mirrors
/
sonarqube
kopie van https://github.com/SonarSource/sonarqube.git
Volgen 1
Ster 0
Vork 0
Code Kwesties 0 Publicaties 237 Wiki Activiteit
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27452 Commits
59 Branches
Tree: d195a425db
Branches Labels
${ item.name }
Maak branch ${ searchTerm }
van 'd195a425db'
${ noResults }
sonarqube/server/sonar-server/src/main/java/org/sonar/server/organization/ws/RemoveMemberAction.java

RemoveMemberAction.java 5.1KB
Ruw Blame Geschiedenis

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2018 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.organization.ws;

  21. 

  22. import org.sonar.api.server.ws.Request;

  23. import org.sonar.api.server.ws.Response;

  24. import org.sonar.api.server.ws.WebService;

  25. import org.sonar.api.server.ws.WebService.NewController;

  26. import org.sonar.db.DbClient;

  27. import org.sonar.db.DbSession;

  28. import org.sonar.db.organization.OrganizationDto;

  29. import org.sonar.db.user.UserDto;

  30. import org.sonar.server.user.UserSession;

  31. import org.sonar.server.user.index.UserIndexer;

  32. 

  33. import static java.util.Collections.singletonList;

  34. import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE;

  35. import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;

  36. import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_LOGIN;

  37. import static org.sonar.server.organization.ws.OrganizationsWsSupport.PARAM_ORGANIZATION;

  38. import static org.sonar.server.ws.KeyExamples.KEY_ORG_EXAMPLE_001;

  39. import static org.sonar.server.ws.WsUtils.checkFound;

  40. import static org.sonar.server.ws.WsUtils.checkFoundWithOptional;

  41. import static org.sonar.server.ws.WsUtils.checkRequest;

  42. 

  43. public class RemoveMemberAction implements OrganizationsWsAction {

  44.   private final DbClient dbClient;

  45.   private final UserSession userSession;

  46.   private final UserIndexer userIndexer;

  47. 

  48.   public RemoveMemberAction(DbClient dbClient, UserSession userSession, UserIndexer userIndexer) {

  49.     this.dbClient = dbClient;

  50.     this.userSession = userSession;

  51.     this.userIndexer = userIndexer;

  52.   }

  53. 

  54.   @Override

  55.   public void define(NewController context) {

  56.     WebService.NewAction action = context.createAction("remove_member")

  57.       .setDescription("Remove a member from an organization.<br>" +

  58.         "Requires 'Administer System' permission on the specified organization.")

  59.       .setSince("6.4")

  60.       .setPost(true)

  61.       .setInternal(true)

  62.       .setHandler(this);

  63. 

  64.     action

  65.       .createParam(PARAM_ORGANIZATION)

  66.       .setDescription("Organization key")

  67.       .setRequired(true)

  68.       .setExampleValue(KEY_ORG_EXAMPLE_001);

  69. 

  70.     action

  71.       .createParam(PARAM_LOGIN)

  72.       .setDescription("User login")

  73.       .setRequired(true)

  74.       .setExampleValue("ray.bradbury");

  75.   }

  76. 

  77.   @Override

  78.   public void handle(Request request, Response response) throws Exception {

  79.     String organizationKey = request.mandatoryParam(PARAM_ORGANIZATION);

  80.     String login = request.mandatoryParam(PARAM_LOGIN);

  81. 

  82.     try (DbSession dbSession = dbClient.openSession(false)) {

  83.       OrganizationDto organization = checkFoundWithOptional(dbClient.organizationDao().selectByKey(dbSession, organizationKey),

  84.         "Organization '%s' is not found", organizationKey);

  85.       UserDto user = checkFound(dbClient.userDao().selectActiveUserByLogin(dbSession, login), "User '%s' is not found", login);

  86.       userSession.checkPermission(ADMINISTER, organization);

  87. 

  88.       dbClient.organizationMemberDao().select(dbSession, organization.getUuid(), user.getId())

  89.         .ifPresent(om -> removeMember(dbSession, organization, user));

  90.     }

  91.     response.noContent();

  92.   }

  93. 

  94.   private void removeMember(DbSession dbSession, OrganizationDto organization, UserDto user) {

  95.     ensureLastAdminIsNotRemoved(dbSession, organization, user);

  96.     int userId = user.getId();

  97.     String organizationUuid = organization.getUuid();

  98.     dbClient.userPermissionDao().deleteOrganizationMemberPermissions(dbSession, organizationUuid, userId);

  99.     dbClient.permissionTemplateDao().deleteUserPermissionsByOrganization(dbSession, organizationUuid, userId);

  100.     dbClient.qProfileEditUsersDao().deleteByOrganizationAndUser(dbSession, organization, user);

  101.     dbClient.userGroupDao().deleteByOrganizationAndUser(dbSession, organizationUuid, userId);

  102.     dbClient.propertiesDao().deleteByOrganizationAndUser(dbSession, organizationUuid, userId);

  103.     dbClient.propertiesDao().deleteByOrganizationAndMatchingLogin(dbSession, organizationUuid, user.getLogin(), singletonList(DEFAULT_ISSUE_ASSIGNEE));

  104. 

  105.     dbClient.organizationMemberDao().delete(dbSession, organizationUuid, userId);

  106.     userIndexer.commitAndIndex(dbSession, user);

  107.   }

  108. 

  109.   private void ensureLastAdminIsNotRemoved(DbSession dbSession, OrganizationDto organizationDto, UserDto user) {

  110.     int remainingAdmins = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession,

  111.       organizationDto.getUuid(), ADMINISTER.getKey(), user.getId());

  112.     checkRequest(remainingAdmins > 0, "The last administrator member cannot be removed");

  113.   }

  114. }