.users().insertUser();
     UserDto user3 = db.users().insertUser();
 
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto group1 = db.users().insertGroup(organization);
+    GroupDto group1 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(group1, ADMINISTER);
     db.users().insertPermissionOnGroup(group1, PROVISION_PROJECTS);
     db.users().insertMember(group1, user1);
     db.users().insertMember(group1, user2);
-    db.users().insertPermissionOnUser(organization, user3, ADMINISTER);
-    db.users().insertPermissionOnAnyone(organization, ADMINISTER);
+    db.users().insertPermissionOnUser(user3, ADMINISTER);
+    db.users().insertPermissionOnAnyone(ADMINISTER);
 
-    assertThat(underTest.selectUserUuidsWithGlobalPermission(db.getSession(), organization.getUuid(), ADMINISTER.getKey()))
+    assertThat(underTest.selectUserUuidsWithGlobalPermission(db.getSession(), ADMINISTER.getKey()))
       .containsExactlyInAnyOrder(user1.getUuid(), user2.getUuid(), user3.getUuid());
-    assertThat(underTest.selectUserUuidsWithGlobalPermission(db.getSession(), organization.getUuid(), PROVISION_PROJECTS.getKey()))
+    assertThat(underTest.selectUserUuidsWithGlobalPermission(db.getSession(), PROVISION_PROJECTS.getKey()))
       .containsExactlyInAnyOrder(user1.getUuid(), user2.getUuid());
   }
 
@@ -321,8 +286,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_public_project_if_user_is_granted_project_permission_directly() {
-    ComponentDto project = db.components().insertPublicProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnUser(user, randomPermission, project);
 
@@ -338,8 +303,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_public_project_if_user_is_granted_project_permission_by_group() {
-    ComponentDto project = db.components().insertPublicProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertMember(group1, user);
     db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
@@ -356,8 +321,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_public_project_if_group_AnyOne_is_granted_project_permission_directly() {
-    ComponentDto project = db.components().insertPublicProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnAnyone(randomPermission, project);
 
     assertThat(underTest.keepAuthorizedProjectUuids(dbSession, singleton(project.uuid()), null, randomPermission))
@@ -416,8 +381,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_private_project_if_user_is_granted_project_permission_directly() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    ComponentDto otherProject = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
+    ComponentDto otherProject = db.components().insertPrivateProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnUser(user, randomPermission, project);
 
@@ -433,8 +398,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_private_project_if_user_is_granted_project_permission_by_group() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    ComponentDto otherProject = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
+    ComponentDto otherProject = db.components().insertPrivateProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertMember(group1, user);
     db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
@@ -451,11 +416,11 @@ public class AuthorizationDaoTest {
 
   @Test
   public void user_should_be_authorized() {
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    ComponentDto project3 = db.components().insertPrivateProject(organization);
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    ComponentDto project3 = db.components().insertPrivateProject();
     UserDto user = db.users().insertUser("u1");
-    GroupDto group = db.users().insertGroup(organization);
+    GroupDto group = db.users().insertGroup();
     db.users().insertProjectPermissionOnUser(user, UserRole.USER, project2);
     db.users().insertProjectPermissionOnUser(user, UserRole.USER, project3);
     db.users().insertMember(group, user);
@@ -474,11 +439,11 @@ public class AuthorizationDaoTest {
 
   @Test
   public void group_should_be_authorized() {
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    ComponentDto project3 = db.components().insertPrivateProject(organization);
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    ComponentDto project3 = db.components().insertPrivateProject();
     UserDto user1 = db.users().insertUser("u1");
-    GroupDto group = db.users().insertGroup(organization);
+    GroupDto group = db.users().insertGroup();
     db.users().insertMembers(group, user1);
     db.users().insertProjectPermissionOnUser(user1, UserRole.USER, project1);
     db.users().insertProjectPermissionOnGroup(group, UserRole.USER, project2);
@@ -494,10 +459,10 @@ public class AuthorizationDaoTest {
 
   @Test
   public void anonymous_should_be_authorized() {
-    ComponentDto project1 = db.components().insertPublicProject(organization);
-    ComponentDto project2 = db.components().insertPublicProject(organization);
+    ComponentDto project1 = db.components().insertPublicProject();
+    ComponentDto project2 = db.components().insertPublicProject();
     UserDto user1 = db.users().insertUser("u1");
-    GroupDto group = db.users().insertGroup(organization);
+    GroupDto group = db.users().insertGroup();
     db.users().insertMembers(group, user1);
 
     assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet(project1.uuid(), project2.uuid()), null, UserRole.USER))
@@ -510,7 +475,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_should_be_able_to_handle_lots_of_projects() {
-    List<ComponentDto> projects = IntStream.range(0, 2000).mapToObj(i -> db.components().insertPublicProject(organization)).collect(Collectors.toList());
+    List<ComponentDto> projects = IntStream.range(0, 2000).mapToObj(i -> db.components().insertPublicProject()).collect(Collectors.toList());
 
     Collection<String> uuids = projects.stream().map(ComponentDto::uuid).collect(Collectors.toSet());
     assertThat(underTest.keepAuthorizedProjectUuids(dbSession, uuids, null, UserRole.USER))
@@ -519,8 +484,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_empty_if_user_set_is_empty_on_public_project() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
 
     assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, Collections.emptySet(), UserRole.USER, project.uuid()))
       .isEmpty();
@@ -528,7 +492,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_non_existent_users() {
-    ComponentDto project = random.nextBoolean() ? db.components().insertPublicProject(organization) : db.components().insertPrivateProject(organization);
+    ComponentDto project = random.nextBoolean() ? db.components().insertPublicProject() : db.components().insertPrivateProject();
     Set<String> randomNonExistingUserUuidsSet = IntStream.range(0, 1 + Math.abs(random.nextInt(5)))
       .mapToObj(i -> Uuids.createFast())
       .collect(MoreCollectors.toSet());
@@ -539,7 +503,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_any_users_for_public_project_without_any_permission_in_DB_and_permission_USER() {
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
 
     assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.USER, project.uuid()))
       .containsAll(randomExistingUserUuids);
@@ -547,7 +511,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_any_users_for_public_project_without_any_permission_in_DB_and_permission_CODEVIEWER() {
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
 
     assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.CODEVIEWER, project.uuid()))
       .containsAll(randomExistingUserUuids);
@@ -555,7 +519,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_users_on_public_project_without_any_permission_in_DB() {
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
 
     assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, randomPermission, project.uuid()))
       .isEmpty();
@@ -563,8 +527,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_directly_on_public_project() {
-    ComponentDto project = db.components().insertPublicProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnUser(user, randomPermission, project);
 
@@ -580,8 +544,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_by_group_on_public_project() {
-    ComponentDto project = db.components().insertPublicProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertMember(group1, user);
     db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
@@ -598,8 +562,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_does_not_return_user_if_granted_project_permission_by_AnyOne_on_public_project() {
-    ComponentDto project = db.components().insertPublicProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnAnyone(randomPermission, project);
 
@@ -615,7 +579,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_user_on_private_project_without_any_permission_in_DB_and_permission_USER() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
 
     assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.USER, project.uuid()))
       .isEmpty();
@@ -623,7 +587,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_user_on_private_project_without_any_permission_in_DB_and_permission_CODEVIEWER() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
 
     assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, randomExistingUserUuids, UserRole.CODEVIEWER, project.uuid()))
       .isEmpty();
@@ -631,7 +595,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_empty_for_any_users_and_any_permission_on_private_project_without_any_permission_in_DB() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
 
     PermissionsTestHelper.ALL_PERMISSIONS
       .forEach(perm -> {
@@ -644,8 +608,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_directly_on_private_project() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertProjectPermissionOnUser(user, randomPermission, project);
 
@@ -661,8 +625,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedUsersForRoleAndProject_returns_user_if_granted_project_permission_by_group_on_private_project() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    ComponentDto otherProject = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
+    ComponentDto otherProject = db.components().insertPublicProject();
     UserDto otherUser = db.users().insertUser();
     db.users().insertMember(group1, user);
     db.users().insertProjectPermissionOnGroup(group1, randomPermission, project);
@@ -679,14 +643,14 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keep_authorized_users_returns_empty_list_for_role_and_project_for_anonymous() {
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    ComponentDto project3 = db.components().insertPrivateProject(organization);
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    ComponentDto project3 = db.components().insertPrivateProject();
     UserDto user1 = db.users().insertUser("u1");
     UserDto user2 = db.users().insertUser("u2");
     UserDto user3 = db.users().insertUser("u3");
-    GroupDto group1 = db.users().insertGroup(organization);
-    GroupDto group2 = db.users().insertGroup(organization);
+    GroupDto group1 = db.users().insertGroup();
+    GroupDto group2 = db.users().insertGroup();
     db.users().insertMembers(group1, user1, user2);
     db.users().insertMembers(group2, user3);
     db.users().insertProjectPermissionOnUser(user1, UserRole.USER, project1);
@@ -711,7 +675,7 @@ public class AuthorizationDaoTest {
   public void countUsersWithGlobalPermissionExcludingGroupMember() {
     // u1 has the direct permission, u2 and u3 have the permission through their group
     UserDto u1 = db.users().insertUser();
-    db.users().insertPermissionOnUser(organization, u1, A_PERMISSION);
+    db.users().insertPermissionOnUser(u1, A_PERMISSION);
     db.users().insertPermissionOnGroup(group1, A_PERMISSION);
     db.users().insertPermissionOnGroup(group1, "another-permission");
     UserDto u2 = db.users().insertUser();
@@ -720,21 +684,17 @@ public class AuthorizationDaoTest {
     db.users().insertMember(group1, u3);
 
     // excluding u2 membership --> remain u1 and u3
-    int count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, organization.getUuid(), A_PERMISSION, group1.getUuid(), u2.getUuid());
+    int count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, A_PERMISSION, group1.getUuid(), u2.getUuid());
     assertThat(count).isEqualTo(2);
 
     // excluding unknown memberships
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, organization.getUuid(), A_PERMISSION, group1.getUuid(), MISSING_UUID);
+    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, A_PERMISSION, group1.getUuid(), MISSING_UUID);
     assertThat(count).isEqualTo(3);
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, organization.getUuid(), A_PERMISSION, MISSING_UUID, u2.getUuid());
+    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, A_PERMISSION, MISSING_UUID, u2.getUuid());
     assertThat(count).isEqualTo(3);
 
-    // another organization
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION, group1.getUuid(), u2.getUuid());
-    assertThat(count).isEqualTo(0);
-
     // another permission
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, organization.getUuid(), DOES_NOT_EXIST, group1.getUuid(), u2.getUuid());
+    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, group1.getUuid(), u2.getUuid());
     assertThat(count).isEqualTo(0);
   }
 
@@ -742,98 +702,29 @@ public class AuthorizationDaoTest {
   public void countUsersWithGlobalPermissionExcludingUserPermission() {
     // u1 and u2 have the direct permission, u3 has the permission through his group
     UserDto u1 = db.users().insertUser();
-    db.users().insertPermissionOnUser(organization, u1, A_PERMISSION);
+    db.users().insertPermissionOnUser(u1, A_PERMISSION);
     UserDto u2 = db.users().insertUser();
-    db.users().insertPermissionOnUser(organization, u2, A_PERMISSION);
+    db.users().insertPermissionOnUser(u2, A_PERMISSION);
     db.users().insertPermissionOnGroup(group1, A_PERMISSION);
     UserDto u3 = db.users().insertUser();
     db.users().insertMember(group1, u3);
 
     // excluding u2 permission --> remain u1 and u3
-    int count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, organization.getUuid(), A_PERMISSION, u2.getUuid());
+    int count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, A_PERMISSION, u2.getUuid());
     assertThat(count).isEqualTo(2);
 
     // excluding unknown user
-    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, organization.getUuid(), A_PERMISSION, MISSING_UUID);
+    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, A_PERMISSION, MISSING_UUID);
     assertThat(count).isEqualTo(3);
 
-    // another organization
-    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getUuid());
-    assertThat(count).isEqualTo(0);
-
     // another permission
-    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, organization.getUuid(), DOES_NOT_EXIST, u2.getUuid());
+    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, u2.getUuid());
     assertThat(count).isEqualTo(0);
   }
 
-  @Test
-  public void selectOrganizationUuidsOfUserWithGlobalPermission_returns_empty_set_if_user_does_not_exist() {
-    // another user
-    db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES);
-
-    Set<String> orgUuids = underTest.selectOrganizationUuidsOfUserWithGlobalPermission(dbSession, MISSING_UUID, SYSTEM_ADMIN);
-
-    assertThat(orgUuids).isEmpty();
-  }
-
-  @Test
-  public void selectOrganizationUuidsOfUserWithGlobalPermission_returns_empty_set_if_user_does_not_have_permission_at_all() {
-    db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES);
-    // user is not part of this group
-    db.users().insertPermissionOnGroup(group1, SCAN);
-
-    Set<String> orgUuids = underTest.selectOrganizationUuidsOfUserWithGlobalPermission(dbSession, user.getUuid(), SCAN.getKey());
-
-    assertThat(orgUuids).isEmpty();
-  }
-
-  @Test
-  public void selectOrganizationUuidsOfUserWithGlobalPermission_returns_organizations_on_which_user_has_permission() {
-    db.users().insertPermissionOnGroup(group1, SCAN);
-    db.users().insertPermissionOnGroup(group2, QUALITY_GATE_ADMIN);
-    db.users().insertMember(group1, user);
-    db.users().insertMember(group2, user);
-
-    Set<String> orgUuids = underTest.selectOrganizationUuidsOfUserWithGlobalPermission(dbSession, user.getUuid(), SCAN.getKey());
-
-    assertThat(orgUuids).containsExactly(group1.getOrganizationUuid());
-  }
-
-  @Test
-  public void selectOrganizationUuidsOfUserWithGlobalPermission_handles_user_permissions_and_group_permissions() {
-    // organization: through group membership
-    db.users().insertPermissionOnGroup(group1, SCAN);
-    db.users().insertMember(group1, user);
-
-    // org2 : direct user permission
-    OrganizationDto org2 = db.organizations().insert();
-    db.users().insertPermissionOnUser(org2, user, SCAN);
-
-    // org3 : another permission QUALITY_GATE_ADMIN
-    OrganizationDto org3 = db.organizations().insert();
-    db.users().insertPermissionOnUser(org3, user, QUALITY_GATE_ADMIN);
-
-    // exclude project permission
-    db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, db.components().insertPrivateProject());
-
-    Set<String> orgUuids = underTest.selectOrganizationUuidsOfUserWithGlobalPermission(dbSession, user.getUuid(), SCAN.getKey());
-
-    assertThat(orgUuids).containsOnly(organization.getUuid(), org2.getUuid());
-  }
-
-  @Test
-  public void selectOrganizationUuidsOfUserWithGlobalPermission_ignores_anonymous_permissions() {
-    db.users().insertPermissionOnAnyone(organization, SCAN);
-    db.users().insertPermissionOnUser(organization, user, ADMINISTER_QUALITY_GATES);
-
-    Set<String> orgUuids = underTest.selectOrganizationUuidsOfUserWithGlobalPermission(dbSession, user.getUuid(), SCAN.getKey());
-
-    assertThat(orgUuids).isEmpty();
-  }
-
   @Test
   public void selectProjectPermissionsOfAnonymous_returns_permissions_of_anonymous_user_on_specified_public_project() {
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnAnyone("p1", project);
     db.users().insertProjectPermissionOnUser(db.users().insertUser(), "p2", project);
     ComponentDto otherProject = db.components().insertPublicProject();
@@ -854,7 +745,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_public_project_through_anonymous_permissions() {
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnAnyone("p1", project);
     db.users().insertProjectPermissionOnAnyone("p2", project);
 
@@ -863,7 +754,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_project() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project);
     db.users().insertProjectPermissionOnUser(db.users().insertUser(), UserRole.ISSUE_ADMIN, project);
 
@@ -872,7 +763,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_project_through_group_membership() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     db.users().insertProjectPermissionOnGroup(group1, UserRole.CODEVIEWER, project);
     db.users().insertProjectPermissionOnGroup(group2, UserRole.ISSUE_ADMIN, project);
     db.users().insertMember(group1, user);
@@ -882,7 +773,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_private_project_through_all_possible_configurations() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project);
     db.users().insertProjectPermissionOnGroup(group1, UserRole.USER, project);
     db.users().insertMember(group1, user);
@@ -892,7 +783,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_public_project_through_all_possible_configurations() {
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnUser(user, "p1", project);
     db.users().insertProjectPermissionOnAnyone("p2", project);
     db.users().insertProjectPermissionOnGroup(group1, "p3", project);
@@ -903,8 +794,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_filters_projects_authorized_to_logged_in_user_by_direct_permission() {
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto privateProject = db.components().insertPrivateProject();
+    ComponentDto publicProject = db.components().insertPublicProject();
     UserDto user = db.users().insertUser();
     db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, privateProject);
 
@@ -917,10 +808,10 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_filters_projects_authorized_to_logged_in_user_by_group_permission() {
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto privateProject = db.components().insertPrivateProject();
+    ComponentDto publicProject = db.components().insertPublicProject();
     UserDto user = db.users().insertUser();
-    GroupDto group = db.users().insertGroup(organization);
+    GroupDto group = db.users().insertGroup();
     db.users().insertMember(group, user);
     db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, privateProject);
 
@@ -933,7 +824,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_empty_list_if_input_is_empty() {
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     UserDto user = db.users().insertUser();
 
     assertThat(underTest.keepAuthorizedProjectUuids(dbSession, Collections.emptySet(), user.getUuid(), UserRole.USER))
@@ -946,7 +837,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_empty_list_if_input_does_not_reference_existing_projects() {
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     UserDto user = db.users().insertUser();
 
     assertThat(underTest.keepAuthorizedProjectUuids(dbSession, newHashSet("does_not_exist"), user.getUuid(), UserRole.USER))
@@ -955,7 +846,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedProjectUuids_returns_public_projects_if_permission_USER_or_CODEVIEWER() {
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     UserDto user = db.users().insertUser();
 
     // logged-in user
@@ -977,12 +868,11 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectQualityProfileAdministratorLogins_return_users_with_quality_profile_administrator_permission() {
-    OrganizationDto organization1 = db.organizations().insert();
     UserDto user1 = db.users().insertUser(withEmail("user1"));
-    db.users().insertPermissionOnUser(organization1, user1, ADMINISTER_QUALITY_PROFILES);
-    OrganizationDto organization2 = db.organizations().insert();
+    db.users().insertPermissionOnUser(user1, ADMINISTER_QUALITY_PROFILES);
+
     UserDto user2 = db.users().insertUser(withEmail("user2"));
-    db.users().insertPermissionOnUser(organization2, user2, ADMINISTER_QUALITY_PROFILES);
+    db.users().insertPermissionOnUser(user2, ADMINISTER_QUALITY_PROFILES);
 
     Set<EmailSubscriberDto> subscribers = underTest.selectQualityProfileAdministratorLogins(dbSession);
 
@@ -991,13 +881,11 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectQualityProfileAdministratorLogins_return_users_within_quality_profile_administrator_group() {
-    OrganizationDto organization1 = db.organizations().insert();
-    GroupDto qualityProfileAdministratorGroup1 = db.users().insertGroup(organization1);
+    GroupDto qualityProfileAdministratorGroup1 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(qualityProfileAdministratorGroup1, ADMINISTER_QUALITY_PROFILES);
     UserDto user1 = db.users().insertUser(withEmail("user1"));
     db.users().insertMember(qualityProfileAdministratorGroup1, user1);
-    OrganizationDto organization2 = db.organizations().insert();
-    GroupDto qualityProfileAdministratorGroup2 = db.users().insertGroup(organization2);
+    GroupDto qualityProfileAdministratorGroup2 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(qualityProfileAdministratorGroup2, ADMINISTER_QUALITY_PROFILES);
     UserDto user2 = db.users().insertUser(withEmail("user2"));
     db.users().insertMember(qualityProfileAdministratorGroup2, user2);
@@ -1009,9 +897,8 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectQualityProfileAdministratorLogins_does_not_return_non_quality_profile_administrator() {
-    OrganizationDto organization1 = db.organizations().insert();
     UserDto user1 = db.users().insertUser(withEmail("user1"));
-    db.users().insertPermissionOnUser(organization1, user1, ADMINISTER);
+    db.users().insertPermissionOnUser(user1, ADMINISTER);
     db.users().insertUser(withoutEmail("user2"));
 
     Set<EmailSubscriberDto> subscribers = underTest.selectQualityProfileAdministratorLogins(dbSession);
@@ -1021,32 +908,31 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectQualityProfileAdministratorLogins_does_not_return_quality_profile_administrator_without_email() {
-    OrganizationDto organization1 = db.organizations().insert();
     UserDto user1NoEmail = db.users().insertUser(withoutEmail("user1NoEmail"));
-    db.users().insertPermissionOnUser(organization1, user1NoEmail, ADMINISTER_QUALITY_PROFILES);
+    db.users().insertPermissionOnUser(user1NoEmail, ADMINISTER_QUALITY_PROFILES);
     UserDto user1WithEmail = db.users().insertUser(withEmail("user1WithEmail"));
-    db.users().insertPermissionOnUser(organization1, user1WithEmail, ADMINISTER_QUALITY_PROFILES);
-    GroupDto qualityProfileAdministratorGroup1 = db.users().insertGroup(organization1);
+    db.users().insertPermissionOnUser(user1WithEmail, ADMINISTER_QUALITY_PROFILES);
+    GroupDto qualityProfileAdministratorGroup1 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(qualityProfileAdministratorGroup1, ADMINISTER_QUALITY_PROFILES);
     UserDto user2NoEmail = db.users().insertUser(withoutEmail("user2NoEmail"));
     db.users().insertMember(qualityProfileAdministratorGroup1, user2NoEmail);
     UserDto user2WithEmail = db.users().insertUser(withEmail("user2WithEmail"));
     db.users().insertMember(qualityProfileAdministratorGroup1, user2WithEmail);
-    OrganizationDto organization2 = db.organizations().insert();
-    GroupDto qualityProfileAdministratorGroup2 = db.users().insertGroup(organization2);
+
+    GroupDto qualityProfileAdministratorGroup2 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(qualityProfileAdministratorGroup2, ADMINISTER_QUALITY_PROFILES);
     UserDto user3NoEmail = db.users().insertUser(withoutEmail("user3NoEmail"));
     db.users().insertMember(qualityProfileAdministratorGroup2, user3NoEmail);
     UserDto user3WithEmail = db.users().insertUser(withEmail("user3WithEmail"));
     db.users().insertMember(qualityProfileAdministratorGroup2, user3WithEmail);
     UserDto user4NoEmail = db.users().insertUser(withoutEmail("user4NoEmail"));
-    db.users().insertPermissionOnUser(organization1, user4NoEmail, ADMINISTER_QUALITY_PROFILES);
+    db.users().insertPermissionOnUser(user4NoEmail, ADMINISTER_QUALITY_PROFILES);
     UserDto user4WithEmail = db.users().insertUser(withEmail("user4WithEmail"));
-    db.users().insertPermissionOnUser(organization1, user4WithEmail, ADMINISTER_QUALITY_PROFILES);
+    db.users().insertPermissionOnUser(user4WithEmail, ADMINISTER_QUALITY_PROFILES);
     UserDto user5NoEmail = db.users().insertUser(withoutEmail("user5NoEmail"));
-    db.users().insertPermissionOnUser(organization2, user5NoEmail, ADMINISTER_QUALITY_PROFILES);
+    db.users().insertPermissionOnUser(user5NoEmail, ADMINISTER_QUALITY_PROFILES);
     UserDto user5WithEmail = db.users().insertUser(withEmail("user5WithEmail"));
-    db.users().insertPermissionOnUser(organization2, user5WithEmail, ADMINISTER_QUALITY_PROFILES);
+    db.users().insertPermissionOnUser(user5WithEmail, ADMINISTER_QUALITY_PROFILES);
     db.users().insertUser(withoutEmail("user6NoEmail"));
     db.users().insertUser(withEmail("user6WithEmail"));
 
@@ -1063,20 +949,19 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectGlobalAdministerEmailSubscribers_returns_only_global_administers() {
-    OrganizationDto organization1 = db.organizations().insert();
     UserDto user1 = db.users().insertUser(withEmail("user1"));
-    db.users().insertPermissionOnUser(organization1, user1, ADMINISTER);
-    OrganizationDto organization2 = db.organizations().insert();
+    db.users().insertPermissionOnUser(user1, ADMINISTER);
+
     UserDto user2 = db.users().insertUser(withEmail("user2"));
-    db.users().insertPermissionOnUser(organization2, user2, ADMINISTER);
+    db.users().insertPermissionOnUser(user2, ADMINISTER);
 
     // user3 is global administer via a group
-    GroupDto administratorGroup2 = db.users().insertGroup(organization2);
+    GroupDto administratorGroup2 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(administratorGroup2, ADMINISTER);
     UserDto user3 = db.users().insertUser(withEmail("user3"));
     db.users().insertMember(administratorGroup2, user3);
     // user4 has another global permission via a group
-    GroupDto administratorGroup3 = db.users().insertGroup(organization2);
+    GroupDto administratorGroup3 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(administratorGroup3, QUALITY_PROFILE_ADMIN);
     UserDto user4 = db.users().insertUser(withEmail("user4"));
     db.users().insertMember(administratorGroup3, user4);
@@ -1085,11 +970,11 @@ public class AuthorizationDaoTest {
 
     // user5 is only project level administer
     UserDto user5 = db.users().insertUser(withEmail("user5"));
-    // db.users().insertPermissionOnUser(organization1, user5, ADMINISTER);
+    // db.users().insertPermissionOnUser(user5, ADMINISTER);
     db.users().insertProjectPermissionOnUser(user5, "admin", project);
     // user6 has other global permission
     UserDto user6 = db.users().insertUser(withEmail("user6"));
-    db.users().insertPermissionOnUser(organization1, user6, ADMINISTER_QUALITY_PROFILES);
+    db.users().insertPermissionOnUser(user6, ADMINISTER_QUALITY_PROFILES);
     // user7 has no permission
     db.users().insertUser(withEmail("user7"));
 
@@ -1103,21 +988,19 @@ public class AuthorizationDaoTest {
 
   @Test
   public void selectGlobalAdministerEmailSubscribers_ignores_global_administers_without_email() {
-    OrganizationDto organization1 = db.organizations().insert();
-    // user1 and user1NoEmail are global administers on org1
+    // user1 and user1NoEmail are global administers
     UserDto user1 = db.users().insertUser(withEmail("user1"));
-    db.users().insertPermissionOnUser(organization1, user1, ADMINISTER);
+    db.users().insertPermissionOnUser(user1, ADMINISTER);
     UserDto user1NoEmail = db.users().insertUser(withoutEmail("user1NoEmail"));
-    db.users().insertPermissionOnUser(organization1, user1NoEmail, ADMINISTER);
-    // user2 and user2NoEmail are global administers on org2
-    OrganizationDto organization2 = db.organizations().insert();
+    db.users().insertPermissionOnUser(user1NoEmail, ADMINISTER);
+    // user2 and user2NoEmail are global administers
     UserDto user2 = db.users().insertUser(withEmail("user2"));
-    db.users().insertPermissionOnUser(organization2, user2, ADMINISTER);
+    db.users().insertPermissionOnUser(user2, ADMINISTER);
     UserDto user2NoEmail = db.users().insertUser(withoutEmail("user2NoEmail"));
-    db.users().insertPermissionOnUser(organization2, user2NoEmail, ADMINISTER);
+    db.users().insertPermissionOnUser(user2NoEmail, ADMINISTER);
 
     // user3 and user3NoEmail are global administer via a group
-    GroupDto administratorGroup2 = db.users().insertGroup(organization2);
+    GroupDto administratorGroup2 = db.users().insertGroup();
     db.users().insertPermissionOnGroup(administratorGroup2, ADMINISTER);
     UserDto user3 = db.users().insertUser(withEmail("user3"));
     db.users().insertMember(administratorGroup2, user3);
@@ -1134,7 +1017,7 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedLoginsOnProject_return_correct_users_on_public_project() {
-    ComponentDto project = db.components().insertPublicProject(organization);
+    ComponentDto project = db.components().insertPublicProject();
 
     UserDto user1 = db.users().insertUser();
 
@@ -1144,7 +1027,7 @@ public class AuthorizationDaoTest {
 
     // admin2 with ADMIN role through group
     UserDto admin2 = db.users().insertUser();
-    GroupDto adminGroup = db.users().insertGroup(organization, "ADMIN");
+    GroupDto adminGroup = db.users().insertGroup("ADMIN");
     db.users().insertMember(adminGroup, admin2);
     db.users().insertProjectPermissionOnGroup(adminGroup, UserRole.ADMIN, project);
 
@@ -1158,10 +1041,10 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedLoginsOnProject_return_correct_users_on_private_project() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
 
-    GroupDto userGroup = db.users().insertGroup(organization, "USERS");
-    GroupDto adminGroup = db.users().insertGroup(organization, "ADMIN");
+    GroupDto userGroup = db.users().insertGroup("USERS");
+    GroupDto adminGroup = db.users().insertGroup("ADMIN");
     db.users().insertProjectPermissionOnGroup(userGroup, UserRole.USER, project);
     db.users().insertProjectPermissionOnGroup(adminGroup, UserRole.ADMIN, project);
 
@@ -1200,11 +1083,11 @@ public class AuthorizationDaoTest {
 
   @Test
   public void keepAuthorizedLoginsOnProject_return_correct_users_on_branch() {
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     ComponentDto branch = db.components().insertProjectBranch(project, c -> c.setBranchType(BranchType.BRANCH));
 
-    GroupDto userGroup = db.users().insertGroup(organization, "USERS");
-    GroupDto adminGroup = db.users().insertGroup(organization, "ADMIN");
+    GroupDto userGroup = db.users().insertGroup("USERS");
+    GroupDto adminGroup = db.users().insertGroup("ADMIN");
     db.users().insertProjectPermissionOnGroup(userGroup, UserRole.USER, project);
     db.users().insertProjectPermissionOnGroup(adminGroup, UserRole.ADMIN, project);
 

server/sonar-db-dao/src/test/java/org/sonar/db/permission/PermissionQueryTest.java

@@ -37,16 +37,14 @@ public class PermissionQueryTest {
   @Test
   public void create_query() {
     OrganizationDto organization = newOrganizationDto();
-    ComponentDto project= newPublicProjectDto(organization);
+    ComponentDto project = newPublicProjectDto(organization);
     PermissionQuery query = PermissionQuery.builder()
       .setComponent(project)
-      .setOrganizationUuid("ORGANIZATION_UUID")
       .setPermission("user")
       .setSearchQuery("sonar")
       .build();
 
     assertThat(query.getComponentUuid()).isEqualTo(project.uuid());
-    assertThat(query.getOrganizationUuid()).isEqualTo("ORGANIZATION_UUID");
     assertThat(query.getPermission()).isEqualTo("user");
     assertThat(query.getSearchQuery()).isEqualTo("sonar");
   }
@@ -54,7 +52,6 @@ public class PermissionQueryTest {
   @Test
   public void create_query_with_pagination() {
     PermissionQuery query = PermissionQuery.builder()
-      .setOrganizationUuid("ORGANIZATION_UUID")
       .setPageSize(10)
       .setPageIndex(5)
       .build();
@@ -66,28 +63,18 @@ public class PermissionQueryTest {
   @Test
   public void create_query_with_default_pagination() {
     PermissionQuery query = PermissionQuery.builder()
-      .setOrganizationUuid("ORGANIZATION_UUID")
       .build();
 
     assertThat(query.getPageOffset()).isEqualTo(0);
     assertThat(query.getPageSize()).isEqualTo(20);
   }
 
-  @Test
-  public void fail_when_no_organization() {
-    expectedException.expect(NullPointerException.class);
-    expectedException.expectMessage("Organization UUID cannot be null");
-
-    PermissionQuery.builder().setOrganizationUuid(null).build();
-  }
-
   @Test
   public void fail_when_search_query_length_is_less_than_3_characters() {
     expectedException.expect(IllegalArgumentException.class);
     expectedException.expectMessage("Search query should contains at least 3 characters");
 
     PermissionQuery.builder()
-      .setOrganizationUuid("ORGANIZATION_UUID")
       .setSearchQuery("so")
       .build();
   }

server/sonar-db-dao/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java

@@ -45,7 +45,6 @@ import static java.util.Collections.singletonList;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.tuple;
 import static org.sonar.api.web.UserRole.ADMIN;
-import static org.sonar.api.web.UserRole.CODEVIEWER;
 import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
 import static org.sonar.api.web.UserRole.USER;
 import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
@@ -68,109 +67,103 @@ public class UserPermissionDaoTest {
 
   @Test
   public void select_global_permissions() {
-    OrganizationDto organization = db.organizations().insert();
     OrganizationDto org2 = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"), organization, org2);
-    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"), organization, org2);
-    UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com"), organization);
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    UserPermissionDto global1 = addGlobalPermission(organization, SYSTEM_ADMIN, user1);
-    UserPermissionDto global2 = addGlobalPermission(organization, SYSTEM_ADMIN, user2);
-    UserPermissionDto global3 = addGlobalPermission(organization, PROVISIONING, user2);
-    UserPermissionDto project1Perm = addProjectPermission(organization, USER, user3, project);
-    // permissions on another organization, to be excluded
-    UserPermissionDto org2Global1 = addGlobalPermission(org2, SYSTEM_ADMIN, user1);
-    UserPermissionDto org2Global2 = addGlobalPermission(org2, PROVISIONING, user2);
+    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
+    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"));
+    UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com"));
+    ComponentDto project = db.components().insertPrivateProject();
+    UserPermissionDto global1 = addGlobalPermission(SYSTEM_ADMIN, user1);
+    UserPermissionDto global2 = addGlobalPermission(SYSTEM_ADMIN, user2);
+    UserPermissionDto global3 = addGlobalPermission(PROVISIONING, user2);
+    UserPermissionDto project1Perm = addProjectPermission(USER, user3, project);
 
     // global permissions of users who has at least one global permission, ordered by user name then permission
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().build();
+    PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().build();
     expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), global2, global3, global1);
 
     // default query returns all users, whatever their permissions nor organizations
     // (that's a non-sense, but still this is required for api/permissions/groups
     // when filtering users by name)
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
-    expectPermissions(query, asList(user2.getUuid(), user1.getUuid(), user3.getUuid()), global2, global3, org2Global2, global1, org2Global1, project1Perm);
+    query = PermissionQuery.builder().build();
+    expectPermissions(query, asList(user2.getUuid(), user1.getUuid(), user3.getUuid()), global2, global3, global1, project1Perm);
 
     // global permissions "admin"
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setPermission(SYSTEM_ADMIN).build();
+    query = PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build();
     expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), global2, global1);
 
     // empty if nobody has the specified global permission
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setPermission("missing").build();
+    query = PermissionQuery.builder().setPermission("missing").build();
     expectPermissions(query, emptyList());
 
     // search by user name (matches 2 users)
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setSearchQuery("mari").build();
+    query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("mari").build();
     expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), global2, global3, global1);
 
     // search by user login
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setSearchQuery("ogin2").build();
+    query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("ogin2").build();
     expectPermissions(query, singletonList(user2.getUuid()), global2, global3);
 
     // search by user email
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setSearchQuery("mail2").build();
+    query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("mail2").build();
     expectPermissions(query, singletonList(user2.getUuid()), global2, global3);
 
     // search by user name (matches 2 users) and global permission
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("Mari").setPermission(PROVISIONING).build();
+    query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(PROVISIONING).build();
     expectPermissions(query, singletonList(user2.getUuid()), global3);
 
     // search by user name (no match)
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("Unknown").build();
+    query = PermissionQuery.builder().setSearchQuery("Unknown").build();
     expectPermissions(query, emptyList());
   }
 
   @Test
   public void select_project_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"), organization);
-    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"), organization);
-    UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com"), organization);
-    addGlobalPermission(organization, SYSTEM_ADMIN, user1);
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    UserPermissionDto perm1 = addProjectPermission(organization, USER, user1, project1);
-    UserPermissionDto perm2 = addProjectPermission(organization, ISSUE_ADMIN, user1, project1);
-    UserPermissionDto perm3 = addProjectPermission(organization, ISSUE_ADMIN, user2, project1);
-    addProjectPermission(organization, ISSUE_ADMIN, user3, project2);
+    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
+    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"));
+    UserDto user3 = insertUser(u -> u.setLogin("zanother").setName("Zoe").setEmail("zanother3@another.com"));
+    addGlobalPermission(SYSTEM_ADMIN, user1);
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    UserPermissionDto perm1 = addProjectPermission(USER, user1, project1);
+    UserPermissionDto perm2 = addProjectPermission(ISSUE_ADMIN, user1, project1);
+    UserPermissionDto perm3 = addProjectPermission(ISSUE_ADMIN, user2, project1);
+    addProjectPermission(ISSUE_ADMIN, user3, project2);
 
     // project permissions of users who has at least one permission on this project
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setComponent(project1).build();
+    PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponent(project1).build();
     expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1);
 
     // empty if nobody has the specified global permission
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setPermission("missing").setComponent(project1).build();
+    query = PermissionQuery.builder().setPermission("missing").setComponent(project1).build();
     expectPermissions(query, emptyList());
 
     // search by user name (matches 2 users), users with at least one permission
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("Mari").withAtLeastOnePermission().setComponent(project1).build();
+    query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setComponent(project1).build();
     expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2, perm1);
 
     // search by user name (matches 2 users) and project permission
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponent(project1).build();
+    query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponent(project1).build();
     expectPermissions(query, asList(user2.getUuid(), user1.getUuid()), perm3, perm2);
 
     // search by user name (no match)
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("Unknown").setComponent(project1).build();
+    query = PermissionQuery.builder().setSearchQuery("Unknown").setComponent(project1).build();
     expectPermissions(query, emptyList());
 
     // permissions of unknown project
-    query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).setComponent(newPrivateProjectDto(organization)).withAtLeastOnePermission().build();
+    query = PermissionQuery.builder().setComponent(newPrivateProjectDto(db.getDefaultOrganization())).withAtLeastOnePermission().build();
     expectPermissions(query, emptyList());
   }
 
   @Test
   public void selectUserUuidsByQuery_is_ordering_by_users_having_permissions_first_then_by_name_lowercase() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com"), organization);
-    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com"), organization);
-    UserDto user3 = insertUser(u -> u.setLogin("login3").setName("Z").setEmail("zanother3@another.com"), organization);
-    UserDto user4 = insertUser(u -> u.setLogin("login4").setName("A").setEmail("zanother3@another.com"), organization);
-    addGlobalPermission(organization, SYSTEM_ADMIN, user1);
-    addGlobalPermission(organization, QUALITY_PROFILE_ADMIN, user2);
+    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com"));
+    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com"));
+    UserDto user3 = insertUser(u -> u.setLogin("login3").setName("Z").setEmail("zanother3@another.com"));
+    UserDto user4 = insertUser(u -> u.setLogin("login4").setName("A").setEmail("zanother3@another.com"));
+    addGlobalPermission(SYSTEM_ADMIN, user1);
+    addGlobalPermission(QUALITY_PROFILE_ADMIN, user2);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
 
     assertThat(underTest.selectUserUuidsByQueryAndScope(dbSession, query))
       .containsExactly(user2.getUuid(), user1.getUuid(), user4.getUuid(), user3.getUuid());
@@ -178,18 +171,17 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserUuidsByQuery_is_ordering_by_users_having_permissions_first_then_by_name_lowercase_when_high_number_of_users_for_global_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
-      UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i), organization);
+      UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i));
       // Add permission on project to be sure projects are excluded
       db.users().insertProjectPermissionOnUser(user, SCAN.getKey(), project);
     });
     String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1);
     UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin);
-    addGlobalPermission(organization, SYSTEM_ADMIN, lastUser);
+    addGlobalPermission(SYSTEM_ADMIN, lastUser);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
 
     assertThat(underTest.selectUserUuidsByQueryAndScope(dbSession, query))
       .hasSize(DEFAULT_PAGE_SIZE)
@@ -198,20 +190,19 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserUuidsByQuery_is_ordering_by_users_having_permissions_first_then_by_name_lowercase_when_high_number_of_users_for_project_permissions() {
-    OrganizationDto organization = db.organizations().insert();
     IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
-      UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i), organization);
+      UserDto user = insertUser(u -> u.setLogin("login" + i).setName("" + i));
       // Add global permission to be sure they are excluded
-      addGlobalPermission(organization, SYSTEM_ADMIN, user);
+      addGlobalPermission(SYSTEM_ADMIN, user);
     });
     String lastLogin = "login" + (DEFAULT_PAGE_SIZE + 1);
     UserDto lastUser = db.getDbClient().userDao().selectByLogin(dbSession, lastLogin);
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     db.users().insertProjectPermissionOnUser(lastUser, SCAN.getKey(), project);
 
     PermissionQuery query = PermissionQuery.builder()
       .setComponent(project)
-      .setOrganizationUuid(organization.getUuid()).build();
+      .build();
 
     assertThat(underTest.selectUserUuidsByQueryAndScope(dbSession, query))
       .hasSize(DEFAULT_PAGE_SIZE)
@@ -220,16 +211,15 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserUuidsByQuery_is_not_ordering_by_number_of_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com"), organization);
-    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com"), organization);
-    addGlobalPermission(organization, SYSTEM_ADMIN, user1);
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    addProjectPermission(organization, USER, user2, project1);
-    addProjectPermission(organization, USER, user1, project1);
-    addProjectPermission(organization, ADMIN, user1, project1);
+    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Z").setEmail("email1@email.com"));
+    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("A").setEmail("email2@email.com"));
+    addGlobalPermission(SYSTEM_ADMIN, user1);
+    ComponentDto project1 = db.components().insertPrivateProject();
+    addProjectPermission(USER, user2, project1);
+    addProjectPermission(USER, user1, project1);
+    addProjectPermission(ADMIN, user1, project1);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
 
     // Even if user1 has 3 permissions, the name is used to order
     assertThat(underTest.selectUserUuidsByQuery(dbSession, query))
@@ -238,16 +228,15 @@ public class UserPermissionDaoTest {
 
   @Test
   public void countUsersByProjectPermission() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    addGlobalPermission(organization, SYSTEM_ADMIN, user1);
-    addProjectPermission(organization, USER, user1, project1);
-    addProjectPermission(organization, ISSUE_ADMIN, user1, project1);
-    addProjectPermission(organization, ISSUE_ADMIN, user2, project1);
-    addProjectPermission(organization, ISSUE_ADMIN, user2, project2);
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    addGlobalPermission(SYSTEM_ADMIN, user1);
+    addProjectPermission(USER, user1, project1);
+    addProjectPermission(ISSUE_ADMIN, user1, project1);
+    addProjectPermission(ISSUE_ADMIN, user2, project1);
+    addProjectPermission(ISSUE_ADMIN, user2, project2);
 
     // no projects -> return empty list
     assertThat(underTest.countUsersByProjectPermission(dbSession, emptyList())).isEmpty();
@@ -266,57 +255,47 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserUuidsByQuery() {
-    OrganizationDto org1 = db.organizations().insert();
-    OrganizationDto org2 = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"), org1, org2);
-    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"), org1, org2);
-    ComponentDto project1 = db.components().insertPrivateProject(org1);
-    ComponentDto project2 = db.components().insertPrivateProject(org2);
-    addProjectPermission(org1, USER, user1, project1);
-    addProjectPermission(org1, USER, user2, project1);
-    addProjectPermission(org2, USER, user1, project2);
-    addProjectPermission(org1, ISSUE_ADMIN, user2, project1);
-    addProjectPermission(org2, ISSUE_ADMIN, user2, project2);
+    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
+    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"));
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    addProjectPermission(USER, user1, project1);
+    addProjectPermission(USER, user2, project1);
+    addProjectPermission(ISSUE_ADMIN, user2, project1);
 
     // logins are ordered by user name: user2 ("Marie") then user1 ("Marius")
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(project1.getOrganizationUuid()).setComponent(project1).withAtLeastOnePermission().build();
+    PermissionQuery query = PermissionQuery.builder().setComponent(project1).withAtLeastOnePermission().build();
     assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user2.getUuid(), user1.getUuid());
-    query = PermissionQuery.builder().setOrganizationUuid("anotherOrg").setComponent(project1).withAtLeastOnePermission().build();
+    query = PermissionQuery.builder().setComponent(project2).withAtLeastOnePermission().build();
     assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).isEmpty();
 
     // on a project without permissions
-    query = PermissionQuery.builder().setOrganizationUuid(org1.getUuid()).setComponent(newPrivateProjectDto(org1)).withAtLeastOnePermission().build();
+    query = PermissionQuery.builder().setComponent(newPrivateProjectDto(db.getDefaultOrganization())).withAtLeastOnePermission().build();
     assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).isEmpty();
 
     // search all users whose name matches "mar", whatever the permissions
-    query = PermissionQuery.builder().setOrganizationUuid(org1.getUuid()).setSearchQuery("mar").build();
+    query = PermissionQuery.builder().setSearchQuery("mar").build();
     assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user2.getUuid(), user1.getUuid());
 
     // search all users whose name matches "mariu", whatever the permissions
-    query = PermissionQuery.builder().setOrganizationUuid(org1.getUuid()).setSearchQuery("mariu").build();
+    query = PermissionQuery.builder().setSearchQuery("mariu").build();
     assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user1.getUuid());
 
     // search all users whose name matches "mariu", whatever the permissions
-    query = PermissionQuery.builder().setOrganizationUuid(org1.getUuid()).setSearchQuery("mariu").setComponent(project1).build();
+    query = PermissionQuery.builder().setSearchQuery("mariu").setComponent(project1).build();
     assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).containsExactly(user1.getUuid());
-
-    // search all users whose name matches "mariu", whatever the organization
-    query = PermissionQuery.builder().setOrganizationUuid("missingOrg").setSearchQuery("mariu").build();
-    assertThat(underTest.selectUserUuidsByQuery(dbSession, query)).isEmpty();
   }
 
   @Test
   public void selectUserUuidsByQueryAndScope_with_organization_scope() {
-    OrganizationDto org1 = db.organizations().insert();
-    OrganizationDto org2 = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"), org1, org2);
-    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"), org1, org2);
-    ComponentDto project1 = db.components().insertPrivateProject(org1);
-    ComponentDto project2 = db.components().insertPrivateProject(org2);
-    addProjectPermission(org1, USER, user1, project1);
-    addGlobalPermission(org1, PROVISIONING, user1);
-    addProjectPermission(org2, ISSUE_ADMIN, user2, project2);
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(org1.getUuid()).build();
+    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
+    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"));
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    addProjectPermission(USER, user1, project1);
+    addGlobalPermission(PROVISIONING, user1);
+    addProjectPermission(ISSUE_ADMIN, user2, project2);
+    PermissionQuery query = PermissionQuery.builder().build();
 
     List<String> result = underTest.selectUserUuidsByQueryAndScope(dbSession, query);
 
@@ -326,17 +305,14 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserUuidsByQueryAndScope_with_project_scope() {
-    OrganizationDto org1 = db.organizations().insert();
-    OrganizationDto org2 = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"), org1, org2);
-    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"), org1, org2);
-    ComponentDto project1 = db.components().insertPrivateProject(org1);
-    ComponentDto project2 = db.components().insertPrivateProject(org2);
-    addProjectPermission(org1, USER, user1, project1);
-    addGlobalPermission(org1, PROVISIONING, user1);
-    addProjectPermission(org2, ISSUE_ADMIN, user2, project2);
+    UserDto user1 = insertUser(u -> u.setLogin("login1").setName("Marius").setEmail("email1@email.com"));
+    UserDto user2 = insertUser(u -> u.setLogin("login2").setName("Marie").setEmail("email2@email.com"));
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    addProjectPermission(USER, user1, project1);
+    addGlobalPermission(PROVISIONING, user1);
+    addProjectPermission(ISSUE_ADMIN, user2, project2);
     PermissionQuery query = PermissionQuery.builder()
-      .setOrganizationUuid(org1.getUuid())
       .setComponent(project1)
       .build();
 
@@ -348,87 +324,79 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserUuidsByQuery_is_paginated() {
-    OrganizationDto organization = db.organizations().insert();
     List<String> userUuids = new ArrayList<>();
     for (int i = 0; i < 10; i++) {
       String name = "user-" + i;
-      UserDto user = insertUser(u -> u.setName(name), organization);
-      addGlobalPermission(organization, PROVISIONING, user);
-      addGlobalPermission(organization, SYSTEM_ADMIN, user);
+      UserDto user = insertUser(u -> u.setName(name));
+      addGlobalPermission(PROVISIONING, user);
+      addGlobalPermission(SYSTEM_ADMIN, user);
       userUuids.add(user.getUuid());
     }
 
-    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder().setOrganizationUuid(organization.getUuid())
+    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder()
       .setPageSize(3).setPageIndex(1).build()))
-        .containsExactly(userUuids.get(0), userUuids.get(1), userUuids.get(2));
-    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder().setOrganizationUuid(organization.getUuid())
+      .containsExactly(userUuids.get(0), userUuids.get(1), userUuids.get(2));
+    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder()
       .setPageSize(2).setPageIndex(3).build()))
-        .containsExactly(userUuids.get(4), userUuids.get(5));
-    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder().setOrganizationUuid(organization.getUuid())
+      .containsExactly(userUuids.get(4), userUuids.get(5));
+    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder()
       .setPageSize(50).setPageIndex(1).build()))
-        .hasSize(10);
+      .hasSize(10);
   }
 
   @Test
   public void selectUserUuidsByQuery_is_sorted_by_insensitive_name() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(u -> u.setName("user1"), organization);
-    addGlobalPermission(organization, PROVISIONING, user1);
-    UserDto user3 = insertUser(u -> u.setName("user3"), organization);
-    addGlobalPermission(organization, SYSTEM_ADMIN, user3);
-    UserDto user2 = insertUser(u -> u.setName("User2"), organization);
-    addGlobalPermission(organization, PROVISIONING, user2);
-
-    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build()))
+    UserDto user1 = insertUser(u -> u.setName("user1"));
+    addGlobalPermission(PROVISIONING, user1);
+    UserDto user3 = insertUser(u -> u.setName("user3"));
+    addGlobalPermission(SYSTEM_ADMIN, user3);
+    UserDto user2 = insertUser(u -> u.setName("User2"));
+    addGlobalPermission(PROVISIONING, user2);
+
+    assertThat(underTest.selectUserUuidsByQuery(dbSession, PermissionQuery.builder().build()))
       .containsExactly(user1.getUuid(), user2.getUuid(), user3.getUuid());
   }
 
   @Test
   public void deleteGlobalPermission() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    addGlobalPermission(organization, "perm1", user1);
-    addGlobalPermission(organization, "perm2", user1);
-    addProjectPermission(organization, "perm1", user1, project1);
-    addProjectPermission(organization, "perm3", user2, project1);
-    addProjectPermission(organization, "perm4", user2, project2);
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    addGlobalPermission("perm1", user1);
+    addGlobalPermission("perm2", user1);
+    addProjectPermission("perm1", user1, project1);
+    addProjectPermission("perm3", user2, project1);
+    addProjectPermission("perm4", user2, project2);
 
     // user2 does not have global permissions -> do nothing
-    underTest.deleteGlobalPermission(dbSession, user2.getUuid(), "perm1", db.getDefaultOrganization().getUuid());
+    underTest.deleteGlobalPermission(dbSession, user2.getUuid(), "perm1");
     assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
 
     // global permission is not granted -> do nothing
-    underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "notGranted", db.getDefaultOrganization().getUuid());
+    underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "notGranted");
     assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
 
     // permission is on project -> do nothing
-    underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "perm3", db.getDefaultOrganization().getUuid());
-    assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
-
-    // global permission on another organization-> do nothing
-    underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "notGranted", "anotherOrg");
+    underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "perm3");
     assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
 
     // global permission exists -> delete it, but not the project permission with the same name !
-    underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "perm1", organization.getUuid());
+    underTest.deleteGlobalPermission(dbSession, user1.getUuid(), "perm1");
     assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where role='perm1' and component_uuid is null")).isEqualTo(0);
     assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4);
   }
 
   @Test
   public void deleteProjectPermission() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    addGlobalPermission(organization, "perm", user1);
-    addProjectPermission(organization, "perm", user1, project1);
-    addProjectPermission(organization, "perm", user1, project2);
-    addProjectPermission(organization, "perm", user2, project1);
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    addGlobalPermission("perm", user1);
+    addProjectPermission("perm", user1, project1);
+    addProjectPermission("perm", user1, project2);
+    addProjectPermission("perm", user2, project1);
 
     // no such provision -> ignore
     underTest.deleteProjectPermission(dbSession, user1.getUuid(), "anotherPerm", project1.uuid());
@@ -441,15 +409,14 @@ public class UserPermissionDaoTest {
 
   @Test
   public void deleteProjectPermissions() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    addGlobalPermission(organization, "perm", user1);
-    addProjectPermission(organization, "perm", user1, project1);
-    addProjectPermission(organization, "perm", user2, project1);
-    addProjectPermission(organization, "perm", user1, project2);
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    addGlobalPermission("perm", user1);
+    addProjectPermission("perm", user1, project1);
+    addProjectPermission("perm", user2, project1);
+    addProjectPermission("perm", user1, project2);
 
     underTest.deleteProjectPermissions(dbSession, project1.uuid());
     assertThat(db.countRowsOfTable(dbSession, "user_roles")).isEqualTo(2);
@@ -458,37 +425,34 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectGlobalPermissionsOfUser() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    UserDto user3 = insertUser(organization);
-    OrganizationDto org = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    addGlobalPermission(db.getDefaultOrganization(), "perm1", user1);
-    addGlobalPermission(org, "perm2", user2);
-    addGlobalPermission(org, "perm3", user1);
-    addProjectPermission(organization, "perm4", user1, project);
-    addProjectPermission(organization, "perm5", user1, project);
-
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid(), org.getUuid())).containsOnly("perm3");
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid(), db.getDefaultOrganization().getUuid())).containsOnly("perm1");
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid(), "otherOrg")).isEmpty();
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user3.getUuid(), org.getUuid())).isEmpty();
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    UserDto user3 = insertUser();
+    ComponentDto project = db.components().insertPrivateProject();
+    addGlobalPermission("perm1", user1);
+    addGlobalPermission("perm2", user2);
+    addGlobalPermission("perm3", user1);
+    addProjectPermission("perm4", user1, project);
+    addProjectPermission("perm5", user2, project);
+
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly("perm1", "perm3");
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly("perm2");
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user3.getUuid())).isEmpty();
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, "unknown")).isEmpty();
   }
 
   @Test
   public void selectProjectPermissionsOfUser() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    ComponentDto project1 = db.components().insertPrivateProject(organization);
-    ComponentDto project2 = db.components().insertPrivateProject(organization);
-    ComponentDto project3 = db.components().insertPrivateProject(organization);
-    addGlobalPermission(organization, "perm1", user1);
-    addProjectPermission(organization, "perm2", user1, project1);
-    addProjectPermission(organization, "perm3", user1, project1);
-    addProjectPermission(organization, "perm4", user1, project2);
-    addProjectPermission(organization, "perm5", user2, project1);
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    ComponentDto project1 = db.components().insertPrivateProject();
+    ComponentDto project2 = db.components().insertPrivateProject();
+    ComponentDto project3 = db.components().insertPrivateProject();
+    addGlobalPermission("perm1", user1);
+    addProjectPermission("perm2", user1, project1);
+    addProjectPermission("perm3", user1, project1);
+    addProjectPermission("perm4", user1, project2);
+    addProjectPermission("perm5", user2, project1);
 
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).containsOnly("perm2", "perm3");
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly("perm4");
@@ -497,9 +461,8 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectGroupUuidsWithPermissionOnProjectBut_returns_empty_if_project_does_not_exist() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = randomPublicOrPrivateProject(organization);
-    UserDto user = insertUser(organization);
+    ComponentDto project = randomPublicOrPrivateProject();
+    UserDto user = insertUser();
     db.users().insertProjectPermissionOnUser(user, "foo", project);
 
     assertThat(underTest.selectUserUuidsWithPermissionOnProjectBut(dbSession, "1234", UserRole.USER))
@@ -508,10 +471,9 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectGroupUuidsWithPermissionOnProjectBut_returns_only_users_of_projects_which_do_not_have_permission() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = randomPublicOrPrivateProject(organization);
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
+    ComponentDto project = randomPublicOrPrivateProject();
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
     db.users().insertProjectPermissionOnUser(user1, "p1", project);
     db.users().insertProjectPermissionOnUser(user2, "p2", project);
 
@@ -525,10 +487,9 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectGroupUuidsWithPermissionOnProjectBut_does_not_return_groups_which_have_no_permission_at_all_on_specified_project() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = randomPublicOrPrivateProject(organization);
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
+    ComponentDto project = randomPublicOrPrivateProject();
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
     db.users().insertProjectPermissionOnUser(user1, "p1", project);
     db.users().insertProjectPermissionOnUser(user2, "p2", project);
 
@@ -538,85 +499,11 @@ public class UserPermissionDaoTest {
       .containsOnly(user2.getUuid());
   }
 
-  @Test
-  public void deleteByOrganization_does_not_fail_if_table_is_empty() {
-    underTest.deleteByOrganization(dbSession, "some uuid");
-    dbSession.commit();
-  }
-
-  @Test
-  public void deleteByOrganization_does_not_fail_if_organization_has_no_user_permission() {
-    OrganizationDto organization = db.organizations().insert();
-
-    underTest.deleteByOrganization(dbSession, organization.getUuid());
-    dbSession.commit();
-  }
-
-  @Test
-  public void deleteByOrganization_deletes_all_user_permission_of_specified_organization() {
-    OrganizationDto organization1 = db.organizations().insert();
-    OrganizationDto organization2 = db.organizations().insert();
-    OrganizationDto organization3 = db.organizations().insert();
-    UserDto user1 = insertUser(organization1, organization2, organization3);
-    UserDto user2 = insertUser(organization1, organization2, organization3);
-    UserDto user3 = insertUser(organization1, organization2, organization3);
-    db.users().insertPermissionOnUser(organization1, user1, "foo");
-    db.users().insertPermissionOnUser(organization1, user2, "foo");
-    db.users().insertPermissionOnUser(organization1, user2, "bar");
-    db.users().insertPermissionOnUser(organization2, user2, "foo");
-    db.users().insertPermissionOnUser(organization2, user3, "foo");
-    db.users().insertPermissionOnUser(organization2, user3, "bar");
-    db.users().insertPermissionOnUser(organization3, user3, "foo");
-    db.users().insertPermissionOnUser(organization3, user1, "foo");
-    db.users().insertPermissionOnUser(organization3, user1, "bar");
-
-    underTest.deleteByOrganization(dbSession, organization3.getUuid());
-    dbSession.commit();
-    verifyOrganizationUuidsInTable(organization1.getUuid(), organization2.getUuid());
-
-    underTest.deleteByOrganization(dbSession, organization2.getUuid());
-    dbSession.commit();
-    verifyOrganizationUuidsInTable(organization1.getUuid());
-
-    underTest.deleteByOrganization(dbSession, organization1.getUuid());
-    dbSession.commit();
-    verifyOrganizationUuidsInTable();
-  }
-
-  @Test
-  public void delete_permissions_of_an_organization_member() {
-    OrganizationDto organization1 = db.organizations().insert();
-    OrganizationDto organization2 = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization1);
-    UserDto user1 = insertUser(organization1, organization2);
-    UserDto user2 = insertUser(organization1, organization2);
-    // user 1 permissions
-    db.users().insertPermissionOnUser(organization1, user1, SCAN);
-    db.users().insertPermissionOnUser(organization1, user1, ADMINISTER);
-    db.users().insertProjectPermissionOnUser(user1, UserRole.CODEVIEWER, project);
-    db.users().insertPermissionOnUser(organization2, user1, SCAN);
-    // user 2 permission
-    db.users().insertPermissionOnUser(organization1, user2, SCAN);
-    db.users().insertProjectPermissionOnUser(user2, UserRole.CODEVIEWER, project);
-
-    underTest.deleteOrganizationMemberPermissions(dbSession, organization1.getUuid(), user1.getUuid());
-    dbSession.commit();
-
-    // user 1 permissions
-    assertOrgPermissionsOfUser(user1, organization1);
-    assertOrgPermissionsOfUser(user1, organization2, SCAN);
-    assertProjectPermissionsOfUser(user1, project);
-    // user 2 permissions
-    assertOrgPermissionsOfUser(user2, organization1, SCAN);
-    assertProjectPermissionsOfUser(user2, project, CODEVIEWER);
-  }
-
   @Test
   public void deleteByUserId() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    ComponentDto project = db.components().insertPrivateProject();
     db.users().insertPermissionOnUser(user1, SCAN);
     db.users().insertPermissionOnUser(user1, ADMINISTER);
     db.users().insertProjectPermissionOnUser(user1, ADMINISTER_QUALITY_GATES.getKey(), project);
@@ -633,53 +520,49 @@ public class UserPermissionDaoTest {
 
   @Test
   public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_exist() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user = insertUser(organization);
-    db.users().insertPermissionOnUser(organization, user, SCAN);
+    UserDto user = insertUser();
+    db.users().insertPermissionOnUser(user, SCAN);
 
     int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, "124", SCAN.getKey());
 
     assertThat(deletedCount).isEqualTo(0);
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid(), organization.getUuid())).containsOnly(SCAN.getKey());
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey());
   }
 
   @Test
   public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_has_no_permission_at_all() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user = insertUser(organization);
-    db.users().insertPermissionOnUser(organization, user, SCAN);
-    ComponentDto project = randomPublicOrPrivateProject(organization);
+    UserDto user = insertUser();
+    db.users().insertPermissionOnUser(user, SCAN);
+    ComponentDto project = randomPublicOrPrivateProject();
 
     int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, project.uuid(), SCAN.getKey());
 
     assertThat(deletedCount).isEqualTo(0);
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid(), organization.getUuid())).containsOnly(SCAN.getKey());
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey());
   }
 
   @Test
   public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user = insertUser(organization);
-    db.users().insertPermissionOnUser(organization, user, SCAN);
-    ComponentDto project = randomPublicOrPrivateProject(organization);
+    UserDto user = insertUser();
+    db.users().insertPermissionOnUser(user, SCAN);
+    ComponentDto project = randomPublicOrPrivateProject();
     db.users().insertProjectPermissionOnUser(user, SCAN.getKey(), project);
 
     int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, project.uuid(), "p1");
 
     assertThat(deletedCount).isEqualTo(0);
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid(), organization.getUuid())).containsOnly(SCAN.getKey());
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid())).containsOnly(SCAN.getKey());
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).containsOnly(SCAN.getKey());
   }
 
   @Test
   public void deleteProjectPermissionOfAnyUser_deletes_specified_permission_for_any_user_on_the_specified_component() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user1 = insertUser(organization);
-    UserDto user2 = insertUser(organization);
-    db.users().insertPermissionOnUser(organization, user1, SCAN);
-    db.users().insertPermissionOnUser(organization, user2, SCAN);
-    ComponentDto project1 = randomPublicOrPrivateProject(organization);
-    ComponentDto project2 = randomPublicOrPrivateProject(organization);
+    UserDto user1 = insertUser();
+    UserDto user2 = insertUser();
+    db.users().insertPermissionOnUser(user1, SCAN);
+    db.users().insertPermissionOnUser(user2, SCAN);
+    ComponentDto project1 = randomPublicOrPrivateProject();
+    ComponentDto project2 = randomPublicOrPrivateProject();
     db.users().insertProjectPermissionOnUser(user1, SCAN.getKey(), project1);
     db.users().insertProjectPermissionOnUser(user2, SCAN.getKey(), project1);
     db.users().insertProjectPermissionOnUser(user1, SCAN.getKey(), project2);
@@ -689,8 +572,8 @@ public class UserPermissionDaoTest {
     int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, project1.uuid(), SCAN.getKey());
 
     assertThat(deletedCount).isEqualTo(2);
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid(), organization.getUuid())).containsOnly(SCAN.getKey());
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid(), organization.getUuid())).containsOnly(SCAN.getKey());
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(SCAN.getKey());
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(SCAN.getKey());
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).isEmpty();
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.uuid())).isEmpty();
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly(SCAN.getKey());
@@ -699,36 +582,28 @@ public class UserPermissionDaoTest {
     deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, project2.uuid(), SCAN.getKey());
 
     assertThat(deletedCount).isEqualTo(2);
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid(), organization.getUuid())).containsOnly(SCAN.getKey());
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid(), organization.getUuid())).containsOnly(SCAN.getKey());
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getUuid())).containsOnly(SCAN.getKey());
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user2.getUuid())).containsOnly(SCAN.getKey());
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project1.uuid())).isEmpty();
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project1.uuid())).isEmpty();
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getUuid(), project2.uuid())).containsOnly();
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user2.getUuid(), project2.uuid())).containsOnly(PROVISION_PROJECTS.getKey());
   }
 
-  private ComponentDto randomPublicOrPrivateProject(OrganizationDto organization) {
-    return new Random().nextBoolean() ? db.components().insertPrivateProject(organization) : db.components().insertPublicProject(organization);
+  private ComponentDto randomPublicOrPrivateProject() {
+    return new Random().nextBoolean() ? db.components().insertPrivateProject() : db.components().insertPublicProject();
   }
 
-  private UserDto insertUser(Consumer<UserDto> populateUserDto, OrganizationDto... organizations) {
+  private UserDto insertUser(Consumer<UserDto> populateUserDto) {
     UserDto user = db.users().insertUser(populateUserDto);
-    stream(organizations).forEach(organization -> db.organizations().addMember(organization, user));
     return user;
   }
 
-  private UserDto insertUser(OrganizationDto... organizations) {
+  private UserDto insertUser() {
     UserDto user = db.users().insertUser();
-    stream(organizations).forEach(organization -> db.organizations().addMember(organization, user));
     return user;
   }
 
-  private void verifyOrganizationUuidsInTable(String... organizationUuids) {
-    assertThat(db.select("select organization_uuid as \"organizationUuid\" from user_roles"))
-      .extracting((row) -> (String) row.get("organizationUuid"))
-      .containsOnly(organizationUuids);
-  }
-
   private void expectCount(List<String> projectUuids, CountPerProjectPermission... expected) {
     List<CountPerProjectPermission> got = underTest.countUsersByProjectPermission(dbSession, projectUuids);
     assertThat(got).hasSize(expected.length);
@@ -746,11 +621,10 @@ public class UserPermissionDaoTest {
     List<UserPermissionDto> currentPermissions = underTest.selectUserPermissionsByQuery(dbSession, query, expectedUserUuids);
     assertThat(currentPermissions).hasSize(expectedPermissions.length);
     Tuple[] expectedPermissionsAsTuple = Arrays.stream(expectedPermissions)
-      .map(expectedPermission -> tuple(expectedPermission.getUserUuid(), expectedPermission.getPermission(), expectedPermission.getComponentUuid(),
-        expectedPermission.getOrganizationUuid()))
+      .map(expectedPermission -> tuple(expectedPermission.getUserUuid(), expectedPermission.getPermission(), expectedPermission.getComponentUuid()))
       .toArray(Tuple[]::new);
     assertThat(currentPermissions)
-      .extracting(UserPermissionDto::getUserUuid, UserPermissionDto::getPermission, UserPermissionDto::getComponentUuid, UserPermissionDto::getOrganizationUuid)
+      .extracting(UserPermissionDto::getUserUuid, UserPermissionDto::getPermission, UserPermissionDto::getComponentUuid)
       .containsOnly(expectedPermissionsAsTuple);
 
     // test method "countUsers()"
@@ -758,16 +632,16 @@ public class UserPermissionDaoTest {
     assertThat((long) underTest.countUsersByQuery(dbSession, query)).isEqualTo(distinctUsers);
   }
 
-  private UserPermissionDto addGlobalPermission(OrganizationDto org, String permission, UserDto user) {
-    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), org.getUuid(), permission, user.getUuid(), null);
-    underTest.insert(dbSession, dto);
+  private UserPermissionDto addGlobalPermission(String permission, UserDto user) {
+    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null);
+    underTest.insert(dbSession, dto, db.getDefaultOrganization().getUuid());
     db.commit();
     return dto;
   }
 
-  private UserPermissionDto addProjectPermission(OrganizationDto org, String permission, UserDto user, ComponentDto project) {
-    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), org.getUuid(), permission, user.getUuid(), project.uuid());
-    underTest.insert(dbSession, dto);
+  private UserPermissionDto addProjectPermission(String permission, UserDto user, ComponentDto project) {
+    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid());
+    underTest.insert(dbSession, dto, db.getDefaultOrganization().getUuid());
     db.commit();
     return dto;
   }
@@ -782,10 +656,10 @@ public class UserPermissionDaoTest {
     assertThat(db.countSql(dbSession, "select count(uuid) from user_roles where component_uuid='" + project.uuid() + "'")).isEqualTo(0);
   }
 
-  private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) {
-    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid(), organization.getUuid()).stream()
+  private void assertGlobalPermissionsOfUser(UserDto user, OrganizationPermission... permissions) {
+    assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getUuid()).stream()
       .map(OrganizationPermission::fromKey))
-        .containsOnly(permissions);
+      .containsOnly(permissions);
   }
 
   private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {

server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/GroupWithPermissionTemplateDaoTest.java

@@ -28,7 +28,6 @@ import org.sonar.api.utils.System2;
 import org.sonar.api.web.UserRole;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.PermissionQuery;
 import org.sonar.db.user.GroupDto;
 
@@ -53,68 +52,65 @@ public class GroupWithPermissionTemplateDaoTest {
 
   @Test
   public void select_group_names_by_query_and_template() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto group1 = db.users().insertGroup(organization, "Group-1");
-    GroupDto group2 = db.users().insertGroup(organization, "Group-2");
-    GroupDto group3 = db.users().insertGroup(organization, "Group-3");
+    GroupDto group1 = db.users().insertGroup("Group-1");
+    GroupDto group2 = db.users().insertGroup("Group-2");
+    GroupDto group3 = db.users().insertGroup("Group-3");
 
-    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate();
     permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER);
     permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN);
     permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING);
 
-    PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate();
     permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER);
     permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING);
 
-    assertThat(selectGroupNamesByQueryAndTemplate(builder(), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder(), template))
       .containsOnly("Group-1", "Group-2", "Group-3", "Anyone");
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission(), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission(), template))
       .containsOnly("Group-1", "Group-2");
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPermission(USER), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPermission(USER), template))
       .containsOnly("Group-1");
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPermission(USER), organization, anotherTemplate))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPermission(USER), anotherTemplate))
       .containsOnly("Anyone");
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("groU"), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("groU"), template))
       .containsOnly("Group-1", "Group-2", "Group-3");
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("nYo"), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("nYo"), template))
       .containsOnly("Anyone");
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("p-2"), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("p-2"), template))
       .containsOnly("Group-2");
 
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().build(), organization, "123"))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission().build(), "123"))
       .isEmpty();
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("unknown"), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("unknown"), template))
       .isEmpty();
   }
 
   @Test
   public void selectGroupNamesByQueryAndTemplate_is_ordering_results_by_groups_with_permission_then_by_name() {
-    OrganizationDto organization = db.organizations().insert();
-    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
-    GroupDto group1 = db.users().insertGroup(organization, "A");
-    GroupDto group2 = db.users().insertGroup(organization, "B");
-    GroupDto group3 = db.users().insertGroup(organization, "C");
+    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate();
+    GroupDto group1 = db.users().insertGroup("A");
+    GroupDto group2 = db.users().insertGroup("B");
+    GroupDto group3 = db.users().insertGroup("C");
 
     permissionTemplateDbTester.addGroupToTemplate(template, group3, UserRole.USER);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
     assertThat(underTest.selectGroupNamesByQueryAndTemplate(db.getSession(), query, template.getUuid()))
       .containsExactly("Anyone", group3.getName(), group1.getName(), group2.getName());
   }
 
   @Test
   public void selectGroupNamesByQueryAndTemplate_is_order_by_groups_with_permission_then_by_name_when_many_groups() {
-    OrganizationDto organization = db.organizations().insert();
-    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate();
     IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
-      db.users().insertGroup(organization, "Group-" + i);
+      db.users().insertGroup("Group-" + i);
     });
 
     String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1);
-    permissionTemplateDbTester.addGroupToTemplate(template, db.users().selectGroup(organization, lastGroupName).get(), UserRole.USER);
+    permissionTemplateDbTester.addGroupToTemplate(template, db.users().selectGroup(lastGroupName).get(), UserRole.USER);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
     assertThat(underTest.selectGroupNamesByQueryAndTemplate(db.getSession(), query, template.getUuid()))
       .hasSize(DEFAULT_PAGE_SIZE)
       .startsWith("Anyone", lastGroupName, "Group-1");
@@ -122,18 +118,17 @@ public class GroupWithPermissionTemplateDaoTest {
 
   @Test
   public void selectGroupNamesByQueryAndTemplate_ignores_other_template_and_is_ordered_by_groups_with_permission_then_by_name_when_many_groups() {
-    OrganizationDto organization = db.organizations().insert();
-    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
-    PermissionTemplateDto otherTemplate = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate();
+    PermissionTemplateDto otherTemplate = permissionTemplateDbTester.insertTemplate();
     IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
-      GroupDto group = db.users().insertGroup(organization, "Group-" + i);
+      GroupDto group = db.users().insertGroup("Group-" + i);
       permissionTemplateDbTester.addGroupToTemplate(otherTemplate, group, UserRole.USER);
     });
 
     String lastGroupName = "Group-" + (DEFAULT_PAGE_SIZE + 1);
-    permissionTemplateDbTester.addGroupToTemplate(template, db.users().selectGroup(organization, lastGroupName).get(), UserRole.USER);
+    permissionTemplateDbTester.addGroupToTemplate(template, db.users().selectGroup(lastGroupName).get(), UserRole.USER);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
     assertThat(underTest.selectGroupNamesByQueryAndTemplate(db.getSession(), query, template.getUuid()))
       .hasSize(DEFAULT_PAGE_SIZE)
       .startsWith("Anyone", lastGroupName, "Group-1");
@@ -141,63 +136,60 @@ public class GroupWithPermissionTemplateDaoTest {
 
   @Test
   public void select_group_names_by_query_and_template_is_paginated() {
-    OrganizationDto organization = db.organizations().insert();
-    IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(organization, i + "-name"));
+    IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(i + "-name"));
 
-    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate();
 
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPageIndex(1).setPageSize(1), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPageIndex(1).setPageSize(1), template))
       .containsExactly("0-name");
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPageIndex(2).setPageSize(3), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setPageIndex(2).setPageSize(3), template))
       .containsExactly("3-name", "4-name", "5-name");
   }
 
   @Test
   public void select_group_names_by_query_and_template_returns_anyone() {
-    OrganizationDto organization = db.organizations().insert();
-    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate();
 
-    GroupDto group = db.users().insertGroup(organization, "Group");
-    PermissionTemplateDto otherTemplate = permissionTemplateDbTester.insertTemplate(organization);
+    GroupDto group = db.users().insertGroup("Group");
+    PermissionTemplateDto otherTemplate = permissionTemplateDbTester.insertTemplate();
     permissionTemplateDbTester.addGroupToTemplate(otherTemplate.getUuid(), group.getUuid(), USER);
 
-    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("nyo"), organization, template))
+    assertThat(selectGroupNamesByQueryAndTemplate(builder().setSearchQuery("nyo"), template))
       .containsExactly("Anyone");
   }
 
   @Test
   public void count_group_names_by_query_and_template() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto group1 = db.users().insertGroup(organization, "Group-1");
-    GroupDto group2 = db.users().insertGroup(organization, "Group-2");
-    GroupDto group3 = db.users().insertGroup(organization, "Group-3");
+    GroupDto group1 = db.users().insertGroup("Group-1");
+    GroupDto group2 = db.users().insertGroup("Group-2");
+    GroupDto group3 = db.users().insertGroup("Group-3");
 
-    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto template = permissionTemplateDbTester.insertTemplate();
     permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), USER);
     permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group1.getUuid(), ADMIN);
     permissionTemplateDbTester.addGroupToTemplate(template.getUuid(), group2.getUuid(), PROVISIONING);
 
-    PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate(organization);
+    PermissionTemplateDto anotherTemplate = permissionTemplateDbTester.insertTemplate();
     permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), null, USER);
     permissionTemplateDbTester.addGroupToTemplate(anotherTemplate.getUuid(), group1.getUuid(), PROVISIONING);
 
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()), organization, template))
+    assertThat(countGroupNamesByQueryAndTemplate(builder(), template))
       .isEqualTo(4);
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission(), organization, template))
+    assertThat(countGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission(), template))
       .isEqualTo(2);
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).setPermission(USER), organization, template)).isEqualTo(1);
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).setPermission(USER), organization, anotherTemplate))
+    assertThat(countGroupNamesByQueryAndTemplate(builder().setPermission(USER), template)).isEqualTo(1);
+    assertThat(countGroupNamesByQueryAndTemplate(builder().setPermission(USER), anotherTemplate))
       .isEqualTo(1);
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("groU"), organization, template))
+    assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("groU"), template))
       .isEqualTo(3);
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("nYo"), organization, template))
+    assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("nYo"), template))
       .isEqualTo(1);
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("p-2"), organization, template))
+    assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("p-2"), template))
       .isEqualTo(1);
 
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().build(), organization, "123"))
+    assertThat(countGroupNamesByQueryAndTemplate(builder().withAtLeastOnePermission().build(), "123"))
       .isZero();
-    assertThat(countGroupNamesByQueryAndTemplate(builder().setOrganizationUuid(organization.getUuid()).setSearchQuery("unknown"), organization, template))
+    assertThat(countGroupNamesByQueryAndTemplate(builder().setSearchQuery("unknown"), template))
       .isZero();
   }
 
@@ -267,20 +259,20 @@ public class GroupWithPermissionTemplateDaoTest {
     assertThat(underTest.selectGroupPermissionsByTemplateUuid(session, "321")).isEmpty();
   }
 
-  private List<String> selectGroupNamesByQueryAndTemplate(PermissionQuery.Builder queryBuilder, OrganizationDto organization, PermissionTemplateDto permissionTemplateDto) {
-    return selectGroupNamesByQueryAndTemplate(queryBuilder.setOrganizationUuid(organization.getUuid()).build(), organization, permissionTemplateDto.getUuid());
+  private List<String> selectGroupNamesByQueryAndTemplate(PermissionQuery.Builder queryBuilder, PermissionTemplateDto permissionTemplateDto) {
+    return selectGroupNamesByQueryAndTemplate(queryBuilder.build(), permissionTemplateDto.getUuid());
   }
 
-  private List<String> selectGroupNamesByQueryAndTemplate(PermissionQuery query, OrganizationDto organization, String templateUuid) {
+  private List<String> selectGroupNamesByQueryAndTemplate(PermissionQuery query, String templateUuid) {
     return underTest.selectGroupNamesByQueryAndTemplate(session, query, templateUuid);
   }
 
-  private int countGroupNamesByQueryAndTemplate(PermissionQuery.Builder queryBuilder, OrganizationDto organization, PermissionTemplateDto permissionTemplateDto) {
-    return countGroupNamesByQueryAndTemplate(queryBuilder.build(), organization, permissionTemplateDto.getUuid());
+  private int countGroupNamesByQueryAndTemplate(PermissionQuery.Builder queryBuilder, PermissionTemplateDto permissionTemplateDto) {
+    return countGroupNamesByQueryAndTemplate(queryBuilder.build(), permissionTemplateDto.getUuid());
   }
 
-  private int countGroupNamesByQueryAndTemplate(PermissionQuery query, OrganizationDto organization, String templateUuid) {
-    return underTest.countGroupNamesByQueryAndTemplate(session, query, organization.getUuid(), templateUuid);
+  private int countGroupNamesByQueryAndTemplate(PermissionQuery query, String templateUuid) {
+    return underTest.countGroupNamesByQueryAndTemplate(session, query, templateUuid);
   }
 
 }

server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/PermissionTemplateDaoTest.java

@@ -74,19 +74,19 @@ public class PermissionTemplateDaoTest {
   @Test
   public void create_permission_template() {
     PermissionTemplateDto permissionTemplate = underTest.insert(db.getSession(), newPermissionTemplateDto()
+      .setOrganizationUuid(db.getDefaultOrganization().getUuid())
       .setUuid("ABCD")
       .setName("my template")
       .setDescription("my description")
       .setKeyPattern("myregexp")
-      .setOrganizationUuid("org")
       .setCreatedAt(PAST)
       .setUpdatedAt(NOW));
     db.commit();
 
     assertThat(underTest.selectByUuid(db.getSession(), permissionTemplate.getUuid()))
       .extracting(PermissionTemplateDto::getUuid, PermissionTemplateDto::getName, PermissionTemplateDto::getDescription, PermissionTemplateDto::getKeyPattern,
-        PermissionTemplateDto::getOrganizationUuid, PermissionTemplateDto::getCreatedAt, PermissionTemplateDto::getUpdatedAt)
-      .containsOnly("ABCD", "my template", "my description", "myregexp", "org", PAST, NOW);
+        PermissionTemplateDto::getCreatedAt, PermissionTemplateDto::getUpdatedAt)
+      .containsOnly("ABCD", "my template", "my description", "myregexp", PAST, NOW);
   }
 
   @Test
@@ -95,13 +95,11 @@ public class PermissionTemplateDaoTest {
       .setUuid("ABCD")
       .setName("my template")
       .setDescription("my description")
-      .setKeyPattern("myregexp")
-      .setOrganizationUuid("org"));
+      .setKeyPattern("myregexp"));
 
     assertThat(underTest.selectByUuid(db.getSession(), "ABCD"))
-      .extracting(PermissionTemplateDto::getUuid, PermissionTemplateDto::getName, PermissionTemplateDto::getDescription, PermissionTemplateDto::getKeyPattern,
-        PermissionTemplateDto::getOrganizationUuid)
-      .containsOnly("ABCD", "my template", "my description", "myregexp", "org");
+      .extracting(PermissionTemplateDto::getUuid, PermissionTemplateDto::getName, PermissionTemplateDto::getDescription, PermissionTemplateDto::getKeyPattern)
+      .containsOnly("ABCD", "my template", "my description", "myregexp");
   }
 
   @Test
@@ -109,37 +107,32 @@ public class PermissionTemplateDaoTest {
     templateDb.insertTemplate(newPermissionTemplateDto()
       .setUuid("tpl1")
       .setName("template1")
-      .setDescription("description1")
-      .setOrganizationUuid("org"));
+      .setDescription("description1"));
     templateDb.insertTemplate(newPermissionTemplateDto()
       .setUuid("tpl2")
       .setName("template2")
-      .setDescription("description2")
-      .setOrganizationUuid("org"));
+      .setDescription("description2"));
     templateDb.insertTemplate(newPermissionTemplateDto()
       .setUuid("tpl3")
       .setName("template3")
-      .setDescription("description3")
-      .setOrganizationUuid("org"));
+      .setDescription("description3"));
 
-    assertThat(underTest.selectAll(dbSession, "org", null))
+    assertThat(underTest.selectAll(dbSession, null))
       .extracting(PermissionTemplateDto::getUuid, PermissionTemplateDto::getName, PermissionTemplateDto::getDescription)
       .containsOnly(
         tuple("tpl1", "template1", "description1"),
         tuple("tpl2", "template2", "description2"),
         tuple("tpl3", "template3", "description3"));
-    assertThat(underTest.selectAll(dbSession, "missingOrg", null)).isEmpty();
   }
 
   @Test
   public void selectAll_with_name_filtering() {
-    PermissionTemplateDto t1InOrg1 = templateDb.insertTemplate(newPermissionTemplateDto().setName("aBcDeF").setOrganizationUuid("org1"));
-    PermissionTemplateDto t2InOrg1 = templateDb.insertTemplate(newPermissionTemplateDto().setName("cdefgh").setOrganizationUuid("org1"));
-    PermissionTemplateDto t3InOrg1 = templateDb.insertTemplate(newPermissionTemplateDto().setName("hijkl").setOrganizationUuid("org2"));
-    PermissionTemplateDto t4InOrg2 = templateDb.insertTemplate(newPermissionTemplateDto().setName("cdefgh").setOrganizationUuid("org2"));
+    PermissionTemplateDto t1InOrg1 = templateDb.insertTemplate(newPermissionTemplateDto().setName("aBcDeF"));
+    PermissionTemplateDto t2InOrg1 = templateDb.insertTemplate(newPermissionTemplateDto().setName("cdefgh"));
+    PermissionTemplateDto t3InOrg1 = templateDb.insertTemplate(newPermissionTemplateDto().setName("hijkl"));
 
-    assertThat(underTest.selectAll(dbSession, "org1", "def")).extracting(PermissionTemplateDto::getUuid).containsExactly(t1InOrg1.getUuid(), t2InOrg1.getUuid());
-    assertThat(underTest.selectAll(dbSession, "org1", "missing")).isEmpty();
+    assertThat(underTest.selectAll(dbSession, "def")).extracting(PermissionTemplateDto::getUuid).containsExactly(t1InOrg1.getUuid(), t2InOrg1.getUuid());
+    assertThat(underTest.selectAll(dbSession, "missing")).isEmpty();
   }
 
   @Test
@@ -149,7 +142,6 @@ public class PermissionTemplateDaoTest {
       .setName("name")
       .setDescription("description")
       .setKeyPattern("regexp")
-      .setOrganizationUuid("org")
       .setCreatedAt(PAST)
       .setUpdatedAt(PAST));
 
@@ -160,14 +152,13 @@ public class PermissionTemplateDaoTest {
       .setUpdatedAt(NOW)
       // Invariant fields, should not be updated
       .setUuid("ABCD")
-      .setOrganizationUuid("new org")
       .setCreatedAt(NOW));
     db.commit();
 
     assertThat(underTest.selectByUuid(db.getSession(), "ABCD"))
       .extracting(PermissionTemplateDto::getUuid, PermissionTemplateDto::getName, PermissionTemplateDto::getDescription, PermissionTemplateDto::getKeyPattern,
-        PermissionTemplateDto::getOrganizationUuid, PermissionTemplateDto::getCreatedAt, PermissionTemplateDto::getUpdatedAt)
-      .containsOnly("ABCD", "new_name", "new_description", "new_regexp", "org", PAST, NOW);
+        PermissionTemplateDto::getCreatedAt, PermissionTemplateDto::getUpdatedAt)
+      .containsOnly("ABCD", "new_name", "new_description", "new_regexp", PAST, NOW);
   }
 
   @Test
@@ -176,8 +167,8 @@ public class PermissionTemplateDaoTest {
     UserDto user2 = db.users().insertUser();
     GroupDto group1 = db.users().insertGroup();
     GroupDto group2 = db.users().insertGroup();
-    PermissionTemplateDto permissionTemplate1 = templateDb.insertTemplate(db.getDefaultOrganization());
-    PermissionTemplateDto permissionTemplate2 = templateDb.insertTemplate(db.getDefaultOrganization());
+    PermissionTemplateDto permissionTemplate1 = templateDb.insertTemplate();
+    PermissionTemplateDto permissionTemplate2 = templateDb.insertTemplate();
     templateDb.addUserToTemplate(permissionTemplate1, user1, "user");
     templateDb.addUserToTemplate(permissionTemplate1, user2, "user");
     templateDb.addUserToTemplate(permissionTemplate1, user2, "admin");
@@ -192,7 +183,7 @@ public class PermissionTemplateDaoTest {
     underTest.deleteByUuid(dbSession, permissionTemplate1.getUuid());
     dbSession.commit();
 
-    assertThat(underTest.selectAll(db.getSession(), db.getDefaultOrganization().getUuid(), null))
+    assertThat(underTest.selectAll(db.getSession(), null))
       .extracting(PermissionTemplateDto::getUuid)
       .containsOnly(permissionTemplate2.getUuid());
     assertThat(db.getDbClient().permissionTemplateDao().selectUserPermissionsByTemplateId(db.getSession(), permissionTemplate1.getUuid())).isEmpty();
@@ -206,7 +197,7 @@ public class PermissionTemplateDaoTest {
 
   @Test
   public void add_user_permission_to_template() {
-    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
+    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate();
     UserDto user = db.users().insertUser();
 
     underTest.insertUserPermission(dbSession, permissionTemplate.getUuid(), user.getUuid(), "user");
@@ -220,7 +211,7 @@ public class PermissionTemplateDaoTest {
 
   @Test
   public void remove_user_permission_from_template() {
-    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
+    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate();
     UserDto user1 = db.users().insertUser();
     UserDto user2 = db.users().insertUser();
     templateDb.addUserToTemplate(permissionTemplate, user1, "user");
@@ -236,7 +227,7 @@ public class PermissionTemplateDaoTest {
 
   @Test
   public void add_group_permission_to_template() {
-    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
+    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate();
     GroupDto group = db.users().insertGroup();
 
     underTest.insertGroupPermission(dbSession, permissionTemplate.getUuid(), group.getUuid(), "user");
@@ -251,7 +242,7 @@ public class PermissionTemplateDaoTest {
 
   @Test
   public void remove_by_group() {
-    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
+    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate();
     GroupDto group1 = db.users().insertGroup();
     GroupDto group2 = db.users().insertGroup();
     templateDb.addGroupToTemplate(permissionTemplate, group1, "user");
@@ -268,7 +259,7 @@ public class PermissionTemplateDaoTest {
 
   @Test
   public void add_group_permission_to_anyone() {
-    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
+    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate();
 
     underTest.insertGroupPermission(dbSession, permissionTemplate.getUuid(), null, "user");
     dbSession.commit();
@@ -374,7 +365,7 @@ public class PermissionTemplateDaoTest {
 
   @Test
   public void selectAllGroupPermissionTemplatesByGroupUuid() {
-    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate(db.getDefaultOrganization());
+    PermissionTemplateDto permissionTemplate = templateDb.insertTemplate();
     GroupDto group1 = db.users().insertGroup();
     GroupDto group2 = db.users().insertGroup();
     templateDb.addGroupToTemplate(permissionTemplate, group1, "user");
@@ -386,80 +377,14 @@ public class PermissionTemplateDaoTest {
       .containsOnly(tuple(group1.getUuid(), "user"), tuple(group1.getUuid(), "admin"));
   }
 
-  @Test
-  public void deleteByOrganization_does_not_fail_on_empty_db() {
-    underTest.deleteByOrganization(dbSession, "some uuid");
-    dbSession.commit();
-  }
-
-  @Test
-  public void deleteByOrganization_does_not_fail_when_organization_has_no_template() {
-    OrganizationDto organization = db.organizations().insert();
-
-    underTest.deleteByOrganization(dbSession, organization.getUuid());
-    dbSession.commit();
-  }
-
-  @Test
-  public void deleteByOrganization_delete_all_templates_of_organization_and_content_of_child_tables() {
-    OrganizationDto organization1 = db.organizations().insert();
-    OrganizationDto organization2 = db.organizations().insert();
-    OrganizationDto organization3 = db.organizations().insert();
-
-    PermissionTemplateDto[] templates = {
-      createTemplate(organization1),
-      createTemplate(organization2),
-      createTemplate(organization3),
-      createTemplate(organization1),
-      createTemplate(organization2)
-    };
-
-    verifyTemplateUuidsInDb(templates[0].getUuid(), templates[1].getUuid(), templates[2].getUuid(), templates[3].getUuid(), templates[4].getUuid());
-
-    underTest.deleteByOrganization(dbSession, organization2.getUuid());
-    dbSession.commit();
-    verifyTemplateUuidsInDb(templates[0].getUuid(), templates[2].getUuid(), templates[3].getUuid());
-
-    underTest.deleteByOrganization(dbSession, organization3.getUuid());
-    dbSession.commit();
-    verifyTemplateUuidsInDb(templates[0].getUuid(), templates[3].getUuid());
-
-    underTest.deleteByOrganization(dbSession, organization1.getUuid());
-    dbSession.commit();
-    verifyTemplateUuidsInDb();
-  }
-
-  @Test
-  public void delete_user_permissions_by_organization() {
-    OrganizationDto organization = db.organizations().insert();
-    OrganizationDto anotherOrganization = db.organizations().insert();
-    UserDto user = db.users().insertUser();
-    UserDto anotherUser = db.users().insertUser();
-    PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);
-    PermissionTemplateDto anotherTemplate = db.permissionTemplates().insertTemplate(anotherOrganization);
-    String permission = "PERMISSION";
-    db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), permission);
-    db.permissionTemplates().addUserToTemplate(template.getUuid(), anotherUser.getUuid(), permission);
-    db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), permission);
-
-    underTest.deleteUserPermissionsByOrganization(dbSession, organization.getUuid(), user.getUuid());
-
-    assertThat(underTest.selectUserPermissionsByTemplateId(dbSession, template.getUuid())).extracting(PermissionTemplateUserDto::getUserUuid).containsOnly(anotherUser.getUuid());
-    assertThat(underTest.selectUserPermissionsByTemplateId(dbSession, anotherTemplate.getUuid())).extracting(PermissionTemplateUserDto::getUserUuid).containsOnly(user.getUuid());
-  }
-
   @Test
   public void delete_user_permissions_by_user_uuid() {
-    OrganizationDto organization = db.organizations().insert();
-    OrganizationDto anotherOrganization = db.organizations().insert();
     UserDto user = db.users().insertUser();
     UserDto anotherUser = db.users().insertUser();
-    PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);
-    PermissionTemplateDto anotherTemplate = db.permissionTemplates().insertTemplate(anotherOrganization);
+    PermissionTemplateDto template = db.permissionTemplates().insertTemplate();
     String permission = "PERMISSION";
     db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), permission);
     db.permissionTemplates().addUserToTemplate(template.getUuid(), anotherUser.getUuid(), permission);
-    db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), permission);
 
     underTest.deleteUserPermissionsByUserUuid(dbSession, user.getUuid());
     db.commit();
@@ -473,7 +398,7 @@ public class PermissionTemplateDaoTest {
     UserDto user = db.users().insertUser();
     GroupDto group = db.users().insertGroup();
     db.users().insertMember(group, user);
-    PermissionTemplateDto template = templateDb.insertTemplate(organization);
+    PermissionTemplateDto template = templateDb.insertTemplate();
     templateDb.addProjectCreatorToTemplate(template.getUuid(), SCAN_EXECUTION);
     templateDb.addProjectCreatorToTemplate(template.getUuid(), UserRole.ADMIN);
     templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER);
@@ -483,20 +408,4 @@ public class PermissionTemplateDaoTest {
     templateDb.addGroupToTemplate(template.getUuid(), null, UserRole.ISSUE_ADMIN);
     return template;
   }
-
-  private void verifyTemplateUuidsInDb(String... expectedTemplateUuids) {
-    assertThat(db.select("select distinct template_uuid as \"templateUuid\" from perm_templates_groups"))
-      .extracting((row) -> (String) row.get("templateUuid"))
-      .containsOnly(expectedTemplateUuids);
-    assertThat(db.select("select distinct template_uuid as \"templateUuid\" from perm_templates_users"))
-      .extracting((row) -> (String) row.get("templateUuid"))
-      .containsOnly(expectedTemplateUuids);
-    assertThat(db.select("select distinct template_uuid as \"templateUuid\" from perm_tpl_characteristics"))
-      .extracting((row) -> (String) row.get("templateUuid"))
-      .containsOnly(expectedTemplateUuids);
-    assertThat(db.select("select distinct uuid as \"templateUuid\" from permission_templates"))
-      .extracting((row) -> (String) row.get("templateUuid"))
-      .containsOnly(expectedTemplateUuids);
-  }
-
 }

server/sonar-db-dao/src/test/java/org/sonar/db/permission/template/UserWithPermissionTemplateDaoTest.java

@@ -65,14 +65,13 @@ public class UserWithPermissionTemplateDaoTest {
     PermissionTemplateDto anotherPermissionTemplate = db.permissionTemplates().insertTemplate();
     db.permissionTemplates().addUserToTemplate(anotherPermissionTemplate, user1, USER);
 
-    assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).build(),
+    assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession, builder().build(),
       permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin(), user3.getLogin());
+      .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin(), user3.getLogin());
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setPermission(USER).build(),
+      builder().withAtLeastOnePermission().setPermission(USER).build(),
       permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
+      .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
   }
 
   @Test
@@ -84,8 +83,8 @@ public class UserWithPermissionTemplateDaoTest {
     db.permissionTemplates().addUserToTemplate(permissionTemplate, user, USER);
 
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).setPermission(USER).withAtLeastOnePermission().build(), "999"))
-        .isEmpty();
+      builder().setPermission(USER).withAtLeastOnePermission().build(), "999"))
+      .isEmpty();
   }
 
   @Test
@@ -104,9 +103,9 @@ public class UserWithPermissionTemplateDaoTest {
     db.permissionTemplates().addUserToTemplate(anotherPermissionTemplate, user1, USER);
 
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).setPermission(USER).withAtLeastOnePermission().build(),
+      builder().setPermission(USER).withAtLeastOnePermission().build(),
       permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
+      .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
   }
 
   @Test
@@ -120,8 +119,8 @@ public class UserWithPermissionTemplateDaoTest {
     db.permissionTemplates().addUserToTemplate(permissionTemplate, disabledUser, USER);
 
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).setPermission(USER).build(), permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user.getLogin());
+      builder().setPermission(USER).build(), permissionTemplate.getUuid()))
+      .containsExactlyInAnyOrder(user.getLogin());
   }
 
   @Test
@@ -136,27 +135,26 @@ public class UserWithPermissionTemplateDaoTest {
     db.permissionTemplates().addUserToTemplate(permissionTemplate, user2, USER);
 
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(
-      dbSession, builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setPermission(USER).setSearchQuery("SEr1").build(),
+      dbSession, builder().withAtLeastOnePermission().setPermission(USER).setSearchQuery("SEr1").build(),
       permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user1.getLogin());
+      .containsExactlyInAnyOrder(user1.getLogin());
 
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(
-      dbSession, builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setPermission(USER).setSearchQuery("user").build(),
+      dbSession, builder().withAtLeastOnePermission().setPermission(USER).setSearchQuery("user").build(),
       permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
+      .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
   }
 
   @Test
   public void selectUserLoginsByQueryAndTemplate_is_ordering_result_by_users_with_permissions_then_by_name() {
-    OrganizationDto organization = db.organizations().insert();
-    PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);
+    PermissionTemplateDto template = db.permissionTemplates().insertTemplate();
     UserDto user1 = db.users().insertUser(u -> u.setName("A"));
     UserDto user2 = db.users().insertUser(u -> u.setName("B"));
     UserDto user3 = db.users().insertUser(u -> u.setName("C"));
-    db.organizations().addMember(organization, user1, user2, user3);
+    //db.organizations().addMember(organization, user1, user2, user3);
     db.permissionTemplates().addUserToTemplate(template.getUuid(), user3.getUuid(), UserRole.USER);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(db.getSession(), query, template.getUuid()))
       .containsExactly(user3.getLogin(), user1.getLogin(), user2.getLogin());
   }
@@ -164,9 +162,9 @@ public class UserWithPermissionTemplateDaoTest {
   @Test
   public void selectUserLoginsByQueryAndTemplate_is_order_by_groups_with_permission_when_many_users() {
     OrganizationDto organization = db.organizations().insert();
-    PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);
+    PermissionTemplateDto template = db.permissionTemplates().insertTemplate();
     // Add another template having some users with permission to make sure it's correctly ignored
-    PermissionTemplateDto otherTemplate = db.permissionTemplates().insertTemplate(organization);
+    PermissionTemplateDto otherTemplate = db.permissionTemplates().insertTemplate();
     IntStream.rangeClosed(1, DEFAULT_PAGE_SIZE + 1).forEach(i -> {
       UserDto user = db.users().insertUser("User-" + i);
       db.organizations().addMember(organization, user);
@@ -175,7 +173,7 @@ public class UserWithPermissionTemplateDaoTest {
     String lastLogin = "User-" + (DEFAULT_PAGE_SIZE + 1);
     db.permissionTemplates().addUserToTemplate(template, db.users().selectUserByLogin(lastLogin).get(), UserRole.USER);
 
-    PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(organization.getUuid()).build();
+    PermissionQuery query = PermissionQuery.builder().build();
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(db.getSession(), query, template.getUuid()))
       .hasSize(DEFAULT_PAGE_SIZE)
       .startsWith(lastLogin);
@@ -193,14 +191,14 @@ public class UserWithPermissionTemplateDaoTest {
     db.permissionTemplates().addUserToTemplate(permissionTemplate, user2, USER);
 
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).setPageIndex(1).setPageSize(2).build(), permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
+      builder().setPageIndex(1).setPageSize(2).build(), permissionTemplate.getUuid()))
+      .containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin());
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).setPageIndex(2).setPageSize(2).build(), permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user3.getLogin());
+      builder().setPageIndex(2).setPageSize(2).build(), permissionTemplate.getUuid()))
+      .containsExactlyInAnyOrder(user3.getLogin());
     assertThat(underTest.selectUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).setPageIndex(3).setPageSize(1).build(), permissionTemplate.getUuid()))
-        .containsExactlyInAnyOrder(user3.getLogin());
+      builder().setPageIndex(3).setPageSize(1).build(), permissionTemplate.getUuid()))
+      .containsExactlyInAnyOrder(user3.getLogin());
   }
 
   @Test
@@ -215,11 +213,11 @@ public class UserWithPermissionTemplateDaoTest {
     db.permissionTemplates().addUserToTemplate(permissionTemplate, user2, USER);
 
     assertThat(underTest.countUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).build(), permissionTemplate.getUuid()))
-        .isEqualTo(3);
+      builder().build(), permissionTemplate.getUuid()))
+      .isEqualTo(3);
     assertThat(underTest.countUserLoginsByQueryAndTemplate(dbSession,
-      builder().setOrganizationUuid(organization.getUuid()).withAtLeastOnePermission().setPermission("user").build(), permissionTemplate.getUuid()))
-        .isEqualTo(2);
+      builder().withAtLeastOnePermission().setPermission("user").build(), permissionTemplate.getUuid()))
+      .isEqualTo(2);
   }
 
   @Test

server/sonar-db-dao/src/test/java/org/sonar/db/purge/PurgeCommandsTest.java

@@ -522,7 +522,7 @@ public class PurgeCommandsTest {
   public void deletePermissions_deletes_permissions_of_public_project() {
     OrganizationDto organization = dbTester.organizations().insert();
     ComponentDto project = dbTester.components().insertPublicProject(organization);
-    addPermissions(organization, project);
+    addPermissions(project);
 
     PurgeCommands purgeCommands = new PurgeCommands(dbTester.getSession(), profiler, system2);
     purgeCommands.deletePermissions(project.uuid());
@@ -535,7 +535,7 @@ public class PurgeCommandsTest {
   public void deletePermissions_deletes_permissions_of_private_project() {
     OrganizationDto organization = dbTester.organizations().insert();
     ComponentDto project = dbTester.components().insertPrivateProject(organization);
-    addPermissions(organization, project);
+    addPermissions(project);
 
     PurgeCommands purgeCommands = new PurgeCommands(dbTester.getSession(), profiler, system2);
     purgeCommands.deletePermissions(project.uuid());
@@ -548,7 +548,7 @@ public class PurgeCommandsTest {
   public void deletePermissions_deletes_permissions_of_view() {
     OrganizationDto organization = dbTester.organizations().insert();
     ComponentDto project = dbTester.components().insertPublicPortfolio(organization);
-    addPermissions(organization, project);
+    addPermissions(project);
 
     PurgeCommands purgeCommands = new PurgeCommands(dbTester.getSession(), profiler, system2);
     purgeCommands.deletePermissions(project.uuid());
@@ -642,13 +642,13 @@ public class PurgeCommandsTest {
     assertThat(dbTester.countRowsOfTable("user_dismissed_messages")).isEqualTo(1);
   }
 
-  private void addPermissions(OrganizationDto organization, ComponentDto root) {
+  private void addPermissions(ComponentDto root) {
     if (!root.isPrivate()) {
       dbTester.users().insertProjectPermissionOnAnyone("foo1", root);
-      dbTester.users().insertPermissionOnAnyone(organization, "not project level");
+      dbTester.users().insertPermissionOnAnyone("not project level");
     }
 
-    GroupDto group = dbTester.users().insertGroup(organization);
+    GroupDto group = dbTester.users().insertGroup();
     dbTester.users().insertProjectPermissionOnGroup(group, "bar", root);
     dbTester.users().insertPermissionOnGroup(group, "not project level");
 

server/sonar-db-dao/src/test/java/org/sonar/db/user/GroupDaoTest.java

@@ -29,25 +29,17 @@ import org.junit.Test;
 import org.sonar.api.utils.System2;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 
 import static java.util.Arrays.asList;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
 import static org.mockito.Mockito.when;
-import static org.sonar.db.organization.OrganizationDto.Subscription.SONARQUBE;
 import static org.sonar.db.user.GroupTesting.newGroupDto;
 
 public class GroupDaoTest {
 
   private static final long NOW = 1_500_000L;
   private static final String MISSING_UUID = "unknown";
-  private static final OrganizationDto AN_ORGANIZATION = new OrganizationDto()
-    .setKey("an-org")
-    .setName("An Org")
-    .setDefaultQualityGateUuid("1")
-    .setSubscription(SONARQUBE)
-    .setUuid("abcde");
 
   private System2 system2 = mock(System2.class);
 
@@ -60,23 +52,20 @@ public class GroupDaoTest {
   private final GroupDto aGroup = new GroupDto()
     .setUuid("uuid")
     .setName("the-name")
-    .setDescription("the description")
-    .setOrganizationUuid(AN_ORGANIZATION.getUuid());
+    .setDescription("the description");
 
   @Before
   public void setUp() {
     when(system2.now()).thenReturn(NOW);
-    db.getDbClient().organizationDao().insert(dbSession, AN_ORGANIZATION, false);
   }
 
   @Test
   public void selectByName() {
     db.getDbClient().groupDao().insert(dbSession, aGroup);
 
-    GroupDto group = underTest.selectByName(dbSession, AN_ORGANIZATION.getUuid(), aGroup.getName()).get();
+    GroupDto group = underTest.selectByName(dbSession, aGroup.getName()).get();
 
     assertThat(group.getUuid()).isNotNull();
-    assertThat(group.getOrganizationUuid()).isEqualTo(aGroup.getOrganizationUuid());
     assertThat(group.getName()).isEqualTo(aGroup.getName());
     assertThat(group.getDescription()).isEqualTo(aGroup.getDescription());
     assertThat(group.getCreatedAt()).isEqualTo(new Date(NOW));
@@ -85,7 +74,7 @@ public class GroupDaoTest {
 
   @Test
   public void selectByName_returns_absent() {
-    Optional<GroupDto> group = underTest.selectByName(dbSession, AN_ORGANIZATION.getUuid(), "missing");
+    Optional<GroupDto> group = underTest.selectByName(dbSession, "missing");
 
     assertThat(group).isNotPresent();
   }
@@ -105,17 +94,14 @@ public class GroupDaoTest {
 
   @Test
   public void selectByNames() {
-    GroupDto group1InOrg1 = underTest.insert(dbSession, newGroupDto().setName("group1").setOrganizationUuid("org1"));
-    GroupDto group2InOrg1 = underTest.insert(dbSession, newGroupDto().setName("group2").setOrganizationUuid("org1"));
-    GroupDto group1InOrg2 = underTest.insert(dbSession, newGroupDto().setName("group1").setOrganizationUuid("org2"));
-    GroupDto group3InOrg2 = underTest.insert(dbSession, newGroupDto().setName("group3").setOrganizationUuid("org2"));
-    dbSession.commit();
+    GroupDto group1 = underTest.insert(dbSession, newGroupDto().setName("group1"));
+    GroupDto group2 = underTest.insert(dbSession, newGroupDto().setName("group2"));
 
-    assertThat(underTest.selectByNames(dbSession, "org1", asList("group1", "group2", "group3", "missingGroup"))).extracting(GroupDto::getUuid)
-      .containsOnly(group1InOrg1.getUuid(), group2InOrg1.getUuid());
+    dbSession.commit();
 
-    assertThat(underTest.selectByNames(dbSession, "org1", Collections.emptyList())).isEmpty();
-    assertThat(underTest.selectByNames(dbSession, "missingOrg", asList("group1"))).isEmpty();
+    assertThat(underTest.selectByNames(dbSession, asList("group1", "group2", "group3", "missingGroup"))).extracting(GroupDto::getUuid)
+      .containsOnly(group1.getUuid(), group2.getUuid());
+    assertThat(underTest.selectByNames(dbSession, Collections.emptyList())).isEmpty();
   }
 
   @Test
@@ -140,7 +126,6 @@ public class GroupDaoTest {
       .setUuid(aGroup.getUuid())
       .setName("new-name")
       .setDescription("New description")
-      .setOrganizationUuid("another-org")
       .setCreatedAt(new Date(NOW + 1_000L));
 
     underTest.update(dbSession, dto);
@@ -152,60 +137,55 @@ public class GroupDaoTest {
     assertThat(reloaded.getDescription()).isEqualTo("New description");
 
     // immutable fields --> to be ignored
-    assertThat(reloaded.getOrganizationUuid()).isEqualTo(aGroup.getOrganizationUuid());
     assertThat(reloaded.getCreatedAt()).isEqualTo(aGroup.getCreatedAt());
   }
 
   @Test
   public void selectByQuery() {
-    OrganizationDto organization1 = db.organizations().insert(organizationDto -> organizationDto.setUuid("org1"));
-    OrganizationDto organization2 = db.organizations().insert(organizationDto -> organizationDto.setUuid("org2"));
-    db.users().insertGroup(organization1, "sonar-users");
-    db.users().insertGroup(organization1, "SONAR-ADMINS");
-    db.users().insertGroup(organization1, "customers-group1");
-    db.users().insertGroup(organization1, "customers-group2");
-    db.users().insertGroup(organization1, "customers-group3");
-    // Group on another organization
-    db.users().insertGroup(organization2, "customers-group4");
+    db.users().insertGroup("sonar-users");
+    db.users().insertGroup("SONAR-ADMINS");
+    db.users().insertGroup("customers-group1");
+    db.users().insertGroup("customers-group2");
+    db.users().insertGroup("customers-group3");
 
     /*
      * Ordering and paging are not fully tested, case insensitive sort is broken on MySQL
      */
 
     // Null query
-    assertThat(underTest.selectByQuery(dbSession, "org1", null, 0, 10))
+    assertThat(underTest.selectByQuery(dbSession, null, 0, 10))
       .hasSize(5)
       .extracting("name").containsOnly("customers-group1", "customers-group2", "customers-group3", "SONAR-ADMINS", "sonar-users");
 
     // Empty query
-    assertThat(underTest.selectByQuery(dbSession, "org1", "", 0, 10))
+    assertThat(underTest.selectByQuery(dbSession, "", 0, 10))
       .hasSize(5)
       .extracting("name").containsOnly("customers-group1", "customers-group2", "customers-group3", "SONAR-ADMINS", "sonar-users");
 
     // Filter on name
-    assertThat(underTest.selectByQuery(dbSession, "org1", "sonar", 0, 10))
+    assertThat(underTest.selectByQuery(dbSession, "sonar", 0, 10))
       .hasSize(2)
       .extracting("name").containsOnly("SONAR-ADMINS", "sonar-users");
 
     // Pagination
-    assertThat(underTest.selectByQuery(dbSession, "org1", null, 0, 3))
+    assertThat(underTest.selectByQuery(dbSession, null, 0, 3))
       .hasSize(3);
-    assertThat(underTest.selectByQuery(dbSession, "org1", null, 3, 3))
+    assertThat(underTest.selectByQuery(dbSession, null, 3, 3))
       .hasSize(2);
-    assertThat(underTest.selectByQuery(dbSession, "org1", null, 6, 3)).isEmpty();
-    assertThat(underTest.selectByQuery(dbSession, "org1", null, 0, 5))
+    assertThat(underTest.selectByQuery(dbSession, null, 6, 3)).isEmpty();
+    assertThat(underTest.selectByQuery(dbSession, null, 0, 5))
       .hasSize(5);
-    assertThat(underTest.selectByQuery(dbSession, "org1", null, 5, 5)).isEmpty();
+    assertThat(underTest.selectByQuery(dbSession, null, 5, 5)).isEmpty();
   }
 
   @Test
   public void select_by_query_with_special_characters() {
     String groupNameWithSpecialCharacters = "group%_%/name";
-    underTest.insert(dbSession, newGroupDto().setName(groupNameWithSpecialCharacters).setOrganizationUuid("org1"));
+    underTest.insert(dbSession, newGroupDto().setName(groupNameWithSpecialCharacters));
     db.commit();
 
-    List<GroupDto> result = underTest.selectByQuery(dbSession, "org1", "roup%_%/nam", 0, 10);
-    int resultCount = underTest.countByQuery(dbSession, "org1", "roup%_%/nam");
+    List<GroupDto> result = underTest.selectByQuery(dbSession, "roup%_%/nam", 0, 10);
+    int resultCount = underTest.countByQuery(dbSession, "roup%_%/nam");
 
     assertThat(result).hasSize(1);
     assertThat(result.get(0).getName()).isEqualTo(groupNameWithSpecialCharacters);
@@ -214,24 +194,20 @@ public class GroupDaoTest {
 
   @Test
   public void countByQuery() {
-    OrganizationDto organization1 = db.organizations().insert(organizationDto -> organizationDto.setUuid("org1"));
-    OrganizationDto organization2 = db.organizations().insert(organizationDto -> organizationDto.setUuid("org2"));
-    db.users().insertGroup(organization1, "sonar-users");
-    db.users().insertGroup(organization1, "SONAR-ADMINS");
-    db.users().insertGroup(organization1, "customers-group1");
-    db.users().insertGroup(organization1, "customers-group2");
-    db.users().insertGroup(organization1, "customers-group3");
-    // Group on another organization
-    db.users().insertGroup(organization2, "customers-group4");
+    db.users().insertGroup("sonar-users");
+    db.users().insertGroup("SONAR-ADMINS");
+    db.users().insertGroup("customers-group1");
+    db.users().insertGroup("customers-group2");
+    db.users().insertGroup("customers-group3");
 
     // Null query
-    assertThat(underTest.countByQuery(dbSession, "org1", null)).isEqualTo(5);
+    assertThat(underTest.countByQuery(dbSession, null)).isEqualTo(5);
 
     // Empty query
-    assertThat(underTest.countByQuery(dbSession, "org1", "")).isEqualTo(5);
+    assertThat(underTest.countByQuery(dbSession, "")).isEqualTo(5);
 
     // Filter on name
-    assertThat(underTest.countByQuery(dbSession, "org1", "sonar")).isEqualTo(2);
+    assertThat(underTest.countByQuery(dbSession, "sonar")).isEqualTo(2);
   }
 
   @Test
@@ -242,49 +218,4 @@ public class GroupDaoTest {
 
     assertThat(db.countRowsOfTable(dbSession, "groups")).isEqualTo(0);
   }
-
-  @Test
-  public void deleteByOrganization_does_not_fail_when_table_is_empty() {
-    underTest.deleteByOrganization(dbSession, "some uuid");
-    dbSession.commit();
-  }
-
-  @Test
-  public void deleteByOrganization_does_not_fail_when_organization_has_no_group() {
-    OrganizationDto organization = db.organizations().insert();
-
-    underTest.deleteByOrganization(dbSession, organization.getUuid());
-    dbSession.commit();
-  }
-
-  @Test
-  public void deleteByOrganization_deletes_all_groups_in_specified_organization() {
-    OrganizationDto organization1 = db.organizations().insert();
-    OrganizationDto organization2 = db.organizations().insert();
-    OrganizationDto organization3 = db.organizations().insert();
-
-    db.users().insertGroup(organization1);
-    db.users().insertGroup(organization2);
-    db.users().insertGroup(organization3);
-    db.users().insertGroup(organization3);
-    db.users().insertGroup(organization2);
-
-    underTest.deleteByOrganization(dbSession, organization2.getUuid());
-    dbSession.commit();
-    verifyOrganizationUuidsInTable(organization1.getUuid(), organization3.getUuid());
-
-    underTest.deleteByOrganization(dbSession, organization1.getUuid());
-    dbSession.commit();
-    verifyOrganizationUuidsInTable(organization3.getUuid());
-
-    underTest.deleteByOrganization(dbSession, organization3.getUuid());
-    dbSession.commit();
-    verifyOrganizationUuidsInTable();
-  }
-
-  private void verifyOrganizationUuidsInTable(String... organizationUuids) {
-    assertThat(db.select("select distinct organization_uuid as \"organizationUuid\" from groups"))
-      .extracting(row -> (String) row.get("organizationUuid"))
-      .containsOnly(organizationUuids);
-  }
 }

server/sonar-db-dao/src/test/java/org/sonar/db/user/GroupMembershipDaoTest.java

@@ -25,7 +25,6 @@ import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 
 import static java.util.Arrays.asList;
 import static java.util.Collections.emptyList;
@@ -40,7 +39,6 @@ public class GroupMembershipDaoTest {
   @Rule
   public DbTester db = DbTester.create();
 
-  private OrganizationDto organizationDto;
   private UserDto user1;
   private UserDto user2;
   private UserDto user3;
@@ -52,15 +50,12 @@ public class GroupMembershipDaoTest {
 
   @Before
   public void setUp() {
-    organizationDto = db.organizations().insert();
     user1 = db.users().insertUser(u -> u.setLogin("admin login").setName("Admin name").setEmail("admin@email.com"));
     user2 = db.users().insertUser(u -> u.setLogin("not.admin").setName("Not Admin").setEmail("Not Admin"));
     user3 = db.users().insertUser(u -> u.setLogin("inactive").setActive(false));
-    group1 = db.users().insertGroup(organizationDto, "sonar-administrators");
-    group2 = db.users().insertGroup(organizationDto, "sonar-users");
-    group3 = db.users().insertGroup(organizationDto, "sonar-reviewers");
-    db.organizations().addMember(organizationDto, user1);
-    db.organizations().addMember(organizationDto, user2);
+    group1 = db.users().insertGroup("sonar-administrators");
+    group2 = db.users().insertGroup("sonar-users");
+    group3 = db.users().insertGroup("sonar-reviewers");
   }
 
   @Test
@@ -71,27 +66,17 @@ public class GroupMembershipDaoTest {
     db.users().insertMember(group2, user2);
 
     // user1 is member of 3 groups
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user1.getUuid())).isEqualTo(3);
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), user1.getUuid())).isZero();
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(IN).build(), user1.getUuid())).isEqualTo(3);
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(OUT).build(), user1.getUuid())).isZero();
     // user2 is member of 1 group on 3
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user2.getUuid())).isEqualTo(1);
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), user2.getUuid())).isEqualTo(2);
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(IN).build(), user2.getUuid())).isEqualTo(1);
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(OUT).build(), user2.getUuid())).isEqualTo(2);
     // user3 is member of 0 group
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user3.getUuid())).isZero();
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), user3.getUuid())).isEqualTo(3);
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(IN).build(), user3.getUuid())).isZero();
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(OUT).build(), user3.getUuid())).isEqualTo(3);
     // unknown user is member of 0 group
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), "999")).isZero();
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), "999")).isEqualTo(3);
-  }
-
-  @Test
-  public void count_groups_only_from_given_organization() {
-    OrganizationDto otherOrganization = db.organizations().insert();
-    GroupDto otherGroup = db.users().insertGroup(otherOrganization, "sonar-administrators-other_orga");
-    db.users().insertMember(group1, user1);
-    db.users().insertMember(otherGroup, user1);
-
-    assertThat(underTest.countGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user1.getUuid())).isEqualTo(1);
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(IN).build(), "999")).isZero();
+    assertThat(underTest.countGroups(db.getSession(), builder().membership(OUT).build(), "999")).isEqualTo(3);
   }
 
   @Test
@@ -102,32 +87,22 @@ public class GroupMembershipDaoTest {
     db.users().insertMember(group2, user2);
 
     // user1 is member of 3 groups
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user1.getUuid(), 0, 10)).hasSize(3);
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), user1.getUuid(), 0, 10)).isEmpty();
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(IN).build(), user1.getUuid(), 0, 10)).hasSize(3);
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(OUT).build(), user1.getUuid(), 0, 10)).isEmpty();
     // user2 is member of 1 group on 3
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user2.getUuid(), 0, 10)).hasSize(1);
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), user2.getUuid(), 0, 10)).hasSize(2);
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(IN).build(), user2.getUuid(), 0, 10)).hasSize(1);
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(OUT).build(), user2.getUuid(), 0, 10)).hasSize(2);
     // user3 is member of 0 group
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user3.getUuid(), 0, 10)).isEmpty();
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), user3.getUuid(), 0, 10)).hasSize(3);
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(IN).build(), user3.getUuid(), 0, 10)).isEmpty();
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(OUT).build(), user3.getUuid(), 0, 10)).hasSize(3);
     // unknown user is member of 0 group
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), "999", 0, 10)).isEmpty();
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(OUT).build(), "999", 0, 10)).hasSize(3);
-  }
-
-  @Test
-  public void select_groups_only_from_given_organization() {
-    OrganizationDto otherOrganization = db.organizations().insert();
-    GroupDto otherGroup = db.users().insertGroup(otherOrganization, "sonar-administrators-other_orga");
-    db.users().insertMember(group1, user1);
-    db.users().insertMember(otherGroup, user1);
-
-    assertThat(underTest.selectGroups(db.getSession(), builder().organizationUuid(organizationDto.getUuid()).membership(IN).build(), user1.getUuid(), 0, 10)).hasSize(1);
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(IN).build(), "999", 0, 10)).isEmpty();
+    assertThat(underTest.selectGroups(db.getSession(), builder().membership(OUT).build(), "999", 0, 10)).hasSize(3);
   }
 
   @Test
   public void count_users_by_group() {
-    GroupDto emptyGroup = db.users().insertGroup(organizationDto, "sonar-nobody");
+    GroupDto emptyGroup = db.users().insertGroup("sonar-nobody");
     db.users().insertMember(group1, user1);
     db.users().insertMember(group2, user1);
     db.users().insertMember(group3, user1);
@@ -155,7 +130,7 @@ public class GroupMembershipDaoTest {
 
   @Test
   public void count_members() {
-    GroupDto emptyGroup = db.users().insertGroup(organizationDto, "sonar-nobody");
+    GroupDto emptyGroup = db.users().insertGroup("sonar-nobody");
     db.users().insertMember(group1, user1);
     db.users().insertMember(group2, user1);
     db.users().insertMember(group3, user1);
@@ -177,7 +152,7 @@ public class GroupMembershipDaoTest {
 
   @Test
   public void select_group_members_by_query() {
-    GroupDto emptyGroup = db.users().insertGroup(organizationDto, "sonar-nobody");
+    GroupDto emptyGroup = db.users().insertGroup("sonar-nobody");
     db.users().insertMember(group1, user1);
     db.users().insertMember(group2, user1);
     db.users().insertMember(group3, user1);
@@ -195,7 +170,7 @@ public class GroupMembershipDaoTest {
 
   @Test
   public void select_users_not_affected_to_a_group_by_query() {
-    GroupDto emptyGroup = db.users().insertGroup(organizationDto, "sonar-nobody");
+    GroupDto emptyGroup = db.users().insertGroup("sonar-nobody");
     db.users().insertMember(group1, user1);
     db.users().insertMember(group2, user1);
     db.users().insertMember(group3, user1);
@@ -280,6 +255,6 @@ public class GroupMembershipDaoTest {
   }
 
   private UserMembershipQuery.Builder newQuery() {
-    return UserMembershipQuery.builder().organizationUuid(organizationDto.getUuid());
+    return UserMembershipQuery.builder();
   }
 }

server/sonar-db-dao/src/test/java/org/sonar/db/user/GroupMembershipQueryTest.java

@@ -37,24 +37,12 @@ public class GroupMembershipQueryTest {
       .membership(GroupMembershipQuery.IN)
       .pageIndex(2)
       .pageSize(10)
-      .organizationUuid("organization_uuid")
       .build();
 
     assertThat(underTest.groupSearch()).isEqualTo("sonar-users");
     assertThat(underTest.membership()).isEqualTo("IN");
     assertThat(underTest.pageIndex()).isEqualTo(2);
     assertThat(underTest.pageSize()).isEqualTo(10);
-    assertThat(underTest.organizationUuid()).isEqualTo("organization_uuid");
-  }
-
-  @Test
-  public void fail_on_null_organization() {
-    expectedException.expect(NullPointerException.class);
-    expectedException.expectMessage("Organization uuid cant be null");
-
-    GroupMembershipQuery.builder()
-      .organizationUuid(null)
-      .build();
   }
 
   @Test
@@ -63,9 +51,7 @@ public class GroupMembershipQueryTest {
     expectedException.expectMessage("Membership is not valid (got unknwown). Availables values are [ANY, IN, OUT]");
 
     GroupMembershipQuery.builder()
-      .organizationUuid("organization_uuid")
       .membership("unknwown")
       .build();
   }
-
 }

server/sonar-db-dao/src/test/java/org/sonar/db/user/RoleDaoTest.java

@@ -123,20 +123,20 @@ public class RoleDaoTest {
     db.users().insertPermissionOnGroup(group1, "gateadmin");
     db.users().insertPermissionOnGroup(group2, "gateadmin");
     db.users().insertProjectPermissionOnGroup(group2, "admin", project);
-    db.users().insertPermissionOnAnyone(db.getDefaultOrganization(), "scan");
-    db.users().insertPermissionOnAnyone(db.getDefaultOrganization(), "provisioning");
+    db.users().insertPermissionOnAnyone("scan");
+    db.users().insertPermissionOnAnyone("provisioning");
 
     underTest.deleteGroupRolesByGroupUuid(db.getSession(), group1.getUuid());
     db.getSession().commit();
 
-    assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), db.getDefaultOrganization().getUuid(), group1.getUuid())).isEmpty();
-    assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), db.getDefaultOrganization().getUuid(), group1.getUuid(), project.uuid()))
+    assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group1.getUuid())).isEmpty();
+    assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group1.getUuid(), project.uuid()))
       .isEmpty();
-    assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), db.getDefaultOrganization().getUuid(), group2.getUuid()))
+    assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group2.getUuid()))
       .containsOnly("gateadmin");
-    assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), db.getDefaultOrganization().getUuid(), group2.getUuid(), project.uuid()))
+    assertThat(db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group2.getUuid(), project.uuid()))
       .containsOnly("admin");
-    assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), db.getDefaultOrganization().getUuid(), null)).containsOnly("scan",
+    assertThat(db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), null)).containsOnly("scan",
       "provisioning");
   }
 }

server/sonar-db-dao/src/test/java/org/sonar/db/user/UserGroupDaoTest.java

@@ -25,7 +25,6 @@ import org.sonar.api.utils.System2;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -68,25 +67,6 @@ public class UserGroupDaoTest {
     assertThat(dbTester.getDbClient().groupMembershipDao().selectGroupUuidsByUserUuid(dbTester.getSession(), user2.getUuid())).containsOnly(group2.getUuid());
   }
 
-  @Test
-  public void delete_organization_member() {
-    OrganizationDto organization = dbTester.organizations().insert();
-    OrganizationDto anotherOrganization = dbTester.organizations().insert();
-    UserDto user = dbTester.users().insertUser();
-    UserDto anotherUser = dbTester.users().insertUser();
-    GroupDto group = dbTester.users().insertGroup(organization);
-    GroupDto anotherGroup = dbTester.users().insertGroup(anotherOrganization);
-    dbTester.users().insertMembers(group, user, anotherUser);
-    dbTester.users().insertMembers(anotherGroup, user, anotherUser);
-
-    underTest.deleteByOrganizationAndUser(dbSession, organization.getUuid(), user.getUuid());
-
-    assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(dbSession, user.getUuid()))
-      .containsOnly(anotherGroup.getUuid());
-    assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(dbSession, anotherUser.getUuid()))
-      .containsOnly(group.getUuid(), anotherGroup.getUuid());
-  }
-
   @Test
   public void delete_by_user() {
     UserDto user1 = dbTester.users().insertUser();

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/organization/OrganizationDbTester.java

@@ -25,14 +25,8 @@ import javax.annotation.Nullable;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
 import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.GroupMembershipDto;
-import org.sonar.db.user.GroupMembershipQuery;
 import org.sonar.db.user.UserDto;
 
-import static com.google.common.base.Preconditions.checkArgument;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.db.user.GroupMembershipQuery.IN;
-
 public class OrganizationDbTester {
   private final DbTester db;
 
@@ -77,15 +71,9 @@ public class OrganizationDbTester {
 
   public void setDefaultTemplates(PermissionTemplateDto projectDefaultTemplate, @Nullable PermissionTemplateDto applicationDefaultTemplate,
     @Nullable PermissionTemplateDto portfolioDefaultTemplate) {
-    checkArgument(portfolioDefaultTemplate == null
-      || portfolioDefaultTemplate.getOrganizationUuid().equals(projectDefaultTemplate.getOrganizationUuid()),
-      "default template for project and portfolio must belong to the same organization");
-    checkArgument(applicationDefaultTemplate == null
-      || applicationDefaultTemplate.getOrganizationUuid().equals(projectDefaultTemplate.getOrganizationUuid()),
-      "default template for project and application must belong to the same organization");
 
     DbSession dbSession = db.getSession();
-    db.getDbClient().organizationDao().setDefaultTemplates(dbSession, projectDefaultTemplate.getOrganizationUuid(),
+    db.getDbClient().organizationDao().setDefaultTemplates(dbSession, db.getDefaultOrganization().getUuid(),
       new DefaultTemplates()
         .setProjectUuid(projectDefaultTemplate.getUuid())
         .setPortfoliosUuid(portfolioDefaultTemplate == null ? null : portfolioDefaultTemplate.getUuid())
@@ -93,10 +81,9 @@ public class OrganizationDbTester {
     dbSession.commit();
   }
 
-  public void setDefaultTemplates(OrganizationDto defaultOrganization, String projectDefaultTemplateUuid,
-    @Nullable String applicationDefaultTemplateUuid, @Nullable String portfoliosDefaultTemplateUuid) {
+  public void setDefaultTemplates(String projectDefaultTemplateUuid, @Nullable String applicationDefaultTemplateUuid, @Nullable String portfoliosDefaultTemplateUuid) {
     DbSession dbSession = db.getSession();
-    db.getDbClient().organizationDao().setDefaultTemplates(dbSession, defaultOrganization.getUuid(),
+    db.getDbClient().organizationDao().setDefaultTemplates(dbSession, db.getDefaultOrganization().getUuid(),
       new DefaultTemplates()
         .setProjectUuid(projectDefaultTemplateUuid)
         .setApplicationsUuid(applicationDefaultTemplateUuid)
@@ -119,25 +106,4 @@ public class OrganizationDbTester {
   public boolean getNewProjectPrivate(OrganizationDto organization) {
     return db.getDbClient().organizationDao().getNewProjectPrivate(db.getSession(), organization);
   }
-
-  public void assertUserIsMemberOfOrganization(OrganizationDto organization, UserDto user) {
-    assertThat(db.getDbClient().organizationMemberDao().select(db.getSession(), organization.getUuid(), user.getUuid())).as("User is not member of the organization").isPresent();
-    String defaultGroupUuid = db.getDbClient().organizationDao().getDefaultGroupUuid(db.getSession(), organization.getUuid()).get();
-    assertThat(db.getDbClient().groupMembershipDao().selectGroups(
-      db.getSession(),
-      GroupMembershipQuery.builder().membership(IN).organizationUuid(organization.getUuid()).build(),
-      user.getUuid(), 0, 10))
-        .extracting(GroupMembershipDto::getUuid)
-        .as("User is not member of the default group of the organization")
-        .containsOnly(defaultGroupUuid);
-  }
-
-  public void assertUserIsNotMemberOfOrganization(OrganizationDto organization, UserDto user) {
-    assertThat(db.getDbClient().organizationMemberDao().select(db.getSession(), organization.getUuid(), user.getUuid())).as("User is still member of the organization")
-      .isNotPresent();
-    assertThat(db.getDbClient().groupMembershipDao().countGroups(db.getSession(),
-      GroupMembershipQuery.builder().membership(IN).organizationUuid(organization.getUuid()).build(),
-      user.getUuid())).isZero();
-  }
-
 }

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/permission/template/PermissionTemplateDbTester.java

@@ -23,7 +23,6 @@ import javax.annotation.Nullable;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 
@@ -45,11 +44,8 @@ public class PermissionTemplateDbTester {
     return insertTemplate(newPermissionTemplateDto());
   }
 
-  public PermissionTemplateDto insertTemplate(OrganizationDto organizationDto) {
-    return insertTemplate(newPermissionTemplateDto().setOrganizationUuid(organizationDto.getUuid()));
-  }
-
   public PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {
+    template.setOrganizationUuid(db.getDefaultOrganization().getUuid());
     PermissionTemplateDto templateInDb = dbClient.permissionTemplateDao().insert(dbSession, template);
     db.commit();
 

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/permission/template/PermissionTemplateTesting.java

@@ -32,7 +32,6 @@ public class PermissionTemplateTesting {
     return new PermissionTemplateDto()
       .setName(randomAlphanumeric(60))
       .setDescription(randomAscii(500))
-      .setOrganizationUuid(randomAlphanumeric(40))
       .setUuid(Uuids.create())
       .setCreatedAt(new Date())
       .setUpdatedAt(new Date());

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/GroupTesting.java

@@ -33,7 +33,6 @@ public class GroupTesting {
   public static GroupDto newGroupDto() {
     return new GroupDto()
       .setUuid(randomAlphanumeric(40))
-      .setOrganizationUuid(randomAlphanumeric(40))
       .setName(randomAlphanumeric(255))
       .setDescription(randomAlphanumeric(200))
       .setCreatedAt(new Date(nextLong()))

server/sonar-db-dao/src/testFixtures/java/org/sonar/db/user/UserDbTester.java

@@ -34,7 +34,6 @@ import org.sonar.db.DbClient;
 import org.sonar.db.DbTester;
 import org.sonar.db.ce.CeTaskMessageType;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.GroupPermissionDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.permission.UserPermissionDto;
@@ -100,9 +99,9 @@ public class UserDbTester {
     return dbClient.userDao().selectByLogin(db.getSession(), userDto.getLogin());
   }
 
-  public UserDto insertAdminByUserPermission(OrganizationDto org) {
+  public UserDto insertAdminByUserPermission() {
     UserDto user = insertUser();
-    insertPermissionOnUser(org, user, ADMINISTER);
+    insertPermissionOnUser(user, ADMINISTER);
     return user;
   }
 
@@ -141,29 +140,13 @@ public class UserDbTester {
 
   // GROUPS
 
-  public GroupDto insertGroup(OrganizationDto organization, String name) {
-    GroupDto group = GroupTesting.newGroupDto().setName(name).setOrganizationUuid(organization.getUuid());
-    return insertGroup(group);
-  }
-
   public GroupDto insertGroup(String name) {
-    GroupDto group = GroupTesting.newGroupDto().setName(name).setOrganizationUuid(db.getDefaultOrganization().getUuid());
+    GroupDto group = GroupTesting.newGroupDto().setName(name);
     return insertGroup(group);
   }
 
-  /**
-   * Create group in default organization
-   */
   public GroupDto insertGroup() {
-    GroupDto group = GroupTesting.newGroupDto().setOrganizationUuid(db.getDefaultOrganization().getUuid());
-    return insertGroup(group);
-  }
-
-  /**
-   * Create group in specified organization
-   */
-  public GroupDto insertGroup(OrganizationDto organizationDto) {
-    GroupDto group = GroupTesting.newGroupDto().setOrganizationUuid(organizationDto.getUuid());
+    GroupDto group = GroupTesting.newGroupDto();
     return insertGroup(group);
   }
 
@@ -174,23 +157,22 @@ public class UserDbTester {
   }
 
   public GroupDto insertDefaultGroup(GroupDto dto) {
-    String organizationUuid = dto.getOrganizationUuid();
-    db.getDbClient().organizationDao().getDefaultGroupUuid(db.getSession(), organizationUuid)
+    db.getDbClient().organizationDao().getDefaultGroupUuid(db.getSession(), db.getDefaultOrganization().getUuid())
       .ifPresent(groupUuid -> {
-        throw new IllegalArgumentException(format("Organization '%s' has already a default group", organizationUuid));
+        throw new IllegalArgumentException(format("Organization '%s' has already a default group", db.getDefaultOrganization().getUuid()));
       });
     db.getDbClient().groupDao().insert(db.getSession(), dto);
-    db.getDbClient().organizationDao().setDefaultGroupUuid(db.getSession(), organizationUuid, dto);
+    db.getDbClient().organizationDao().setDefaultGroupUuid(db.getSession(), db.getDefaultOrganization().getUuid(), dto);
     db.commit();
     return dto;
   }
 
-  public GroupDto insertDefaultGroup(OrganizationDto organization, String name) {
-    return insertDefaultGroup(GroupTesting.newGroupDto().setName(name).setOrganizationUuid(organization.getUuid()));
+  public GroupDto insertDefaultGroup(String name) {
+    return insertDefaultGroup(GroupTesting.newGroupDto().setName(name));
   }
 
-  public GroupDto insertDefaultGroup(OrganizationDto organization) {
-    return insertDefaultGroup(GroupTesting.newGroupDto().setOrganizationUuid(organization.getUuid()));
+  public GroupDto insertDefaultGroup() {
+    return insertDefaultGroup(GroupTesting.newGroupDto());
   }
 
   @CheckForNull
@@ -198,12 +180,8 @@ public class UserDbTester {
     return db.getDbClient().groupDao().selectByUuid(db.getSession(), groupUuid);
   }
 
-  public Optional<GroupDto> selectGroup(OrganizationDto org, String name) {
-    return db.getDbClient().groupDao().selectByName(db.getSession(), org.getUuid(), name);
-  }
-
-  public List<GroupDto> selectGroups(OrganizationDto org) {
-    return db.getDbClient().groupDao().selectByOrganizationUuid(db.getSession(), org.getUuid());
+  public Optional<GroupDto> selectGroup(String name) {
+    return db.getDbClient().groupDao().selectByName(db.getSession(), name);
   }
 
   // GROUP MEMBERSHIP
@@ -229,10 +207,9 @@ public class UserDbTester {
 
   // GROUP PERMISSIONS
 
-  public GroupPermissionDto insertPermissionOnAnyone(OrganizationDto org, String permission) {
+  public GroupPermissionDto insertPermissionOnAnyone(String permission) {
     GroupPermissionDto dto = new GroupPermissionDto()
       .setUuid(Uuids.createFast())
-      .setOrganizationUuid(org.getUuid())
       .setGroupUuid(null)
       .setRole(permission);
     db.getDbClient().groupPermissionDao().insert(db.getSession(), dto);
@@ -240,14 +217,13 @@ public class UserDbTester {
     return dto;
   }
 
-  public GroupPermissionDto insertPermissionOnAnyone(OrganizationDto org, OrganizationPermission permission) {
-    return insertPermissionOnAnyone(org, permission.getKey());
+  public GroupPermissionDto insertPermissionOnAnyone(OrganizationPermission permission) {
+    return insertPermissionOnAnyone(permission.getKey());
   }
 
   public GroupPermissionDto insertPermissionOnGroup(GroupDto group, String permission) {
     GroupPermissionDto dto = new GroupPermissionDto()
       .setUuid(Uuids.createFast())
-      .setOrganizationUuid(group.getOrganizationUuid())
       .setGroupUuid(group.getUuid())
       .setRole(permission);
     db.getDbClient().groupPermissionDao().insert(db.getSession(), dto);
@@ -260,7 +236,7 @@ public class UserDbTester {
   }
 
   public void deletePermissionFromGroup(GroupDto group, String permission) {
-    db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getOrganizationUuid(), group.getUuid(), null);
+    db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getUuid(), null);
     db.commit();
   }
 
@@ -271,7 +247,6 @@ public class UserDbTester {
     checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches");
     GroupPermissionDto dto = new GroupPermissionDto()
       .setUuid(Uuids.createFast())
-      .setOrganizationUuid(project.getOrganizationUuid())
       .setGroupUuid(null)
       .setRole(permission)
       .setComponentUuid(project.uuid());
@@ -281,18 +256,16 @@ public class UserDbTester {
   }
 
   public void deleteProjectPermissionFromAnyone(ComponentDto project, String permission) {
-    db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, project.getOrganizationUuid(), null, project.uuid());
+    db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, null, project.uuid());
     db.commit();
   }
 
   public GroupPermissionDto insertProjectPermissionOnGroup(GroupDto group, String permission, ComponentDto project) {
-    checkArgument(group.getOrganizationUuid().equals(project.getOrganizationUuid()), "Different organizations");
     checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission),
       "%s can't be granted on a public project", permission);
     checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches");
     GroupPermissionDto dto = new GroupPermissionDto()
       .setUuid(Uuids.createFast())
-      .setOrganizationUuid(group.getOrganizationUuid())
       .setGroupUuid(group.getUuid())
       .setRole(permission)
       .setComponentUuid(project.uuid());
@@ -303,52 +276,41 @@ public class UserDbTester {
 
   public List<String> selectGroupPermissions(GroupDto group, @Nullable ComponentDto project) {
     if (project == null) {
-      return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(),
-        group.getOrganizationUuid(), group.getUuid());
+      return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group.getUuid());
     }
-    return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(),
-      group.getOrganizationUuid(), group.getUuid(), project.uuid());
+    return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group.getUuid(), project.uuid());
   }
 
-  public List<String> selectAnyonePermissions(OrganizationDto org, @Nullable ComponentDto project) {
+  public List<String> selectAnyonePermissions(@Nullable ComponentDto project) {
     if (project == null) {
-      return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(),
-        org.getUuid(), null);
+      return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), null);
     }
-    checkArgument(org.getUuid().equals(project.getOrganizationUuid()), "Different organizations");
-    return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), org.getUuid(), null, project.uuid());
+    return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), null, project.uuid());
   }
 
   // USER PERMISSIONS
 
   /**
-   * Grant permission on default organization
+   * Grant permission
    */
   public UserPermissionDto insertPermissionOnUser(UserDto user, OrganizationPermission permission) {
-    return insertPermissionOnUser(db.getDefaultOrganization(), user, permission);
+    return insertPermissionOnUser(user, permission.getKey());
   }
 
   /**
    * Grant global permission
-   * @deprecated use {@link #insertPermissionOnUser(OrganizationDto, UserDto, OrganizationPermission)}
+   * @deprecated use {@link #insertPermissionOnUser(UserDto, OrganizationPermission)}
    */
   @Deprecated
-  public UserPermissionDto insertPermissionOnUser(OrganizationDto org, UserDto user, String permission) {
-    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), org.getUuid(), permission, user.getUuid(), null);
-    db.getDbClient().userPermissionDao().insert(db.getSession(), dto);
+  public UserPermissionDto insertPermissionOnUser(UserDto user, String permission) {
+    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), null);
+    db.getDbClient().userPermissionDao().insert(db.getSession(), dto, db.getDefaultOrganization().getUuid());
     db.commit();
     return dto;
   }
 
-  /**
-   * Grant organization permission to user
-   */
-  public UserPermissionDto insertPermissionOnUser(OrganizationDto org, UserDto user, OrganizationPermission permission) {
-    return insertPermissionOnUser(org, user, permission.getKey());
-  }
-
-  public void deletePermissionFromUser(OrganizationDto org, UserDto user, OrganizationPermission permission) {
-    db.getDbClient().userPermissionDao().deleteGlobalPermission(db.getSession(), user.getUuid(), permission.getKey(), org.getUuid());
+  public void deletePermissionFromUser(UserDto user, OrganizationPermission permission) {
+    db.getDbClient().userPermissionDao().deleteGlobalPermission(db.getSession(), user.getUuid(), permission.getKey());
     db.commit();
   }
 
@@ -364,15 +326,15 @@ public class UserDbTester {
     checkArgument(project.isPrivate() || !PUBLIC_PERMISSIONS.contains(permission),
       "%s can't be granted on a public project", permission);
     checkArgument(project.getMainBranchProjectUuid() == null, "Permissions can't be granted on branches");
-    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), project.getOrganizationUuid(), permission, user.getUuid(), project.uuid());
-    db.getDbClient().userPermissionDao().insert(db.getSession(), dto);
+    UserPermissionDto dto = new UserPermissionDto(Uuids.create(), permission, user.getUuid(), project.uuid());
+    db.getDbClient().userPermissionDao().insert(db.getSession(), dto, db.getDefaultOrganization().getUuid());
     db.commit();
     return dto;
   }
 
-  public List<OrganizationPermission> selectPermissionsOfUser(UserDto user, OrganizationDto organization) {
+  public List<OrganizationPermission> selectPermissionsOfUser(UserDto user) {
     return toListOfOrganizationPermissions(db.getDbClient().userPermissionDao()
-      .selectGlobalPermissionsOfUser(db.getSession(), user.getUuid(), organization.getUuid()));
+      .selectGlobalPermissionsOfUser(db.getSession(), user.getUuid()));
   }
 
   public List<String> selectProjectPermissionsOfUser(UserDto user, ComponentDto project) {

server/sonar-server-common/src/main/java/org/sonar/server/user/index/UserIndex.java

@@ -66,14 +66,13 @@ public class UserIndex {
    * Returns the active users (at most 3) who are associated to the given SCM account. This method can be used
    * to detect user conflicts.
    */
-  public List<UserDoc> getAtMostThreeActiveUsersForScmAccount(String scmAccount, String organizationUuid) {
+  public List<UserDoc> getAtMostThreeActiveUsersForScmAccount(String scmAccount) {
     List<UserDoc> result = new ArrayList<>();
     if (!StringUtils.isEmpty(scmAccount)) {
       SearchRequestBuilder request = esClient.prepareSearch(UserIndexDefinition.TYPE_USER)
         .setQuery(boolQuery().must(matchAllQuery()).filter(
           boolQuery()
             .must(termQuery(FIELD_ACTIVE, true))
-            .must(termQuery(FIELD_ORGANIZATION_UUIDS, organizationUuid))
             .should(termQuery(FIELD_LOGIN, scmAccount))
             .should(matchQuery(SORTABLE_ANALYZER.subField(FIELD_EMAIL), scmAccount))
             .should(matchQuery(SORTABLE_ANALYZER.subField(FIELD_SCM_ACCOUNTS), scmAccount))))

server/sonar-server-common/src/test/java/org/sonar/server/user/index/UserIndexTest.java

@@ -38,7 +38,6 @@ import static org.sonar.server.user.index.UserIndexDefinition.TYPE_USER;
 
 public class UserIndexTest {
 
-  private static final String ORGANIZATION_UUID = "my-organization";
   private static final String USER1_LOGIN = "user1";
   private static final String USER2_LOGIN = "user2";
 
@@ -57,14 +56,14 @@ public class UserIndexTest {
     es.putDocuments(TYPE_USER, user2);
     es.putDocuments(TYPE_USER, user3);
 
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user1.scmAccounts().get(0), ORGANIZATION_UUID)).extractingResultOf("login").containsOnly(user1.login());
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user1.login(), ORGANIZATION_UUID)).extractingResultOf("login").containsOnly(user1.login());
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user1.scmAccounts().get(0))).extractingResultOf("login").containsOnly(user1.login());
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user1.login())).extractingResultOf("login").containsOnly(user1.login());
 
     // both users share the same email
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user1.email(), ORGANIZATION_UUID)).extracting(UserDoc::login).containsOnly(user1.login(), user2.login());
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user1.email())).extracting(UserDoc::login).containsOnly(user1.login(), user2.login());
 
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("", ORGANIZATION_UUID)).isEmpty();
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("unknown", ORGANIZATION_UUID)).isEmpty();
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("")).isEmpty();
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("unknown")).isEmpty();
   }
 
   @Test
@@ -73,8 +72,8 @@ public class UserIndexTest {
     UserDoc user = newUser(USER1_LOGIN, singletonList(scmAccount)).setActive(false);
     es.putDocuments(TYPE_USER, user);
 
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user.login(), ORGANIZATION_UUID)).isEmpty();
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(scmAccount, ORGANIZATION_UUID)).isEmpty();
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(user.login())).isEmpty();
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(scmAccount)).isEmpty();
   }
 
   @Test
@@ -90,7 +89,7 @@ public class UserIndexTest {
     es.putDocuments(TYPE_USER, user4);
 
     // restrict results to 3 users
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(email, ORGANIZATION_UUID)).hasSize(3);
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount(email)).hasSize(3);
   }
 
   @Test
@@ -98,8 +97,8 @@ public class UserIndexTest {
     UserDoc user = newUser("the_login", singletonList("John.Smith"));
     es.putDocuments(TYPE_USER, user);
 
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_login", ORGANIZATION_UUID)).hasSize(1);
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_Login", ORGANIZATION_UUID)).isEmpty();
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_login")).hasSize(1);
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_Login")).isEmpty();
   }
 
   @Test
@@ -107,9 +106,9 @@ public class UserIndexTest {
     UserDoc user = newUser("the_login", "the_EMAIL@corp.com", singletonList("John.Smith"));
     es.putDocuments(TYPE_USER, user);
 
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_EMAIL@corp.com", ORGANIZATION_UUID)).hasSize(1);
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_email@corp.com", ORGANIZATION_UUID)).hasSize(1);
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("email", ORGANIZATION_UUID)).isEmpty();
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_EMAIL@corp.com")).hasSize(1);
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("the_email@corp.com")).hasSize(1);
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("email")).isEmpty();
   }
 
   @Test
@@ -117,20 +116,10 @@ public class UserIndexTest {
     UserDoc user = newUser("the_login", singletonList("John.Smith"));
     es.putDocuments(TYPE_USER, user);
 
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("John.Smith", ORGANIZATION_UUID)).hasSize(1);
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("JOHN.SMIth", ORGANIZATION_UUID)).hasSize(1);
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("JOHN.SMITH", ORGANIZATION_UUID)).hasSize(1);
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("JOHN", ORGANIZATION_UUID)).isEmpty();
-  }
-
-  @Test
-  public void getAtMostThreeActiveUsersForScmAccount_search_only_user_within_given_organization() {
-    UserDoc user1 = newUser("user1", singletonList("same_scm")).setOrganizationUuids(singletonList(ORGANIZATION_UUID));
-    UserDoc user2 = newUser("user2", singletonList("same_scm")).setOrganizationUuids(singletonList("another_organization"));
-    es.putDocuments(TYPE_USER, user1);
-    es.putDocuments(TYPE_USER, user2);
-
-    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("same_scm", ORGANIZATION_UUID)).extractingResultOf("login").containsOnly(user1.login());
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("John.Smith")).hasSize(1);
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("JOHN.SMIth")).hasSize(1);
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("JOHN.SMITH")).hasSize(1);
+    assertThat(underTest.getAtMostThreeActiveUsersForScmAccount("JOHN")).isEmpty();
   }
 
   @Test
@@ -178,8 +167,7 @@ public class UserIndexTest {
       .setName(login.toUpperCase(Locale.ENGLISH))
       .setEmail(login + "@mail.com")
       .setActive(true)
-      .setScmAccounts(scmAccounts)
-      .setOrganizationUuids(singletonList(ORGANIZATION_UUID));
+      .setScmAccounts(scmAccounts);
   }
 
   private static UserDoc newUser(String login, String email, List<String> scmAccounts) {
@@ -189,7 +177,6 @@ public class UserIndexTest {
       .setName(login.toUpperCase(Locale.ENGLISH))
       .setEmail(email)
       .setActive(true)
-      .setScmAccounts(scmAccounts)
-      .setOrganizationUuids(singletonList(ORGANIZATION_UUID));
+      .setScmAccounts(scmAccounts);
   }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java

@@ -24,16 +24,15 @@ import java.util.Collections;
 import java.util.Optional;
 import javax.annotation.CheckForNull;
 import javax.annotation.concurrent.Immutable;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.user.GroupDto;
 import org.sonar.server.user.AbstractUserSession;
 
 @Immutable
 public class SafeModeUserSession extends AbstractUserSession {
-  
+
   @Override
-  protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
+  protected boolean hasPermissionImpl(OrganizationPermission permission) {
     return false;
   }
 
@@ -47,11 +46,6 @@ public class SafeModeUserSession extends AbstractUserSession {
     return false;
   }
 
-  @Override
-  protected boolean hasMembershipImpl(OrganizationDto organizationDto) {
-    return false;
-  }
-
   @CheckForNull
   @Override
   public String getLogin() {

server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/UserRegistrarImpl.java

@@ -37,21 +37,15 @@ import org.sonar.api.utils.log.Logger;
 import org.sonar.api.utils.log.Loggers;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
-import org.sonar.db.alm.ALM;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.db.user.UserGroupDto;
 import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy;
 import org.sonar.server.authentication.event.AuthenticationException;
 import org.sonar.server.authentication.exception.EmailAlreadyExistsRedirectionException;
-import org.sonar.server.organization.DefaultOrganization;
-import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.MemberUpdater;
-import org.sonar.server.organization.OrganizationFlags;
 import org.sonar.server.user.ExternalIdentity;
 import org.sonar.server.user.NewUser;
 import org.sonar.server.user.UpdateUser;
-import org.sonar.server.user.UserSession;
 import org.sonar.server.user.UserUpdater;
 import org.sonar.server.usergroups.DefaultGroupFinder;
 
@@ -66,19 +60,12 @@ public class UserRegistrarImpl implements UserRegistrar {
 
   private final DbClient dbClient;
   private final UserUpdater userUpdater;
-  private final DefaultOrganizationProvider defaultOrganizationProvider;
-  private final OrganizationFlags organizationFlags;
   private final DefaultGroupFinder defaultGroupFinder;
-  private final MemberUpdater memberUpdater;
 
-  public UserRegistrarImpl(DbClient dbClient, UserUpdater userUpdater, DefaultOrganizationProvider defaultOrganizationProvider, OrganizationFlags organizationFlags,
-    DefaultGroupFinder defaultGroupFinder, MemberUpdater memberUpdater) {
+  public UserRegistrarImpl(DbClient dbClient, UserUpdater userUpdater, DefaultGroupFinder defaultGroupFinder) {
     this.dbClient = dbClient;
     this.userUpdater = userUpdater;
-    this.defaultOrganizationProvider = defaultOrganizationProvider;
-    this.organizationFlags = organizationFlags;
     this.defaultGroupFinder = defaultGroupFinder;
-    this.memberUpdater = memberUpdater;
   }
 
   @Override
@@ -131,7 +118,6 @@ public class UserRegistrarImpl implements UserRegistrar {
   private Consumer<UserDto> beforeCommit(DbSession dbSession, boolean isNewUser, UserRegistration authenticatorParameters) {
     return user -> {
       syncGroups(dbSession, authenticatorParameters.getUserIdentity(), user);
-      synchronizeOrganizationMembership(dbSession, user, authenticatorParameters, isNewUser);
     };
   }
 
@@ -187,8 +173,7 @@ public class UserRegistrarImpl implements UserRegistrar {
     Collection<String> groupsToRemove = Sets.difference(userGroups, identityGroups);
     Collection<String> allGroups = new ArrayList<>(groupsToAdd);
     allGroups.addAll(groupsToRemove);
-    DefaultOrganization defaultOrganization = defaultOrganizationProvider.get();
-    Map<String, GroupDto> groupsByName = dbClient.groupDao().selectByNames(dbSession, defaultOrganization.getUuid(), allGroups)
+    Map<String, GroupDto> groupsByName = dbClient.groupDao().selectByNames(dbSession, allGroups)
       .stream()
       .collect(uniqueIndex(GroupDto::getName));
 
@@ -218,19 +203,7 @@ public class UserRegistrarImpl implements UserRegistrar {
   }
 
   private Optional<GroupDto> getDefaultGroup(DbSession dbSession) {
-    return organizationFlags.isEnabled(dbSession) ? Optional.empty() : Optional.of(defaultGroupFinder.findDefaultGroup(dbSession, defaultOrganizationProvider.get().getUuid()));
-  }
-
-  private void synchronizeOrganizationMembership(DbSession dbSession, UserDto userDto, UserRegistration authenticatorParameters, boolean isNewUser) {
-    Set<String> almOrganizationIds = authenticatorParameters.getOrganizationAlmIds();
-    if (almOrganizationIds == null || !isNewUser || !organizationFlags.isEnabled(dbSession)) {
-      return;
-    }
-    UserSession.IdentityProvider identityProvider = UserSession.IdentityProvider.getFromKey(authenticatorParameters.getProvider().getKey());
-    if (identityProvider != UserSession.IdentityProvider.GITHUB) {
-      return;
-    }
-    memberUpdater.synchronizeUserOrganizationMembership(dbSession, userDto, ALM.GITHUB, almOrganizationIds);
+    return Optional.of(defaultGroupFinder.findDefaultGroup(dbSession));
   }
 
   private static NewUser createNewUser(UserRegistration authenticatorParameters) {

server/sonar-webserver-auth/src/main/java/org/sonar/server/organization/MemberUpdater.java

@@ -78,7 +78,7 @@ public class MemberUpdater {
       .setOrganizationUuid(organization.getUuid())
       .setUserUuid(user.getUuid()));
     dbClient.userGroupDao().insert(dbSession,
-      new UserGroupDto().setGroupUuid(defaultGroupFinder.findDefaultGroup(dbSession, organization.getUuid()).getUuid()).setUserUuid(user.getUuid()));
+      new UserGroupDto().setGroupUuid(defaultGroupFinder.findDefaultGroup(dbSession).getUuid()).setUserUuid(user.getUuid()));
   }
 
   public void removeMember(DbSession dbSession, OrganizationDto organization, UserDto user) {
@@ -96,7 +96,7 @@ public class MemberUpdater {
     }
 
     Set<String> userUuidsToRemove = usersToRemove.stream().map(UserDto::getUuid).collect(toSet());
-    Set<String> adminUuids = new HashSet<>(dbClient.authorizationDao().selectUserUuidsWithGlobalPermission(dbSession, organization.getUuid(), ADMINISTER.getKey()));
+    Set<String> adminUuids = new HashSet<>(dbClient.authorizationDao().selectUserUuidsWithGlobalPermission(dbSession, ADMINISTER.getKey()));
     checkArgument(!difference(adminUuids, userUuidsToRemove).isEmpty(), "The last administrator member cannot be removed");
 
     usersToRemove.forEach(u -> removeMemberInDb(dbSession, organization, u));
@@ -135,9 +135,8 @@ public class MemberUpdater {
   private void removeMemberInDb(DbSession dbSession, OrganizationDto organization, UserDto user) {
     String userUuid = user.getUuid();
     String organizationUuid = organization.getUuid();
-    dbClient.userPermissionDao().deleteOrganizationMemberPermissions(dbSession, organizationUuid, userUuid);
-    dbClient.permissionTemplateDao().deleteUserPermissionsByOrganization(dbSession, organizationUuid, userUuid);
-    dbClient.userGroupDao().deleteByOrganizationAndUser(dbSession, organizationUuid, userUuid);
+    // dbClient.userPermissionDao().deleteOrganizationMemberPermissions(dbSession, userUuid);
+    //dbClient.permissionTemplateDao().deleteUserPermissionsByOrganization(dbSession, organizationUuid, userUuid);
     dbClient.propertiesDao().deleteByOrganizationAndUser(dbSession, organizationUuid, userUuid);
     dbClient.propertiesDao().deleteByOrganizationAndMatchingLogin(dbSession, organizationUuid, user.getLogin(), singletonList(DEFAULT_ISSUE_ASSIGNEE));
 

server/sonar-webserver-auth/src/main/java/org/sonar/server/organization/OrganisationSupport.java

@@ -76,9 +76,9 @@ public class OrganisationSupport {
   }
 
   private void createDefaultMembersGroup(DbSession dbSession, String defaultOrganizationUuid) {
-    GroupDto sonarUsersGroup = defaultGroupFinder.findDefaultGroup(dbSession, defaultOrganizationUuid);
-    GroupDto members = defaultGroupCreator.create(dbSession, defaultOrganizationUuid);
-    copySonarUsersGroupPermissionsToMembersGroup(dbSession, defaultOrganizationUuid, sonarUsersGroup, members);
+    GroupDto sonarUsersGroup = defaultGroupFinder.findDefaultGroup(dbSession);
+    GroupDto members = defaultGroupCreator.create(dbSession);
+    copySonarUsersGroupPermissionsToMembersGroup(dbSession, sonarUsersGroup, members);
     copySonarUsersGroupPermissionTemplatesToMembersGroup(dbSession, sonarUsersGroup, members);
     associateMembersOfDefaultOrganizationToGroup(dbSession, defaultOrganizationUuid, members);
   }
@@ -88,14 +88,13 @@ public class OrganisationSupport {
     organizationMembers.forEach(member -> dbClient.userGroupDao().insert(dbSession, new UserGroupDto().setGroupUuid(membersGroup.getUuid()).setUserUuid(member)));
   }
 
-  private void copySonarUsersGroupPermissionsToMembersGroup(DbSession dbSession, String defaultOrganizationUuid, GroupDto sonarUsersGroup, GroupDto membersGroup) {
-    dbClient.groupPermissionDao().selectAllPermissionsByGroupUuid(dbSession, defaultOrganizationUuid, sonarUsersGroup.getUuid(),
+  private void copySonarUsersGroupPermissionsToMembersGroup(DbSession dbSession, GroupDto sonarUsersGroup, GroupDto membersGroup) {
+    dbClient.groupPermissionDao().selectAllPermissionsByGroupUuid(dbSession, sonarUsersGroup.getUuid(),
       context -> {
         GroupPermissionDto groupPermissionDto = (GroupPermissionDto) context.getResultObject();
         dbClient.groupPermissionDao().insert(dbSession,
           new GroupPermissionDto()
             .setUuid(uuidFactory.create())
-            .setOrganizationUuid(defaultOrganizationUuid)
             .setGroupUuid(membersGroup.getUuid())
             .setRole(groupPermissionDto.getRole())
             .setComponentUuid(groupPermissionDto.getComponentUuid()));

server/sonar-webserver-auth/src/main/java/org/sonar/server/organization/OrganizationUpdaterImpl.java

@@ -99,7 +99,7 @@ public class OrganizationUpdaterImpl implements OrganizationUpdater {
     insertOrganizationMember(dbSession, organization, userCreator.getUuid());
     dbClient.qualityGateDao().associate(dbSession, uuidFactory.create(), organization, builtInQualityGate);
     GroupDto ownerGroup = insertOwnersGroup(dbSession, organization);
-    GroupDto defaultGroup = defaultGroupCreator.create(dbSession, organization.getUuid());
+    GroupDto defaultGroup = defaultGroupCreator.create(dbSession);
     insertDefaultTemplateOnGroups(dbSession, organization, ownerGroup, defaultGroup);
     addCurrentUserToGroup(dbSession, ownerGroup, userCreator.getUuid());
     addCurrentUserToGroup(dbSession, defaultGroup, userCreator.getUuid());
@@ -162,9 +162,9 @@ public class OrganizationUpdaterImpl implements OrganizationUpdater {
     PermissionTemplateDto permissionTemplateDto = dbClient.permissionTemplateDao().insert(
       dbSession,
       new PermissionTemplateDto()
-        .setOrganizationUuid(organizationDto.getUuid())
         .setUuid(uuidFactory.create())
         .setName(PERM_TEMPLATE_NAME)
+        .setOrganizationUuid(organizationDto.getUuid())
         .setDescription(format(PERM_TEMPLATE_DESCRIPTION_PATTERN, organizationDto.getName()))
         .setCreatedAt(now)
         .setUpdatedAt(now));
@@ -219,7 +219,6 @@ public class OrganizationUpdaterImpl implements OrganizationUpdater {
   private GroupDto insertOwnersGroup(DbSession dbSession, OrganizationDto organization) {
     GroupDto group = dbClient.groupDao().insert(dbSession, new GroupDto()
       .setUuid(uuidFactory.create())
-      .setOrganizationUuid(organization.getUuid())
       .setName(OWNERS_GROUP_NAME)
       .setDescription(OWNERS_GROUP_DESCRIPTION));
     permissionService.getAllOrganizationPermissions().forEach(p -> addPermissionToGroup(dbSession, group, p));
@@ -231,7 +230,6 @@ public class OrganizationUpdaterImpl implements OrganizationUpdater {
       dbSession,
       new GroupPermissionDto()
         .setUuid(uuidFactory.create())
-        .setOrganizationUuid(group.getOrganizationUuid())
         .setGroupUuid(group.getUuid())
         .setRole(permission.getKey()));
   }

server/sonar-webserver-auth/src/main/java/org/sonar/server/permission/GroupUuid.java

@@ -22,8 +22,6 @@ package org.sonar.server.permission;
 import javax.annotation.concurrent.Immutable;
 import org.sonar.db.user.GroupDto;
 
-import static java.util.Objects.requireNonNull;
-
 /**
  * Reference to a user group, as used internally by the backend. It does
  * not support reference to virtual groups "anyone".
@@ -34,22 +32,16 @@ import static java.util.Objects.requireNonNull;
 public class GroupUuid {
 
   private final String uuid;
-  private final String organizationUuid;
 
-  private GroupUuid(String organizationUuid, String uuid) {
+  private GroupUuid(String uuid) {
     this.uuid = uuid;
-    this.organizationUuid = requireNonNull(organizationUuid);
   }
 
   public String getUuid() {
     return uuid;
   }
 
-  public String getOrganizationUuid() {
-    return organizationUuid;
-  }
-
   public static GroupUuid from(GroupDto dto) {
-    return new GroupUuid(dto.getOrganizationUuid(), dto.getUuid());
+    return new GroupUuid(dto.getUuid());
   }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/permission/GroupUuidOrAnyone.java

@@ -24,8 +24,6 @@ import javax.annotation.Nullable;
 import javax.annotation.concurrent.Immutable;
 import org.sonar.db.user.GroupDto;
 
-import static java.util.Objects.requireNonNull;
-
 /**
  * Reference to a user group, as used internally by the backend. Contrary to
  * {@link GroupUuid}, it supports reference to virtual groups "anyone". In these
@@ -37,11 +35,9 @@ import static java.util.Objects.requireNonNull;
 public class GroupUuidOrAnyone {
 
   private final String uuid;
-  private final String organizationUuid;
 
-  private GroupUuidOrAnyone(String organizationUuid, @Nullable String uuid) {
+  private GroupUuidOrAnyone(@Nullable String uuid) {
     this.uuid = uuid;
-    this.organizationUuid = requireNonNull(organizationUuid, "organizationUuid can't be null");
   }
 
   public boolean isAnyone() {
@@ -53,15 +49,11 @@ public class GroupUuidOrAnyone {
     return uuid;
   }
 
-  public String getOrganizationUuid() {
-    return organizationUuid;
-  }
-
   public static GroupUuidOrAnyone from(GroupDto dto) {
-    return new GroupUuidOrAnyone(dto.getOrganizationUuid(), dto.getUuid());
+    return new GroupUuidOrAnyone(dto.getUuid());
   }
 
-  public static GroupUuidOrAnyone forAnyone(String organizationUuid) {
-    return new GroupUuidOrAnyone(organizationUuid, null);
+  public static GroupUuidOrAnyone forAnyone() {
+    return new GroupUuidOrAnyone(null);
   }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/AbstractUserSession.java

@@ -30,14 +30,12 @@ import javax.annotation.Nullable;
 import org.sonar.api.web.UserRole;
 import org.sonar.core.util.stream.MoreCollectors;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.exceptions.ForbiddenException;
 import org.sonar.server.exceptions.UnauthorizedException;
 
-import static java.lang.String.format;
 import static org.apache.commons.lang.StringUtils.defaultString;
 import static org.sonar.server.user.UserSession.IdentityProvider.SONARQUBE;
 
@@ -78,16 +76,11 @@ public abstract class AbstractUserSession implements UserSession {
   }
 
   @Override
-  public final boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
-    return hasPermission(permission, organization.getUuid());
+  public final boolean hasPermission(OrganizationPermission permission) {
+    return isRoot() || hasPermissionImpl(permission);
   }
 
-  @Override
-  public final boolean hasPermission(OrganizationPermission permission, String organizationUuid) {
-    return isRoot() || hasPermissionImpl(permission, organizationUuid);
-  }
-
-  protected abstract boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid);
+  protected abstract boolean hasPermissionImpl(OrganizationPermission permission);
 
   @Override
   public final boolean hasComponentPermission(String permission, ComponentDto component) {
@@ -121,13 +114,6 @@ public abstract class AbstractUserSession implements UserSession {
 
   protected abstract boolean hasProjectUuidPermission(String permission, String projectUuid);
 
-  @Override
-  public final boolean hasMembership(OrganizationDto organizationDto) {
-    return isRoot() || hasMembershipImpl(organizationDto);
-  }
-
-  protected abstract boolean hasMembershipImpl(OrganizationDto organizationDto);
-
   @Override
   public final List<ComponentDto> keepAuthorizedComponents(String permission, Collection<ComponentDto> components) {
     if (isRoot()) {
@@ -181,13 +167,8 @@ public abstract class AbstractUserSession implements UserSession {
   }
 
   @Override
-  public final UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
-    return checkPermission(permission, organization.getUuid());
-  }
-
-  @Override
-  public final UserSession checkPermission(OrganizationPermission permission, String organizationUuid) {
-    if (!hasPermission(permission, organizationUuid)) {
+  public final UserSession checkPermission(OrganizationPermission permission) {
+    if (!hasPermission(permission)) {
       throw new ForbiddenException(INSUFFICIENT_PRIVILEGES_MESSAGE);
     }
     return this;
@@ -228,13 +209,4 @@ public abstract class AbstractUserSession implements UserSession {
     }
     return this;
   }
-
-  @Override
-  public UserSession checkMembership(OrganizationDto organization) {
-    if (!hasMembership(organization)) {
-      throw new ForbiddenException(format("You're not member of organization '%s'", organization.getKey()));
-    }
-    return this;
-  }
-
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java

@@ -22,7 +22,6 @@ package org.sonar.server.user;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Optional;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.user.GroupDto;
 
@@ -108,7 +107,7 @@ public final class DoPrivileged {
       }
 
       @Override
-      protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
+      protected boolean hasPermissionImpl(OrganizationPermission permission) {
         return true;
       }
 
@@ -128,10 +127,6 @@ public final class DoPrivileged {
         return true;
       }
 
-      @Override
-      public boolean hasMembershipImpl(OrganizationDto organizationDto) {
-        return true;
-      }
     }
 
     private void start() {

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java

@@ -19,9 +19,6 @@
  */
 package org.sonar.server.user;
 
-import com.google.common.base.Supplier;
-import com.google.common.base.Suppliers;
-import com.google.common.collect.ImmutableSet;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.HashMap;
@@ -36,15 +33,10 @@ import org.sonar.core.util.stream.MoreCollectors;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
-import org.sonar.db.organization.OrganizationMemberDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
-import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.OrganizationFlags;
 
-import static java.util.Objects.requireNonNull;
 import static java.util.Optional.of;
 import static java.util.Optional.ofNullable;
 import static org.apache.commons.lang.StringUtils.defaultIfEmpty;
@@ -57,20 +49,14 @@ public class ServerUserSession extends AbstractUserSession {
   @CheckForNull
   private final UserDto userDto;
   private final DbClient dbClient;
-  private final OrganizationFlags organizationFlags;
-  private final DefaultOrganizationProvider defaultOrganizationProvider;
-  private final Supplier<Collection<GroupDto>> groups = Suppliers.memoize(this::loadGroups);
-  private final Supplier<Boolean> isSystemAdministratorSupplier = Suppliers.memoize(this::loadIsSystemAdministrator);
   private final Map<String, String> projectUuidByComponentUuid = new HashMap<>();
-  private Map<String, Set<OrganizationPermission>> permissionsByOrganizationUuid;
+  private Collection<GroupDto> groups;
+  private Boolean isSystemAdministrator;
+  private Set<OrganizationPermission> permissions;
   private Map<String, Set<String>> permissionsByProjectUuid;
-  private Set<String> organizationMembership = new HashSet<>();
 
-  ServerUserSession(DbClient dbClient, OrganizationFlags organizationFlags,
-    DefaultOrganizationProvider defaultOrganizationProvider, @Nullable UserDto userDto) {
+  ServerUserSession(DbClient dbClient, @Nullable UserDto userDto) {
     this.dbClient = dbClient;
-    this.organizationFlags = organizationFlags;
-    this.defaultOrganizationProvider = defaultOrganizationProvider;
     this.userDto = userDto;
   }
 
@@ -103,7 +89,10 @@ public class ServerUserSession extends AbstractUserSession {
 
   @Override
   public Collection<GroupDto> getGroups() {
-    return groups.get();
+    if (groups == null) {
+      groups = loadGroups();
+    }
+    return groups;
   }
 
   @Override
@@ -127,28 +116,13 @@ public class ServerUserSession extends AbstractUserSession {
   }
 
   @Override
-  protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
-    if (permissionsByOrganizationUuid == null) {
-      permissionsByOrganizationUuid = new HashMap<>();
+  protected boolean hasPermissionImpl(OrganizationPermission permission) {
+    if (permissions == null) {
+      permissions = loadGlobalPermissions();
     }
-    Set<OrganizationPermission> permissions = permissionsByOrganizationUuid.computeIfAbsent(organizationUuid, this::loadOrganizationPermissions);
     return permissions.contains(permission);
   }
 
-  private Set<OrganizationPermission> loadOrganizationPermissions(String organizationUuid) {
-    Set<String> permissionKeys;
-    try (DbSession dbSession = dbClient.openSession(false)) {
-      if (userDto != null && userDto.getUuid() != null) {
-        permissionKeys = dbClient.authorizationDao().selectOrganizationPermissions(dbSession, organizationUuid, userDto.getUuid());
-      } else {
-        permissionKeys = dbClient.authorizationDao().selectOrganizationPermissionsOfAnonymous(dbSession, organizationUuid);
-      }
-    }
-    return permissionKeys.stream()
-      .map(OrganizationPermission::fromKey)
-      .collect(MoreCollectors.toSet(permissionKeys.size()));
-  }
-
   @Override
   protected Optional<String> componentUuidToProjectUuid(String componentUuid) {
     String projectUuid = projectUuidByComponentUuid.get(componentUuid);
@@ -189,11 +163,25 @@ public class ServerUserSession extends AbstractUserSession {
       if (component.get().isPrivate()) {
         return loadDbPermissions(dbSession, projectUuid);
       }
-      ImmutableSet.Builder<String> builder = ImmutableSet.builder();
-      builder.addAll(PUBLIC_PERMISSIONS);
-      builder.addAll(loadDbPermissions(dbSession, projectUuid));
-      return builder.build();
+      Set<String> permissions = new HashSet<>();
+      permissions.addAll(PUBLIC_PERMISSIONS);
+      permissions.addAll(loadDbPermissions(dbSession, projectUuid));
+      return Collections.unmodifiableSet(permissions);
+    }
+  }
+
+  private Set<OrganizationPermission> loadGlobalPermissions() {
+    Set<String> permissionKeys;
+    try (DbSession dbSession = dbClient.openSession(false)) {
+      if (userDto != null && userDto.getUuid() != null) {
+        permissionKeys = dbClient.authorizationDao().selectGlobalPermissions(dbSession, userDto.getUuid());
+      } else {
+        permissionKeys = dbClient.authorizationDao().selectGlobalPermissionsOfAnonymous(dbSession);
+      }
     }
+    return permissionKeys.stream()
+      .map(OrganizationPermission::fromKey)
+      .collect(MoreCollectors.toSet(permissionKeys.size()));
   }
 
   private Set<String> loadDbPermissions(DbSession dbSession, String projectUuid) {
@@ -219,45 +207,16 @@ public class ServerUserSession extends AbstractUserSession {
 
   @Override
   public boolean isSystemAdministrator() {
-    return isSystemAdministratorSupplier.get();
-  }
-
-  private boolean loadIsSystemAdministrator() {
-    if (isRoot()) {
-      return true;
-    }
-    try (DbSession dbSession = dbClient.openSession(false)) {
-      if (!organizationFlags.isEnabled(dbSession)) {
-        String uuidOfDefaultOrg = defaultOrganizationProvider.get().getUuid();
-        return hasPermission(OrganizationPermission.ADMINISTER, uuidOfDefaultOrg);
-      }
-      // organization feature is enabled -> requires to be root
-      return false;
+    if (isSystemAdministrator == null) {
+      isSystemAdministrator = loadIsSystemAdministrator();
     }
+    return isSystemAdministrator;
   }
 
-  @Override
-  public boolean hasMembershipImpl(OrganizationDto organizationDto) {
-    return isMember(organizationDto.getUuid());
-  }
-
-  private boolean isMember(String organizationUuid) {
-    if (!isLoggedIn()) {
-      return false;
-    }
+  private boolean loadIsSystemAdministrator() {
     if (isRoot()) {
       return true;
     }
-
-    if (organizationMembership.contains(organizationUuid)) {
-      return true;
-    }
-    try (DbSession dbSession = dbClient.openSession(false)) {
-      Optional<OrganizationMemberDto> organizationMemberDto = dbClient.organizationMemberDao().select(dbSession, organizationUuid, requireNonNull(getUuid()));
-      if (organizationMemberDto.isPresent()) {
-        organizationMembership.add(organizationUuid);
-      }
-      return organizationMembership.contains(organizationUuid);
-    }
+    return hasPermission(OrganizationPermission.ADMINISTER);
   }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java

@@ -24,7 +24,6 @@ import java.util.List;
 import java.util.Optional;
 import javax.annotation.CheckForNull;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.db.user.GroupDto;
@@ -112,13 +111,13 @@ public class ThreadLocalUserSession implements UserSession {
   }
 
   @Override
-  public boolean hasPermission(OrganizationPermission permission, String organizationUuid) {
-    return get().hasPermission(permission, organizationUuid);
+  public boolean hasPermission(OrganizationPermission permission) {
+    return get().hasPermission(permission);
   }
 
   @Override
-  public UserSession checkPermission(OrganizationPermission permission, String organizationUuid) {
-    get().checkPermission(permission, organizationUuid);
+  public UserSession checkPermission(OrganizationPermission permission) {
+    get().checkPermission(permission);
     return this;
   }
 
@@ -166,17 +165,6 @@ public class ThreadLocalUserSession implements UserSession {
     return get().hasComponentUuidPermission(permission, componentUuid);
   }
 
-  @Override
-  public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
-    get().checkPermission(permission, organization);
-    return this;
-  }
-
-  @Override
-  public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
-    return get().hasPermission(permission, organization);
-  }
-
   @Override
   public List<ComponentDto> keepAuthorizedComponents(String permission, Collection<ComponentDto> components) {
     return get().keepAuthorizedComponents(permission, components);
@@ -186,15 +174,4 @@ public class ThreadLocalUserSession implements UserSession {
   public List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects) {
     return get().keepAuthorizedProjects(permission, projects);
   }
-
-  @Override
-  public boolean hasMembership(OrganizationDto organizationDto) {
-    return get().hasMembership(organizationDto);
-  }
-
-  @Override
-  public UserSession checkMembership(OrganizationDto organization) {
-    get().checkMembership(organization);
-    return this;
-  }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java

@@ -27,7 +27,6 @@ import java.util.Optional;
 import javax.annotation.CheckForNull;
 import javax.annotation.concurrent.Immutable;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.db.user.GroupDto;
@@ -126,8 +125,7 @@ public interface UserSession {
         return false;
       }
       ExternalIdentity that = (ExternalIdentity) o;
-      return Objects.equals(id, that.id) &&
-        Objects.equals(login, that.login);
+      return Objects.equals(id, that.id) && Objects.equals(login, that.login);
     }
 
     @Override
@@ -171,17 +169,13 @@ public interface UserSession {
    * Always returns {@code true} if {@link #isRoot()} is {@code true}, even if
    * organization does not exist.
    */
-  boolean hasPermission(OrganizationPermission permission, OrganizationDto organization);
-
-  boolean hasPermission(OrganizationPermission permission, String organizationUuid);
+  boolean hasPermission(OrganizationPermission permission);
 
   /**
-   * Ensures that {@link #hasPermission(OrganizationPermission, OrganizationDto)} is {@code true},
+   * Ensures that {@link #hasPermission(OrganizationPermission)} is {@code true},
    * otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}.
    */
-  UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization);
-
-  UserSession checkPermission(OrganizationPermission permission, String organizationUuid);
+  UserSession checkPermission(OrganizationPermission permission);
 
   /**
    * Returns {@code true} if the permission is granted to user on the component,
@@ -221,6 +215,7 @@ public interface UserSession {
   List<ComponentDto> keepAuthorizedComponents(String permission, Collection<ComponentDto> components);
 
   List<ProjectDto> keepAuthorizedProjects(String permission, Collection<ProjectDto> projects);
+
   /**
    * Ensures that {@link #hasComponentPermission(String, ComponentDto)} is {@code true},
    * otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}.
@@ -259,21 +254,4 @@ public interface UserSession {
    * otherwise throws {@link org.sonar.server.exceptions.ForbiddenException}.
    */
   UserSession checkIsSystemAdministrator();
-
-  /**
-   * Returns {@code true} if the user is member of the organization, otherwise {@code false}.
-   *
-   * If the organization does not exist, then returns {@code false}.
-   *
-   * Always returns {@code true} if {@link #isRoot()} is {@code true}, even if
-   * organization does not exist.
-   */
-  boolean hasMembership(OrganizationDto organization);
-
-  /**
-   * Ensures that {@link #hasMembership(OrganizationDto)} is {@code true},
-   * otherwise throws a {@link org.sonar.server.exceptions.ForbiddenException}.
-   */
-  UserSession checkMembership(OrganizationDto organization);
-
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactoryImpl.java

@@ -23,8 +23,6 @@ import org.sonar.api.server.ServerSide;
 import org.sonar.db.DbClient;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.authentication.UserLastConnectionDatesUpdater;
-import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.OrganizationFlags;
 
 import static java.util.Objects.requireNonNull;
 
@@ -32,15 +30,10 @@ import static java.util.Objects.requireNonNull;
 public class UserSessionFactoryImpl implements UserSessionFactory {
 
   private final DbClient dbClient;
-  private final DefaultOrganizationProvider defaultOrganizationProvider;
-  private final OrganizationFlags organizationFlags;
   private final UserLastConnectionDatesUpdater userLastConnectionDatesUpdater;
 
-  public UserSessionFactoryImpl(DbClient dbClient, DefaultOrganizationProvider defaultOrganizationProvider,
-    OrganizationFlags organizationFlags, UserLastConnectionDatesUpdater userLastConnectionDatesUpdater) {
+  public UserSessionFactoryImpl(DbClient dbClient, UserLastConnectionDatesUpdater userLastConnectionDatesUpdater) {
     this.dbClient = dbClient;
-    this.defaultOrganizationProvider = defaultOrganizationProvider;
-    this.organizationFlags = organizationFlags;
     this.userLastConnectionDatesUpdater = userLastConnectionDatesUpdater;
   }
 
@@ -48,11 +41,11 @@ public class UserSessionFactoryImpl implements UserSessionFactory {
   public ServerUserSession create(UserDto user) {
     requireNonNull(user, "UserDto must not be null");
     userLastConnectionDatesUpdater.updateLastConnectionDateIfNeeded(user);
-    return new ServerUserSession(dbClient, organizationFlags, defaultOrganizationProvider, user);
+    return new ServerUserSession(dbClient, user);
   }
 
   @Override
   public ServerUserSession createAnonymous() {
-    return new ServerUserSession(dbClient, organizationFlags, defaultOrganizationProvider, null);
+    return new ServerUserSession(dbClient, null);
   }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserUpdater.java

@@ -33,17 +33,14 @@ import org.apache.commons.lang.math.RandomUtils;
 import org.sonar.api.config.Configuration;
 import org.sonar.api.platform.NewUserHandler;
 import org.sonar.api.server.ServerSide;
-import org.sonar.api.utils.System2;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.organization.OrganizationMemberDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.db.user.UserGroupDto;
-import org.sonar.db.user.UserPropertyDto;
 import org.sonar.server.authentication.CredentialsLocalAuthentication;
 import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.OrganizationFlags;
 import org.sonar.server.user.index.UserIndexer;
 import org.sonar.server.usergroups.DefaultGroupFinder;
 import org.sonar.server.util.Validation;
@@ -63,8 +60,6 @@ import static org.sonar.server.exceptions.BadRequestException.checkRequest;
 @ServerSide
 public class UserUpdater {
 
-  public static final String NOTIFICATIONS_READ_DATE = "notifications.readDate";
-
   private static final String SQ_AUTHORITY = "sonarqube";
 
   private static final String LOGIN_PARAM = "Login";
@@ -81,20 +76,16 @@ public class UserUpdater {
   private final DbClient dbClient;
   private final UserIndexer userIndexer;
   private final DefaultOrganizationProvider defaultOrganizationProvider;
-  private final OrganizationFlags organizationFlags;
   private final DefaultGroupFinder defaultGroupFinder;
   private final Configuration config;
   private final CredentialsLocalAuthentication localAuthentication;
-  private final System2 system2;
 
-  public UserUpdater(System2 system2, NewUserNotifier newUserNotifier, DbClient dbClient, UserIndexer userIndexer, OrganizationFlags organizationFlags,
+  public UserUpdater(NewUserNotifier newUserNotifier, DbClient dbClient, UserIndexer userIndexer,
     DefaultOrganizationProvider defaultOrganizationProvider, DefaultGroupFinder defaultGroupFinder, Configuration config,
     CredentialsLocalAuthentication localAuthentication) {
-    this.system2 = system2;
     this.newUserNotifier = newUserNotifier;
     this.dbClient = dbClient;
     this.userIndexer = userIndexer;
-    this.organizationFlags = organizationFlags;
     this.defaultOrganizationProvider = defaultOrganizationProvider;
     this.defaultGroupFinder = defaultGroupFinder;
     this.config = config;
@@ -129,12 +120,7 @@ public class UserUpdater {
     setOnboarded(reactivatedUser);
     updateDto(dbSession, updateUser, reactivatedUser);
     updateUser(dbSession, reactivatedUser);
-    boolean isOrganizationEnabled = organizationFlags.isEnabled(dbSession);
-    if (isOrganizationEnabled) {
-      setNotificationsReadDate(dbSession, reactivatedUser);
-    } else {
-      addUserToDefaultOrganizationAndDefaultGroup(dbSession, reactivatedUser);
-    }
+    addUserToDefaultOrganizationAndDefaultGroup(dbSession, reactivatedUser);
   }
 
   public void updateAndCommit(DbSession dbSession, UserDto dto, UpdateUser updateUser, Consumer<UserDto> beforeCommit, UserDto... otherUsersToIndex) {
@@ -429,13 +415,7 @@ public class UserUpdater {
   private UserDto saveUser(DbSession dbSession, UserDto userDto) {
     userDto.setActive(true);
     UserDto res = dbClient.userDao().insert(dbSession, userDto);
-    boolean isOrganizationEnabled = organizationFlags.isEnabled(dbSession);
-    if (isOrganizationEnabled) {
-      setNotificationsReadDate(dbSession, userDto);
-    } else {
-      addUserToDefaultOrganizationAndDefaultGroup(dbSession, userDto);
-    }
-
+    addUserToDefaultOrganizationAndDefaultGroup(dbSession, userDto);
     return res;
   }
 
@@ -467,19 +447,11 @@ public class UserUpdater {
   }
 
   private void addDefaultGroup(DbSession dbSession, UserDto userDto) {
-    String defOrgUuid = defaultOrganizationProvider.get().getUuid();
     List<GroupDto> userGroups = dbClient.groupDao().selectByUserLogin(dbSession, userDto.getLogin());
-    GroupDto defaultGroup = defaultGroupFinder.findDefaultGroup(dbSession, defOrgUuid);
+    GroupDto defaultGroup = defaultGroupFinder.findDefaultGroup(dbSession);
     if (isUserAlreadyMemberOfDefaultGroup(defaultGroup, userGroups)) {
       return;
     }
     dbClient.userGroupDao().insert(dbSession, new UserGroupDto().setUserUuid(userDto.getUuid()).setGroupUuid(defaultGroup.getUuid()));
   }
-
-  private void setNotificationsReadDate(DbSession dbSession, UserDto user) {
-    dbClient.userPropertiesDao().insertOrUpdate(dbSession, new UserPropertyDto()
-      .setUserUuid(user.getUuid())
-      .setKey(NOTIFICATIONS_READ_DATE)
-      .setValue(Long.toString(system2.now())));
-  }
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/usergroups/DefaultGroupCreator.java

@@ -25,8 +25,8 @@ import org.sonar.db.user.GroupDto;
 public interface DefaultGroupCreator {
 
   /**
-   * Create the default group on the given organization
+   * Create the default group
    */
-  GroupDto create(DbSession dbSession, String organizationUuid);
+  GroupDto create(DbSession dbSession);
 
 }

server/sonar-webserver-auth/src/main/java/org/sonar/server/usergroups/DefaultGroupCreatorImpl.java

@@ -24,6 +24,7 @@ import org.sonar.core.util.UuidFactory;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.user.GroupDto;
+import org.sonar.server.organization.DefaultOrganizationProvider;
 
 import static com.google.common.base.Preconditions.checkArgument;
 
@@ -32,23 +33,24 @@ public class DefaultGroupCreatorImpl implements DefaultGroupCreator {
   public static final String DEFAULT_GROUP_NAME = "Members";
   private final DbClient dbClient;
   private final UuidFactory uuidFactory;
+  private final DefaultOrganizationProvider organizationProvider;
 
-  public DefaultGroupCreatorImpl(DbClient dbClient, UuidFactory uuidFactory) {
+  public DefaultGroupCreatorImpl(DbClient dbClient, UuidFactory uuidFactory, DefaultOrganizationProvider organizationProvider) {
     this.dbClient = dbClient;
     this.uuidFactory = uuidFactory;
+    this.organizationProvider = organizationProvider;
   }
 
-  public GroupDto create(DbSession dbSession, String organizationUuid) {
-    Optional<GroupDto> existingMembersGroup = dbClient.groupDao().selectByName(dbSession, organizationUuid, DEFAULT_GROUP_NAME);
-    checkArgument(!existingMembersGroup.isPresent(), "The group '%s' already exist on organization '%s'", DEFAULT_GROUP_NAME, organizationUuid);
+  public GroupDto create(DbSession dbSession) {
+    Optional<GroupDto> existingMembersGroup = dbClient.groupDao().selectByName(dbSession, DEFAULT_GROUP_NAME);
+    checkArgument(!existingMembersGroup.isPresent(), "The group '%s' already exists", DEFAULT_GROUP_NAME);
 
     GroupDto defaultGroup = new GroupDto()
       .setUuid(uuidFactory.create())
       .setName(DEFAULT_GROUP_NAME)
-      .setDescription("All members of the organization")
-      .setOrganizationUuid(organizationUuid);
+      .setDescription("All members of the organization");
     dbClient.groupDao().insert(dbSession, defaultGroup);
-    dbClient.organizationDao().setDefaultGroupUuid(dbSession, organizationUuid, defaultGroup);
+    dbClient.organizationDao().setDefaultGroupUuid(dbSession, organizationProvider.get().getUuid(), defaultGroup);
     return defaultGroup;
   }
 

server/sonar-webserver-auth/src/main/java/org/sonar/server/usergroups/DefaultGroupFinder.java

@@ -22,6 +22,7 @@ package org.sonar.server.usergroups;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.user.GroupDto;
+import org.sonar.server.organization.DefaultOrganizationProvider;
 
 import static java.lang.String.format;
 import static java.util.Objects.requireNonNull;
@@ -29,14 +30,16 @@ import static java.util.Objects.requireNonNull;
 public class DefaultGroupFinder {
 
   private final DbClient dbClient;
+  private final DefaultOrganizationProvider defaultOrganizationProvider;
 
-  public DefaultGroupFinder(DbClient dbClient) {
+  public DefaultGroupFinder(DbClient dbClient, DefaultOrganizationProvider defaultOrganizationProvider) {
     this.dbClient = dbClient;
+    this.defaultOrganizationProvider = defaultOrganizationProvider;
   }
 
-  public GroupDto findDefaultGroup(DbSession dbSession, String organizationUuid) {
-    String defaultGroupUuid = dbClient.organizationDao().getDefaultGroupUuid(dbSession, organizationUuid)
-      .orElseThrow(() -> new IllegalStateException(format("Default group cannot be found on organization '%s'", organizationUuid)));
+  public GroupDto findDefaultGroup(DbSession dbSession) {
+    String defaultGroupUuid = dbClient.organizationDao().getDefaultGroupUuid(dbSession, defaultOrganizationProvider.get().getUuid())
+      .orElseThrow(() -> new IllegalStateException("Default group cannot be found "));
     return requireNonNull(dbClient.groupDao().selectByUuid(dbSession, defaultGroupUuid), format("Group '%s' cannot be found", defaultGroupUuid));
   }
 

server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/HttpHeadersAuthenticationTest.java

@@ -34,7 +34,6 @@ import org.junit.rules.ExpectedException;
 import org.sonar.api.config.internal.MapSettings;
 import org.sonar.api.impl.utils.AlwaysIncreasingSystem2;
 import org.sonar.api.utils.System2;
-import org.sonar.core.util.stream.MoreCollectors;
 import org.sonar.db.DbTester;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
@@ -42,9 +41,7 @@ import org.sonar.server.authentication.event.AuthenticationEvent;
 import org.sonar.server.authentication.event.AuthenticationEvent.Source;
 import org.sonar.server.es.EsTester;
 import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.OrganizationUpdater;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
-import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.NewUserNotifier;
 import org.sonar.server.user.UserUpdater;
 import org.sonar.server.user.index.UserIndexer;
@@ -97,17 +94,16 @@ public class HttpHeadersAuthenticationTest {
   private GroupDto sonarUsers;
 
   private System2 system2 = mock(System2.class);
-  private OrganizationUpdater organizationUpdater = mock(OrganizationUpdater.class);
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
-  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
   private CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient());
 
   private UserIndexer userIndexer = new UserIndexer(db.getDbClient(), es.client());
   private UserRegistrarImpl userIdentityAuthenticator = new UserRegistrarImpl(
     db.getDbClient(),
-    new UserUpdater(system2, mock(NewUserNotifier.class), db.getDbClient(), userIndexer, organizationFlags, defaultOrganizationProvider,
-      new DefaultGroupFinder(db.getDbClient()), settings.asConfig(), localAuthentication),
-    defaultOrganizationProvider, organizationFlags, new DefaultGroupFinder(db.getDbClient()), null);
+    new UserUpdater(mock(NewUserNotifier.class), db.getDbClient(), userIndexer, defaultOrganizationProvider, new DefaultGroupFinder(db.getDbClient(), defaultOrganizationProvider),
+      settings.asConfig(),
+      localAuthentication),
+    new DefaultGroupFinder(db.getDbClient(), defaultOrganizationProvider));
 
   private HttpServletResponse response = mock(HttpServletResponse.class);
   private JwtHttpHandler jwtHttpHandler = mock(JwtHttpHandler.class);
@@ -118,9 +114,9 @@ public class HttpHeadersAuthenticationTest {
   @Before
   public void setUp() {
     when(system2.now()).thenReturn(NOW);
-    group1 = db.users().insertGroup(db.getDefaultOrganization(), GROUP1);
-    group2 = db.users().insertGroup(db.getDefaultOrganization(), GROUP2);
-    sonarUsers = db.users().insertDefaultGroup(db.getDefaultOrganization(), "sonar-users");
+    group1 = db.users().insertGroup(GROUP1);
+    group2 = db.users().insertGroup(GROUP2);
+    sonarUsers = db.users().insertDefaultGroup("sonar-users");
   }
 
   @Test
@@ -433,7 +429,7 @@ public class HttpHeadersAuthenticationTest {
     if (expectedGroups.length == 0) {
       assertThat(db.users().selectGroupUuidsOfUser(userDto)).isEmpty();
     } else {
-      assertThat(db.users().selectGroupUuidsOfUser(userDto)).containsOnly(stream(expectedGroups).map(GroupDto::getUuid).collect(MoreCollectors.toList()).toArray(new String[] {}));
+      assertThat(db.users().selectGroupUuidsOfUser(userDto)).containsOnly(stream(expectedGroups).map(GroupDto::getUuid).toArray(String[]::new));
     }
   }
 
@@ -453,5 +449,4 @@ public class HttpHeadersAuthenticationTest {
   private void verifyTokenIsNotUpdated() {
     verify(jwtHttpHandler, never()).generateToken(any(UserDto.class), anyMap(), any(HttpServletRequest.class), any(HttpServletResponse.class));
   }
-
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java

@@ -24,7 +24,6 @@ import org.sonar.api.web.UserRole;
 import org.sonar.db.permission.OrganizationPermission;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
 
 public class SafeModeUserSessionTest {
 
@@ -43,8 +42,7 @@ public class SafeModeUserSessionTest {
   public void session_has_no_permissions() {
     assertThat(underTest.isRoot()).isFalse();
     assertThat(underTest.isSystemAdministrator()).isFalse();
-    assertThat(underTest.hasPermissionImpl(OrganizationPermission.ADMINISTER, "foo")).isFalse();
+    assertThat(underTest.hasPermissionImpl(OrganizationPermission.ADMINISTER)).isFalse();
     assertThat(underTest.hasProjectUuidPermission(UserRole.USER, "foo")).isFalse();
-    assertThat(underTest.hasMembership(newOrganizationDto())).isFalse();
   }
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplOrgMembershipSyncTest.java

@@ -1,244 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2020 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.authentication;
-
-import com.google.common.collect.ImmutableSet;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.config.internal.MapSettings;
-import org.sonar.api.impl.utils.AlwaysIncreasingSystem2;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.resources.ResourceTypes;
-import org.sonar.api.server.authentication.UserIdentity;
-import org.sonar.api.utils.System2;
-import org.sonar.db.DbTester;
-import org.sonar.db.alm.AlmAppInstallDto;
-import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.organization.OrganizationDto;
-import org.sonar.db.user.UserDto;
-import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy;
-import org.sonar.server.authentication.event.AuthenticationEvent.Source;
-import org.sonar.server.es.EsTester;
-import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.MemberUpdater;
-import org.sonar.server.organization.OrganizationUpdater;
-import org.sonar.server.organization.TestDefaultOrganizationProvider;
-import org.sonar.server.organization.TestOrganizationFlags;
-import org.sonar.server.permission.PermissionService;
-import org.sonar.server.permission.PermissionServiceImpl;
-import org.sonar.server.user.NewUserNotifier;
-import org.sonar.server.user.UserUpdater;
-import org.sonar.server.user.index.UserIndexer;
-import org.sonar.server.usergroups.DefaultGroupFinder;
-
-import static org.mockito.Mockito.mock;
-import static org.sonar.db.alm.ALM.BITBUCKETCLOUD;
-import static org.sonar.db.alm.ALM.GITHUB;
-import static org.sonar.server.authentication.event.AuthenticationEvent.Method.BASIC;
-
-public class UserRegistrarImplOrgMembershipSyncTest {
-
-  private System2 system2 = new AlwaysIncreasingSystem2();
-
-  private static String USER_LOGIN = "github-johndoo";
-
-  private static UserIdentity USER_IDENTITY = UserIdentity.builder()
-    .setProviderId("ABCD")
-    .setProviderLogin("johndoo")
-    .setName("John")
-    .setEmail("john@email.com")
-    .build();
-
-  private static TestIdentityProvider GITHUB_PROVIDER = new TestIdentityProvider()
-    .setKey("github")
-    .setName("Github")
-    .setEnabled(true)
-    .setAllowsUsersToSignUp(true);
-
-  private static TestIdentityProvider BITBUCKET_PROVIDER = new TestIdentityProvider()
-    .setKey("bitbucket")
-    .setName("Bitbucket")
-    .setEnabled(true)
-    .setAllowsUsersToSignUp(true);
-
-  private MapSettings settings = new MapSettings();
-
-  @Rule
-  public ExpectedException expectedException = ExpectedException.none();
-  @Rule
-  public DbTester db = DbTester.create(new AlwaysIncreasingSystem2());
-  @Rule
-  public EsTester es = EsTester.create();
-  private UserIndexer userIndexer = new UserIndexer(db.getDbClient(), es.client());
-  private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
-  private OrganizationUpdater organizationUpdater = mock(OrganizationUpdater.class);
-  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
-  private CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient());
-  private UserUpdater userUpdater = new UserUpdater(
-    system2,
-    mock(NewUserNotifier.class),
-    db.getDbClient(),
-    userIndexer,
-    organizationFlags,
-    defaultOrganizationProvider,
-    new DefaultGroupFinder(db.getDbClient()),
-    settings.asConfig(),
-    localAuthentication);
-
-  private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
-  private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
-  private DefaultGroupFinder defaultGroupFinder = new DefaultGroupFinder(db.getDbClient());
-
-  private UserRegistrarImpl underTest = new UserRegistrarImpl(db.getDbClient(), userUpdater, defaultOrganizationProvider, organizationFlags,
-    defaultGroupFinder, new MemberUpdater(db.getDbClient(), defaultGroupFinder, userIndexer));
-
-  @Test
-  public void authenticate_new_github_user_syncs_organization() {
-    organizationFlags.setEnabled(true);
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);
-
-    underTest.register(UserRegistration.builder()
-      .setUserIdentity(USER_IDENTITY)
-      .setProvider(GITHUB_PROVIDER)
-      .setSource(Source.realm(BASIC, GITHUB_PROVIDER.getName()))
-      .setExistingEmailStrategy(ExistingEmailStrategy.ALLOW)
-      .setOrganizationAlmIds(ImmutableSet.of(gitHubInstall.getOrganizationAlmId()))
-      .build());
-
-    UserDto user = db.users().selectUserByExternalLoginAndIdentityProvider(USER_IDENTITY.getProviderLogin(), GITHUB_PROVIDER.getKey()).get();
-    db.organizations().assertUserIsMemberOfOrganization(organization, user);
-  }
-
-  @Test
-  public void authenticate_new_github_user_does_not_sync_organization_when_no_org_alm_ids_provided() {
-    organizationFlags.setEnabled(true);
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);
-
-    underTest.register(UserRegistration.builder()
-      .setUserIdentity(USER_IDENTITY)
-      .setProvider(GITHUB_PROVIDER)
-      .setSource(Source.realm(BASIC, GITHUB_PROVIDER.getName()))
-      .setExistingEmailStrategy(ExistingEmailStrategy.ALLOW)
-      .setOrganizationAlmIds(null)
-      .build());
-
-    UserDto user = db.users().selectUserByExternalLoginAndIdentityProvider(USER_IDENTITY.getProviderLogin(), GITHUB_PROVIDER.getKey()).get();
-    db.organizations().assertUserIsNotMemberOfOrganization(organization, user);
-  }
-
-  @Test
-  public void authenticate_new_bitbucket_user_does_not_sync_organization() {
-    organizationFlags.setEnabled(true);
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(BITBUCKETCLOUD));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);
-
-    underTest.register(UserRegistration.builder()
-      .setUserIdentity(USER_IDENTITY)
-      .setProvider(BITBUCKET_PROVIDER)
-      .setSource(Source.realm(BASIC, BITBUCKET_PROVIDER.getName()))
-      .setExistingEmailStrategy(ExistingEmailStrategy.ALLOW)
-      .setOrganizationAlmIds(ImmutableSet.of(gitHubInstall.getOrganizationAlmId()))
-      .build());
-
-    UserDto user = db.users().selectUserByExternalLoginAndIdentityProvider(USER_IDENTITY.getProviderLogin(), BITBUCKET_PROVIDER.getKey()).get();
-    db.organizations().assertUserIsNotMemberOfOrganization(organization, user);
-  }
-
-  @Test
-  public void authenticate_new_user_using_unknown_alm_does_not_sync_organization() {
-    organizationFlags.setEnabled(true);
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto almAppInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, almAppInstall, true);
-    TestIdentityProvider identityProvider = new TestIdentityProvider()
-      .setKey("unknown")
-      .setName("unknown")
-      .setEnabled(true)
-      .setAllowsUsersToSignUp(true);
-
-    underTest.register(UserRegistration.builder()
-      .setUserIdentity(USER_IDENTITY)
-      .setProvider(identityProvider)
-      .setSource(Source.realm(BASIC, identityProvider.getName()))
-      .setExistingEmailStrategy(ExistingEmailStrategy.ALLOW)
-      .setOrganizationAlmIds(ImmutableSet.of(almAppInstall.getOrganizationAlmId()))
-      .build());
-
-    UserDto user = db.users().selectUserByExternalLoginAndIdentityProvider(USER_IDENTITY.getProviderLogin(), identityProvider.getKey()).get();
-    db.organizations().assertUserIsNotMemberOfOrganization(organization, user);
-  }
-
-  @Test
-  public void authenticate_existing_github_user_does_not_sync_organization() {
-    organizationFlags.setEnabled(true);
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);
-    UserDto user = db.users().insertUser(u -> u
-      .setLogin("Old login")
-      .setExternalId(USER_IDENTITY.getProviderId())
-      .setExternalIdentityProvider(GITHUB_PROVIDER.getKey()));
-
-    underTest.register(UserRegistration.builder()
-      .setUserIdentity(USER_IDENTITY)
-      .setProvider(GITHUB_PROVIDER)
-      .setSource(Source.local(BASIC))
-      .setExistingEmailStrategy(ExistingEmailStrategy.FORBID)
-      .setOrganizationAlmIds(ImmutableSet.of(gitHubInstall.getOrganizationAlmId()))
-      .build());
-
-    db.organizations().assertUserIsNotMemberOfOrganization(organization, user);
-  }
-
-  @Test
-  public void authenticate_disabled_github_user_syncs_organization() {
-    organizationFlags.setEnabled(true);
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);
-    UserDto user = db.users().insertDisabledUser(u -> u
-      .setLogin(USER_LOGIN)
-      .setExternalId(USER_IDENTITY.getProviderId())
-      .setExternalIdentityProvider(GITHUB_PROVIDER.getKey())
-    );
-
-    underTest.register(UserRegistration.builder()
-      .setUserIdentity(USER_IDENTITY)
-      .setProvider(GITHUB_PROVIDER)
-      .setSource(Source.local(BASIC))
-      .setExistingEmailStrategy(ExistingEmailStrategy.FORBID)
-      .setOrganizationAlmIds(ImmutableSet.of(gitHubInstall.getOrganizationAlmId()))
-      .build());
-
-    db.organizations().assertUserIsMemberOfOrganization(organization, user);
-  }
-}

server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/UserRegistrarImplTest.java

@@ -21,16 +21,15 @@ package org.sonar.server.authentication;
 
 import java.util.Optional;
 import java.util.stream.Collectors;
+import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.api.config.internal.MapSettings;
 import org.sonar.api.impl.utils.AlwaysIncreasingSystem2;
 import org.sonar.api.server.authentication.UserIdentity;
-import org.sonar.api.utils.System2;
 import org.sonar.core.util.stream.MoreCollectors;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.authentication.UserRegistration.ExistingEmailStrategy;
@@ -39,16 +38,12 @@ import org.sonar.server.authentication.event.AuthenticationEvent.Source;
 import org.sonar.server.authentication.exception.EmailAlreadyExistsRedirectionException;
 import org.sonar.server.es.EsTester;
 import org.sonar.server.organization.DefaultOrganizationProvider;
-import org.sonar.server.organization.MemberUpdater;
-import org.sonar.server.organization.OrganizationUpdater;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
-import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.NewUserNotifier;
 import org.sonar.server.user.UserUpdater;
 import org.sonar.server.user.index.UserIndexer;
 import org.sonar.server.usergroups.DefaultGroupFinder;
 
-import static com.google.common.collect.Sets.newHashSet;
 import static java.util.Arrays.stream;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
@@ -59,9 +54,6 @@ import static org.sonar.server.authentication.event.AuthenticationEvent.Method.B
 import static org.sonar.server.authentication.event.AuthenticationExceptionMatcher.authenticationException;
 
 public class UserRegistrarImplTest {
-
-  private System2 system2 = new AlwaysIncreasingSystem2();
-
   private static String USER_LOGIN = "johndoo";
 
   private static UserIdentity USER_IDENTITY = UserIdentity.builder()
@@ -87,29 +79,27 @@ public class UserRegistrarImplTest {
   public EsTester es = EsTester.create();
   private UserIndexer userIndexer = new UserIndexer(db.getDbClient(), es.client());
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
-  private OrganizationUpdater organizationUpdater = mock(OrganizationUpdater.class);
-  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
   private CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient());
+  private DefaultGroupFinder groupFinder = new DefaultGroupFinder(db.getDbClient(), defaultOrganizationProvider);
   private UserUpdater userUpdater = new UserUpdater(
-    system2,
     mock(NewUserNotifier.class),
     db.getDbClient(),
     userIndexer,
-    organizationFlags,
     defaultOrganizationProvider,
-    new DefaultGroupFinder(db.getDbClient()),
+    groupFinder,
     settings.asConfig(),
     localAuthentication);
 
-  private DefaultGroupFinder defaultGroupFinder = new DefaultGroupFinder(db.getDbClient());
+  private UserRegistrarImpl underTest = new UserRegistrarImpl(db.getDbClient(), userUpdater, groupFinder);
+  private GroupDto defaultGroup;
 
-  private UserRegistrarImpl underTest = new UserRegistrarImpl(db.getDbClient(), userUpdater, defaultOrganizationProvider, organizationFlags,
-    defaultGroupFinder, new MemberUpdater(db.getDbClient(), defaultGroupFinder, userIndexer));
+  @Before
+  public void setUp() {
+    defaultGroup = insertDefaultGroup();
+  }
 
   @Test
   public void authenticate_new_user() {
-    organizationFlags.setEnabled(true);
-
     UserDto createdUser = underTest.register(UserRegistration.builder()
       .setUserIdentity(USER_IDENTITY)
       .setProvider(IDENTITY_PROVIDER)
@@ -126,14 +116,11 @@ public class UserRegistrarImplTest {
     assertThat(user.getExternalIdentityProvider()).isEqualTo("github");
     assertThat(user.getExternalId()).isEqualTo("ABCD");
     assertThat(user.isRoot()).isFalse();
-    checkGroupMembership(user);
+    checkGroupMembership(user, defaultGroup);
   }
 
   @Test
   public void authenticate_new_user_with_sq_identity() {
-    organizationFlags.setEnabled(false);
-    GroupDto defaultGroup = insertDefaultGroup();
-
     TestIdentityProvider sqIdentityProvider = new TestIdentityProvider()
       .setKey("sonarqube")
       .setName("sonarqube identity name")
@@ -163,8 +150,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_new_user_generate_login_when_no_login_provided() {
-    organizationFlags.setEnabled(true);
-
     underTest.register(UserRegistration.builder()
       .setUserIdentity(UserIdentity.builder()
         .setProviderId("ABCD")
@@ -189,22 +174,19 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_new_user_with_groups() {
-    organizationFlags.setEnabled(true);
-    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
-    GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization(), "group2");
+    GroupDto group1 = db.users().insertGroup("group1");
+    GroupDto group2 = db.users().insertGroup("group2");
 
     UserDto loggedInUser = authenticate(USER_LOGIN, "group1", "group2", "group3");
 
     Optional<UserDto> user = db.users().selectUserByLogin(loggedInUser.getLogin());
-    checkGroupMembership(user.get(), group1, group2);
+    checkGroupMembership(user.get(), group1, group2, defaultGroup);
   }
 
   @Test
-  public void authenticate_new_user_and_force_default_group_when_organizations_are_disabled() {
-    organizationFlags.setEnabled(false);
+  public void authenticate_new_user_and_force_default_group() {
     UserDto user = db.users().insertUser();
-    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
-    GroupDto defaultGroup = insertDefaultGroup();
+    GroupDto group1 = db.users().insertGroup("group1");
     db.users().insertMember(group1, user);
     db.users().insertMember(defaultGroup, user);
 
@@ -213,26 +195,8 @@ public class UserRegistrarImplTest {
     checkGroupMembership(user, group1, defaultGroup);
   }
 
-  @Test
-  public void does_not_force_default_group_when_authenticating_new_user_if_organizations_are_enabled() {
-    organizationFlags.setEnabled(true);
-    UserDto user = db.users().insertUser(newUserDto()
-      .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())
-      .setExternalLogin(USER_IDENTITY.getProviderLogin())
-    );
-    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
-    GroupDto defaultGroup = insertDefaultGroup();
-    db.users().insertMember(group1, user);
-    db.users().insertMember(defaultGroup, user);
-
-    authenticate(user.getExternalLogin(), "group1");
-
-    checkGroupMembership(user, group1);
-  }
-
   @Test
   public void authenticate_new_user_sets_onboarded_flag_to_false_when_onboarding_setting_is_set_to_true() {
-    organizationFlags.setEnabled(true);
     settings.setProperty(ONBOARDING_TUTORIAL_SHOW_TO_NEW_USERS.getKey(), true);
 
     UserDto user = underTest.register(UserRegistration.builder()
@@ -247,7 +211,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_new_user_sets_onboarded_flag_to_true_when_onboarding_setting_is_set_to_false() {
-    organizationFlags.setEnabled(true);
     settings.setProperty(ONBOARDING_TUTORIAL_SHOW_TO_NEW_USERS.getKey(), false);
 
     UserDto user = underTest.register(UserRegistration.builder()
@@ -262,7 +225,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void external_id_is_set_to_provider_login_when_null() {
-    organizationFlags.setEnabled(true);
     UserIdentity newUser = UserIdentity.builder()
       .setProviderId(null)
       .setProviderLogin("johndoo")
@@ -283,7 +245,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_new_user_update_existing_user_email_when_strategy_is_ALLOW() {
-    organizationFlags.setEnabled(true);
     UserDto existingUser = db.users().insertUser(u -> u.setEmail("john@email.com"));
     UserIdentity newUser = UserIdentity.builder()
       .setProviderLogin("johndoo")
@@ -306,7 +267,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void throw_EmailAlreadyExistException_when_authenticating_new_user_when_email_already_exists_and_strategy_is_WARN() {
-    organizationFlags.setEnabled(true);
     UserDto existingUser = db.users().insertUser(u -> u.setEmail("john@email.com"));
     UserIdentity newUser = UserIdentity.builder()
       .setProviderLogin("johndoo")
@@ -387,7 +347,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_and_update_existing_user_matching_login() {
-    insertDefaultGroup();
     db.users().insertUser(u -> u
       .setName("Old name")
       .setEmail("Old email")
@@ -470,7 +429,7 @@ public class UserRegistrarImplTest {
       .setExistingEmailStrategy(ExistingEmailStrategy.FORBID)
       .build());
 
-    //no new user should be created
+    // no new user should be created
     assertThat(db.countRowsOfTable(db.getSession(), "users")).isEqualTo(1);
     assertThat(db.getDbClient().userDao().selectByUuid(db.getSession(), user.getUuid()))
       .extracting(UserDto::getLogin, UserDto::getName, UserDto::getEmail, UserDto::getExternalId, UserDto::getExternalLogin, UserDto::getExternalIdentityProvider,
@@ -554,7 +513,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_existing_disabled_user() {
-    organizationFlags.setEnabled(true);
     db.users().insertUser(u -> u
       .setLogin(USER_LOGIN)
       .setActive(false)
@@ -583,7 +541,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_existing_user_when_email_already_exists_and_strategy_is_ALLOW() {
-    organizationFlags.setEnabled(true);
     UserDto existingUser = db.users().insertUser(u -> u.setEmail("john@email.com"));
     UserDto currentUser = db.users().insertUser(u -> u.setExternalLogin("johndoo").setExternalIdentityProvider(IDENTITY_PROVIDER.getKey()).setEmail(null));
 
@@ -610,7 +567,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void throw_EmailAlreadyExistException_when_authenticating_existing_user_when_email_already_exists_and_strategy_is_WARN() {
-    organizationFlags.setEnabled(true);
     UserDto existingUser = db.users().insertUser(u -> u.setEmail("john@email.com"));
     UserDto currentUser = db.users().insertUser(u -> u.setEmail(null));
     UserIdentity userIdentity = UserIdentity.builder()
@@ -631,7 +587,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void throw_AuthenticationException_when_authenticating_existing_user_when_email_already_exists_and_strategy_is_FORBID() {
-    organizationFlags.setEnabled(true);
     UserDto existingUser = db.users().insertUser(u -> u.setEmail("john@email.com"));
     UserDto currentUser = db.users().insertUser(u -> u.setEmail(null));
     UserIdentity userIdentity = UserIdentity.builder()
@@ -656,7 +611,6 @@ public class UserRegistrarImplTest {
 
   @Test
   public void does_not_fail_to_authenticate_user_when_email_has_not_changed_and_strategy_is_FORBID() {
-    organizationFlags.setEnabled(true);
     UserDto currentUser = db.users().insertUser(u -> u.setEmail("john@email.com")
       .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey()));
     UserIdentity userIdentity = UserIdentity.builder()
@@ -679,14 +633,13 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_existing_user_and_add_new_groups() {
-    organizationFlags.setEnabled(true);
     UserDto user = db.users().insertUser(newUserDto()
       .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())
       .setExternalLogin(USER_IDENTITY.getProviderLogin())
       .setActive(true)
       .setName("John"));
-    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
-    GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization(), "group2");
+    GroupDto group1 = db.users().insertGroup("group1");
+    GroupDto group2 = db.users().insertGroup("group2");
 
     authenticate(USER_IDENTITY.getProviderLogin(), "group1", "group2", "group3");
 
@@ -695,14 +648,13 @@ public class UserRegistrarImplTest {
 
   @Test
   public void authenticate_existing_user_and_remove_groups() {
-    organizationFlags.setEnabled(true);
     UserDto user = db.users().insertUser(newUserDto()
       .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())
       .setExternalLogin(USER_IDENTITY.getProviderLogin())
       .setActive(true)
       .setName("John"));
-    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
-    GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization(), "group2");
+    GroupDto group1 = db.users().insertGroup("group1");
+    GroupDto group2 = db.users().insertGroup("group2");
     db.users().insertMember(group1, user);
     db.users().insertMember(group2, user);
 
@@ -712,15 +664,12 @@ public class UserRegistrarImplTest {
   }
 
   @Test
-  public void authenticate_existing_user_and_remove_all_groups_expect_default_when_organizations_are_disabled() {
-    organizationFlags.setEnabled(false);
+  public void authenticate_existing_user_and_remove_all_groups_expect_default() {
     UserDto user = db.users().insertUser(newUserDto()
       .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())
-      .setExternalLogin(USER_IDENTITY.getProviderLogin())
-    );
-    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
-    GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization(), "group2");
-    GroupDto defaultGroup = insertDefaultGroup();
+      .setExternalLogin(USER_IDENTITY.getProviderLogin()));
+    GroupDto group1 = db.users().insertGroup("group1");
+    GroupDto group2 = db.users().insertGroup("group2");
     db.users().insertMember(group1, user);
     db.users().insertMember(group2, user);
     db.users().insertMember(defaultGroup, user);
@@ -730,51 +679,6 @@ public class UserRegistrarImplTest {
     checkGroupMembership(user, defaultGroup);
   }
 
-  @Test
-  public void does_not_force_default_group_when_authenticating_existing_user_when_organizations_are_enabled() {
-    organizationFlags.setEnabled(true);
-    UserDto user = db.users().insertUser(newUserDto()
-      .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())
-      .setExternalLogin(USER_IDENTITY.getProviderLogin())
-    );
-    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group1");
-    GroupDto defaultGroup = insertDefaultGroup();
-    db.users().insertMember(group1, user);
-    db.users().insertMember(defaultGroup, user);
-
-    authenticate(user.getExternalLogin(), "group1");
-
-    checkGroupMembership(user, group1);
-  }
-
-  @Test
-  public void ignore_groups_on_non_default_organizations() {
-    organizationFlags.setEnabled(true);
-    OrganizationDto org = db.organizations().insert();
-    UserDto user = db.users().insertUser(newUserDto()
-      .setExternalIdentityProvider(IDENTITY_PROVIDER.getKey())
-      .setExternalLogin(USER_IDENTITY.getProviderLogin())
-      .setActive(true)
-      .setName("John"));
-    String groupName = "a-group";
-    GroupDto groupInDefaultOrg = db.users().insertGroup(db.getDefaultOrganization(), groupName);
-    GroupDto groupInOrg = db.users().insertGroup(org, groupName);
-
-    // adding a group with the same name than in non-default organization
-    underTest.register(UserRegistration.builder()
-      .setUserIdentity(UserIdentity.builder()
-        .setProviderLogin("johndoo")
-        .setName(user.getName())
-        .setGroups(newHashSet(groupName))
-        .build())
-      .setProvider(IDENTITY_PROVIDER)
-      .setSource(Source.local(BASIC))
-      .setExistingEmailStrategy(ExistingEmailStrategy.FORBID)
-      .build());
-
-    checkGroupMembership(user, groupInDefaultOrg);
-  }
-
   private UserDto authenticate(String providerLogin, String... groups) {
     return underTest.register(UserRegistration.builder()
       .setUserIdentity(UserIdentity.builder()
@@ -790,11 +694,11 @@ public class UserRegistrarImplTest {
   }
 
   private void checkGroupMembership(UserDto user, GroupDto... expectedGroups) {
-    assertThat(db.users().selectGroupUuidsOfUser(user)).containsOnly(stream(expectedGroups).map(GroupDto::getUuid).collect(Collectors.toList()).toArray(new String[]{}));
+    assertThat(db.users().selectGroupUuidsOfUser(user)).containsOnly(stream(expectedGroups).map(GroupDto::getUuid).collect(Collectors.toList()).toArray(new String[] {}));
   }
 
   private GroupDto insertDefaultGroup() {
-    return db.users().insertDefaultGroup(db.getDefaultOrganization(), "sonar-users");
+    return db.users().insertDefaultGroup("sonar-users");
   }
 
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/organization/MemberUpdaterTest.java

@@ -1,494 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2020 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.organization;
-
-import com.google.common.collect.ImmutableSet;
-import java.util.HashSet;
-import javax.annotation.Nullable;
-import org.assertj.core.groups.Tuple;
-import org.elasticsearch.action.search.SearchRequestBuilder;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.utils.System2;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbTester;
-import org.sonar.db.alm.AlmAppInstallDto;
-import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
-import org.sonar.db.permission.OrganizationPermission;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.permission.template.PermissionTemplateUserDto;
-import org.sonar.db.property.PropertyDto;
-import org.sonar.db.property.PropertyQuery;
-import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDto;
-import org.sonar.server.es.EsTester;
-import org.sonar.server.es.SearchOptions;
-import org.sonar.server.user.index.UserDoc;
-import org.sonar.server.user.index.UserIndex;
-import org.sonar.server.user.index.UserIndexDefinition;
-import org.sonar.server.user.index.UserIndexer;
-import org.sonar.server.user.index.UserQuery;
-import org.sonar.server.usergroups.DefaultGroupFinder;
-
-import static java.lang.String.format;
-import static java.util.Arrays.asList;
-import static java.util.Collections.singletonList;
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.tuple;
-import static org.elasticsearch.index.query.QueryBuilders.boolQuery;
-import static org.elasticsearch.index.query.QueryBuilders.termQuery;
-import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE;
-import static org.sonar.api.web.UserRole.CODEVIEWER;
-import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.db.alm.ALM.GITHUB;
-import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
-import static org.sonar.db.permission.OrganizationPermission.SCAN;
-import static org.sonar.server.user.index.UserIndexDefinition.FIELD_ORGANIZATION_UUIDS;
-import static org.sonar.server.user.index.UserIndexDefinition.FIELD_UUID;
-
-public class MemberUpdaterTest {
-  @Rule
-  public ExpectedException expectedException = ExpectedException.none();
-  @Rule
-  public EsTester es = EsTester.create();
-  @Rule
-  public DbTester db = DbTester.create();
-
-  private DbClient dbClient = db.getDbClient();
-  private UserIndex userIndex = new UserIndex(es.client(), System2.INSTANCE);
-  private UserIndexer userIndexer = new UserIndexer(dbClient, es.client());
-
-  private MemberUpdater underTest = new MemberUpdater(dbClient, new DefaultGroupFinder(dbClient), userIndexer);
-
-  @Test
-  public void add_member_in_db_and_user_index() {
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-
-    underTest.addMember(db.getSession(), organization, user);
-
-    db.organizations().assertUserIsMemberOfOrganization(organization, user);
-    assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs())
-      .extracting(UserDoc::login, UserDoc::organizationUuids)
-      .containsExactlyInAnyOrder(tuple(user.getLogin(), singletonList(organization.getUuid())));
-  }
-
-  @Test
-  public void does_not_fail_to_add_member_if_user_already_added_in_organization() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    db.organizations().addMember(organization, user);
-    db.users().insertMember(defaultGroup, user);
-    db.organizations().assertUserIsMemberOfOrganization(organization, user);
-
-    underTest.addMember(db.getSession(), organization, user);
-
-    db.organizations().assertUserIsMemberOfOrganization(organization, user);
-  }
-
-  @Test
-  public void add_member_fails_when_organization_has_no_default_group() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user = db.users().insertUser();
-
-    expectedException.expect(IllegalStateException.class);
-    expectedException.expectMessage(format("Default group cannot be found on organization '%s'", organization.getUuid()));
-
-    underTest.addMember(db.getSession(), organization, user);
-  }
-
-  @Test
-  public void add_members_in_db_and_user_index() {
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    UserDto user1 = db.users().insertUser();
-    UserDto user2 = db.users().insertUser();
-    UserDto disableUser = db.users().insertDisabledUser();
-
-    underTest.addMembers(db.getSession(), organization, asList(user1, user2, disableUser));
-
-    db.organizations().assertUserIsMemberOfOrganization(organization, user1);
-    db.organizations().assertUserIsMemberOfOrganization(organization, user2);
-    assertUserIsNotMember(organization, disableUser);
-    assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs())
-      .extracting(UserDoc::login, UserDoc::organizationUuids)
-      .containsExactlyInAnyOrder(
-        tuple(user1.getLogin(), singletonList(organization.getUuid())),
-        tuple(user2.getLogin(), singletonList(organization.getUuid())));
-  }
-
-  @Test
-  public void add_members_does_not_fail_when_one_user_is_already_member_of_organization() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto userAlreadyMember = db.users().insertUser();
-    db.organizations().addMember(organization, userAlreadyMember);
-    db.users().insertMember(defaultGroup, userAlreadyMember);
-    UserDto userNotMember = db.users().insertUser();
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    underTest.addMembers(db.getSession(), organization, asList(userAlreadyMember, userNotMember));
-
-    db.organizations().assertUserIsMemberOfOrganization(organization, userAlreadyMember);
-    db.organizations().assertUserIsMemberOfOrganization(organization, userNotMember);
-    assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs())
-      .extracting(UserDoc::login, UserDoc::organizationUuids)
-      .containsExactlyInAnyOrder(
-        tuple(userAlreadyMember.getLogin(), singletonList(organization.getUuid())),
-        tuple(userNotMember.getLogin(), singletonList(organization.getUuid())));
-  }
-
-  @Test
-  public void remove_member_from_db_and_user_index() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user, adminUser);
-    db.users().insertMember(defaultGroup, user);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    underTest.removeMember(db.getSession(), organization, user);
-
-    assertUserIsNotMember(organization, user);
-  }
-
-  @Test
-  public void remove_members_from_db_and_user_index() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user1 = db.users().insertUser();
-    UserDto user2 = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user1, user2, adminUser);
-    db.users().insertMember(defaultGroup, user1);
-    db.users().insertMember(defaultGroup, user2);
-    db.users().insertMember(defaultGroup, adminUser);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    underTest.removeMembers(db.getSession(), organization, asList(user1, user2));
-
-    assertUserIsNotMember(organization, user1);
-    assertUserIsNotMember(organization, user2);
-    db.organizations().assertUserIsMemberOfOrganization(organization, adminUser);
-  }
-
-  @Test
-  public void remove_member_removes_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user, adminUser);
-    db.users().insertMember(defaultGroup, user);
-    UserDto anotherUser = db.users().insertUser();
-    OrganizationDto anotherOrganization = db.organizations().insert();
-    ComponentDto anotherProject = db.components().insertPrivateProject(anotherOrganization);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    db.users().insertPermissionOnUser(organization, user, ADMINISTER);
-    db.users().insertPermissionOnUser(organization, user, SCAN);
-    db.users().insertPermissionOnUser(anotherOrganization, user, ADMINISTER);
-    db.users().insertPermissionOnUser(anotherOrganization, user, SCAN);
-    db.users().insertPermissionOnUser(organization, anotherUser, ADMINISTER);
-    db.users().insertPermissionOnUser(organization, anotherUser, SCAN);
-    db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project);
-    db.users().insertProjectPermissionOnUser(user, USER, project);
-    db.users().insertProjectPermissionOnUser(user, CODEVIEWER, anotherProject);
-    db.users().insertProjectPermissionOnUser(user, USER, anotherProject);
-    db.users().insertProjectPermissionOnUser(anotherUser, CODEVIEWER, project);
-    db.users().insertProjectPermissionOnUser(anotherUser, USER, project);
-
-    underTest.removeMember(db.getSession(), organization, user);
-
-    assertUserIsNotMember(organization, user);
-    assertOrgPermissionsOfUser(user, organization);
-    assertOrgPermissionsOfUser(user, anotherOrganization, ADMINISTER, SCAN);
-    assertOrgPermissionsOfUser(anotherUser, organization, ADMINISTER, SCAN);
-    assertProjectPermissionsOfUser(user, project);
-    assertProjectPermissionsOfUser(user, anotherProject, CODEVIEWER, USER);
-    assertProjectPermissionsOfUser(anotherUser, project, CODEVIEWER, USER);
-  }
-
-  @Test
-  public void remove_member_removes_template_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user, adminUser);
-    db.users().insertMember(defaultGroup, user);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    OrganizationDto anotherOrganization = db.organizations().insert();
-    UserDto anotherUser = db.users().insertUser();
-    PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);
-    PermissionTemplateDto anotherTemplate = db.permissionTemplates().insertTemplate(anotherOrganization);
-    String permission = "browse";
-    db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), permission);
-    db.permissionTemplates().addUserToTemplate(template.getUuid(), anotherUser.getUuid(), permission);
-    db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), permission);
-
-    underTest.removeMember(db.getSession(), organization, user);
-
-    assertThat(dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(db.getSession(), template.getUuid())).extracting(PermissionTemplateUserDto::getUserUuid)
-      .containsOnly(anotherUser.getUuid());
-    assertThat(dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(db.getSession(), anotherTemplate.getUuid())).extracting(PermissionTemplateUserDto::getUserUuid)
-      .containsOnly(user.getUuid());
-  }
-
-  @Test
-  public void remove_member_removes_user_from_organization_groups() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user, adminUser);
-    db.users().insertMember(defaultGroup, user);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    OrganizationDto anotherOrganization = db.organizations().insert();
-    UserDto anotherUser = db.users().insertUser();
-    GroupDto group = db.users().insertGroup(organization);
-    GroupDto anotherGroup = db.users().insertGroup(anotherOrganization);
-    db.users().insertMembers(group, user, anotherUser);
-    db.users().insertMembers(anotherGroup, user, anotherUser);
-
-    underTest.removeMember(db.getSession(), organization, user);
-
-    assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(db.getSession(), user.getUuid()))
-      .containsOnly(anotherGroup.getUuid());
-    assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(db.getSession(), anotherUser.getUuid()))
-      .containsOnly(group.getUuid(), anotherGroup.getUuid());
-  }
-
-  @Test
-  public void remove_member_removes_user_from_default_organization_group() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user, adminUser);
-    db.users().insertMember(defaultGroup, user);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    underTest.removeMember(db.getSession(), organization, user);
-
-    assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(db.getSession(), user.getUuid())).isEmpty();
-  }
-
-  @Test
-  public void remove_member_removes_user_from_org_properties() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user, adminUser);
-    db.users().insertMember(defaultGroup, user);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    OrganizationDto anotherOrganization = db.organizations().insert();
-    ComponentDto anotherProject = db.components().insertPrivateProject(anotherOrganization);
-    UserDto anotherUser = db.users().insertUser();
-    insertProperty("KEY_11", "VALUE", project.uuid(), user.getUuid());
-    insertProperty("KEY_12", "VALUE", project.uuid(), user.getUuid());
-    insertProperty("KEY_11", "VALUE", project.uuid(), anotherUser.getUuid());
-    insertProperty("KEY_11", "VALUE", anotherProject.uuid(), user.getUuid());
-
-    underTest.removeMember(db.getSession(), organization, user);
-
-    assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(project.uuid()).build(), db.getSession()))
-      .hasSize(1).extracting(PropertyDto::getUserUuid).containsOnly(anotherUser.getUuid());
-    assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(anotherProject.uuid()).build(), db.getSession()))
-      .extracting(PropertyDto::getUserUuid)
-      .hasSize(1).containsOnly(user.getUuid());
-  }
-
-  @Test
-  public void remove_member_removes_user_from_default_assignee_properties() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization);
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    UserDto user = db.users().insertUser();
-    UserDto adminUser = db.users().insertAdminByUserPermission(organization);
-    db.organizations().addMember(organization, user, adminUser);
-    db.users().insertMember(defaultGroup, user);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    OrganizationDto anotherOrganization = db.organizations().insert();
-    ComponentDto anotherProject = db.components().insertPrivateProject(anotherOrganization);
-    UserDto anotherUser = db.users().insertUser();
-    insertProperty(DEFAULT_ISSUE_ASSIGNEE, user.getLogin(), project.uuid(), null);
-    insertProperty("ANOTHER_KEY", user.getLogin(), project.uuid(), null);
-    insertProperty(DEFAULT_ISSUE_ASSIGNEE, anotherUser.getLogin(), project.uuid(), null);
-    insertProperty(DEFAULT_ISSUE_ASSIGNEE, user.getLogin(), anotherProject.uuid(), null);
-
-    underTest.removeMember(db.getSession(), organization, user);
-
-    assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(project.uuid()).build(), db.getSession()))
-      .hasSize(2).extracting(PropertyDto::getKey, PropertyDto::getValue)
-      .containsOnly(Tuple.tuple("ANOTHER_KEY", user.getLogin()), Tuple.tuple(DEFAULT_ISSUE_ASSIGNEE, anotherUser.getLogin()));
-    assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(anotherProject.uuid()).build(), db.getSession())).extracting(PropertyDto::getValue)
-      .hasSize(1).containsOnly(user.getLogin());
-  }
-
-  @Test
-  public void fail_to_remove_members_when_no_more_admin() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    GroupDto adminGroup = db.users().insertGroup(organization);
-    db.users().insertPermissionOnGroup(adminGroup, ADMINISTER);
-    UserDto user1 = db.users().insertUser();
-    UserDto admin1 = db.users().insertAdminByUserPermission(organization);
-    UserDto admin2 = db.users().insertUser();
-    db.organizations().addMember(organization, user1, admin1, admin2);
-    db.users().insertMember(defaultGroup, user1);
-    db.users().insertMember(defaultGroup, admin1);
-    db.users().insertMember(defaultGroup, admin2);
-    db.users().insertMember(adminGroup, admin2);
-    userIndexer.indexOnStartup(new HashSet<>());
-
-    expectedException.expect(IllegalArgumentException.class);
-    expectedException.expectMessage("The last administrator member cannot be removed");
-
-    underTest.removeMembers(db.getSession(), organization, asList(admin1, admin2));
-  }
-
-  @Test
-  public void synchronize_user_organization_membership() {
-    OrganizationDto organization1 = db.organizations().insert();
-    GroupDto org1defaultGroup = db.users().insertDefaultGroup(organization1, "Members");
-    AlmAppInstallDto gitHubInstall1 = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization1, gitHubInstall1, true);
-    OrganizationDto organization2 = db.organizations().insert();
-    db.users().insertDefaultGroup(organization2, "Members");
-    AlmAppInstallDto gitHubInstall2 = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization2, gitHubInstall2, true);
-    OrganizationDto organization3 = db.organizations().insert();
-    GroupDto org3defaultGroup = db.users().insertDefaultGroup(organization3, "Members");
-    AlmAppInstallDto gitHubInstall3 = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization3, gitHubInstall3, true);
-    // User is member of organization1 and organization3, but organization3 membership will be removed and organization2 membership will be
-    // added
-    UserDto user = db.users().insertUser();
-    db.organizations().addMember(organization1, user);
-    db.users().insertMember(org1defaultGroup, user);
-    db.organizations().addMember(organization3, user);
-    db.users().insertMember(org3defaultGroup, user);
-
-    underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of(gitHubInstall1.getOrganizationAlmId(), gitHubInstall2.getOrganizationAlmId()));
-
-    db.organizations().assertUserIsMemberOfOrganization(organization1, user);
-    db.organizations().assertUserIsMemberOfOrganization(organization2, user);
-    assertUserIsNotMember(organization3, user);
-  }
-
-  @Test
-  public void synchronize_user_organization_membership_does_not_update_es_index() {
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);
-    UserDto user = db.users().insertUser();
-
-    underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of(gitHubInstall.getOrganizationAlmId()));
-
-    assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs()).isEmpty();
-  }
-
-  @Test
-  public void synchronize_user_organization_membership_ignores_organization_alm_ids_match_no_existing_organizations() {
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);
-    UserDto user = db.users().insertUser();
-
-    underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of("unknown"));
-
-    // User is member of no organization
-    assertThat(db.getDbClient().organizationMemberDao().selectOrganizationUuidsByUser(db.getSession(), user.getUuid())).isEmpty();
-  }
-
-  @Test
-  public void synchronize_user_organization_membership_ignores_organization_with_member_sync_disabled() {
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, false);
-    UserDto user = db.users().insertUser();
-
-    underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of(gitHubInstall.getOrganizationAlmId()));
-
-    db.organizations().assertUserIsNotMemberOfOrganization(organization, user);
-  }
-
-  @Test
-  public void synchronize_user_organization_membership_does_not_remove_existing_membership_on_organization_with_member_sync_disabled() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto org1defaultGroup = db.users().insertDefaultGroup(organization, "Members");
-    AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));
-    db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, false);
-    UserDto user = db.users().insertUser();
-    db.users().insertMember(org1defaultGroup, user);
-    db.organizations().addMember(organization, user);
-    // User is member of a organization on which member sync is disabled
-    db.organizations().assertUserIsMemberOfOrganization(organization, user);
-
-    // The organization is not in the list, but membership should not be removed
-    underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of("other"));
-
-    db.organizations().assertUserIsMemberOfOrganization(organization, user);
-  }
-
-  private void assertUserIsNotMember(OrganizationDto organization, UserDto user) {
-    db.organizations().assertUserIsNotMemberOfOrganization(organization, user);
-    SearchRequestBuilder request = es.client().prepareSearch(UserIndexDefinition.TYPE_USER)
-      .setQuery(boolQuery()
-        .must(termQuery(FIELD_ORGANIZATION_UUIDS, organization.getUuid()))
-        .must(termQuery(FIELD_UUID, user.getUuid())));
-    assertThat(request.get().getHits().getHits()).isEmpty();
-  }
-
-  private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) {
-    assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(db.getSession(), user.getUuid(), organization.getUuid()).stream()
-      .map(OrganizationPermission::fromKey))
-        .containsOnly(permissions);
-  }
-
-  private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {
-    assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(db.getSession(), user.getUuid(), project.uuid())).containsOnly(permissions);
-  }
-
-  private void insertProperty(String key, @Nullable String value, @Nullable String componentUuid, @Nullable String userUuid) {
-    PropertyDto dto = new PropertyDto().setKey(key)
-      .setComponentUuid(componentUuid)
-      .setUserUuid(userUuid)
-      .setValue(value);
-    db.properties().insertProperty(dto);
-  }
-
-}

server/sonar-webserver-auth/src/test/java/org/sonar/server/organization/OrganisationSupportTest.java

@@ -1,219 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2020 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.organization;
-
-import java.util.ArrayList;
-import java.util.List;
-import java.util.Optional;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.mockito.ArgumentCaptor;
-import org.sonar.api.rule.RuleStatus;
-import org.sonar.core.util.SequenceUuidFactory;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
-import org.sonar.db.permission.GroupPermissionDto;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.permission.template.PermissionTemplateGroupDto;
-import org.sonar.db.rule.RuleDefinitionDto;
-import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDto;
-import org.sonar.server.es.EsTester;
-import org.sonar.server.rule.index.RuleIndexer;
-import org.sonar.server.usergroups.DefaultGroupCreatorImpl;
-import org.sonar.server.usergroups.DefaultGroupFinder;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.assertj.core.api.Assertions.tuple;
-import static org.mockito.ArgumentMatchers.any;
-import static org.mockito.Mockito.spy;
-import static org.mockito.Mockito.verify;
-
-public class OrganisationSupportTest {
-
-  @Rule
-  public ExpectedException expectedException = ExpectedException.none();
-  @Rule
-  public DbTester dbTester = DbTester.create();
-  @Rule
-  public EsTester es = EsTester.create();
-
-  private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(dbTester);
-  private OrganizationFlags organizationFlags = new OrganizationFlagsImpl(dbTester.getDbClient());
-  private RuleIndexer ruleIndexer = spy(new RuleIndexer(es.client(), dbTester.getDbClient()));
-  private OrganisationSupport underTest = new OrganisationSupport(dbTester.getDbClient(), defaultOrganizationProvider, organizationFlags,
-    new DefaultGroupCreatorImpl(dbTester.getDbClient(), new SequenceUuidFactory()), new DefaultGroupFinder(dbTester.getDbClient()), ruleIndexer, new SequenceUuidFactory());
-
-  @Test
-  public void enabling_support_saves_internal_property_and_flags_caller_as_root() {
-    UserDto user = dbTester.users().insertUser();
-    UserDto otherUser = dbTester.users().insertUser();
-    dbTester.users().insertDefaultGroup(dbTester.getDefaultOrganization(), "sonar-users");
-    verifyFeatureEnabled(false);
-    verifyRoot(user, false);
-    verifyRoot(otherUser, false);
-
-    call(user.getLogin());
-
-    verifyFeatureEnabled(true);
-    verifyRoot(user, true);
-    verifyRoot(otherUser, false);
-  }
-
-  @Test
-  public void enabling_support_creates_default_members_group_and_associate_org_members() {
-    OrganizationDto defaultOrganization = dbTester.getDefaultOrganization();
-    OrganizationDto anotherOrganization = dbTester.organizations().insert();
-    UserDto user1 = dbTester.users().insertUser();
-    UserDto user2 = dbTester.users().insertUser();
-    UserDto userInAnotherOrganization = dbTester.users().insertUser();
-    dbTester.organizations().addMember(defaultOrganization, user1);
-    dbTester.organizations().addMember(defaultOrganization, user2);
-    dbTester.organizations().addMember(anotherOrganization, userInAnotherOrganization);
-    dbTester.users().insertDefaultGroup(dbTester.getDefaultOrganization(), "sonar-users");
-
-    call(user1.getLogin());
-
-    Optional<String> defaultGroupUuid = dbTester.getDbClient().organizationDao().getDefaultGroupUuid(dbTester.getSession(), defaultOrganization.getUuid());
-    assertThat(defaultGroupUuid).isPresent();
-    GroupDto membersGroup = dbTester.getDbClient().groupDao().selectByUuid(dbTester.getSession(), defaultGroupUuid.get());
-    assertThat(membersGroup).isNotNull();
-    assertThat(membersGroup.getName()).isEqualTo("Members");
-    assertThat(dbTester.getDbClient().groupMembershipDao().selectGroupUuidsByUserUuid(dbTester.getSession(), user1.getUuid())).containsOnly(defaultGroupUuid.get());
-    assertThat(dbTester.getDbClient().groupMembershipDao().selectGroupUuidsByUserUuid(dbTester.getSession(), user2.getUuid())).containsOnly(defaultGroupUuid.get());
-    assertThat(dbTester.getDbClient().groupMembershipDao().selectGroupUuidsByUserUuid(dbTester.getSession(), userInAnotherOrganization.getUuid())).isEmpty();
-  }
-
-  @Test
-  public void enabling_support_copy_sonar_users_permissions_to_members_group() {
-    OrganizationDto defaultOrganization = dbTester.getDefaultOrganization();
-    UserDto user = dbTester.users().insertUser();
-    GroupDto sonarUsersGroup = dbTester.users().insertDefaultGroup(defaultOrganization, "sonar-users");
-    ComponentDto project = dbTester.components().insertPrivateProject(defaultOrganization);
-    dbTester.users().insertPermissionOnGroup(sonarUsersGroup, "user");
-    dbTester.users().insertProjectPermissionOnGroup(sonarUsersGroup, "codeviewer", project);
-    // Should be ignored
-    GroupDto anotherGroup = dbTester.users().insertGroup();
-    dbTester.users().insertPermissionOnGroup(anotherGroup, "admin");
-
-    call(user.getLogin());
-
-    String defaultGroupUuid = dbTester.getDbClient().organizationDao().getDefaultGroupUuid(dbTester.getSession(), defaultOrganization.getUuid()).get();
-    assertThat(defaultGroupUuid).isNotEqualTo(sonarUsersGroup.getUuid());
-    List<GroupPermissionDto> result = new ArrayList<>();
-    dbTester.getDbClient().groupPermissionDao().selectAllPermissionsByGroupUuid(dbTester.getSession(), defaultOrganization.getUuid(), defaultGroupUuid,
-      context -> result.add((GroupPermissionDto) context.getResultObject()));
-    assertThat(result).extracting(GroupPermissionDto::getComponentUuid, GroupPermissionDto::getRole).containsOnly(
-      tuple(null, "user"), tuple(project.uuid(), "codeviewer"));
-  }
-
-  @Test
-  public void enabling_support_copy_sonar_users_permission_templates_to_members_group() {
-    OrganizationDto defaultOrganization = dbTester.getDefaultOrganization();
-    UserDto user = dbTester.users().insertUser();
-    GroupDto sonarUsersGroup = dbTester.users().insertDefaultGroup(defaultOrganization, "sonar-users");
-    PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate(dbTester.getDefaultOrganization());
-    dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, sonarUsersGroup, "user");
-    dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, sonarUsersGroup, "admin");
-    // Should be ignored
-    GroupDto otherGroup = dbTester.users().insertGroup();
-    dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, otherGroup, "user");
-
-    call(user.getLogin());
-
-    String defaultGroupUuid = dbTester.getDbClient().organizationDao().getDefaultGroupUuid(dbTester.getSession(), defaultOrganization.getUuid()).get();
-    assertThat(dbTester.getDbClient().permissionTemplateDao().selectAllGroupPermissionTemplatesByGroupUuid(dbTester.getSession(), defaultGroupUuid))
-      .extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getPermission)
-      .containsOnly(tuple(defaultGroupUuid, "user"), tuple(defaultGroupUuid, "admin"));
-  }
-
-  @Test
-  public void enabling_organizations_should_remove_template_rule_and_custom_rule() {
-    RuleDefinitionDto normal = dbTester.rules().insert();
-    RuleDefinitionDto template = dbTester.rules().insert(r -> r.setIsTemplate(true));
-    RuleDefinitionDto custom = dbTester.rules().insert(r -> r.setTemplateUuid(template.getUuid()));
-
-    UserDto user = dbTester.users().insertUser();
-    dbTester.users().insertDefaultGroup(dbTester.getDefaultOrganization(), "sonar-users");
-
-    assertThat(dbTester.getDbClient().ruleDao().selectAllDefinitions(dbTester.getSession()))
-      .extracting(RuleDefinitionDto::getKey, RuleDefinitionDto::getStatus)
-      .containsExactlyInAnyOrder(
-        tuple(normal.getKey(), RuleStatus.READY),
-        tuple(template.getKey(), RuleStatus.READY),
-        tuple(custom.getKey(), RuleStatus.READY));
-
-    call(user.getLogin());
-
-    assertThat(dbTester.getDbClient().ruleDao().selectAllDefinitions(dbTester.getSession()))
-      .extracting(RuleDefinitionDto::getKey, RuleDefinitionDto::getStatus)
-      .containsExactlyInAnyOrder(
-        tuple(normal.getKey(), RuleStatus.READY),
-        tuple(template.getKey(), RuleStatus.REMOVED),
-        tuple(custom.getKey(), RuleStatus.REMOVED));
-
-    @SuppressWarnings("unchecked")
-    Class<ArrayList<String>> listClass = (Class<ArrayList<String>>) (Class) ArrayList.class;
-    ArgumentCaptor<ArrayList<String>> indexedRuleKeys = ArgumentCaptor.forClass(listClass);
-    verify(ruleIndexer).commitAndIndex(any(), indexedRuleKeys.capture());
-    assertThat(indexedRuleKeys.getValue()).containsExactlyInAnyOrder(template.getUuid(), custom.getUuid());
-  }
-
-  @Test
-  public void throw_IAE_when_members_group_already_exists() {
-    UserDto user = dbTester.users().insertUser();
-    dbTester.users().insertDefaultGroup(dbTester.getDefaultOrganization(), "sonar-users");
-    dbTester.users().insertGroup(dbTester.getDefaultOrganization(), "Members");
-
-    expectedException.expect(IllegalArgumentException.class);
-    expectedException.expectMessage("The group 'Members' already exist");
-
-    call(user.getLogin());
-  }
-
-  @Test
-  public void do_nothing_if_support_is_already_enabled() {
-    dbTester.users().insertDefaultGroup(dbTester.getDefaultOrganization(), "sonar-users");
-
-    call("foo");
-    verifyFeatureEnabled(true);
-
-    // the test could be improved to verify that
-    // the caller user is not flagged as root
-    // if he was not already root
-    call("foo");
-    verifyFeatureEnabled(true);
-  }
-
-  private void call(String login) {
-    underTest.enable(login);
-  }
-
-  private void verifyFeatureEnabled(boolean enabled) {
-    assertThat(organizationFlags.isEnabled(dbTester.getSession())).isEqualTo(enabled);
-  }
-
-  private void verifyRoot(UserDto user, boolean root) {
-    dbTester.rootFlag().verify(user.getLogin(), root);
-  }
-
-}

server/sonar-webserver-auth/src/test/java/org/sonar/server/organization/OrganizationUpdaterImplTest.java

@@ -104,7 +104,7 @@ public class OrganizationUpdaterImplTest {
   private OrganizationValidation organizationValidation = mock(OrganizationValidation.class);
   private UserIndexer userIndexer = new UserIndexer(dbClient, es.client());
   private UserIndex userIndex = new UserIndex(es.client(), system2);
-  private DefaultGroupCreator defaultGroupCreator = new DefaultGroupCreatorImpl(dbClient, uuidFactory);
+  private DefaultGroupCreator defaultGroupCreator = new DefaultGroupCreatorImpl(dbClient, uuidFactory, TestDefaultOrganizationProvider.from(db));
 
   private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
   private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
@@ -132,17 +132,6 @@ public class OrganizationUpdaterImplTest {
     assertThat(organization.getUpdatedAt()).isEqualTo(A_DATE);
   }
 
-  @Test
-  public void create_creates_owners_group_with_all_permissions_for_new_organization_and_add_current_user_to_it() throws OrganizationUpdater.KeyConflictException {
-    UserDto user = db.users().insertUser();
-    builtInQProfileRepositoryRule.initialize();
-    db.qualityGates().insertBuiltInQualityGate();
-
-    underTest.create(dbSession, user, FULL_POPULATED_NEW_ORGANIZATION, EMPTY_ORGANIZATION_CONSUMER);
-
-    verifyGroupOwners(user, FULL_POPULATED_NEW_ORGANIZATION.getKey(), FULL_POPULATED_NEW_ORGANIZATION.getName());
-  }
-
   @Test
   public void create_creates_members_group_and_add_current_user_to_it() throws OrganizationUpdater.KeyConflictException {
     UserDto user = db.users().insertUser();
@@ -173,34 +162,6 @@ public class OrganizationUpdaterImplTest {
     assertThat(organization.getAvatarUrl()).isNull();
   }
 
-  @Test
-  public void create_creates_default_template_for_new_organization() throws OrganizationUpdater.KeyConflictException {
-    builtInQProfileRepositoryRule.initialize();
-    UserDto user = db.users().insertUser();
-    db.qualityGates().insertBuiltInQualityGate();
-
-    underTest.create(dbSession, user, FULL_POPULATED_NEW_ORGANIZATION, EMPTY_ORGANIZATION_CONSUMER);
-
-    OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, FULL_POPULATED_NEW_ORGANIZATION.getKey()).get();
-    GroupDto ownersGroup = dbClient.groupDao().selectByName(dbSession, organization.getUuid(), "Owners").get();
-    String defaultGroupUuid = dbClient.organizationDao().getDefaultGroupUuid(dbSession, organization.getUuid()).get();
-    PermissionTemplateDto defaultTemplate = dbClient.permissionTemplateDao().selectByName(dbSession, organization.getUuid(), "default template");
-    assertThat(defaultTemplate.getName()).isEqualTo("Default template");
-    assertThat(defaultTemplate.getDescription()).isEqualTo("Default permission template of organization " + FULL_POPULATED_NEW_ORGANIZATION.getName());
-    DefaultTemplates defaultTemplates = dbClient.organizationDao().getDefaultTemplates(dbSession, organization.getUuid()).get();
-    assertThat(defaultTemplates.getProjectUuid()).isEqualTo(defaultTemplate.getUuid());
-    assertThat(defaultTemplates.getApplicationsUuid()).isNull();
-    assertThat(dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateUuid(dbSession, defaultTemplate.getUuid()))
-      .extracting(PermissionTemplateGroupDto::getGroupUuid, PermissionTemplateGroupDto::getPermission)
-      .containsOnly(
-        tuple(ownersGroup.getUuid(), UserRole.ADMIN),
-        tuple(ownersGroup.getUuid(), GlobalPermissions.SCAN_EXECUTION),
-        tuple(defaultGroupUuid, UserRole.USER),
-        tuple(defaultGroupUuid, UserRole.CODEVIEWER),
-        tuple(defaultGroupUuid, UserRole.ISSUE_ADMIN),
-        tuple(defaultGroupUuid, UserRole.SECURITYHOTSPOT_ADMIN));
-  }
-
   @Test
   public void create_add_current_user_as_member_of_organization() throws OrganizationUpdater.KeyConflictException {
     UserDto user = db.users().insertUser();
@@ -371,19 +332,17 @@ public class OrganizationUpdaterImplTest {
     underTest.updateOrganizationKey(dbSession, organization, "new_login");
   }
 
-  private void verifyGroupOwners(UserDto user, String organizationKey, String organizationName) {
-    OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, organizationKey).get();
-    Optional<GroupDto> groupOpt = dbClient.groupDao().selectByName(dbSession, organization.getUuid(), "Owners");
+  private void verifyGroupOwners(UserDto user, String organizationKey) {
+    Optional<GroupDto> groupOpt = dbClient.groupDao().selectByName(dbSession, "Owners");
     assertThat(groupOpt).isPresent();
     GroupDto groupDto = groupOpt.get();
     assertThat(groupDto.getDescription()).isEqualTo("Owners of organization");
 
-    assertThat(dbClient.groupPermissionDao().selectGlobalPermissionsOfGroup(dbSession, groupDto.getOrganizationUuid(), groupDto.getUuid()))
+    assertThat(dbClient.groupPermissionDao().selectGlobalPermissionsOfGroup(dbSession, groupDto.getUuid()))
       .containsOnly(GlobalPermissions.ALL.toArray(new String[GlobalPermissions.ALL.size()]));
     List<UserMembershipDto> members = dbClient.groupMembershipDao().selectMembers(
       dbSession,
       UserMembershipQuery.builder()
-        .organizationUuid(organization.getUuid())
         .groupUuid(groupDto.getUuid())
         .membership(UserMembershipQuery.IN).build(),
       0, Integer.MAX_VALUE);
@@ -394,16 +353,15 @@ public class OrganizationUpdaterImplTest {
 
   private void verifyMembersGroup(UserDto user, String organizationKey) {
     OrganizationDto organization = dbClient.organizationDao().selectByKey(dbSession, organizationKey).get();
-    Optional<GroupDto> groupOpt = dbClient.groupDao().selectByName(dbSession, organization.getUuid(), "Members");
+    Optional<GroupDto> groupOpt = dbClient.groupDao().selectByName(dbSession,"Members");
     assertThat(groupOpt).isPresent();
     GroupDto groupDto = groupOpt.get();
     assertThat(groupDto.getDescription()).isEqualTo("All members of the organization");
 
-    assertThat(dbClient.groupPermissionDao().selectGlobalPermissionsOfGroup(dbSession, groupDto.getOrganizationUuid(), groupDto.getUuid())).isEmpty();
+    assertThat(dbClient.groupPermissionDao().selectGlobalPermissionsOfGroup(dbSession, groupDto.getUuid())).isEmpty();
     List<UserMembershipDto> members = dbClient.groupMembershipDao().selectMembers(
       dbSession,
       UserMembershipQuery.builder()
-        .organizationUuid(organization.getUuid())
         .groupUuid(groupDto.getUuid())
         .membership(UserMembershipQuery.IN).build(),
       0, Integer.MAX_VALUE);

server/sonar-webserver-auth/src/test/java/org/sonar/server/permission/GroupUuidOrAnyoneTest.java

@@ -31,24 +31,12 @@ public class GroupUuidOrAnyoneTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
 
-  @Test
-  public void from_fails_with_NPE_if_GroupDto_organizationUuid_is_null() {
-    GroupDto dto = new GroupDto();
-
-    expectOrganizationUuidNPE();
-
-    GroupUuidOrAnyone.from(dto);
-  }
-
   @Test
   public void for_returns_isAnyone_if_id_is_null() {
-    String organizationUuid = randomAlphabetic(10);
     GroupDto dto = new GroupDto();
-    dto.setOrganizationUuid(organizationUuid);
 
     GroupUuidOrAnyone underTest = GroupUuidOrAnyone.from(dto);
 
-    assertThat(underTest.getOrganizationUuid()).isEqualTo(organizationUuid);
     assertThat(underTest.isAnyone()).isTrue();
     assertThat(underTest.getUuid()).isNull();
   }
@@ -56,38 +44,21 @@ public class GroupUuidOrAnyoneTest {
   @Test
   public void for_returns_isAnyone_false_if_id_is_not_null() {
     String uuid = randomAlphabetic(10);
-    String organizationUuid = randomAlphabetic(10);
     GroupDto dto = new GroupDto();
-    dto.setOrganizationUuid(organizationUuid);
     dto.setUuid(uuid);
 
     GroupUuidOrAnyone underTest = GroupUuidOrAnyone.from(dto);
 
-    assertThat(underTest.getOrganizationUuid()).isEqualTo(organizationUuid);
     assertThat(underTest.isAnyone()).isFalse();
     assertThat(underTest.getUuid()).isEqualTo(uuid);
   }
 
-  @Test
-  public void forAnyone_fails_with_NPE_if_arg_is_null() {
-    expectOrganizationUuidNPE();
-
-    GroupUuidOrAnyone.forAnyone(null);
-  }
-
   @Test
   public void forAnyone_returns_isAnyone_true() {
-    String organizationUuid = randomAlphabetic(12);
-
-    GroupUuidOrAnyone underTest = GroupUuidOrAnyone.forAnyone(organizationUuid);
+    GroupUuidOrAnyone underTest = GroupUuidOrAnyone.forAnyone();
 
     assertThat(underTest.isAnyone()).isTrue();
-    assertThat(underTest.getOrganizationUuid()).isEqualTo(organizationUuid);
     assertThat(underTest.getUuid()).isNull();
   }
 
-  private void expectOrganizationUuidNPE() {
-    expectedException.expect(NullPointerException.class);
-    expectedException.expectMessage("organizationUuid can't be null");
-  }
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/DoPrivilegedTest.java

@@ -26,7 +26,6 @@ import org.sonar.server.tester.MockUserSession;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.fail;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
 
 public class DoPrivilegedTest {
 
@@ -50,7 +49,6 @@ public class DoPrivilegedTest {
     assertThat(catcher.userSession.isLoggedIn()).isFalse();
     assertThat(catcher.userSession.hasComponentPermission("any permission", new ComponentDto())).isTrue();
     assertThat(catcher.userSession.isSystemAdministrator()).isTrue();
-    assertThat(catcher.userSession.hasMembership(newOrganizationDto())).isTrue();
 
     // verify session in place after task is done
     assertThat(threadLocalUserSession.get()).isSameAs(session);
@@ -76,7 +74,6 @@ public class DoPrivilegedTest {
       // verify the session used inside Privileged task
       assertThat(catcher.userSession.isLoggedIn()).isFalse();
       assertThat(catcher.userSession.hasComponentPermission("any permission", new ComponentDto())).isTrue();
-      assertThat(catcher.userSession.hasMembership(newOrganizationDto())).isTrue();
     }
   }
 

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ServerUserSessionTest.java

@@ -29,12 +29,9 @@ import org.sonar.api.web.UserRole;
 import org.sonar.db.DbClient;
 import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.exceptions.ForbiddenException;
-import org.sonar.server.organization.TestDefaultOrganizationProvider;
-import org.sonar.server.organization.TestOrganizationFlags;
 
 import static com.google.common.base.Preconditions.checkState;
 import static java.util.Arrays.asList;
@@ -54,8 +51,6 @@ public class ServerUserSessionTest {
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
   private DbClient dbClient = db.getDbClient();
-  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
-  private TestDefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
 
   @Test
   public void anonymous_is_not_logged_in_and_does_not_have_login() {
@@ -137,8 +132,7 @@ public class ServerUserSessionTest {
   public void hasComponentUuidPermission_returns_true_when_flag_root_is_true_on_UserDto_no_matter_if_user_has_project_permission_for_given_uuid() {
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     ComponentDto file = db.components().insertComponent(newFileDto(project));
 
     UserSession underTest = newUserSession(root);
@@ -153,8 +147,7 @@ public class ServerUserSessionTest {
   public void checkComponentUuidPermission_succeeds_if_user_has_permission_for_specified_uuid_in_db() {
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(organization);
+    ComponentDto project = db.components().insertPrivateProject();
     ComponentDto file = db.components().insertComponent(newFileDto(project));
 
     UserSession underTest = newUserSession(root);
@@ -176,98 +169,88 @@ public class ServerUserSessionTest {
   }
 
   @Test
-  public void checkPermission_throws_ForbiddenException_when_user_doesnt_have_the_specified_permission_on_organization() {
-    OrganizationDto org = db.organizations().insert();
+  public void checkPermission_throws_ForbiddenException_when_user_doesnt_have_the_specified_permission() {
     UserDto user = db.users().insertUser();
 
     expectInsufficientPrivilegesForbiddenException();
 
-    newUserSession(user).checkPermission(PROVISION_PROJECTS, org);
+    newUserSession(user).checkPermission(PROVISION_PROJECTS);
   }
 
   @Test
-  public void checkPermission_succeeds_when_user_has_the_specified_permission_on_organization() {
-    OrganizationDto org = db.organizations().insert();
+  public void checkPermission_succeeds_when_user_has_the_specified_permission() {
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
-    db.users().insertPermissionOnUser(org, root, PROVISIONING);
+    db.users().insertPermissionOnUser(root, PROVISIONING);
 
-    newUserSession(root).checkPermission(PROVISION_PROJECTS, org);
+    newUserSession(root).checkPermission(PROVISION_PROJECTS);
   }
 
   @Test
   public void checkPermission_succeeds_when_user_is_root() {
-    OrganizationDto org = db.organizations().insert();
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
 
-    newUserSession(root).checkPermission(PROVISION_PROJECTS, org);
+    newUserSession(root).checkPermission(PROVISION_PROJECTS);
   }
 
   @Test
-  public void test_hasPermission_on_organization_for_logged_in_user() {
-    OrganizationDto org = db.organizations().insert();
-    ComponentDto project = db.components().insertPrivateProject(org);
+  public void test_hasPermission_for_logged_in_user() {
+    ComponentDto project = db.components().insertPrivateProject();
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(org, user, PROVISION_PROJECTS);
+    db.users().insertPermissionOnUser(user, PROVISION_PROJECTS);
     db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project);
 
     UserSession session = newUserSession(user);
-    assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue();
-    assertThat(session.hasPermission(ADMINISTER, org.getUuid())).isFalse();
-    assertThat(session.hasPermission(PROVISION_PROJECTS, "another-org")).isFalse();
+    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(ADMINISTER)).isFalse();
   }
 
   @Test
-  public void test_hasPermission_on_organization_for_anonymous_user() {
-    OrganizationDto org = db.organizations().insert();
-    db.users().insertPermissionOnAnyone(org, PROVISION_PROJECTS);
+  public void test_hasPermission_for_anonymous_user() {
+    db.users().insertPermissionOnAnyone(PROVISION_PROJECTS);
 
     UserSession session = newAnonymousSession();
-    assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue();
-    assertThat(session.hasPermission(ADMINISTER, org.getUuid())).isFalse();
-    assertThat(session.hasPermission(PROVISION_PROJECTS, "another-org")).isFalse();
+    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(ADMINISTER)).isFalse();
   }
 
   @Test
-  public void hasPermission_on_organization_keeps_cache_of_permissions_of_logged_in_user() {
-    OrganizationDto org = db.organizations().insert();
+  public void hasPermission_keeps_cache_of_permissions_of_logged_in_user() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(org, user, PROVISIONING);
+    db.users().insertPermissionOnUser(user, PROVISIONING);
 
     UserSession session = newUserSession(user);
 
     // feed the cache
-    assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue();
+    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
 
     // change permissions without updating the cache
-    db.users().deletePermissionFromUser(org, user, PROVISION_PROJECTS);
-    db.users().insertPermissionOnUser(org, user, SCAN);
-    assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue();
-    assertThat(session.hasPermission(ADMINISTER, org.getUuid())).isFalse();
-    assertThat(session.hasPermission(SCAN, org.getUuid())).isFalse();
+    db.users().deletePermissionFromUser(user, PROVISION_PROJECTS);
+    db.users().insertPermissionOnUser(user, SCAN);
+    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(ADMINISTER)).isFalse();
+    assertThat(session.hasPermission(SCAN)).isFalse();
   }
 
   @Test
-  public void hasPermission_on_organization_keeps_cache_of_permissions_of_anonymous_user() {
-    OrganizationDto org = db.organizations().insert();
-    db.users().insertPermissionOnAnyone(org, PROVISION_PROJECTS);
+  public void hasPermission_keeps_cache_of_permissions_of_anonymous_user() {
+    db.users().insertPermissionOnAnyone(PROVISION_PROJECTS);
 
     UserSession session = newAnonymousSession();
 
     // feed the cache
-    assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue();
+    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
 
     // change permissions without updating the cache
-    db.users().insertPermissionOnAnyone(org, SCAN);
-    assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue();
-    assertThat(session.hasPermission(SCAN, org.getUuid())).isFalse();
+    db.users().insertPermissionOnAnyone(SCAN);
+    assertThat(session.hasPermission(PROVISION_PROJECTS)).isTrue();
+    assertThat(session.hasPermission(SCAN)).isFalse();
   }
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_true_for_anonymous_user_for_permissions_USER_and_CODEVIEWER_on_public_projects_without_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
 
     ServerUserSession underTest = newAnonymousSession();
 
@@ -277,8 +260,7 @@ public class ServerUserSessionTest {
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_true_for_anonymous_user_for_permissions_USER_and_CODEVIEWER_on_public_projects_with_global_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnAnyone("p1", publicProject);
 
     ServerUserSession underTest = newAnonymousSession();
@@ -289,9 +271,8 @@ public class ServerUserSessionTest {
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_true_for_anonymous_user_for_permissions_USER_and_CODEVIEWER_on_public_projects_with_group_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
-    db.users().insertProjectPermissionOnGroup(db.users().insertGroup(organization), "p1", publicProject);
+    ComponentDto publicProject = db.components().insertPublicProject();
+    db.users().insertProjectPermissionOnGroup(db.users().insertGroup(), "p1", publicProject);
 
     ServerUserSession underTest = newAnonymousSession();
 
@@ -301,8 +282,7 @@ public class ServerUserSessionTest {
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_true_for_anonymous_user_for_permissions_USER_and_CODEVIEWER_on_public_projects_with_user_permissions() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnUser(db.users().insertUser(), "p1", publicProject);
 
     ServerUserSession underTest = newAnonymousSession();
@@ -325,9 +305,8 @@ public class ServerUserSessionTest {
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_false_for_authenticated_user_for_permissions_USER_and_CODEVIEWER_on_private_projects_with_group_permissions() {
     UserDto user = db.users().insertUser();
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
-    db.users().insertProjectPermissionOnGroup(db.users().insertGroup(organization), "p1", privateProject);
+    ComponentDto privateProject = db.components().insertPrivateProject();
+    db.users().insertProjectPermissionOnGroup(db.users().insertGroup(), "p1", privateProject);
 
     ServerUserSession underTest = newUserSession(user);
 
@@ -349,8 +328,7 @@ public class ServerUserSessionTest {
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_true_for_anonymous_user_for_inserted_permissions_on_group_AnyOne_on_public_projects() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnAnyone("p1", publicProject);
 
     ServerUserSession underTest = newAnonymousSession();
@@ -360,9 +338,8 @@ public class ServerUserSessionTest {
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_false_for_anonymous_user_for_inserted_permissions_on_group_on_public_projects() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
-    GroupDto group = db.users().insertGroup(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
+    GroupDto group = db.users().insertGroup();
     db.users().insertProjectPermissionOnGroup(group, "p1", publicProject);
 
     ServerUserSession underTest = newAnonymousSession();
@@ -372,9 +349,8 @@ public class ServerUserSessionTest {
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_false_for_anonymous_user_for_inserted_permissions_on_group_on_private_projects() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
-    GroupDto group = db.users().insertGroup(organization);
+    ComponentDto privateProject = db.components().insertPrivateProject();
+    GroupDto group = db.users().insertGroup();
     db.users().insertProjectPermissionOnGroup(group, "p1", privateProject);
 
     ServerUserSession underTest = newAnonymousSession();
@@ -385,8 +361,7 @@ public class ServerUserSessionTest {
   @Test
   public void hasComponentPermissionByDtoOrUuid_returns_false_for_anonymous_user_for_inserted_permissions_on_user_on_public_projects() {
     UserDto user = db.users().insertUser();
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnUser(user, "p1", publicProject);
 
     ServerUserSession underTest = newAnonymousSession();
@@ -409,8 +384,7 @@ public class ServerUserSessionTest {
   public void hasComponentPermissionByDtoOrUuid_returns_true_for_any_project_or_permission_for_root_user() {
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
 
     ServerUserSession underTest = newUserSession(root);
 
@@ -420,8 +394,7 @@ public class ServerUserSessionTest {
   @Test
   public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_logged_in_user() {
     UserDto user = db.users().insertUser();
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, publicProject);
 
     UserSession underTest = newUserSession(user);
@@ -438,8 +411,7 @@ public class ServerUserSessionTest {
 
   @Test
   public void hasComponentPermissionByDtoOrUuid_keeps_cache_of_permissions_of_anonymous_user() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
     db.users().insertProjectPermissionOnAnyone(UserRole.ADMIN, publicProject);
 
     UserSession underTest = newAnonymousSession();
@@ -463,9 +435,8 @@ public class ServerUserSessionTest {
 
   @Test
   public void keepAuthorizedComponents_returns_empty_list_if_no_permissions_are_granted() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
+    ComponentDto privateProject = db.components().insertPrivateProject();
 
     UserSession underTest = newAnonymousSession();
 
@@ -475,9 +446,8 @@ public class ServerUserSessionTest {
   @Test
   public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_logged_in_user() {
     UserDto user = db.users().insertUser();
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
+    ComponentDto privateProject = db.components().insertPrivateProject();
     db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, privateProject);
 
     UserSession underTest = newUserSession(user);
@@ -488,9 +458,8 @@ public class ServerUserSessionTest {
 
   @Test
   public void keepAuthorizedComponents_filters_components_with_granted_permissions_for_anonymous() {
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
+    ComponentDto privateProject = db.components().insertPrivateProject();
     db.users().insertProjectPermissionOnAnyone(UserRole.ISSUE_ADMIN, publicProject);
 
     UserSession underTest = newAnonymousSession();
@@ -503,9 +472,8 @@ public class ServerUserSessionTest {
   public void keepAuthorizedComponents_returns_all_specified_components_if_root() {
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
-    OrganizationDto organization = db.organizations().insert();
-    ComponentDto publicProject = db.components().insertPublicProject(organization);
-    ComponentDto privateProject = db.components().insertPrivateProject(organization);
+    ComponentDto publicProject = db.components().insertPublicProject();
+    ComponentDto privateProject = db.components().insertPrivateProject();
 
     UserSession underTest = newUserSession(root);
 
@@ -528,7 +496,6 @@ public class ServerUserSessionTest {
 
   @Test
   public void isSystemAdministrator_returns_true_if_org_feature_is_enabled_and_user_is_root() {
-    organizationFlags.setEnabled(true);
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
 
@@ -539,19 +506,7 @@ public class ServerUserSessionTest {
 
   @Test
   public void isSystemAdministrator_returns_false_if_org_feature_is_enabled_and_user_is_not_root() {
-    organizationFlags.setEnabled(true);
-    UserDto user = db.users().insertUser();
-
-    UserSession session = newUserSession(user);
-
-    assertThat(session.isSystemAdministrator()).isFalse();
-  }
-
-  @Test
-  public void isSystemAdministrator_returns_false_if_org_feature_is_enabled_and_user_is_administrator_of_default_organization() {
-    organizationFlags.setEnabled(true);
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN);
 
     UserSession session = newUserSession(user);
 
@@ -559,10 +514,9 @@ public class ServerUserSessionTest {
   }
 
   @Test
-  public void isSystemAdministrator_returns_true_if_org_feature_is_disabled_and_user_is_administrator_of_default_organization() {
-    organizationFlags.setEnabled(false);
+  public void isSystemAdministrator_returns_true_if_user_is_administrator() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN);
+    db.users().insertPermissionOnUser(user, SYSTEM_ADMIN);
 
     UserSession session = newUserSession(user);
 
@@ -570,10 +524,9 @@ public class ServerUserSessionTest {
   }
 
   @Test
-  public void isSystemAdministrator_returns_false_if_org_feature_is_disabled_and_user_is_not_administrator_of_default_organization() {
-    organizationFlags.setEnabled(true);
+  public void isSystemAdministrator_returns_false_if_user_is_not_administrator() {
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, PROVISIONING);
+    db.users().insertPermissionOnUser(user, PROVISIONING);
 
     UserSession session = newUserSession(user);
 
@@ -582,9 +535,8 @@ public class ServerUserSessionTest {
 
   @Test
   public void keep_isSystemAdministrator_flag_in_cache() {
-    organizationFlags.setEnabled(false);
     UserDto user = db.users().insertUser();
-    db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN);
+    db.users().insertPermissionOnUser(user, SYSTEM_ADMIN);
 
     UserSession session = newUserSession(user);
 
@@ -599,7 +551,6 @@ public class ServerUserSessionTest {
 
   @Test
   public void checkIsSystemAdministrator_succeeds_if_system_administrator() {
-    organizationFlags.setEnabled(true);
     UserDto root = db.users().insertUser();
     root = db.users().makeRoot(root);
 
@@ -610,7 +561,6 @@ public class ServerUserSessionTest {
 
   @Test
   public void checkIsSystemAdministrator_throws_ForbiddenException_if_not_system_administrator() {
-    organizationFlags.setEnabled(true);
     UserDto user = db.users().insertUser();
 
     UserSession session = newUserSession(user);
@@ -638,64 +588,8 @@ public class ServerUserSessionTest {
     assertThat(hasComponentPermissionByDtoOrUuid(underTest, "p1", fileInBranch)).isTrue();
   }
 
-  @Test
-  public void hasMembership() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto notMember = db.users().insertUser();
-    UserDto member = db.users().insertUser();
-    db.organizations().addMember(organization, member);
-    UserDto root = db.users().makeRoot(db.users().insertUser());
-
-    assertThat(newUserSession(member).hasMembership(organization)).isTrue();
-    assertThat(newUserSession(notMember).hasMembership(organization)).isFalse();
-    assertThat(newUserSession(root).hasMembership(organization)).isTrue();
-  }
-
-  @Test
-  public void hasMembership_keeps_membership_in_cache() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto user = db.users().insertUser();
-    db.organizations().addMember(organization, user);
-
-    ServerUserSession session = newUserSession(user);
-    assertThat(session.hasMembership(organization)).isTrue();
-
-    // membership updated but not cache
-    db.getDbClient().organizationMemberDao().delete(db.getSession(), organization.getUuid(), user.getUuid());
-    db.commit();
-    assertThat(session.hasMembership(organization)).isTrue();
-  }
-
-  @Test
-  public void checkMembership_throws_ForbiddenException_when_user_is_not_member_of_organization() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto notMember = db.users().insertUser();
-
-    expectedException.expect(ForbiddenException.class);
-    expectedException.expectMessage(String.format("You're not member of organization '%s'", organization.getKey()));
-
-    newUserSession(notMember).checkMembership(organization);
-  }
-
-  @Test
-  public void checkMembership_succeeds_when_user_is_member_of_organization() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto member = db.users().insertUser();
-    db.organizations().addMember(organization, member);
-
-    newUserSession(member).checkMembership(organization);
-  }
-
-  @Test
-  public void checkMembership_succeeds_when_user_is_not_member_of_organization_but_root() {
-    OrganizationDto organization = db.organizations().insert();
-    UserDto root = db.users().makeRoot(db.users().insertUser());
-
-    newUserSession(root).checkMembership(organization);
-  }
-
   private ServerUserSession newUserSession(@Nullable UserDto userDto) {
-    return new ServerUserSession(dbClient, organizationFlags, defaultOrganizationProvider, userDto);
+    return new ServerUserSession(dbClient, userDto);
   }
 
   private ServerUserSession newAnonymousSession() {

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/UserUpdaterCreateTest.java

@@ -37,14 +37,12 @@ import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
-import org.sonar.db.user.UserPropertyDto;
 import org.sonar.server.authentication.CredentialsLocalAuthentication;
 import org.sonar.server.authentication.CredentialsLocalAuthentication.HashMethod;
 import org.sonar.server.es.EsTester;
 import org.sonar.server.exceptions.BadRequestException;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
-import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.index.UserIndexDefinition;
 import org.sonar.server.user.index.UserIndexer;
 import org.sonar.server.usergroups.DefaultGroupFinder;
@@ -68,10 +66,8 @@ public class UserUpdaterCreateTest {
 
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
-
   @Rule
   public EsTester es = EsTester.create();
-
   @Rule
   public DbTester db = DbTester.create(system2);
 
@@ -81,12 +77,11 @@ public class UserUpdaterCreateTest {
   private DbSession session = db.getSession();
   private UserIndexer userIndexer = new UserIndexer(dbClient, es.client());
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
-  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
   private MapSettings settings = new MapSettings();
   private CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient());
 
-  private UserUpdater underTest = new UserUpdater(system2, newUserNotifier, dbClient, userIndexer, organizationFlags, defaultOrganizationProvider,
-    new DefaultGroupFinder(dbClient), settings.asConfig(), localAuthentication);
+  private UserUpdater underTest = new UserUpdater(newUserNotifier, dbClient, userIndexer, defaultOrganizationProvider,
+    new DefaultGroupFinder(dbClient, defaultOrganizationProvider), settings.asConfig(), localAuthentication);
 
   @Test
   public void create_user() {
@@ -304,23 +299,6 @@ public class UserUpdaterCreateTest {
     assertThat(dbClient.userDao().selectByLogin(session, "user").isOnboarded()).isFalse();
   }
 
-  @Test
-  public void set_notifications_readDate_setting_when_creating_user_and_organization_enabled() {
-    long now = system2.now();
-    organizationFlags.setEnabled(true);
-    createDefaultGroup();
-
-    UserDto user = underTest.createAndCommit(db.getSession(), NewUser.builder()
-      .setLogin("userLogin")
-      .setName("UserName")
-      .build(), u -> {
-      });
-
-    UserPropertyDto notificationReadDateSetting = dbClient.userPropertiesDao().selectByUser(session, user).get(0);
-    assertThat(notificationReadDateSetting.getKey()).isEqualTo("notifications.readDate");
-    assertThat(Long.parseLong(notificationReadDateSetting.getValue())).isGreaterThanOrEqualTo(now);
-  }
-
   @Test
   public void does_not_set_notifications_readDate_setting_when_creating_user_when_not_on_and_organization_disabled() {
     createDefaultGroup();
@@ -596,23 +574,6 @@ public class UserUpdaterCreateTest {
     assertThat(groups.get("user")).containsOnly(defaultGroup.getName());
   }
 
-  @Test
-  public void does_not_associate_default_group_when_creating_user_and_organizations_are_enabled() {
-    organizationFlags.setEnabled(true);
-    createDefaultGroup();
-
-    underTest.createAndCommit(db.getSession(), NewUser.builder()
-      .setLogin("user")
-      .setName("User")
-      .setEmail("user@mail.com")
-      .setPassword("password")
-      .build(), u -> {
-      });
-
-    Multimap<String, String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(session, asList("user"));
-    assertThat(groups.get("user")).isEmpty();
-  }
-
   @Test
   public void fail_to_associate_default_group_when_default_group_does_not_exist() {
     expectedException.expect(IllegalStateException.class);
@@ -643,23 +604,7 @@ public class UserUpdaterCreateTest {
     assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getUuid())).isPresent();
   }
 
-  @Test
-  public void does_not_add_user_as_member_of_default_organization_when_creating_user_and_organizations_are_enabled() {
-    organizationFlags.setEnabled(true);
-    createDefaultGroup();
-
-    UserDto dto = underTest.createAndCommit(db.getSession(), NewUser.builder()
-      .setLogin("user")
-      .setName("User")
-      .setEmail("user@mail.com")
-      .setPassword("PASSWORD")
-      .build(), u -> {
-      });
-
-    assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getUuid())).isNotPresent();
-  }
-
   private GroupDto createDefaultGroup() {
-    return db.users().insertDefaultGroup(db.getDefaultOrganization());
+    return db.users().insertDefaultGroup();
   }
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/UserUpdaterReactivateTest.java

@@ -32,13 +32,11 @@ import org.sonar.db.DbTester;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.GroupTesting;
 import org.sonar.db.user.UserDto;
-import org.sonar.db.user.UserPropertyDto;
 import org.sonar.server.authentication.CredentialsLocalAuthentication;
 import org.sonar.server.authentication.CredentialsLocalAuthentication.HashMethod;
 import org.sonar.server.es.EsTester;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
-import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.index.UserIndexer;
 import org.sonar.server.usergroups.DefaultGroupFinder;
 
@@ -54,10 +52,8 @@ public class UserUpdaterReactivateTest {
 
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
-
   @Rule
   public EsTester es = EsTester.create();
-
   @Rule
   public DbTester db = DbTester.create(system2);
 
@@ -66,11 +62,11 @@ public class UserUpdaterReactivateTest {
   private DbSession session = db.getSession();
   private UserIndexer userIndexer = new UserIndexer(dbClient, es.client());
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
-  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
   private MapSettings settings = new MapSettings();
   private CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient());
-  private UserUpdater underTest = new UserUpdater(system2, newUserNotifier, dbClient, userIndexer, organizationFlags, defaultOrganizationProvider,
-    new DefaultGroupFinder(dbClient), settings.asConfig(), localAuthentication);
+  private UserUpdater underTest = new UserUpdater(newUserNotifier, dbClient, userIndexer, defaultOrganizationProvider,
+    new DefaultGroupFinder(dbClient, defaultOrganizationProvider),
+    settings.asConfig(), localAuthentication);
 
   @Test
   public void reactivate_user() {
@@ -220,10 +216,9 @@ public class UserUpdaterReactivateTest {
   }
 
   @Test
-  public void associate_default_groups_when_reactivating_user_and_organizations_are_disabled() {
+  public void associate_default_groups_when_reactivating_user() {
     UserDto userDto = db.users().insertDisabledUser();
-    db.organizations().insertForUuid("org1");
-    GroupDto groupDto = db.users().insertGroup(GroupTesting.newGroupDto().setName("sonar-devs").setOrganizationUuid("org1"));
+    GroupDto groupDto = db.users().insertGroup(GroupTesting.newGroupDto().setName("sonar-devs"));
     db.users().insertMember(groupDto, userDto);
     GroupDto defaultGroup = createDefaultGroup();
 
@@ -238,49 +233,6 @@ public class UserUpdaterReactivateTest {
     assertThat(groups.get(userDto.getLogin()).stream().anyMatch(g -> g.equals(defaultGroup.getName()))).isTrue();
   }
 
-  @Test
-  public void does_not_associate_default_groups_when_reactivating_user_and_organizations_are_enabled() {
-    organizationFlags.setEnabled(true);
-    UserDto userDto = db.users().insertDisabledUser();
-    db.organizations().insertForUuid("org1");
-    GroupDto groupDto = db.users().insertGroup(GroupTesting.newGroupDto().setName("sonar-devs").setOrganizationUuid("org1"));
-    db.users().insertMember(groupDto, userDto);
-    GroupDto defaultGroup = createDefaultGroup();
-
-    underTest.reactivateAndCommit(db.getSession(), userDto, NewUser.builder()
-      .setLogin(userDto.getLogin())
-      .setName(userDto.getName())
-      .build(), u -> {
-      });
-    session.commit();
-
-    Multimap<String, String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(session, singletonList(userDto.getLogin()));
-    assertThat(groups.get(userDto.getLogin()).stream().anyMatch(g -> g.equals(defaultGroup.getName()))).isFalse();
-  }
-
-  @Test
-  public void add_user_as_member_of_default_organization_when_reactivating_user_and_organizations_are_disabled() {
-    UserDto user = db.users().insertDisabledUser();
-    createDefaultGroup();
-
-    UserDto dto = underTest.reactivateAndCommit(db.getSession(), user, NewUser.builder().setLogin(user.getLogin()).setName(user.getName()).build(), u -> {
-    });
-
-    assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getUuid())).isPresent();
-  }
-
-  @Test
-  public void does_not_add_user_as_member_of_default_organization_when_reactivating_user_and_organizations_are_enabled() {
-    organizationFlags.setEnabled(true);
-    UserDto user = db.users().insertDisabledUser();
-    createDefaultGroup();
-
-    UserDto dto = underTest.reactivateAndCommit(db.getSession(), user, NewUser.builder().setLogin(user.getLogin()).setName(user.getName()).build(), u -> {
-    });
-
-    assertThat(dbClient.organizationMemberDao().select(db.getSession(), defaultOrganizationProvider.get().getUuid(), dto.getUuid())).isNotPresent();
-  }
-
   @Test
   public void reactivate_not_onboarded_user_if_onboarding_setting_is_set_to_false() {
     settings.setProperty(ONBOARDING_TUTORIAL_SHOW_TO_NEW_USERS.getKey(), false);
@@ -312,25 +264,7 @@ public class UserUpdaterReactivateTest {
   }
 
   @Test
-  public void set_notifications_readDate_setting_when_reactivating_user_on_sonar_cloud() {
-    long now = system2.now();
-    organizationFlags.setEnabled(true);
-    createDefaultGroup();
-    UserDto user = db.users().insertDisabledUser();
-
-    underTest.reactivateAndCommit(db.getSession(), user, NewUser.builder()
-      .setLogin(user.getLogin())
-      .setName(user.getName())
-      .build(), u -> {
-      });
-
-    UserPropertyDto notificationReadDateSetting = dbClient.userPropertiesDao().selectByUser(session, user).get(0);
-    assertThat(notificationReadDateSetting.getKey()).isEqualTo("notifications.readDate");
-    assertThat(Long.parseLong(notificationReadDateSetting.getValue())).isGreaterThanOrEqualTo(now);
-  }
-
-  @Test
-  public void does_not_set_notifications_readDate_setting_when_reactivating_user_when_not_on_sonar_cloud() {
+  public void does_not_set_notifications_readDate_setting_when_reactivating_user() {
     createDefaultGroup();
     UserDto user = db.users().insertDisabledUser();
 
@@ -380,7 +314,7 @@ public class UserUpdaterReactivateTest {
   }
 
   private GroupDto createDefaultGroup() {
-    return db.users().insertDefaultGroup(db.getDefaultOrganization());
+    return db.users().insertDefaultGroup();
   }
 
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/user/UserUpdaterUpdateTest.java

@@ -41,7 +41,6 @@ import org.sonar.server.es.EsTester;
 import org.sonar.server.exceptions.BadRequestException;
 import org.sonar.server.organization.DefaultOrganizationProvider;
 import org.sonar.server.organization.TestDefaultOrganizationProvider;
-import org.sonar.server.organization.TestOrganizationFlags;
 import org.sonar.server.user.index.UserIndexDefinition;
 import org.sonar.server.user.index.UserIndexer;
 import org.sonar.server.usergroups.DefaultGroupFinder;
@@ -65,10 +64,8 @@ public class UserUpdaterUpdateTest {
 
   @Rule
   public ExpectedException expectedException = ExpectedException.none();
-
   @Rule
   public EsTester es = EsTester.create();
-
   @Rule
   public DbTester db = DbTester.create(system2);
 
@@ -77,11 +74,10 @@ public class UserUpdaterUpdateTest {
   private DbSession session = db.getSession();
   private UserIndexer userIndexer = new UserIndexer(dbClient, es.client());
   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
-  private TestOrganizationFlags organizationFlags = TestOrganizationFlags.standalone();
   private MapSettings settings = new MapSettings();
   private CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient());
-  private UserUpdater underTest = new UserUpdater(system2, newUserNotifier, dbClient, userIndexer, organizationFlags, defaultOrganizationProvider,
-    new DefaultGroupFinder(dbClient), settings.asConfig(), localAuthentication);
+  private UserUpdater underTest = new UserUpdater(newUserNotifier, dbClient, userIndexer, defaultOrganizationProvider,
+    new DefaultGroupFinder(dbClient, defaultOrganizationProvider), settings.asConfig(), localAuthentication);
 
   @Test
   public void update_user() {
@@ -200,7 +196,7 @@ public class UserUpdaterUpdateTest {
 
     underTest.updateAndCommit(session, user, new UpdateUser()
       .setLogin("new_login"), u -> {
-    });
+      });
 
     assertThat(dbClient.userDao().selectByLogin(session, DEFAULT_LOGIN)).isNull();
     UserDto userReloaded = dbClient.userDao().selectByUuid(session, user.getUuid());
@@ -629,7 +625,7 @@ public class UserUpdaterUpdateTest {
   }
 
   private GroupDto createDefaultGroup() {
-    return db.users().insertDefaultGroup(db.getDefaultOrganization());
+    return db.users().insertDefaultGroup();
   }
 
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/usergroups/DefaultGroupCreatorImplTest.java

@@ -28,6 +28,7 @@ import org.sonar.db.DbTester;
 import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.template.PermissionTemplateDto;
 import org.sonar.db.user.GroupDto;
+import org.sonar.server.organization.TestDefaultOrganizationProvider;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -39,15 +40,13 @@ public class DefaultGroupCreatorImplTest {
   @Rule
   public DbTester db = DbTester.create();
 
-  private DefaultGroupCreator underTest = new DefaultGroupCreatorImpl(db.getDbClient(), new SequenceUuidFactory());
+  private DefaultGroupCreator underTest = new DefaultGroupCreatorImpl(db.getDbClient(), new SequenceUuidFactory(), TestDefaultOrganizationProvider.from(db));
 
   @Test
   public void create_default_group() {
-    OrganizationDto organizationDto = db.organizations().insert();
-
-    underTest.create(db.getSession(), organizationDto.getUuid());
+    underTest.create(db.getSession());
 
-    Optional<String> defaultGroupUuid = db.getDbClient().organizationDao().getDefaultGroupUuid(db.getSession(), organizationDto.getUuid());
+    Optional<String> defaultGroupUuid = db.getDbClient().organizationDao().getDefaultGroupUuid(db.getSession(), db.getDefaultOrganization().getUuid());
     assertThat(defaultGroupUuid).isPresent();
     assertThat(db.getDbClient().groupDao().selectByUuid(db.getSession(), defaultGroupUuid.get()))
       .extracting(GroupDto::getName, GroupDto::getDescription)
@@ -58,13 +57,13 @@ public class DefaultGroupCreatorImplTest {
   public void fail_with_IAE_when_default_group_already_exist() {
     OrganizationDto organizationDto = db.organizations().insert();
     PermissionTemplateDto permissionTemplate = db.permissionTemplates().insertTemplate();
-    db.organizations().setDefaultTemplates(organizationDto, permissionTemplate.getUuid(), null, null);
-    db.users().insertGroup(organizationDto, "Members");
+    db.organizations().setDefaultTemplates(permissionTemplate.getUuid(), null, null);
+    db.users().insertGroup("Members");
 
     expectedException.expect(IllegalArgumentException.class);
-    expectedException.expectMessage(String.format("The group '%s' already exist on organization '%s'", "Members", organizationDto.getUuid()));
+    expectedException.expectMessage(String.format("The group '%s' already exists", "Members"));
 
-    underTest.create(db.getSession(), organizationDto.getUuid());
+    underTest.create(db.getSession());
   }
 
 }

server/sonar-webserver-auth/src/test/java/org/sonar/server/usergroups/DefaultGroupFinderTest.java

@@ -23,8 +23,8 @@ import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;
 import org.sonar.db.DbTester;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
+import org.sonar.server.organization.TestDefaultOrganizationProvider;
 
 import static java.lang.String.format;
 import static org.assertj.core.api.Assertions.assertThat;
@@ -37,39 +37,36 @@ public class DefaultGroupFinderTest {
   @Rule
   public DbTester db = DbTester.create();
 
-  private DefaultGroupFinder underTest = new DefaultGroupFinder(db.getDbClient());
+  private DefaultGroupFinder underTest = new DefaultGroupFinder(db.getDbClient(), TestDefaultOrganizationProvider.from(db));
 
   @Test
   public void find_default_group() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "default");
+    GroupDto defaultGroup = db.users().insertDefaultGroup("default");
 
-    GroupDto result = underTest.findDefaultGroup(db.getSession(), organization.getUuid());
+    GroupDto result = underTest.findDefaultGroup(db.getSession());
 
     assertThat(result.getUuid()).isEqualTo(defaultGroup.getUuid());
     assertThat(result.getName()).isEqualTo("default");
   }
 
   @Test
-  public void fail_with_ISE_when_no_default_group_on_org() {
-    OrganizationDto organization = db.organizations().insert();
-    db.users().insertGroup(organization);
+  public void fail_with_ISE_when_no_default_group() {
+    db.users().insertGroup();
 
     expectedException.expect(IllegalStateException.class);
-    expectedException.expectMessage(format("Default group cannot be found on organization '%s'", organization.getUuid()));
+    expectedException.expectMessage(format("Default group cannot be found"));
 
-    underTest.findDefaultGroup(db.getSession(), organization.getUuid());
+    underTest.findDefaultGroup(db.getSession());
   }
 
   @Test
   public void fail_with_NPE_when_default_group_does_not_exist() {
-    OrganizationDto organization = db.organizations().insert();
-    GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "default");
+    GroupDto defaultGroup = db.users().insertDefaultGroup("default");
     db.getDbClient().groupDao().deleteByUuid(db.getSession(), defaultGroup.getUuid());
 
     expectedException.expect(NullPointerException.class);
     expectedException.expectMessage(format("Group '%s' cannot be found", defaultGroup.getUuid()));
 
-    underTest.findDefaultGroup(db.getSession(), organization.getUuid());
+    underTest.findDefaultGroup(db.getSession());
   }
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java

@@ -29,7 +29,6 @@ import java.util.Optional;
 import java.util.Set;
 import org.sonar.api.web.UserRole;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.server.user.AbstractUserSession;
@@ -41,24 +40,23 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
 
   private final Class<T> clazz;
   private HashMultimap<String, String> projectUuidByPermission = HashMultimap.create();
-  private final HashMultimap<String, OrganizationPermission> permissionsByOrganizationUuid = HashMultimap.create();
+  private final Set<OrganizationPermission> permissions = new HashSet<>();
   private Map<String, String> projectUuidByComponentUuid = new HashMap<>();
   private Set<String> projectPermissions = new HashSet<>();
-  private Set<String> organizationMembership = new HashSet<>();
   private boolean systemAdministrator = false;
 
   protected AbstractMockUserSession(Class<T> clazz) {
     this.clazz = clazz;
   }
 
-  public T addPermission(OrganizationPermission permission, String organizationUuid) {
-    permissionsByOrganizationUuid.put(organizationUuid, permission);
+  public T addPermission(OrganizationPermission permission) {
+    permissions.add(permission);
     return clazz.cast(this);
   }
 
   @Override
-  protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
-    return permissionsByOrganizationUuid.get(organizationUuid).contains(permission);
+  protected boolean hasPermissionImpl(OrganizationPermission permission) {
+    return permissions.contains(permission);
   }
 
   /**
@@ -139,13 +137,4 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
     return isRoot() || systemAdministrator;
   }
 
-  @Override
-  protected boolean hasMembershipImpl(OrganizationDto organizationDto) {
-    return organizationMembership.contains(organizationDto.getUuid());
-  }
-
-  public void addOrganizationMembership(OrganizationDto organization) {
-    this.organizationMembership.add(organization.getUuid());
-  }
-
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AnonymousMockUserSession.java

@@ -22,7 +22,6 @@ package org.sonar.server.tester;
 import java.util.Collection;
 import java.util.Collections;
 import java.util.Optional;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
 
 public class AnonymousMockUserSession extends AbstractMockUserSession<AnonymousMockUserSession> {
@@ -69,9 +68,4 @@ public class AnonymousMockUserSession extends AbstractMockUserSession<AnonymousM
   public Optional<ExternalIdentity> getExternalIdentity() {
     return Optional.empty();
   }
-
-  @Override
-  public boolean hasMembershipImpl(OrganizationDto organizationDto) {
-    return false;
-  }
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java

@@ -29,7 +29,6 @@ import org.junit.rules.TestRule;
 import org.junit.runner.Description;
 import org.junit.runners.model.Statement;
 import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.db.user.GroupDto;
@@ -198,13 +197,8 @@ public class UserSessionRule implements TestRule, UserSession {
     return this;
   }
 
-  public UserSessionRule addPermission(OrganizationPermission permission, String organizationUuid) {
-    ensureAbstractMockUserSession().addPermission(permission, organizationUuid);
-    return this;
-  }
-
-  public UserSessionRule addPermission(OrganizationPermission permission, OrganizationDto organization) {
-    ensureAbstractMockUserSession().addPermission(permission, organization.getUuid());
+  public UserSessionRule addPermission(OrganizationPermission permission) {
+    ensureAbstractMockUserSession().addPermission(permission);
     return this;
   }
 
@@ -316,24 +310,13 @@ public class UserSessionRule implements TestRule, UserSession {
   }
 
   @Override
-  public boolean hasPermission(OrganizationPermission permission, OrganizationDto organization) {
-    return currentUserSession.hasPermission(permission, organization);
-  }
-
-  @Override
-  public boolean hasPermission(OrganizationPermission permission, String organizationUuid) {
-    return currentUserSession.hasPermission(permission, organizationUuid);
-  }
-
-  @Override
-  public UserSession checkPermission(OrganizationPermission permission, OrganizationDto organization) {
-    currentUserSession.checkPermission(permission, organization);
-    return this;
+  public boolean hasPermission(OrganizationPermission permission) {
+    return currentUserSession.hasPermission(permission);
   }
 
   @Override
-  public UserSession checkPermission(OrganizationPermission permission, String organizationUuid) {
-    currentUserSession.checkPermission(permission, organizationUuid);
+  public UserSession checkPermission(OrganizationPermission permission) {
+    currentUserSession.checkPermission(permission);
     return this;
   }
 
@@ -365,20 +348,4 @@ public class UserSessionRule implements TestRule, UserSession {
     currentUserSession.checkIsSystemAdministrator();
     return this;
   }
-
-  @Override
-  public boolean hasMembership(OrganizationDto organization) {
-    return currentUserSession.hasMembership(organization);
-  }
-
-  @Override
-  public UserSession checkMembership(OrganizationDto organization) {
-    currentUserSession.checkMembership(organization);
-    return this;
-  }
-
-  public UserSessionRule addMembership(OrganizationDto organization) {
-    ensureAbstractMockUserSession().addOrganizationMembership(organization);
-    return this;
-  }
 }

server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java

@@ -22,7 +22,6 @@ package org.sonar.server.user;
 import java.util.Collection;
 import java.util.Optional;
 import javax.annotation.Nullable;
-import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.permission.OrganizationPermission;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.UserDto;
@@ -103,7 +102,7 @@ public class TestUserSessionFactory implements UserSessionFactory {
     }
 
     @Override
-    protected boolean hasPermissionImpl(OrganizationPermission permission, String organizationUuid) {
+    protected boolean hasPermissionImpl(OrganizationPermission permission) {
       throw notImplemented();
     }
 
@@ -122,11 +121,6 @@ public class TestUserSessionFactory implements UserSessionFactory {
       throw notImplemented();
     }
 
-    @Override
-    public boolean hasMembershipImpl(OrganizationDto organizationDto) {
-      throw notImplemented();
-    }
-
     private static RuntimeException notImplemented() {
       return new UnsupportedOperationException("not implemented");
     }

server/sonar-webserver-core/src/main/java/org/sonar/server/startup/RegisterPermissionTemplates.java

@@ -58,7 +58,7 @@ public class RegisterPermissionTemplates implements Startable {
       String defaultOrganizationUuid = defaultOrganizationProvider.get().getUuid();
       Optional<DefaultTemplates> defaultTemplates = dbClient.organizationDao().getDefaultTemplates(dbSession, defaultOrganizationUuid);
       if (!defaultTemplates.isPresent()) {
-        PermissionTemplateDto defaultTemplate = getOrInsertDefaultTemplate(dbSession, defaultOrganizationUuid);
+        PermissionTemplateDto defaultTemplate = getOrInsertDefaultTemplate(dbSession);
         dbClient.organizationDao().setDefaultTemplates(dbSession, defaultOrganizationUuid, new DefaultTemplates().setProjectUuid(defaultTemplate.getUuid()));
         dbSession.commit();
       }
@@ -72,14 +72,14 @@ public class RegisterPermissionTemplates implements Startable {
     // nothing to do
   }
 
-  private PermissionTemplateDto getOrInsertDefaultTemplate(DbSession dbSession, String defaultOrganizationUuid) {
+  private PermissionTemplateDto getOrInsertDefaultTemplate(DbSession dbSession) {
     PermissionTemplateDto permissionTemplateDto = dbClient.permissionTemplateDao().selectByUuid(dbSession, DEFAULT_TEMPLATE_UUID);
     if (permissionTemplateDto != null) {
       return permissionTemplateDto;
     }
 
     PermissionTemplateDto template = new PermissionTemplateDto()
-      .setOrganizationUuid(defaultOrganizationUuid)
+      .setOrganizationUuid(defaultOrganizationProvider.get().getUuid())
       .setName("Default template")
       .setUuid(DEFAULT_TEMPLATE_UUID)
       .setDescription("This permission template will be used as default when no other permission configuration is available")
@@ -98,7 +98,7 @@ public class RegisterPermissionTemplates implements Startable {
   }
 
   private void insertPermissionForAdministrators(DbSession dbSession, PermissionTemplateDto template) {
-    Optional<GroupDto> admins = dbClient.groupDao().selectByName(dbSession, template.getOrganizationUuid(), DefaultGroups.ADMINISTRATORS);
+    Optional<GroupDto> admins = dbClient.groupDao().selectByName(dbSession, DefaultGroups.ADMINISTRATORS);
     if (admins.isPresent()) {
       insertGroupPermission(dbSession, template, UserRole.ADMIN, admins.get());
       insertGroupPermission(dbSession, template, OrganizationPermission.APPLICATION_CREATOR.getKey(), admins.get());
@@ -109,11 +109,10 @@ public class RegisterPermissionTemplates implements Startable {
   }
 
   private void insertPermissionsForDefaultGroup(DbSession dbSession, PermissionTemplateDto template) {
-    String organizationUuid = template.getOrganizationUuid();
-    String defaultGroupUuid = dbClient.organizationDao().getDefaultGroupUuid(dbSession, organizationUuid)
-      .orElseThrow(() -> new IllegalStateException(format("Default group for organization %s is not defined", organizationUuid)));
+    String defaultGroupUuid = dbClient.organizationDao().getDefaultGroupUuid(dbSession, defaultOrganizationProvider.get().getUuid())
+      .orElseThrow(() -> new IllegalStateException("Default group is not defined"));
     GroupDto defaultGroup = Optional.ofNullable(dbClient.groupDao().selectByUuid(dbSession, defaultGroupUuid))
-      .orElseThrow(() -> new IllegalStateException(format("Default group with id %s for organization %s doesn't exist", defaultGroupUuid, organizationUuid)));
+      .orElseThrow(() -> new IllegalStateException(format("Default group with id %s doesn't exist", defaultGroupUuid)));
     insertGroupPermission(dbSession, template, UserRole.USER, defaultGroup);
     insertGroupPermission(dbSession, template, UserRole.CODEVIEWER, defaultGroup);
     insertGroupPermission(dbSession, template, UserRole.ISSUE_ADMIN, defaultGroup);

server/sonar-webserver-core/src/test/java/org/sonar/server/startup/RegisterPermissionTemplatesTest.java

@@ -64,7 +64,7 @@ public class RegisterPermissionTemplatesTest {
   @Test
   public void fail_with_ISE_if_default_template_must_be_created_and_no_default_group_is_defined() {
     expectedException.expect(IllegalStateException.class);
-    expectedException.expectMessage("Default group for organization " + db.getDefaultOrganization().getUuid() + " is not defined");
+    expectedException.expectMessage("Default group is not defined");
 
     underTest.start();
   }
@@ -74,7 +74,7 @@ public class RegisterPermissionTemplatesTest {
     setDefaultGroup(new GroupDto().setUuid("22"));
 
     expectedException.expect(IllegalStateException.class);
-    expectedException.expectMessage("Default group with id 22 for organization " + db.getDefaultOrganization().getUuid() + " doesn't exist");
+    expectedException.expectMessage("Default group with id 22 doesn't exist");
 
     underTest.start();
   }
@@ -82,7 +82,7 @@ public class RegisterPermissionTemplatesTest {
   @Test
   public void insert_default_permission_template_if_fresh_install_without_governance() {
     GroupDto defaultGroup = createAndSetDefaultGroup();
-    db.users().insertGroup(db.getDefaultOrganization(), DefaultGroups.ADMINISTRATORS);
+    db.users().insertGroup(DefaultGroups.ADMINISTRATORS);
 
     when(resourceTypes.isQualifierPresent(eq(Qualifiers.APP))).thenReturn(false);
     when(resourceTypes.isQualifierPresent(eq(Qualifiers.VIEW))).thenReturn(false);
@@ -109,7 +109,7 @@ public class RegisterPermissionTemplatesTest {
   @Test
   public void insert_default_permission_template_if_fresh_install_with_governance() {
     GroupDto defaultGroup = createAndSetDefaultGroup();
-    db.users().insertGroup(db.getDefaultOrganization(), DefaultGroups.ADMINISTRATORS);
+    db.users().insertGroup(DefaultGroups.ADMINISTRATORS);
 
     when(resourceTypes.isQualifierPresent(eq(Qualifiers.APP))).thenReturn(true);
     when(resourceTypes.isQualifierPresent(eq(Qualifiers.VIEW))).thenReturn(true);
@@ -168,8 +168,8 @@ public class RegisterPermissionTemplatesTest {
   @Test
   public void do_not_fail_if_default_template_exists_and_is_registered() {
     PermissionTemplateDto projectTemplate = db.permissionTemplates().insertTemplate(newPermissionTemplateDto()
-        .setOrganizationUuid(db.getDefaultOrganization().getUuid())
-        .setUuid(DEFAULT_TEMPLATE_UUID));
+      .setOrganizationUuid(db.getDefaultOrganization().getUuid())
+      .setUuid(DEFAULT_TEMPLATE_UUID));
     db.organizations().setDefaultTemplates(projectTemplate, null, null);
 
     underTest.start();
@@ -189,7 +189,7 @@ public class RegisterPermissionTemplatesTest {
     String expectedGroupName) {
     assertThat(
       groupPermissions.stream().anyMatch(gp -> gp.getPermission().equals(expectedPermission) && Objects.equals(gp.getGroupName(), expectedGroupName)))
-        .isTrue();
+      .isTrue();
   }
 
   private void verifyDefaultTemplates() {
@@ -205,7 +205,7 @@ public class RegisterPermissionTemplatesTest {
   }
 
   private GroupDto createAndSetDefaultGroup() {
-    GroupDto res = db.users().insertGroup(db.getDefaultOrganization());
+    GroupDto res = db.users().insertGroup();
     setDefaultGroup(res);
     return res;
   }

server/sonar-webserver-es/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java

@@ -87,7 +87,7 @@ public class PermissionIndexerDaoTest {
     application = componentDbTester.insertPublicApplication(organization);
     user1 = userDbTester.insertUser();
     user2 = userDbTester.insertUser();
-    group = userDbTester.insertGroup(organization);
+    group = userDbTester.insertGroup();
   }
 
   @Test
@@ -174,7 +174,6 @@ public class PermissionIndexerDaoTest {
       projectUuids.add(project.uuid());
       GroupPermissionDto dto = new GroupPermissionDto()
         .setUuid(Uuids.createFast())
-        .setOrganizationUuid(group.getOrganizationUuid())
         .setGroupUuid(group.getUuid())
         .setRole(USER)
         .setComponentUuid(project.uuid());

server/sonar-webserver-webapi/src/main/java/org/sonar/server/batch/ProjectDataLoader.java

@@ -62,7 +62,7 @@ public class ProjectDataLoader {
       ComponentDto project = componentFinder.getByKey(session, projectKey);
       checkRequest(project.isRootProject(), "Key '%s' belongs to a component which is not a Project", projectKey);
       boolean hasScanPerm = userSession.hasComponentPermission(UserRole.SCAN, project) ||
-        userSession.hasPermission(OrganizationPermission.SCAN, project.getOrganizationUuid());
+        userSession.hasPermission(OrganizationPermission.SCAN);
       checkPermission(hasScanPerm);
       ComponentDto branchOrMainModule = (branch == null && pullRequest == null) ? project
         : componentFinder.getByKeyAndOptionalBranchOrPullRequest(session, projectKey, branch, pullRequest);

server/sonar-webserver-webapi/src/main/java/org/sonar/server/branch/pr/ws/ListAction.java

@@ -127,7 +127,7 @@ public class ListAction implements PullRequestWsAction {
   private void checkPermission(ProjectDto project) {
     if (userSession.hasProjectPermission(USER, project) ||
       userSession.hasProjectPermission(UserRole.SCAN, project) ||
-      userSession.hasPermission(OrganizationPermission.SCAN, project.getOrganizationUuid())) {
+      userSession.hasPermission(OrganizationPermission.SCAN)) {
       return;
     }
     throw insufficientPrivilegesException();

server/sonar-webserver-webapi/src/main/java/org/sonar/server/branch/ws/ListAction.java

@@ -138,7 +138,7 @@ public class ListAction implements BranchWsAction {
   private void checkPermission(ProjectDto project) {
     if (!userSession.hasProjectPermission(USER, project) &&
       !userSession.hasProjectPermission(UserRole.SCAN, project) &&
-      !userSession.hasPermission(SCAN, project.getOrganizationUuid())) {
+      !userSession.hasPermission(SCAN)) {
       throw insufficientPrivilegesException();
     }
   }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/ce/queue/ReportSubmitter.java

@@ -129,7 +129,7 @@ public class ReportSubmitter {
     // they don't have the direct permission on the project.
     // That means that dropping the permission on the project does not have any effects
     // if user has still the permission on the organization
-    if (!userSession.hasComponentPermission(UserRole.SCAN, project) && !userSession.hasPermission(OrganizationPermission.SCAN, project.getOrganizationUuid())) {
+    if (!userSession.hasComponentPermission(UserRole.SCAN, project) && !userSession.hasPermission(OrganizationPermission.SCAN)) {
       throw insufficientPrivilegesException();
     }
   }
@@ -164,11 +164,11 @@ public class ReportSubmitter {
   }
 
   private ComponentDto createProject(DbSession dbSession, OrganizationDto organization, BranchSupport.ComponentKey componentKey, @Nullable String projectName) {
-    userSession.checkPermission(OrganizationPermission.PROVISION_PROJECTS, organization);
+    userSession.checkPermission(OrganizationPermission.PROVISION_PROJECTS);
     String userUuid = userSession.getUuid();
 
     boolean wouldCurrentUserHaveScanPermission = permissionTemplateService.wouldUserHaveScanPermissionWithDefaultTemplate(
-      dbSession, organization.getUuid(), userUuid, componentKey.getDbKey());
+      dbSession, userUuid, componentKey.getDbKey());
     if (!wouldCurrentUserHaveScanPermission) {
       throw insufficientPrivilegesException();
     }