SONAR-8608 consistent organization on permission/group/component

server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java

@@ -44,7 +44,6 @@ import org.sonar.server.user.index.UserIndexer;
 import static com.google.common.collect.Sets.newHashSet;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.Mockito.mock;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
 import static org.sonar.db.user.UserTesting.newUserDto;
 import static org.sonar.server.authentication.event.AuthenticationEvent.Method;
 import static org.sonar.server.authentication.event.AuthenticationEvent.Source;
@@ -332,7 +331,7 @@ public class UserIdentityAuthenticatorTest {
 
   @Test
   public void ignore_groups_on_non_default_organizations() throws Exception {
-    OrganizationDto org = db.organizations().insert(newOrganizationDto());
+    OrganizationDto org = db.organizations().insert();
     UserDto user = db.users().insertUser(newUserDto()
       .setLogin(USER_LOGIN)
       .setActive(true)

server/sonar-server/src/test/java/org/sonar/server/component/ComponentUpdaterTest.java

@@ -101,7 +101,7 @@ public class ComponentUpdaterTest {
 
   @Before
   public void setUp() throws Exception {
-    permissionTemplateDto = db.permissionTemplates().insertTemplate();
+    permissionTemplateDto = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());
     setTemplateAsDefault(permissionTemplateDto);
   }
 

server/sonar-server/src/test/java/org/sonar/server/favorite/ws/SearchActionTest.java

@@ -136,7 +136,7 @@ public class SearchActionTest {
     ComponentDto otherUserFavorite = newProjectDto(organizationDto).setKey("K42");
     db.components().insertComponent(otherUserFavorite);
     db.favorites().add(otherUserFavorite, 42L);
-    dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto("O1", UserRole.USER, 42L, otherUserFavorite.getId()));
+    dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(organizationDto.getUuid(), UserRole.USER, 42L, otherUserFavorite.getId()));
     db.commit();
 
     SearchResponse result = call();
@@ -188,7 +188,7 @@ public class SearchActionTest {
   private void addComponent(ComponentDto component) {
     db.components().insertComponent(component);
     db.favorites().add(component, USER_ID);
-    dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto("O1", UserRole.USER, USER_ID, component.getId()));
+    dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(component.getOrganizationUuid(), UserRole.USER, USER_ID, component.getId()));
     db.commit();
   }
 

server/sonar-server/src/test/java/org/sonar/server/issue/IssueServiceMediumTest.java

@@ -65,15 +65,14 @@ public class IssueServiceMediumTest {
 
   @ClassRule
   public static ServerTester tester = new ServerTester().withStartupTasks().withEsIndexes();
-
   @Rule
   public UserSessionRule userSessionRule = UserSessionRule.forServerTester(tester);
 
-  DbClient db;
-  IssueIndex issueIndex;
-  DbSession session;
-  IssueService service;
-  RuleIndexer ruleIndexer;
+  private DbClient db;
+  private IssueIndex issueIndex;
+  private DbSession session;
+  private IssueService service;
+  private RuleIndexer ruleIndexer;
 
   @Before
   public void setUp() {
@@ -277,7 +276,7 @@ public class IssueServiceMediumTest {
     // project can be seen by group "anyone"
     // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
     // for each organization
-    GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO"));
+    GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone(organization.getUuid()));
     tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
     userSessionRule.login();
 

server/sonar-server/src/test/java/org/sonar/server/issue/ws/BulkChangeActionTest.java

@@ -40,6 +40,7 @@ import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDto;
 import org.sonar.db.issue.IssueChangeDto;
 import org.sonar.db.issue.IssueDto;
+import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.rule.RuleDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.server.es.EsTester;
@@ -110,6 +111,7 @@ public class BulkChangeActionTest {
   private List<Action> actions = new ArrayList<>();
 
   private RuleDto rule;
+  private OrganizationDto organization;
   private ComponentDto project;
   private ComponentDto file;
   private UserDto user;
@@ -120,7 +122,8 @@ public class BulkChangeActionTest {
   public void setUp() throws Exception {
     issueWorkflow.start();
     rule = db.rules().insertRule(newRuleDto());
-    project = db.components().insertProject(db.organizations().insert());
+    organization = db.organizations().insert();
+    project = db.components().insertProject(organization);
     file = db.components().insertComponent(newFileDto(project));
     user = db.users().insertUser("john");
     when(system2.now()).thenReturn(NOW);

server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionComponentsMediumTest.java

@@ -673,7 +673,7 @@ public class SearchActionComponentsMediumTest {
     userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
     // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
     // for each organization
-    GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO"));
+    GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid()));
     tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
   }
 

server/sonar-server/src/test/java/org/sonar/server/issue/ws/SearchActionMediumTest.java

@@ -703,7 +703,7 @@ public class SearchActionMediumTest {
     userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
     // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
     // for each organization
-    GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO"));
+    GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid()));
     tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
   }
 
@@ -713,7 +713,7 @@ public class SearchActionMediumTest {
     Arrays.stream(permissions).forEach(permission -> userSessionRule.addProjectUuidPermissions(permission, project.uuid()));
     tester.get(PermissionUpdater.class).apply(session, Arrays.stream(permissions)
       // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone" for each organization
-      .map(permission -> new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone("TODO")))
+      .map(permission -> new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(project), GroupIdOrAnyone.forAnyone(project.getOrganizationUuid())))
       .collect(Collectors.toList()));
   }
 

server/sonar-server/src/test/java/org/sonar/server/notification/ws/ListActionTest.java

@@ -229,7 +229,7 @@ public class ListActionTest {
 
   private ComponentDto addComponent(ComponentDto component) {
     db.components().insertComponent(component);
-    dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto("O1", UserRole.USER, userSession.getUserId(), component.getId()));
+    dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(component.getOrganizationUuid(), UserRole.USER, userSession.getUserId(), component.getId()));
     db.commit();
 
     return component;

server/sonar-server/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java

@@ -53,7 +53,7 @@ public class GroupPermissionChangerTest {
   public void setUp() throws Exception {
     org = db.organizations().insert();
     group = db.users().insertGroup(org, "a-group");
-    project = db.components().insertProject();
+    project = db.components().insertProject(org);
   }
 
   @Test
@@ -88,13 +88,12 @@ public class GroupPermissionChangerTest {
 
   @Test
   public void add_project_permission_to_anyone() {
-    OrganizationDto defaultOrganization = db.getDefaultOrganization();
-    GroupIdOrAnyone groupId = new GroupIdOrAnyone(defaultOrganization.getUuid(), null);
+    GroupIdOrAnyone groupId = new GroupIdOrAnyone(org.getUuid(), null);
 
     apply(new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.ISSUE_ADMIN, new ProjectId(project), groupId));
 
-    assertThat(db.users().selectAnyonePermissions(defaultOrganization, null)).isEmpty();
-    assertThat(db.users().selectAnyonePermissions(defaultOrganization, project)).containsOnly(UserRole.ISSUE_ADMIN);
+    assertThat(db.users().selectAnyonePermissions(org, null)).isEmpty();
+    assertThat(db.users().selectAnyonePermissions(org, project)).containsOnly(UserRole.ISSUE_ADMIN);
   }
 
   @Test

server/sonar-server/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java

@@ -39,7 +39,6 @@ import static org.sonar.api.web.UserRole.USER;
 import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
 import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
 import static org.sonar.server.permission.PermissionChange.Operation.ADD;
 import static org.sonar.server.permission.PermissionChange.Operation.REMOVE;
 
@@ -61,11 +60,11 @@ public class UserPermissionChangerTest {
 
   @Before
   public void setUp() throws Exception {
-    org1 = db.organizations().insert(newOrganizationDto());
-    org2 = db.organizations().insert(newOrganizationDto());
+    org1 = db.organizations().insert();
+    org2 = db.organizations().insert();
     user1 = db.users().insertUser();
     user2 = db.users().insertUser();
-    project = db.components().insertProject();
+    project = db.components().insertProject(org1);
   }
 
   @Test
@@ -125,7 +124,7 @@ public class UserPermissionChangerTest {
     db.users().insertPermissionOnUser(org1, user1, SCAN_EXECUTION);
     db.users().insertPermissionOnUser(org2, user1, QUALITY_GATE_ADMIN);
     db.users().insertPermissionOnUser(org1, user2, QUALITY_GATE_ADMIN);
-    db.users().insertProjectPermissionOnUser(org1, user1, ISSUE_ADMIN, project);
+    db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project);
 
     UserPermissionChange change = new UserPermissionChange(REMOVE, org1.getUuid(), QUALITY_GATE_ADMIN, null, UserId.from(user1));
     apply(change);
@@ -138,12 +137,12 @@ public class UserPermissionChangerTest {
 
   @Test
   public void remove_project_permission_from_user() {
-    ComponentDto project2 = db.components().insertProject();
+    ComponentDto project2 = db.components().insertProject(org1);
     db.users().insertPermissionOnUser(org1, user1, QUALITY_GATE_ADMIN);
-    db.users().insertProjectPermissionOnUser(org1, user1, ISSUE_ADMIN, project);
-    db.users().insertProjectPermissionOnUser(org1, user1, USER, project);
-    db.users().insertProjectPermissionOnUser(org1, user2, ISSUE_ADMIN, project);
-    db.users().insertProjectPermissionOnUser(org1, user1, ISSUE_ADMIN, project2);
+    db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project);
+    db.users().insertProjectPermissionOnUser(user1, USER, project);
+    db.users().insertProjectPermissionOnUser(user2, ISSUE_ADMIN, project);
+    db.users().insertProjectPermissionOnUser(user1, ISSUE_ADMIN, project2);
 
     UserPermissionChange change = new UserPermissionChange(REMOVE, org1.getUuid(), ISSUE_ADMIN, new ProjectId(project), UserId.from(user1));
     apply(change);

server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerDaoTest.java

@@ -214,11 +214,11 @@ public class PermissionIndexerDaoTest {
     userDbTester.insertProjectPermissionOnGroup(group, ADMIN, view1);
 
     // Anyone group has user access on both projects
-    userDbTester.insertProjectPermissionOnAnyone(USER, project1);
-    userDbTester.insertProjectPermissionOnAnyone(ADMIN, project1);
-    userDbTester.insertProjectPermissionOnAnyone(USER, project2);
-    userDbTester.insertProjectPermissionOnAnyone(USER, view1);
-    userDbTester.insertProjectPermissionOnAnyone(ADMIN, view1);
-    userDbTester.insertProjectPermissionOnAnyone(USER, view2);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, project1);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), ADMIN, project1);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, project2);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, view1);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), ADMIN, view1);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, view2);
   }
 }

server/sonar-server/src/test/java/org/sonar/server/permission/index/PermissionIndexerTest.java

@@ -87,9 +87,9 @@ public class PermissionIndexerTest {
     userDbTester.insertProjectPermissionOnUser(user, ADMIN, view);
     GroupDto group = userDbTester.insertGroup();
     userDbTester.insertProjectPermissionOnGroup(group, USER, project);
-    userDbTester.insertProjectPermissionOnAnyone(USER, project);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, project);
     userDbTester.insertProjectPermissionOnGroup(group, USER, view);
-    userDbTester.insertProjectPermissionOnAnyone(USER, view);
+    userDbTester.insertProjectPermissionOnAnyone(dbTester.getDefaultOrganization(), USER, view);
 
     underTest.indexAllIfEmpty();
 

server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java

@@ -101,7 +101,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> {
 
   @Test
   public void add_permission_to_view() throws Exception {
-    ComponentDto view = db.components().insertComponent(newView(db.organizations().insert(), "view-uuid").setKey("view-key"));
+    ComponentDto view = db.components().insertComponent(newView(db.getDefaultOrganization(), "view-uuid").setKey("view-key"));
 
     loginAsAdminOnDefaultOrganization();
     newRequest()

server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java

@@ -108,7 +108,7 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio
 
   @Test
   public void remove_with_view_uuid() throws Exception {
-    ComponentDto view = db.components().insertComponent(newView(db.organizations().insert(), "view-uuid").setKey("view-key"));
+    ComponentDto view = db.components().insertComponent(newView(db.getDefaultOrganization(), "view-uuid").setKey("view-key"));
     db.users().insertPermissionOnGroup(aGroup, SYSTEM_ADMIN);
     db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, view);
     db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, view);

server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchGlobalPermissionsActionTest.java

@@ -59,7 +59,7 @@ public class SearchGlobalPermissionsActionTest extends BasePermissionWsTest<Sear
 
   @Test
   public void search_in_organization() throws Exception {
-    OrganizationDto org = db.organizations().insert(newOrganizationDto());
+    OrganizationDto org = db.organizations().insert();
     loginAsAdmin(org);
     GroupDto adminGroup = db.users().insertGroup(newGroup(org, "sonar-admins", "Administrators"));
     GroupDto userGroup = db.users().insertGroup(newGroup(org, "sonar-users", "Users"));
@@ -88,7 +88,7 @@ public class SearchGlobalPermissionsActionTest extends BasePermissionWsTest<Sear
 
   @Test
   public void search_in_default_organization_by_default() throws Exception {
-    OrganizationDto org = db.organizations().insert(newOrganizationDto());
+    OrganizationDto org = db.organizations().insert();
     loginAsAdmin(org, db.getDefaultOrganization());
 
     UserDto user = db.users().insertUser();
@@ -138,7 +138,7 @@ public class SearchGlobalPermissionsActionTest extends BasePermissionWsTest<Sear
 
   @Test
   public void fail_if_not_admin_of_specified_organization() throws Exception {
-    OrganizationDto org = db.organizations().insert(newOrganizationDto());
+    OrganizationDto org = db.organizations().insert();
     loginAsAdminOnDefaultOrganization();
 
     expectedException.expect(ForbiddenException.class);

server/sonar-server/src/test/java/org/sonar/server/permission/ws/SearchProjectPermissionsActionTest.java

@@ -45,7 +45,6 @@ import static org.sonar.db.component.ComponentTesting.newDeveloper;
 import static org.sonar.db.component.ComponentTesting.newProjectCopy;
 import static org.sonar.db.component.ComponentTesting.newProjectDto;
 import static org.sonar.db.component.ComponentTesting.newView;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
 import static org.sonar.test.JsonAssert.assertJson;
 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
@@ -92,9 +91,9 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea
     // global permission
     db.users().insertPermissionOnUser(user1, GlobalPermissions.SYSTEM_ADMIN);
 
-    GroupDto group1 = db.users().insertGroup(newGroupDto());
-    GroupDto group2 = db.users().insertGroup(newGroupDto());
-    GroupDto group3 = db.users().insertGroup(newGroupDto());
+    GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization());
+    GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization());
+    GroupDto group3 = db.users().insertGroup(db.getDefaultOrganization());
 
     db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), UserRole.ADMIN, jdk7);
     db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, jdk7);
@@ -243,7 +242,7 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea
   }
 
   private ComponentDto insertView() {
-    return db.components().insertComponent(newView(db.organizations().insert())
+    return db.components().insertComponent(newView(db.getDefaultOrganization())
       .setUuid("752d8bfd-420c-4a83-a4e5-8ab19b13c8fc")
       .setName("Java")
       .setKey("Java"));
@@ -267,7 +266,7 @@ public class SearchProjectPermissionsActionTest extends BasePermissionWsTest<Sea
   }
 
   private ComponentDto insertJdk7() {
-    return db.components().insertComponent(newProjectDto(db.organizations().insert(), "project-uuid-1")
+    return db.components().insertComponent(newProjectDto(db.getDefaultOrganization(), "project-uuid-1")
       .setName("JDK 7")
       .setKey("net.java.openjdk:jdk7")
       .setUuid("0bd7b1e7-91d6-439e-a607-4a3a9aad3c6a"));

server/sonar-server/src/test/java/org/sonar/server/permission/ws/UsersActionTest.java

@@ -105,7 +105,7 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> {
   @Test
   public void search_only_for_users_with_permission_when_no_search_query() throws Exception {
     // User have permission on project
-    ComponentDto project = db.components().insertComponent(newProjectDto(db.organizations().insert()));
+    ComponentDto project = db.components().insertProject(db.getDefaultOrganization());
     UserDto user = db.users().insertUser(newUserDto());
     db.users().insertProjectPermissionOnUser(user, ISSUE_ADMIN, project);
 
@@ -118,7 +118,8 @@ public class UsersActionTest extends BasePermissionWsTest<UsersAction> {
       .execute()
       .getInput();
 
-    assertThat(result).contains(user.getLogin())
+    assertThat(result)
+      .contains(user.getLogin())
       .doesNotContain(withoutPermission.getLogin());
   }
 

server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/ApplyTemplateActionTest.java

@@ -103,7 +103,7 @@ public class ApplyTemplateActionTest extends BasePermissionWsTest<ApplyTemplateA
     addGroupToTemplate(group1, template2, UserRole.USER);
     addGroupToTemplate(group2, template2, UserRole.USER);
 
-    project = db.components().insertComponent(newProjectDto(db.organizations().insert(), "project-uuid-1"));
+    project = db.components().insertComponent(newProjectDto(defaultOrg, "project-uuid-1"));
     db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project);
     db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project);
     db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project);

server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/BulkApplyTemplateActionTest.java

@@ -88,10 +88,10 @@ public class BulkApplyTemplateActionTest extends BasePermissionWsTest<BulkApplyT
 
   @Test
   public void bulk_apply_template_by_template_uuid() throws Exception {
-    OrganizationDto organizationDto = db.organizations().insert();
-    ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
-    ComponentDto view = db.components().insertComponent(newView(organizationDto));
-    ComponentDto developer = db.components().insertComponent(newDeveloper(organizationDto, "developer-name"));
+    OrganizationDto organization = db.getDefaultOrganization();
+    ComponentDto project = db.components().insertComponent(newProjectDto(organization));
+    ComponentDto view = db.components().insertComponent(newView(organization));
+    ComponentDto developer = db.components().insertComponent(newDeveloper(organization, "developer-name"));
     db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, developer);
     db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, developer);
     db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, developer);
@@ -117,9 +117,9 @@ public class BulkApplyTemplateActionTest extends BasePermissionWsTest<BulkApplyT
 
   @Test
   public void apply_template_by_qualifier() throws Exception {
-    OrganizationDto organizationDto = db.organizations().insert();
-    ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
-    ComponentDto view = db.components().insertComponent(newView(organizationDto));
+    OrganizationDto organization = db.getDefaultOrganization();
+    ComponentDto project = db.components().insertComponent(newProjectDto(organization));
+    ComponentDto view = db.components().insertComponent(newView(organization));
     loginAsAdminOnDefaultOrganization();
 
     newRequest()
@@ -132,13 +132,13 @@ public class BulkApplyTemplateActionTest extends BasePermissionWsTest<BulkApplyT
 
   @Test
   public void apply_template_by_query_on_name_and_key() throws Exception {
-    OrganizationDto organizationDto = db.organizations().insert();
-    ComponentDto projectFoundByKey = newProjectDto(organizationDto).setKey("sonar");
+    OrganizationDto organization = db.getDefaultOrganization();
+    ComponentDto projectFoundByKey = newProjectDto(organization).setKey("sonar");
     db.components().insertProjectAndSnapshot(projectFoundByKey);
-    ComponentDto projectFoundByName = newProjectDto(organizationDto).setName("name-sonar-name");
+    ComponentDto projectFoundByName = newProjectDto(organization).setName("name-sonar-name");
     db.components().insertProjectAndSnapshot(projectFoundByName);
     // match must be exact on key
-    ComponentDto projectUntouched = newProjectDto(organizationDto).setKey("new-sonar").setName("project-name");
+    ComponentDto projectUntouched = newProjectDto(organization).setKey("new-sonar").setName("project-name");
     db.components().insertProjectAndSnapshot(projectUntouched);
     loginAsAdminOnDefaultOrganization();
 

server/sonar-server/src/test/java/org/sonar/server/project/ws/CreateActionTest.java

@@ -110,7 +110,7 @@ public class CreateActionTest {
 
   @Before
   public void setUp() throws Exception {
-    permissionTemplateDto = db.permissionTemplates().insertTemplate();
+    permissionTemplateDto = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());
     setTemplateAsDefault(permissionTemplateDto);
   }
 

server/sonar-server/src/test/java/org/sonar/server/project/ws/SearchMyProjectsActionTest.java

@@ -59,7 +59,6 @@ import static org.sonar.db.component.ComponentTesting.newView;
 import static org.sonar.db.component.SnapshotTesting.newAnalysis;
 import static org.sonar.db.measure.MeasureTesting.newMeasureDto;
 import static org.sonar.db.metric.MetricTesting.newMetricDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
 import static org.sonar.db.user.UserTesting.newUserDto;
 import static org.sonar.test.JsonAssert.assertJson;
 
@@ -197,11 +196,11 @@ public class SearchMyProjectsActionTest {
 
   @Test
   public void admin_via_groups() {
-    OrganizationDto organizationDto = db.organizations().insert();
-    ComponentDto jdk7 = insertJdk7(organizationDto);
-    ComponentDto cLang = insertClang(organizationDto);
+    OrganizationDto organization = db.organizations().insert();
+    ComponentDto jdk7 = insertJdk7(organization);
+    ComponentDto cLang = insertClang(organization);
 
-    GroupDto group = db.users().insertGroup(newGroupDto());
+    GroupDto group = db.users().insertGroup(organization);
     db.users().insertMember(group, user);
 
     db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, jdk7);
@@ -218,9 +217,9 @@ public class SearchMyProjectsActionTest {
     OrganizationDto organizationDto = db.organizations().insert();
     ComponentDto jdk7 = insertJdk7(organizationDto);
     ComponentDto cLang = insertClang(organizationDto);
-    ComponentDto sonarqube = db.components().insertComponent(newProjectDto(organizationDto));
+    ComponentDto sonarqube = db.components().insertProject(organizationDto);
 
-    GroupDto group = db.users().insertGroup(newGroupDto());
+    GroupDto group = db.users().insertGroup(organizationDto);
     db.users().insertMember(group, user);
 
     db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, jdk7);

server/sonar-server/src/test/java/org/sonar/server/qualitygate/QgateProjectFinderTest.java

@@ -89,8 +89,8 @@ public class QgateProjectFinderTest {
   @Test
   public void return_all_projects() throws Exception {
     OrganizationDto organizationDto = dbTester.organizations().insert();
-    ComponentDto associatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
-    ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
+    ComponentDto associatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
+    ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
     associateProjectToQualitGate(associatedProject.getId());
 
     Association result = underTest.find(
@@ -108,8 +108,8 @@ public class QgateProjectFinderTest {
   @Test
   public void return_only_associated_project() throws Exception {
     OrganizationDto organizationDto = dbTester.organizations().insert();
-    ComponentDto associatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
-    insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
+    ComponentDto associatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
+    insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
     associateProjectToQualitGate(associatedProject.getId());
 
     Association result = underTest.find(
@@ -126,8 +126,8 @@ public class QgateProjectFinderTest {
   @Test
   public void return_only_unassociated_project() throws Exception {
     OrganizationDto organizationDto = dbTester.organizations().insert();
-    ComponentDto associatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
-    ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto));
+    ComponentDto associatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
+    ComponentDto unassociatedProject = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto));
     associateProjectToQualitGate(associatedProject.getId());
 
     Association result = underTest.find(
@@ -163,9 +163,9 @@ public class QgateProjectFinderTest {
   @Test
   public void test_paging() throws Exception {
     OrganizationDto organizationDto = dbTester.organizations().insert();
-    ComponentDto project1 = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto).setName("Project 1"));
-    ComponentDto project2 = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto).setName("Project 2"));
-    ComponentDto project3 = insertProjectAuthorizedToAnyone(newProjectDto(organizationDto).setName("Project 3"));
+    ComponentDto project1 = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto).setName("Project 1"));
+    ComponentDto project2 = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto).setName("Project 2"));
+    ComponentDto project3 = insertProjectAuthorizedToAnyone(organizationDto, newProjectDto(organizationDto).setName("Project 3"));
     associateProjectToQualitGate(project1.getId());
 
     // Return partial result on first page
@@ -237,9 +237,9 @@ public class QgateProjectFinderTest {
     dbTester.commit();
   }
 
-  private ComponentDto insertProjectAuthorizedToAnyone(ComponentDto project) {
+  private ComponentDto insertProjectAuthorizedToAnyone(OrganizationDto organizationDto, ComponentDto project) {
     dbTester.components().insertComponent(project);
-    dbTester.users().insertProjectPermissionOnAnyone(UserRole.USER, project);
+    dbTester.users().insertProjectPermissionOnAnyone(organizationDto, UserRole.USER, project);
     return project;
   }
 

server/sonar-server/src/test/java/org/sonar/server/qualityprofile/ws/ProjectsActionTest.java

@@ -29,6 +29,7 @@ import org.sonar.db.DbSession;
 import org.sonar.db.DbTester;
 import org.sonar.db.component.ComponentDto;
 import org.sonar.db.component.ComponentTesting;
+import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.qualityprofile.QualityProfileDto;
 import org.sonar.db.user.UserDto;
 import org.sonar.db.user.UserTesting;
@@ -50,6 +51,7 @@ public class ProjectsActionTest {
   private DbClient dbClient = db.getDbClient();
   private DbSession dbSession = db.getSession();
 
+  private OrganizationDto organizationDto;
   private UserDto user;
   private QualityProfileDto xooP1;
   private QualityProfileDto xooP2;
@@ -65,6 +67,7 @@ public class ProjectsActionTest {
 
   @Before
   public void setUp() {
+    organizationDto = db.organizations().insert();
     user = db.users().insertUser(UserTesting.newUserDto().setLogin("obiwan"));
     userSessionRule.login("obiwan").setUserId(user.getId().intValue());
 
@@ -208,12 +211,12 @@ public class ProjectsActionTest {
   }
 
   private ComponentDto newProject(String uuid, String name) {
-    return ComponentTesting.newProjectDto(db.organizations().insert(), uuid).setName(name);
+    return ComponentTesting.newProjectDto(organizationDto, uuid).setName(name);
   }
 
   private void addBrowsePermissionToAnyone(ComponentDto... projects) {
     for (ComponentDto project : projects) {
-      db.users().insertProjectPermissionOnAnyone(UserRole.USER, project);
+      db.users().insertProjectPermissionOnAnyone(organizationDto, UserRole.USER, project);
     }
   }
 

server/sonar-server/src/test/java/org/sonar/server/rule/ws/SearchActionMediumTest.java

@@ -73,12 +73,12 @@ public class SearchActionMediumTest {
   private static final String API_ENDPOINT = "api/rules";
   private static final String API_SEARCH_METHOD = "search";
 
-  DbClient db;
-  RulesWs ws;
-  RuleDao ruleDao;
-  DbSession dbSession;
-  RuleIndexer ruleIndexer;
-  ActiveRuleIndexer activeRuleIndexer;
+  private DbClient db;
+  private RulesWs ws;
+  private RuleDao ruleDao;
+  private DbSession dbSession;
+  private RuleIndexer ruleIndexer;
+  private ActiveRuleIndexer activeRuleIndexer;
 
   @Before
   public void setUp() {

server/sonar-server/src/test/java/org/sonar/server/user/ServerUserSessionTest.java

@@ -67,12 +67,13 @@ public class ServerUserSessionTest {
 
   private DbClient dbClient = db.getDbClient();
   private UserDto userDto = newUserDto().setLogin(LOGIN);
+  private OrganizationDto organization;
   private ComponentDto project;
 
   @Before
   public void setUp() throws Exception {
-    OrganizationDto organizationDto = db.organizations().insert();
-    project = db.components().insertComponent(ComponentTesting.newProjectDto(organizationDto, PROJECT_UUID));
+    organization = db.organizations().insert();
+    project = db.components().insertProject(organization, PROJECT_UUID);
     db.components().insertComponent(ComponentTesting.newFileDto(project, null, FILE_UUID).setKey(FILE_KEY));
     db.users().insertUser(userDto);
   }
@@ -306,7 +307,7 @@ public class ServerUserSessionTest {
 
   @Test
   public void has_global_permission_for_anonymous() throws Exception {
-    addAnyonePermissions(null, "profileadmin", "admin");
+    addAnyonePermissions(db.getDefaultOrganization(), null, "profileadmin", "admin");
     UserSession session = newAnonymousSession();
 
     assertThat(session.getLogin()).isNull();
@@ -319,7 +320,7 @@ public class ServerUserSessionTest {
 
   @Test
   public void has_project_permission_for_anonymous() throws Exception {
-    addAnyonePermissions(project, UserRole.USER);
+    addAnyonePermissions(organization, project, UserRole.USER);
     UserSession session = newAnonymousSession();
 
     assertThat(session.hasComponentPermission(UserRole.USER, FILE_KEY)).isTrue();
@@ -339,7 +340,7 @@ public class ServerUserSessionTest {
     OrganizationDto org = db.organizations().insert();
     ComponentDto project = db.components().insertProject();
     db.users().insertPermissionOnUser(org, userDto, GlobalPermissions.PROVISIONING);
-    db.users().insertProjectPermissionOnUser(org, userDto, UserRole.ADMIN, project);
+    db.users().insertProjectPermissionOnUser(userDto, UserRole.ADMIN, project);
 
     UserSession session = newUserSession(userDto);
     assertThat(session.hasOrganizationPermission(org.getUuid(), GlobalPermissions.PROVISIONING)).isTrue();
@@ -384,12 +385,12 @@ public class ServerUserSessionTest {
     }
   }
 
-  private void addAnyonePermissions(@Nullable ComponentDto component, String... permissions) {
+  private void addAnyonePermissions(OrganizationDto organizationDto, @Nullable ComponentDto component, String... permissions) {
     for (String permission : permissions) {
       if (component == null) {
-        db.users().insertPermissionOnAnyone(permission);
+        db.users().insertPermissionOnAnyone(organizationDto, permission);
       } else {
-        db.users().insertProjectPermissionOnAnyone(permission, component);
+        db.users().insertProjectPermissionOnAnyone(organizationDto, permission, component);
       }
     }
   }

server/sonar-server/src/test/java/org/sonar/server/view/index/ViewIndexerTest.java

@@ -176,7 +176,7 @@ public class ViewIndexerTest {
     ComponentDto project = ComponentTesting.newProjectDto(organizationDto);
     ComponentDto file = ComponentTesting.newFileDto(project, null);
     dbTester.components().insertComponents(project, file);
-    dbTester.users().insertProjectPermissionOnAnyone(UserRole.USER, project);
+    dbTester.users().insertProjectPermissionOnAnyone(organizationDto, UserRole.USER, project);
 
     IssueDto issue = IssueTesting.newDto(rule, file, project);
     dbClient.issueDao().insert(dbSession, issue);

sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java

@@ -57,6 +57,14 @@ public interface ComponentMapper {
 
   List<ComponentDto> selectComponentsByQualifiers(@Param("qualifiers") Collection<String> qualifiers);
 
+  /**
+   * Counts the number of components with the specified id belonging to the specified organization.
+   *
+   * @return 1 or 0. Either because the organization uuid is not the one of the component or because the component does
+   *         not exist.
+   */
+  int countComponentByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("componentId") long componentId);
+
   List<ComponentDto> selectByQuery(@Param("query") ComponentQuery query, RowBounds rowBounds);
 
   int countByQuery(@Param("query") ComponentQuery query);

sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java

@@ -28,7 +28,10 @@ import org.apache.ibatis.session.RowBounds;
 import org.sonar.api.security.DefaultGroups;
 import org.sonar.db.Dao;
 import org.sonar.db.DbSession;
+import org.sonar.db.component.ComponentMapper;
+import org.sonar.db.user.GroupMapper;
 
+import static com.google.common.base.Preconditions.checkArgument;
 import static org.sonar.db.DatabaseUtils.executeLargeInputs;
 import static org.sonar.db.DatabaseUtils.executeLargeInputsWithoutOutput;
 
@@ -102,9 +105,33 @@ public class GroupPermissionDao implements Dao {
   }
 
   public void insert(DbSession dbSession, GroupPermissionDto dto) {
+    ensureComponentPermissionConsistency(dbSession, dto);
+    ensureGroupPermissionConsistency(dbSession, dto);
     mapper(dbSession).insert(dto);
   }
 
+  private static void ensureComponentPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
+    if (dto.getResourceId() == null) {
+      return;
+    }
+    ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
+    checkArgument(
+      componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getResourceId()) == 1,
+      "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
+      dto.getRole(), dto.getResourceId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+  }
+
+  private static void ensureGroupPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
+    if (dto.getGroupId() == null) {
+      return;
+    }
+    GroupMapper groupMapper = dbSession.getMapper(GroupMapper.class);
+    checkArgument(
+      groupMapper.countGroupByOrganizationAndId(dto.getOrganizationUuid(), dto.getGroupId()) == 1,
+      "Can't insert permission '%s' for group with id '%s' in organization with uuid '%s' because this group does not belong to organization with uuid '%s'",
+      dto.getRole(), dto.getGroupId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+  }
+
   /**
    * Delete all the permissions associated to a root component (project)
    */

sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java

@@ -27,6 +27,7 @@ import org.sonar.core.util.stream.Collectors;
 import org.sonar.db.Dao;
 import org.sonar.db.DatabaseUtils;
 import org.sonar.db.DbSession;
+import org.sonar.db.component.ComponentMapper;
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static java.util.Collections.emptyList;
@@ -107,9 +108,21 @@ public class UserPermissionDao implements Dao {
   }
 
   public void insert(DbSession dbSession, UserPermissionDto dto) {
+    ensureComponentPermissionConsistency(dbSession, dto);
     mapper(dbSession).insert(dto);
   }
 
+  private static void ensureComponentPermissionConsistency(DbSession dbSession, UserPermissionDto dto) {
+    if (dto.getComponentId() == null) {
+      return;
+    }
+    ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
+    checkArgument(
+      componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getComponentId()) == 1,
+      "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
+      dto.getPermission(), dto.getComponentId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+  }
+
   /**
    * Removes a single global permission from user
    */

sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java

@@ -42,6 +42,13 @@ public interface GroupMapper {
 
   int countByQuery(@Param("organizationUuid") String organizationUuid, @Nullable @Param("query") String query);
 
+  /**
+   * Counts the number of groups with the specified id belonging to the specified organization.
+   *
+   * @return 1 or 0. Either because the organization uuid is not the one of the group or because the group does not exist
+   */
+  int countGroupByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("groupId") long groupId);
+
   void deleteById(long groupId);
 
   void deleteByOrganization(@Param("organizationUuid") String organizationUuid);

sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml

@@ -225,6 +225,15 @@
       </foreach>
   </select>
 
+  <select id="countComponentByOrganizationAndId" resultType="int">
+    select
+      count(1)
+    from projects p
+    where
+      p.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
+      and p.id = #{componentId,jdbcType=BIGINT}
+  </select>
+
   <select id="selectByQuery" resultType="Component">
     select
       <include refid="componentColumns"/>

sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml

@@ -120,6 +120,15 @@
     </if>
   </select>
 
+  <select id="countGroupByOrganizationAndId" parameterType="map" resultType="int">
+    select
+      count(1)
+    from groups g
+    where
+      g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
+      and g.id = #{groupId,jdbcType=BIGINT}
+  </select>
+
   <select id="selectByOrganizationUuid" parameterType="map" resultType="Group">
     select
     <include refid="groupColumns"/>

sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java

@@ -53,6 +53,7 @@ public class AuthorizationDaoTest {
 
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
+
   private DbSession dbSession = db.getSession();
   private AuthorizationDao underTest = new AuthorizationDao(db.myBatis());
   private OrganizationDto org;
@@ -76,10 +77,10 @@ public class AuthorizationDaoTest {
    */
   @Test
   public void selectOrganizationPermissions_for_logged_in_user() {
-    ComponentDto project = db.components().insertProject();
+    ComponentDto project = db.components().insertProject(org);
     db.users().insertMember(group1, user);
     db.users().insertPermissionOnUser(org, user, "perm1");
-    db.users().insertProjectPermissionOnUser(org, user, "perm42", project);
+    db.users().insertProjectPermissionOnUser(user, "perm42", project);
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertPermissionOnAnyone(org, "perm3");
 
@@ -117,8 +118,8 @@ public class AuthorizationDaoTest {
   @Test
   public void selectRootComponentPermissions_for_logged_in_user() {
     db.users().insertMember(group1, user);
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertProjectPermissionOnAnyone("perm1", project1);
+    ComponentDto project1 = db.components().insertProject(org);
+    db.users().insertProjectPermissionOnAnyone(org, "perm1", project1);
     db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);
     db.users().insertProjectPermissionOnUser(user, "perm3", project1);
 
@@ -141,14 +142,14 @@ public class AuthorizationDaoTest {
    */
   @Test
   public void selectRootComponentPermissions_for_anonymous_user() {
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertProjectPermissionOnAnyone("perm1", project1);
+    ComponentDto project1 = db.components().insertProject(org);
+    db.users().insertProjectPermissionOnAnyone(org, "perm1", project1);
 
     // ignored permissions
     db.users().insertPermissionOnAnyone(org, "ignored");
     db.users().insertPermissionOnUser(org, user, "ignored");
     db.users().insertPermissionOnGroup(group1, "ignored");
-    ComponentDto project2 = db.components().insertProject();
+    ComponentDto project2 = db.components().insertProject(org);
     db.users().insertProjectPermissionOnGroup(group1, "ignored", project2);
 
     Set<String> permissions = underTest.selectRootComponentPermissionsOfAnonymous(dbSession, project1.getId());
@@ -560,11 +561,11 @@ public class AuthorizationDaoTest {
     assertThat(count).isEqualTo(3);
 
     // another organization
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION,  group1.getId(), u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION, group1.getId(), u2.getId());
     assertThat(count).isEqualTo(0);
 
     // another permission
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST,  group1.getId(), u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST, group1.getId(), u2.getId());
     assertThat(count).isEqualTo(0);
   }
 
@@ -588,11 +589,11 @@ public class AuthorizationDaoTest {
     assertThat(count).isEqualTo(3);
 
     // another organization
-    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION,  u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getId());
     assertThat(count).isEqualTo(0);
 
     // another permission
-    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST,  u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST, u2.getId());
     assertThat(count).isEqualTo(0);
   }
 

sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java

@@ -35,6 +35,7 @@ import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
 
 import static java.util.Arrays.asList;
+import static java.util.Collections.singletonList;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.tuple;
 import static org.sonar.api.security.DefaultGroups.ANYONE;
@@ -45,7 +46,6 @@ import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
 import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.db.component.ComponentTesting.newProjectDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
 
 public class GroupPermissionDaoTest {
 
@@ -78,7 +78,7 @@ public class GroupPermissionDaoTest {
     db.users().insertProjectPermissionOnGroup(group2, ADMIN, project2);
     db.users().insertProjectPermissionOnGroup(group3, ADMIN, project2);
     // anyone group
-    db.users().insertProjectPermissionOnAnyone(ADMIN, project2);
+    db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), ADMIN, project2);
     db.users().insertProjectPermissionOnGroup(group1, USER, project2);
     db.users().insertProjectPermissionOnGroup(group1, USER, project3);
 
@@ -94,21 +94,23 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_is_ordered_by_group_names() {
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
 
-    assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().build())).containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName());
+    assertThat(underTest.selectGroupNamesByQuery(dbSession, organizationDto.getUuid(), PermissionQuery.builder().build()))
+      .containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName());
   }
 
   @Test
   public void countGroupsByQuery() {
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
-    addGroupOnDefaultOrganization("Group-2");
-    addGroupOnDefaultOrganization("Group-3");
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
+    OrganizationDto organizationDto = db.getDefaultOrganization();
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+    db.users().insertGroup(organizationDto, "Group-2");
+    db.users().insertGroup(organizationDto, "Group-3");
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
     db.users().insertPermissionOnGroup(group1, PROVISIONING);
 
     assertThat(underTest.countGroupsByQuery(dbSession,
@@ -125,26 +127,27 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_with_global_permission() {
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
 
-    ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization()));
+    ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
 
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
-    db.users().insertPermissionOnAnyone(PROVISIONING);
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+    db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING);
     db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION);
     db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN);
     db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName());
+      organizationDto.getUuid(), PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName());
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName());
+      organizationDto.getUuid(), PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName());
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE);
+      organizationDto.getUuid(), PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE);
   }
 
   @Test
@@ -158,10 +161,10 @@ public class GroupPermissionDaoTest {
 
     db.users().insertProjectPermissionOnGroup(group1, SCAN_EXECUTION, project);
     db.users().insertProjectPermissionOnGroup(group1, PROVISIONING, project);
-    db.users().insertProjectPermissionOnAnyone(USER, project);
+    db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), USER, project);
 
     db.users().insertProjectPermissionOnGroup(group1, SYSTEM_ADMIN, anotherProject);
-    db.users().insertProjectPermissionOnAnyone(SYSTEM_ADMIN, anotherProject);
+    db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN, anotherProject);
     db.users().insertProjectPermissionOnGroup(group3, SCAN_EXECUTION, anotherProject);
     db.users().insertPermissionOnGroup(group2, SCAN_EXECUTION);
 
@@ -176,7 +179,7 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_is_paginated() {
-    IntStream.rangeClosed(0, 9).forEach(i -> addGroupOnDefaultOrganization(i + "-name"));
+    IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(db.getDefaultOrganization(), i + "-name"));
 
     List<String> groupNames = underTest.selectGroupNamesByQuery(dbSession,
       defaultOrganizationUuid, PermissionQuery.builder().setPageIndex(2).setPageSize(3).build());
@@ -185,8 +188,8 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_with_search_query() {
-    GroupDto group = addGroupOnDefaultOrganization("group-anyone");
-    addGroupOnDefaultOrganization("unknown");
+    GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "group-anyone");
+    db.users().insertGroup(db.getDefaultOrganization(), "unknown");
     db.users().insertPermissionOnGroup(group, SCAN_EXECUTION);
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
@@ -207,75 +210,76 @@ public class GroupPermissionDaoTest {
   public void selectByGroupIds_on_global_permissions() {
     OrganizationDto organizationDto = db.organizations().insert();
 
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
     db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION);
 
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
     ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
     db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
 
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
     db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN);
 
     // Anyone
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
-    db.users().insertPermissionOnAnyone(PROVISIONING);
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+    db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING);
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), null))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId()), null))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group1.getId(), SCAN_EXECUTION, null));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), null)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group2.getId()), null)).isEmpty();
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), null))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group3.getId()), null))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group3.getId(), SYSTEM_ADMIN, null));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), null))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(ANYONE_ID), null))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(
         tuple(0L, SCAN_EXECUTION, null),
         tuple(0L, PROVISIONING, null));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3);
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), null)).isEmpty();
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), null)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3);
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(MISSING_ID), null)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), null)).isEmpty();
   }
 
   @Test
   public void selectByGroupIds_on_projects() {
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
     db.users().insertPermissionOnGroup(group1, PROVISIONING);
 
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
-    ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization()));
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+    ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
     db.users().insertProjectPermissionOnGroup(group2, USER, project);
 
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
     db.users().insertProjectPermissionOnGroup(group3, USER, project);
 
     // Anyone group
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
-    db.users().insertProjectPermissionOnAnyone(PROVISIONING, project);
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, PROVISIONING, project);
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), project.getId())).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, singletonList(group1.getId()), project.getId())).isEmpty();
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), project.getId()))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group2.getId()), project.getId()))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group2.getId(), USER, project.getId()));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), project.getId()))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group3.getId()), project.getId()))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group3.getId(), USER, project.getId()));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), project.getId()))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(ANYONE_ID), project.getId()))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(0L, PROVISIONING, project.getId()));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2);
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), project.getId())).isEmpty();
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), 123L)).isEmpty();
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), project.getId())).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2);
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(MISSING_ID), project.getId())).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group1.getId()), 123L)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), project.getId())).isEmpty();
   }
 
   @Test
@@ -284,7 +288,7 @@ public class GroupPermissionDaoTest {
     OrganizationDto org2 = db.organizations().insert();
     GroupDto group1 = db.users().insertGroup(org1, "group1");
     GroupDto group2 = db.users().insertGroup(org2, "group2");
-    ComponentDto project = db.components().insertProject();
+    ComponentDto project = db.components().insertProject(org1);
 
     db.users().insertPermissionOnAnyone(org1, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
@@ -306,8 +310,8 @@ public class GroupPermissionDaoTest {
   public void selectProjectPermissionsOfGroup() {
     OrganizationDto org1 = db.organizations().insert();
     GroupDto group1 = db.users().insertGroup(org1, "group1");
-    ComponentDto project1 = db.components().insertProject();
-    ComponentDto project2 = db.components().insertProject();
+    ComponentDto project1 = db.components().insertProject(org1);
+    ComponentDto project2 = db.components().insertProject(org1);
 
     db.users().insertPermissionOnAnyone(org1, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
@@ -328,16 +332,18 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void projectHasPermissions_is_false_if_no_permissions_at_all() {
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isFalse();
   }
 
   @Test
   public void projectHasPermissions_is_true_if_at_least_one_permission_on_group() {
-    GroupDto group1 = db.users().insertGroup(newGroupDto());
-    ComponentDto project1 = db.components().insertProject();
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
     db.users().insertProjectPermissionOnGroup(group1, "perm1", project1);
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
@@ -345,9 +351,10 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void projectHasPermissions_is_true_if_at_least_one_permission_on_anyone() {
-    ComponentDto project1 = db.components().insertProject();
-    ComponentDto project2 = db.components().insertProject();
-    db.users().insertProjectPermissionOnAnyone("perm1", project1);
+    OrganizationDto organizationDto = db.organizations().insert();
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    ComponentDto project2 = db.components().insertProject(organizationDto);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm1", project1);
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
     assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse();
@@ -355,13 +362,14 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void deleteByRootComponentId() {
-    GroupDto group1 = db.users().insertGroup(newGroupDto());
-    GroupDto group2 = db.users().insertGroup(newGroupDto());
-    ComponentDto project1 = db.components().insertProject();
-    ComponentDto project2 = db.components().insertProject();
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    GroupDto group2 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    ComponentDto project2 = db.components().insertProject(organizationDto);
     db.users().insertPermissionOnGroup(group1, "perm1");
     db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);
-    db.users().insertProjectPermissionOnAnyone("perm3", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm3", project1);
     db.users().insertProjectPermissionOnGroup(group2, "perm4", project2);
 
     underTest.deleteByRootComponentId(dbSession, project1.getId());
@@ -373,12 +381,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_global_permission_from_group() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm2", group1.getOrganizationUuid(), group1.getId(), null);
     dbSession.commit();
@@ -389,12 +398,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_global_permission_from_anyone() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm1", group1.getOrganizationUuid(), null, null);
     dbSession.commit();
@@ -405,12 +415,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_project_permission_from_group() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm3", group1.getOrganizationUuid(), group1.getId(), project1.getId());
     dbSession.commit();
@@ -421,12 +432,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_project_permission_from_anybody() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm4", group1.getOrganizationUuid(), null, project1.getId());
     dbSession.commit();
@@ -478,8 +490,8 @@ public class GroupPermissionDaoTest {
 
   private void verifyOrganizationUuidsInTable(String... organizationUuids) {
     assertThat(db.select("select distinct organization_uuid as \"organizationUuid\" from group_roles"))
-        .extracting((row) -> (String) row.get("organizationUuid"))
-        .containsOnly(organizationUuids);
+      .extracting((row) -> (String) row.get("organizationUuid"))
+      .containsOnly(organizationUuids);
   }
 
   private Long insertGroupWithPermissions(OrganizationDto organization1) {
@@ -494,7 +506,4 @@ public class GroupPermissionDaoTest {
     assertThat(db.countSql("select count(id) from group_roles where role='" + permission + "'")).isEqualTo(0);
   }
 
-  private GroupDto addGroupOnDefaultOrganization(String name) {
-    return db.users().insertGroup(db.getDefaultOrganization(), name);
-  }
 }

sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java

@@ -41,7 +41,6 @@ import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
 import static org.sonar.api.web.UserRole.USER;
 import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
 import static org.sonar.db.user.UserTesting.newUserDto;
 
 public class UserPermissionDaoTest {
@@ -53,6 +52,7 @@ public class UserPermissionDaoTest {
   private UserDto user1 = newUserDto().setLogin("login1").setName("Marius").setActive(true);
   private UserDto user2 = newUserDto().setLogin("login2").setName("Marie").setActive(true);
   private UserDto user3 = newUserDto().setLogin("login3").setName("Bernard").setActive(true);
+  private OrganizationDto organizationDto;
   private ComponentDto project1;
   private ComponentDto project2;
   private DbSession dbSession = dbTester.getSession();
@@ -63,7 +63,7 @@ public class UserPermissionDaoTest {
     dbClient.userDao().insert(dbSession, user1);
     dbClient.userDao().insert(dbSession, user2);
     dbClient.userDao().insert(dbSession, user3);
-    OrganizationDto organizationDto = dbTester.organizations().insert();
+    organizationDto = dbTester.organizations().insert();
     project1 = dbTester.components().insertProject(organizationDto);
     project2 = dbTester.components().insertProject(organizationDto);
     dbTester.commit();
@@ -71,133 +71,133 @@ public class UserPermissionDaoTest {
 
   @Test
   public void select_global_permissions() {
-    OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto());
-    UserPermissionDto global1 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    UserPermissionDto global2 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user2);
-    UserPermissionDto global3 = addGlobalPermissionOnDefaultOrganization(PROVISIONING, user2);
-    UserPermissionDto project1Perm = addProjectPermissionOnDefaultOrganization(USER, user3, project1);
+    OrganizationDto org2 = dbTester.organizations().insert();
+    UserPermissionDto global1 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    UserPermissionDto global2 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user2);
+    UserPermissionDto global3 = addGlobalPermission(organizationDto, PROVISIONING, user2);
+    UserPermissionDto project1Perm = addProjectPermission(organizationDto, USER, user3, project1);
     // permissions on another organization, to be excluded
     UserPermissionDto org2Global1 = addGlobalPermission(org2, SYSTEM_ADMIN, user1);
     UserPermissionDto org2Global2 = addGlobalPermission(org2, PROVISIONING, user2);
 
     // global permissions of users who has at least one global permission, ordered by user name then permission
     PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, null, global2, global3, global1);
+    expectPermissions(organizationDto, query, null, global2, global3, global1);
 
     // default query returns all users, whatever their permissions nor organizations
     // (that's a non-sense, but still this is required for api/permissions/groups
     // when filtering users by name)
     query = PermissionQuery.builder().build();
-    expectPermissions(query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1);
+    expectPermissions(organizationDto, query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1);
 
     // return empty list if non-null but empty logins
-    expectPermissions(query, Collections.emptyList());
+    expectPermissions(organizationDto, query, Collections.emptyList());
 
     // global permissions of user1
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user1.getLogin()), global1);
+    expectPermissions(organizationDto, query, asList(user1.getLogin()), global1);
 
     // global permissions of user2
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user2.getLogin()), global2, global3);
+    expectPermissions(organizationDto, query, asList(user2.getLogin()), global2, global3);
 
     // global permissions of user1, user2 and another one
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1);
+    expectPermissions(organizationDto, query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1);
 
     // empty global permissions if login does not exist
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList("missing"));
+    expectPermissions(organizationDto, query, asList("missing"));
 
     // empty global permissions if user does not have any
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user3.getLogin()));
+    expectPermissions(organizationDto, query, asList(user3.getLogin()));
 
     // user3 has no global permissions
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user3.getLogin()));
+    expectPermissions(organizationDto, query, asList(user3.getLogin()));
 
     // global permissions "admin"
     query = PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build();
-    expectPermissions(query, null, global2, global1);
+    expectPermissions(organizationDto, query, null, global2, global1);
 
     // empty if nobody has the specified global permission
     query = PermissionQuery.builder().setPermission("missing").build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
 
     // search by user name (matches 2 users)
     query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("Mari").build();
-    expectPermissions(query, null, global2, global3, global1);
+    expectPermissions(organizationDto, query, null, global2, global3, global1);
 
     // search by user name (matches 2 users) and global permission
     query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(PROVISIONING).build();
-    expectPermissions(query, null, global3);
+    expectPermissions(organizationDto, query, null, global3);
 
     // search by user name (no match)
     query = PermissionQuery.builder().setSearchQuery("Unknown").build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
   }
 
   @Test
   public void select_project_permissions() {
-    addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    UserPermissionDto perm1 = addProjectPermissionOnDefaultOrganization(USER, user1, project1);
-    UserPermissionDto perm2 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1);
-    UserPermissionDto perm3 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user3, project2);
+    addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    UserPermissionDto perm1 = addProjectPermission(organizationDto, USER, user1, project1);
+    UserPermissionDto perm2 = addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1);
+    UserPermissionDto perm3 = addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user3, project2);
 
     // project permissions of users who has at least one permission on this project
     PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null, perm3, perm2, perm1);
+    expectPermissions(organizationDto, query, null, perm3, perm2, perm1);
 
     // project permissions of user1
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user1.getLogin()), perm2, perm1);
+    expectPermissions(organizationDto, query, asList(user1.getLogin()), perm2, perm1);
 
     // project permissions of user2
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user2.getLogin()), perm3);
+    expectPermissions(organizationDto, query, asList(user2.getLogin()), perm3);
 
     // project permissions of user2 and another one
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user2.getLogin(), "missing"), perm3);
+    expectPermissions(organizationDto, query, asList(user2.getLogin(), "missing"), perm3);
 
     // empty project permissions if login does not exist
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList("missing"));
+    expectPermissions(organizationDto, query, asList("missing"));
 
     // empty project permissions if user does not have any
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user3.getLogin()));
+    expectPermissions(organizationDto, query, asList(user3.getLogin()));
 
     // empty if nobody has the specified global permission
     query = PermissionQuery.builder().setPermission("missing").setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
 
     // search by user name (matches 2 users), users with at least one permission
     query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null, perm3, perm2, perm1);
+    expectPermissions(organizationDto, query, null, perm3, perm2, perm1);
 
     // search by user name (matches 2 users) and project permission
     query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null, perm3, perm2);
+    expectPermissions(organizationDto, query, null, perm3, perm2);
 
     // search by user name (no match)
     query = PermissionQuery.builder().setSearchQuery("Unknown").setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
 
     // permissions of unknown project
     query = PermissionQuery.builder().setComponentUuid("missing").withAtLeastOnePermission().build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
   }
 
   @Test
   public void countUsersByProjectPermission() {
-    addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    addProjectPermissionOnDefaultOrganization(USER, user1, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project2);
+    addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    addProjectPermission(organizationDto, USER, user1, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project2);
 
     // no projects -> return empty list
     assertThat(underTest.countUsersByProjectPermission(dbSession, Collections.emptyList())).isEmpty();
@@ -216,8 +216,10 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserIds() {
-    OrganizationDto org1 = dbTester.organizations().insert(newOrganizationDto());
-    OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto());
+    OrganizationDto org1 = dbTester.organizations().insert();
+    OrganizationDto org2 = dbTester.organizations().insert();
+    ComponentDto project1 = dbTester.components().insertProject(org1);
+    ComponentDto project2 = dbTester.components().insertProject(org2);
 
     addProjectPermission(org1, USER, user1, project1);
     addProjectPermission(org1, USER, user2, project1);
@@ -253,11 +255,11 @@ public class UserPermissionDaoTest {
 
   @Test
   public void deleteGlobalPermission() {
-    addGlobalPermissionOnDefaultOrganization("perm1", user1);
-    addGlobalPermissionOnDefaultOrganization("perm2", user1);
-    addProjectPermissionOnDefaultOrganization("perm1", user1, project1);
-    addProjectPermissionOnDefaultOrganization("perm3", user2, project1);
-    addProjectPermissionOnDefaultOrganization("perm4", user2, project2);
+    addGlobalPermission(organizationDto, "perm1", user1);
+    addGlobalPermission(organizationDto, "perm2", user1);
+    addProjectPermission(organizationDto, "perm1", user1, project1);
+    addProjectPermission(organizationDto, "perm3", user2, project1);
+    addProjectPermission(organizationDto, "perm4", user2, project2);
 
     // user2 does not have global permissions -> do nothing
     underTest.deleteGlobalPermission(dbSession, user2.getId(), "perm1", dbTester.getDefaultOrganization().getUuid());
@@ -276,17 +278,17 @@ public class UserPermissionDaoTest {
     assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
 
     // global permission exists -> delete it, but not the project permission with the same name !
-    underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", dbTester.getDefaultOrganization().getUuid());
+    underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", organizationDto.getUuid());
     assertThat(dbTester.countSql(dbSession, "select count(id) from user_roles where role='perm1' and resource_id is null")).isEqualTo(0);
     assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4);
   }
 
   @Test
   public void deleteProjectPermission() {
-    addGlobalPermissionOnDefaultOrganization("perm", user1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project2);
-    addProjectPermissionOnDefaultOrganization("perm", user2, project1);
+    addGlobalPermission(organizationDto, "perm", user1);
+    addProjectPermission(organizationDto, "perm", user1, project1);
+    addProjectPermission(organizationDto, "perm", user1, project2);
+    addProjectPermission(organizationDto, "perm", user2, project1);
 
     // no such provision -> ignore
     underTest.deleteProjectPermission(dbSession, user1.getId(), "anotherPerm", project1.getId());
@@ -299,10 +301,10 @@ public class UserPermissionDaoTest {
 
   @Test
   public void deleteProjectPermissions() {
-    addGlobalPermissionOnDefaultOrganization("perm", user1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project1);
-    addProjectPermissionOnDefaultOrganization("perm", user2, project1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project2);
+    addGlobalPermission(organizationDto, "perm", user1);
+    addProjectPermission(organizationDto, "perm", user1, project1);
+    addProjectPermission(organizationDto, "perm", user2, project1);
+    addProjectPermission(organizationDto, "perm", user1, project2);
 
     underTest.deleteProjectPermissions(dbSession, project1.getId());
     assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(2);
@@ -311,8 +313,8 @@ public class UserPermissionDaoTest {
 
   @Test
   public void projectHasPermissions() {
-    addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    addProjectPermissionOnDefaultOrganization(USER, user1, project1);
+    addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    addProjectPermission(organizationDto, USER, user1, project1);
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
     assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse();
@@ -320,12 +322,12 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectGlobalPermissionsOfUser() {
-    OrganizationDto org = dbTester.organizations().insert(newOrganizationDto());
-    addGlobalPermissionOnDefaultOrganization("perm1", user1);
-    addGlobalPermissionOnDefaultOrganization("perm2", user2);
+    OrganizationDto org = dbTester.organizations().insert();
+    addGlobalPermission(dbTester.getDefaultOrganization(), "perm1", user1);
+    addGlobalPermission(org, "perm2", user2);
     addGlobalPermission(org, "perm3", user1);
-    addProjectPermissionOnDefaultOrganization("perm4", user1, project1);
-    addProjectPermission(org, "perm5", user1, project1);
+    addProjectPermission(organizationDto, "perm4", user1, project1);
+    addProjectPermission(organizationDto, "perm5", user1, project1);
 
     assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), org.getUuid())).containsOnly("perm3");
     assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), dbTester.getDefaultOrganization().getUuid())).containsOnly("perm1");
@@ -335,13 +337,13 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectProjectPermissionsOfUser() {
-    OrganizationDto org = dbTester.organizations().insert(newOrganizationDto());
-    ComponentDto project3 = dbTester.components().insertProject();
-    addGlobalPermission(org, "perm1", user1);
-    addProjectPermission(org, "perm2", user1, project1);
-    addProjectPermission(org, "perm3", user1, project1);
-    addProjectPermission(org, "perm4", user1, project2);
-    addProjectPermission(org, "perm5", user2, project1);
+    OrganizationDto org = dbTester.organizations().insert();
+    ComponentDto project3 = dbTester.components().insertProject(org);
+    addGlobalPermission(organizationDto, "perm1", user1);
+    addProjectPermission(organizationDto, "perm2", user1, project1);
+    addProjectPermission(organizationDto, "perm3", user1, project1);
+    addProjectPermission(organizationDto, "perm4", user1, project2);
+    addProjectPermission(organizationDto, "perm5", user2, project1);
 
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project1.getId())).containsOnly("perm2", "perm3");
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project2.getId())).containsOnly("perm4");
@@ -411,10 +413,6 @@ public class UserPermissionDaoTest {
     }
   }
 
-  private void expectPermissions(PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) {
-    expectPermissions(dbTester.getDefaultOrganization(), query, logins, expected);
-  }
-
   private void expectPermissions(OrganizationDto org, PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) {
     // test method "select()"
     List<UserPermissionDto> permissions = underTest.select(dbSession, org.getUuid(), query, logins);
@@ -434,10 +432,6 @@ public class UserPermissionDaoTest {
     }
   }
 
-  private UserPermissionDto addGlobalPermissionOnDefaultOrganization(String permission, UserDto user) {
-    return addGlobalPermission(dbTester.getDefaultOrganization(), permission, user);
-  }
-
   private UserPermissionDto addGlobalPermission(OrganizationDto org, String permission, UserDto user) {
     UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), null);
     underTest.insert(dbSession, dto);
@@ -445,10 +439,6 @@ public class UserPermissionDaoTest {
     return dto;
   }
 
-  private UserPermissionDto addProjectPermissionOnDefaultOrganization(String permission, UserDto user, ComponentDto project) {
-    return addProjectPermission(dbTester.getDefaultOrganization(), permission, user, project);
-  }
-
   private UserPermissionDto addProjectPermission(OrganizationDto org, String permission, UserDto user, ComponentDto project) {
     UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId());
     underTest.insert(dbSession, dto);

sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java

@@ -32,7 +32,6 @@ import org.sonar.db.component.ComponentDbTester;
 import org.sonar.db.component.ComponentDto;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
 
 public class RoleDaoTest {
 
@@ -74,8 +73,8 @@ public class RoleDaoTest {
 
   @Test
   public void selectComponentIdsByPermissionAndUserId_group_permissions() {
-    GroupDto group1 = db.users().insertGroup(newGroupDto());
-    GroupDto group2 = db.users().insertGroup(newGroupDto());
+    GroupDto group1 = db.users().insertGroup();
+    GroupDto group2 = db.users().insertGroup();
     db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project1);
     db.users().insertMember(group1, user1);
     db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2);

sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java

@@ -237,13 +237,6 @@ public class UserDbTester {
 
   // GROUP PERMISSIONS
 
-  /**
-   * Grant permission to virtual group "anyone" in default organization
-   */
-  public GroupPermissionDto insertPermissionOnAnyone(String permission) {
-    return insertPermissionOnAnyone(db.getDefaultOrganization(), permission);
-  }
-
   public GroupPermissionDto insertPermissionOnAnyone(OrganizationDto org, String permission) {
     GroupPermissionDto dto = new GroupPermissionDto()
       .setOrganizationUuid(org.getUuid())
@@ -269,10 +262,6 @@ public class UserDbTester {
     db.commit();
   }
 
-  public GroupPermissionDto insertProjectPermissionOnAnyone(String permission, ComponentDto project) {
-    return insertProjectPermissionOnAnyone(db.getDefaultOrganization(), permission, project);
-  }
-
   public GroupPermissionDto insertProjectPermissionOnAnyone(OrganizationDto org, String permission, ComponentDto project) {
     GroupPermissionDto dto = new GroupPermissionDto()
       .setOrganizationUuid(org.getUuid())
@@ -336,14 +325,7 @@ public class UserDbTester {
    * Grant permission on given project in default organization
    */
   public UserPermissionDto insertProjectPermissionOnUser(UserDto user, String permission, ComponentDto project) {
-    return insertProjectPermissionOnUser(db.getDefaultOrganization(), user, permission, project);
-  }
-
-  /**
-   * Grant permission on given project
-   */
-  public UserPermissionDto insertProjectPermissionOnUser(OrganizationDto org, UserDto user, String permission, ComponentDto project) {
-    UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId());
+    UserPermissionDto dto = new UserPermissionDto(project.getOrganizationUuid(), permission, user.getId(), project.getId());
     db.getDbClient().userPermissionDao().insert(db.getSession(), dto);
     db.commit();
     return dto;