mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30151 Commits
59 Branches
Tree: c3545216c4
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'c3545216c4'
${ noResults }
sonarqube/server/sonar-webserver-auth/src/test/java/org/sonar/server/organization/MemberUpdaterTest.java

MemberUpdaterTest.java 25KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.organization;

  21. 

  22. import com.google.common.collect.ImmutableSet;

  23. import java.util.HashSet;

  24. import javax.annotation.Nullable;

  25. import org.assertj.core.groups.Tuple;

  26. import org.elasticsearch.action.search.SearchRequestBuilder;

  27. import org.junit.Rule;

  28. import org.junit.Test;

  29. import org.junit.rules.ExpectedException;

  30. import org.sonar.api.utils.System2;

  31. import org.sonar.db.DbClient;

  32. import org.sonar.db.DbTester;

  33. import org.sonar.db.alm.AlmAppInstallDto;

  34. import org.sonar.db.component.ComponentDto;

  35. import org.sonar.db.organization.OrganizationDto;

  36. import org.sonar.db.permission.OrganizationPermission;

  37. import org.sonar.db.permission.template.PermissionTemplateDto;

  38. import org.sonar.db.permission.template.PermissionTemplateUserDto;

  39. import org.sonar.db.property.PropertyDto;

  40. import org.sonar.db.property.PropertyQuery;

  41. import org.sonar.db.user.GroupDto;

  42. import org.sonar.db.user.UserDto;

  43. import org.sonar.server.es.EsTester;

  44. import org.sonar.server.es.SearchOptions;

  45. import org.sonar.server.user.index.UserDoc;

  46. import org.sonar.server.user.index.UserIndex;

  47. import org.sonar.server.user.index.UserIndexDefinition;

  48. import org.sonar.server.user.index.UserIndexer;

  49. import org.sonar.server.user.index.UserQuery;

  50. import org.sonar.server.usergroups.DefaultGroupFinder;

  51. 

  52. import static java.lang.String.format;

  53. import static java.util.Arrays.asList;

  54. import static java.util.Collections.singletonList;

  55. import static org.assertj.core.api.Assertions.assertThat;

  56. import static org.assertj.core.api.Assertions.tuple;

  57. import static org.elasticsearch.index.query.QueryBuilders.boolQuery;

  58. import static org.elasticsearch.index.query.QueryBuilders.termQuery;

  59. import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE;

  60. import static org.sonar.api.web.UserRole.CODEVIEWER;

  61. import static org.sonar.api.web.UserRole.USER;

  62. import static org.sonar.db.alm.ALM.GITHUB;

  63. import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;

  64. import static org.sonar.db.permission.OrganizationPermission.SCAN;

  65. import static org.sonar.server.user.index.UserIndexDefinition.FIELD_ORGANIZATION_UUIDS;

  66. import static org.sonar.server.user.index.UserIndexDefinition.FIELD_UUID;

  67. 

  68. public class MemberUpdaterTest {

  69.   @Rule

  70.   public ExpectedException expectedException = ExpectedException.none();

  71.   @Rule

  72.   public EsTester es = EsTester.create();

  73.   @Rule

  74.   public DbTester db = DbTester.create();

  75. 

  76.   private DbClient dbClient = db.getDbClient();

  77.   private UserIndex userIndex = new UserIndex(es.client(), System2.INSTANCE);

  78.   private UserIndexer userIndexer = new UserIndexer(dbClient, es.client());

  79. 

  80.   private MemberUpdater underTest = new MemberUpdater(dbClient, new DefaultGroupFinder(dbClient), userIndexer);

  81. 

  82.   @Test

  83.   public void add_member_in_db_and_user_index() {

  84.     OrganizationDto organization = db.organizations().insert();

  85.     db.users().insertDefaultGroup(organization, "Members");

  86.     UserDto user = db.users().insertUser();

  87. 

  88.     underTest.addMember(db.getSession(), organization, user);

  89. 

  90.     db.organizations().assertUserIsMemberOfOrganization(organization, user);

  91.     assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs())

  92.       .extracting(UserDoc::login, UserDoc::organizationUuids)

  93.       .containsExactlyInAnyOrder(tuple(user.getLogin(), singletonList(organization.getUuid())));

  94.   }

  95. 

  96.   @Test

  97.   public void does_not_fail_to_add_member_if_user_already_added_in_organization() {

  98.     OrganizationDto organization = db.organizations().insert();

  99.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  100.     UserDto user = db.users().insertUser();

  101.     db.organizations().addMember(organization, user);

  102.     db.users().insertMember(defaultGroup, user);

  103.     db.organizations().assertUserIsMemberOfOrganization(organization, user);

  104. 

  105.     underTest.addMember(db.getSession(), organization, user);

  106. 

  107.     db.organizations().assertUserIsMemberOfOrganization(organization, user);

  108.   }

  109. 

  110.   @Test

  111.   public void add_member_fails_when_organization_has_no_default_group() {

  112.     OrganizationDto organization = db.organizations().insert();

  113.     UserDto user = db.users().insertUser();

  114. 

  115.     expectedException.expect(IllegalStateException.class);

  116.     expectedException.expectMessage(format("Default group cannot be found on organization '%s'", organization.getUuid()));

  117. 

  118.     underTest.addMember(db.getSession(), organization, user);

  119.   }

  120. 

  121.   @Test

  122.   public void add_members_in_db_and_user_index() {

  123.     OrganizationDto organization = db.organizations().insert();

  124.     db.users().insertDefaultGroup(organization, "Members");

  125.     UserDto user1 = db.users().insertUser();

  126.     UserDto user2 = db.users().insertUser();

  127.     UserDto disableUser = db.users().insertDisabledUser();

  128. 

  129.     underTest.addMembers(db.getSession(), organization, asList(user1, user2, disableUser));

  130. 

  131.     db.organizations().assertUserIsMemberOfOrganization(organization, user1);

  132.     db.organizations().assertUserIsMemberOfOrganization(organization, user2);

  133.     assertUserIsNotMember(organization, disableUser);

  134.     assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs())

  135.       .extracting(UserDoc::login, UserDoc::organizationUuids)

  136.       .containsExactlyInAnyOrder(

  137.         tuple(user1.getLogin(), singletonList(organization.getUuid())),

  138.         tuple(user2.getLogin(), singletonList(organization.getUuid())));

  139.   }

  140. 

  141.   @Test

  142.   public void add_members_does_not_fail_when_one_user_is_already_member_of_organization() {

  143.     OrganizationDto organization = db.organizations().insert();

  144.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  145.     UserDto userAlreadyMember = db.users().insertUser();

  146.     db.organizations().addMember(organization, userAlreadyMember);

  147.     db.users().insertMember(defaultGroup, userAlreadyMember);

  148.     UserDto userNotMember = db.users().insertUser();

  149.     userIndexer.indexOnStartup(new HashSet<>());

  150. 

  151.     underTest.addMembers(db.getSession(), organization, asList(userAlreadyMember, userNotMember));

  152. 

  153.     db.organizations().assertUserIsMemberOfOrganization(organization, userAlreadyMember);

  154.     db.organizations().assertUserIsMemberOfOrganization(organization, userNotMember);

  155.     assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs())

  156.       .extracting(UserDoc::login, UserDoc::organizationUuids)

  157.       .containsExactlyInAnyOrder(

  158.         tuple(userAlreadyMember.getLogin(), singletonList(organization.getUuid())),

  159.         tuple(userNotMember.getLogin(), singletonList(organization.getUuid())));

  160.   }

  161. 

  162.   @Test

  163.   public void remove_member_from_db_and_user_index() {

  164.     OrganizationDto organization = db.organizations().insert();

  165.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  166.     UserDto user = db.users().insertUser();

  167.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  168.     db.organizations().addMember(organization, user, adminUser);

  169.     db.users().insertMember(defaultGroup, user);

  170.     userIndexer.indexOnStartup(new HashSet<>());

  171. 

  172.     underTest.removeMember(db.getSession(), organization, user);

  173. 

  174.     assertUserIsNotMember(organization, user);

  175.   }

  176. 

  177.   @Test

  178.   public void remove_members_from_db_and_user_index() {

  179.     OrganizationDto organization = db.organizations().insert();

  180.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  181.     UserDto user1 = db.users().insertUser();

  182.     UserDto user2 = db.users().insertUser();

  183.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  184.     db.organizations().addMember(organization, user1, user2, adminUser);

  185.     db.users().insertMember(defaultGroup, user1);

  186.     db.users().insertMember(defaultGroup, user2);

  187.     db.users().insertMember(defaultGroup, adminUser);

  188.     userIndexer.indexOnStartup(new HashSet<>());

  189. 

  190.     underTest.removeMembers(db.getSession(), organization, asList(user1, user2));

  191. 

  192.     assertUserIsNotMember(organization, user1);

  193.     assertUserIsNotMember(organization, user2);

  194.     db.organizations().assertUserIsMemberOfOrganization(organization, adminUser);

  195.   }

  196. 

  197.   @Test

  198.   public void remove_member_removes_permissions() {

  199.     OrganizationDto organization = db.organizations().insert();

  200.     ComponentDto project = db.components().insertPrivateProject(organization);

  201.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  202.     UserDto user = db.users().insertUser();

  203.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  204.     db.organizations().addMember(organization, user, adminUser);

  205.     db.users().insertMember(defaultGroup, user);

  206.     UserDto anotherUser = db.users().insertUser();

  207.     OrganizationDto anotherOrganization = db.organizations().insert();

  208.     ComponentDto anotherProject = db.components().insertPrivateProject(anotherOrganization);

  209.     userIndexer.indexOnStartup(new HashSet<>());

  210. 

  211.     db.users().insertPermissionOnUser(organization, user, ADMINISTER);

  212.     db.users().insertPermissionOnUser(organization, user, SCAN);

  213.     db.users().insertPermissionOnUser(anotherOrganization, user, ADMINISTER);

  214.     db.users().insertPermissionOnUser(anotherOrganization, user, SCAN);

  215.     db.users().insertPermissionOnUser(organization, anotherUser, ADMINISTER);

  216.     db.users().insertPermissionOnUser(organization, anotherUser, SCAN);

  217.     db.users().insertProjectPermissionOnUser(user, CODEVIEWER, project);

  218.     db.users().insertProjectPermissionOnUser(user, USER, project);

  219.     db.users().insertProjectPermissionOnUser(user, CODEVIEWER, anotherProject);

  220.     db.users().insertProjectPermissionOnUser(user, USER, anotherProject);

  221.     db.users().insertProjectPermissionOnUser(anotherUser, CODEVIEWER, project);

  222.     db.users().insertProjectPermissionOnUser(anotherUser, USER, project);

  223. 

  224.     underTest.removeMember(db.getSession(), organization, user);

  225. 

  226.     assertUserIsNotMember(organization, user);

  227.     assertOrgPermissionsOfUser(user, organization);

  228.     assertOrgPermissionsOfUser(user, anotherOrganization, ADMINISTER, SCAN);

  229.     assertOrgPermissionsOfUser(anotherUser, organization, ADMINISTER, SCAN);

  230.     assertProjectPermissionsOfUser(user, project);

  231.     assertProjectPermissionsOfUser(user, anotherProject, CODEVIEWER, USER);

  232.     assertProjectPermissionsOfUser(anotherUser, project, CODEVIEWER, USER);

  233.   }

  234. 

  235.   @Test

  236.   public void remove_member_removes_template_permissions() {

  237.     OrganizationDto organization = db.organizations().insert();

  238.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  239.     UserDto user = db.users().insertUser();

  240.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  241.     db.organizations().addMember(organization, user, adminUser);

  242.     db.users().insertMember(defaultGroup, user);

  243.     userIndexer.indexOnStartup(new HashSet<>());

  244. 

  245.     OrganizationDto anotherOrganization = db.organizations().insert();

  246.     UserDto anotherUser = db.users().insertUser();

  247.     PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);

  248.     PermissionTemplateDto anotherTemplate = db.permissionTemplates().insertTemplate(anotherOrganization);

  249.     String permission = "browse";

  250.     db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), permission);

  251.     db.permissionTemplates().addUserToTemplate(template.getUuid(), anotherUser.getUuid(), permission);

  252.     db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), permission);

  253. 

  254.     underTest.removeMember(db.getSession(), organization, user);

  255. 

  256.     assertThat(dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(db.getSession(), template.getUuid())).extracting(PermissionTemplateUserDto::getUserUuid)

  257.       .containsOnly(anotherUser.getUuid());

  258.     assertThat(dbClient.permissionTemplateDao().selectUserPermissionsByTemplateId(db.getSession(), anotherTemplate.getUuid())).extracting(PermissionTemplateUserDto::getUserUuid)

  259.       .containsOnly(user.getUuid());

  260.   }

  261. 

  262.   @Test

  263.   public void remove_member_removes_user_from_organization_groups() {

  264.     OrganizationDto organization = db.organizations().insert();

  265.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  266.     UserDto user = db.users().insertUser();

  267.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  268.     db.organizations().addMember(organization, user, adminUser);

  269.     db.users().insertMember(defaultGroup, user);

  270.     userIndexer.indexOnStartup(new HashSet<>());

  271. 

  272.     OrganizationDto anotherOrganization = db.organizations().insert();

  273.     UserDto anotherUser = db.users().insertUser();

  274.     GroupDto group = db.users().insertGroup(organization);

  275.     GroupDto anotherGroup = db.users().insertGroup(anotherOrganization);

  276.     db.users().insertMembers(group, user, anotherUser);

  277.     db.users().insertMembers(anotherGroup, user, anotherUser);

  278. 

  279.     underTest.removeMember(db.getSession(), organization, user);

  280. 

  281.     assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(db.getSession(), user.getUuid()))

  282.       .containsOnly(anotherGroup.getUuid());

  283.     assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(db.getSession(), anotherUser.getUuid()))

  284.       .containsOnly(group.getUuid(), anotherGroup.getUuid());

  285.   }

  286. 

  287.   @Test

  288.   public void remove_member_removes_user_from_default_organization_group() {

  289.     OrganizationDto organization = db.organizations().insert();

  290.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  291.     UserDto user = db.users().insertUser();

  292.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  293.     db.organizations().addMember(organization, user, adminUser);

  294.     db.users().insertMember(defaultGroup, user);

  295.     userIndexer.indexOnStartup(new HashSet<>());

  296. 

  297.     underTest.removeMember(db.getSession(), organization, user);

  298. 

  299.     assertThat(dbClient.groupMembershipDao().selectGroupUuidsByUserUuid(db.getSession(), user.getUuid())).isEmpty();

  300.   }

  301. 

  302.   @Test

  303.   public void remove_member_removes_user_from_org_properties() {

  304.     OrganizationDto organization = db.organizations().insert();

  305.     ComponentDto project = db.components().insertPrivateProject(organization);

  306.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  307.     UserDto user = db.users().insertUser();

  308.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  309.     db.organizations().addMember(organization, user, adminUser);

  310.     db.users().insertMember(defaultGroup, user);

  311.     userIndexer.indexOnStartup(new HashSet<>());

  312. 

  313.     OrganizationDto anotherOrganization = db.organizations().insert();

  314.     ComponentDto anotherProject = db.components().insertPrivateProject(anotherOrganization);

  315.     UserDto anotherUser = db.users().insertUser();

  316.     insertProperty("KEY_11", "VALUE", project.uuid(), user.getUuid());

  317.     insertProperty("KEY_12", "VALUE", project.uuid(), user.getUuid());

  318.     insertProperty("KEY_11", "VALUE", project.uuid(), anotherUser.getUuid());

  319.     insertProperty("KEY_11", "VALUE", anotherProject.uuid(), user.getUuid());

  320. 

  321.     underTest.removeMember(db.getSession(), organization, user);

  322. 

  323.     assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(project.uuid()).build(), db.getSession()))

  324.       .hasSize(1).extracting(PropertyDto::getUserUuid).containsOnly(anotherUser.getUuid());

  325.     assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(anotherProject.uuid()).build(), db.getSession()))

  326.       .extracting(PropertyDto::getUserUuid)

  327.       .hasSize(1).containsOnly(user.getUuid());

  328.   }

  329. 

  330.   @Test

  331.   public void remove_member_removes_user_from_default_assignee_properties() {

  332.     OrganizationDto organization = db.organizations().insert();

  333.     ComponentDto project = db.components().insertPrivateProject(organization);

  334.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  335.     UserDto user = db.users().insertUser();

  336.     UserDto adminUser = db.users().insertAdminByUserPermission(organization);

  337.     db.organizations().addMember(organization, user, adminUser);

  338.     db.users().insertMember(defaultGroup, user);

  339.     userIndexer.indexOnStartup(new HashSet<>());

  340. 

  341.     OrganizationDto anotherOrganization = db.organizations().insert();

  342.     ComponentDto anotherProject = db.components().insertPrivateProject(anotherOrganization);

  343.     UserDto anotherUser = db.users().insertUser();

  344.     insertProperty(DEFAULT_ISSUE_ASSIGNEE, user.getLogin(), project.uuid(), null);

  345.     insertProperty("ANOTHER_KEY", user.getLogin(), project.uuid(), null);

  346.     insertProperty(DEFAULT_ISSUE_ASSIGNEE, anotherUser.getLogin(), project.uuid(), null);

  347.     insertProperty(DEFAULT_ISSUE_ASSIGNEE, user.getLogin(), anotherProject.uuid(), null);

  348. 

  349.     underTest.removeMember(db.getSession(), organization, user);

  350. 

  351.     assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(project.uuid()).build(), db.getSession()))

  352.       .hasSize(2).extracting(PropertyDto::getKey, PropertyDto::getValue)

  353.       .containsOnly(Tuple.tuple("ANOTHER_KEY", user.getLogin()), Tuple.tuple(DEFAULT_ISSUE_ASSIGNEE, anotherUser.getLogin()));

  354.     assertThat(dbClient.propertiesDao().selectByQuery(PropertyQuery.builder().setComponentUuid(anotherProject.uuid()).build(), db.getSession())).extracting(PropertyDto::getValue)

  355.       .hasSize(1).containsOnly(user.getLogin());

  356.   }

  357. 

  358.   @Test

  359.   public void fail_to_remove_members_when_no_more_admin() {

  360.     OrganizationDto organization = db.organizations().insert();

  361.     GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  362.     GroupDto adminGroup = db.users().insertGroup(organization);

  363.     db.users().insertPermissionOnGroup(adminGroup, ADMINISTER);

  364.     UserDto user1 = db.users().insertUser();

  365.     UserDto admin1 = db.users().insertAdminByUserPermission(organization);

  366.     UserDto admin2 = db.users().insertUser();

  367.     db.organizations().addMember(organization, user1, admin1, admin2);

  368.     db.users().insertMember(defaultGroup, user1);

  369.     db.users().insertMember(defaultGroup, admin1);

  370.     db.users().insertMember(defaultGroup, admin2);

  371.     db.users().insertMember(adminGroup, admin2);

  372.     userIndexer.indexOnStartup(new HashSet<>());

  373. 

  374.     expectedException.expect(IllegalArgumentException.class);

  375.     expectedException.expectMessage("The last administrator member cannot be removed");

  376. 

  377.     underTest.removeMembers(db.getSession(), organization, asList(admin1, admin2));

  378.   }

  379. 

  380.   @Test

  381.   public void synchronize_user_organization_membership() {

  382.     OrganizationDto organization1 = db.organizations().insert();

  383.     GroupDto org1defaultGroup = db.users().insertDefaultGroup(organization1, "Members");

  384.     AlmAppInstallDto gitHubInstall1 = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));

  385.     db.alm().insertOrganizationAlmBinding(organization1, gitHubInstall1, true);

  386.     OrganizationDto organization2 = db.organizations().insert();

  387.     db.users().insertDefaultGroup(organization2, "Members");

  388.     AlmAppInstallDto gitHubInstall2 = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));

  389.     db.alm().insertOrganizationAlmBinding(organization2, gitHubInstall2, true);

  390.     OrganizationDto organization3 = db.organizations().insert();

  391.     GroupDto org3defaultGroup = db.users().insertDefaultGroup(organization3, "Members");

  392.     AlmAppInstallDto gitHubInstall3 = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));

  393.     db.alm().insertOrganizationAlmBinding(organization3, gitHubInstall3, true);

  394.     // User is member of organization1 and organization3, but organization3 membership will be removed and organization2 membership will be

  395.     // added

  396.     UserDto user = db.users().insertUser();

  397.     db.organizations().addMember(organization1, user);

  398.     db.users().insertMember(org1defaultGroup, user);

  399.     db.organizations().addMember(organization3, user);

  400.     db.users().insertMember(org3defaultGroup, user);

  401. 

  402.     underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of(gitHubInstall1.getOrganizationAlmId(), gitHubInstall2.getOrganizationAlmId()));

  403. 

  404.     db.organizations().assertUserIsMemberOfOrganization(organization1, user);

  405.     db.organizations().assertUserIsMemberOfOrganization(organization2, user);

  406.     assertUserIsNotMember(organization3, user);

  407.   }

  408. 

  409.   @Test

  410.   public void synchronize_user_organization_membership_does_not_update_es_index() {

  411.     OrganizationDto organization = db.organizations().insert();

  412.     db.users().insertDefaultGroup(organization, "Members");

  413.     AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));

  414.     db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);

  415.     UserDto user = db.users().insertUser();

  416. 

  417.     underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of(gitHubInstall.getOrganizationAlmId()));

  418. 

  419.     assertThat(userIndex.search(UserQuery.builder().build(), new SearchOptions()).getDocs()).isEmpty();

  420.   }

  421. 

  422.   @Test

  423.   public void synchronize_user_organization_membership_ignores_organization_alm_ids_match_no_existing_organizations() {

  424.     OrganizationDto organization = db.organizations().insert();

  425.     db.users().insertDefaultGroup(organization, "Members");

  426.     AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));

  427.     db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, true);

  428.     UserDto user = db.users().insertUser();

  429. 

  430.     underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of("unknown"));

  431. 

  432.     // User is member of no organization

  433.     assertThat(db.getDbClient().organizationMemberDao().selectOrganizationUuidsByUser(db.getSession(), user.getUuid())).isEmpty();

  434.   }

  435. 

  436.   @Test

  437.   public void synchronize_user_organization_membership_ignores_organization_with_member_sync_disabled() {

  438.     OrganizationDto organization = db.organizations().insert();

  439.     db.users().insertDefaultGroup(organization, "Members");

  440.     AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));

  441.     db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, false);

  442.     UserDto user = db.users().insertUser();

  443. 

  444.     underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of(gitHubInstall.getOrganizationAlmId()));

  445. 

  446.     db.organizations().assertUserIsNotMemberOfOrganization(organization, user);

  447.   }

  448. 

  449.   @Test

  450.   public void synchronize_user_organization_membership_does_not_remove_existing_membership_on_organization_with_member_sync_disabled() {

  451.     OrganizationDto organization = db.organizations().insert();

  452.     GroupDto org1defaultGroup = db.users().insertDefaultGroup(organization, "Members");

  453.     AlmAppInstallDto gitHubInstall = db.alm().insertAlmAppInstall(a -> a.setAlm(GITHUB));

  454.     db.alm().insertOrganizationAlmBinding(organization, gitHubInstall, false);

  455.     UserDto user = db.users().insertUser();

  456.     db.users().insertMember(org1defaultGroup, user);

  457.     db.organizations().addMember(organization, user);

  458.     // User is member of a organization on which member sync is disabled

  459.     db.organizations().assertUserIsMemberOfOrganization(organization, user);

  460. 

  461.     // The organization is not in the list, but membership should not be removed

  462.     underTest.synchronizeUserOrganizationMembership(db.getSession(), user, GITHUB, ImmutableSet.of("other"));

  463. 

  464.     db.organizations().assertUserIsMemberOfOrganization(organization, user);

  465.   }

  466. 

  467.   private void assertUserIsNotMember(OrganizationDto organization, UserDto user) {

  468.     db.organizations().assertUserIsNotMemberOfOrganization(organization, user);

  469.     SearchRequestBuilder request = es.client().prepareSearch(UserIndexDefinition.TYPE_USER)

  470.       .setQuery(boolQuery()

  471.         .must(termQuery(FIELD_ORGANIZATION_UUIDS, organization.getUuid()))

  472.         .must(termQuery(FIELD_UUID, user.getUuid())));

  473.     assertThat(request.get().getHits().getHits()).isEmpty();

  474.   }

  475. 

  476.   private void assertOrgPermissionsOfUser(UserDto user, OrganizationDto organization, OrganizationPermission... permissions) {

  477.     assertThat(dbClient.userPermissionDao().selectGlobalPermissionsOfUser(db.getSession(), user.getUuid(), organization.getUuid()).stream()

  478.       .map(OrganizationPermission::fromKey))

  479.         .containsOnly(permissions);

  480.   }

  481. 

  482.   private void assertProjectPermissionsOfUser(UserDto user, ComponentDto project, String... permissions) {

  483.     assertThat(dbClient.userPermissionDao().selectProjectPermissionsOfUser(db.getSession(), user.getUuid(), project.uuid())).containsOnly(permissions);

  484.   }

  485. 

  486.   private void insertProperty(String key, @Nullable String value, @Nullable String componentUuid, @Nullable String userUuid) {

  487.     PropertyDto dto = new PropertyDto().setKey(key)

  488.       .setComponentUuid(componentUuid)

  489.       .setUserUuid(userUuid)

  490.       .setValue(value);

  491.     db.properties().insertProperty(dto);

  492.   }

  493. 

  494. }