mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31968 Commits
59 Branches
Tree: dc84e9f271
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'dc84e9f271'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java

DeactivateAction.java 5.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2022 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.user.ws;

  21. 

  22. import java.util.HashSet;

  23. import java.util.Set;

  24. import org.sonar.api.server.ws.Request;

  25. import org.sonar.api.server.ws.Response;

  26. import org.sonar.api.server.ws.WebService;

  27. import org.sonar.api.server.ws.WebService.NewAction;

  28. import org.sonar.api.utils.text.JsonWriter;

  29. import org.sonar.db.DbClient;

  30. import org.sonar.db.DbSession;

  31. import org.sonar.db.property.PropertyQuery;

  32. import org.sonar.db.user.UserDto;

  33. import org.sonar.server.user.UserSession;

  34. import org.sonar.server.user.index.UserIndexer;

  35. 

  36. import static java.util.Collections.singletonList;

  37. import static org.sonar.api.CoreProperties.DEFAULT_ISSUE_ASSIGNEE;

  38. import static org.sonar.db.permission.GlobalPermission.ADMINISTER;

  39. import static org.sonar.server.exceptions.BadRequestException.checkRequest;

  40. import static org.sonar.server.exceptions.NotFoundException.checkFound;

  41. 

  42. public class DeactivateAction implements UsersWsAction {

  43. 

  44.   private static final String PARAM_LOGIN = "login";

  45. 

  46.   private final DbClient dbClient;

  47.   private final UserIndexer userIndexer;

  48.   private final UserSession userSession;

  49.   private final UserJsonWriter userWriter;

  50. 

  51.   public DeactivateAction(DbClient dbClient, UserIndexer userIndexer, UserSession userSession, UserJsonWriter userWriter) {

  52.     this.dbClient = dbClient;

  53.     this.userIndexer = userIndexer;

  54.     this.userSession = userSession;

  55.     this.userWriter = userWriter;

  56.   }

  57. 

  58.   @Override

  59.   public void define(WebService.NewController controller) {

  60.     NewAction action = controller.createAction("deactivate")

  61.       .setDescription("Deactivate a user. Requires Administer System permission")

  62.       .setSince("3.7")

  63.       .setPost(true)

  64.       .setResponseExample(getClass().getResource("deactivate-example.json"))

  65.       .setHandler(this);

  66. 

  67.     action.createParam(PARAM_LOGIN)

  68.       .setDescription("User login")

  69.       .setRequired(true)

  70.       .setExampleValue("myuser");

  71.   }

  72. 

  73.   @Override

  74.   public void handle(Request request, Response response) throws Exception {

  75.     String login;

  76. 

  77.     userSession.checkLoggedIn().checkIsSystemAdministrator();

  78.     login = request.mandatoryParam(PARAM_LOGIN);

  79.     checkRequest(!login.equals(userSession.getLogin()), "Self-deactivation is not possible");

  80. 

  81.     try (DbSession dbSession = dbClient.openSession(false)) {

  82.       UserDto user = dbClient.userDao().selectByLogin(dbSession, login);

  83.       checkFound(user, "User '%s' doesn't exist", login);

  84. 

  85.       ensureNotLastAdministrator(dbSession, user);

  86. 

  87.       String userUuid = user.getUuid();

  88.       dbClient.userTokenDao().deleteByUser(dbSession, user);

  89.       dbClient.propertiesDao().deleteByKeyAndValue(dbSession, DEFAULT_ISSUE_ASSIGNEE, user.getLogin());

  90.       dbClient.propertiesDao().deleteByQuery(dbSession, PropertyQuery.builder().setUserUuid(userUuid).build());

  91.       dbClient.userGroupDao().deleteByUserUuid(dbSession, user);

  92.       dbClient.userPermissionDao().deleteByUserUuid(dbSession, user);

  93.       dbClient.permissionTemplateDao().deleteUserPermissionsByUserUuid(dbSession, userUuid, user.getLogin());

  94.       dbClient.qProfileEditUsersDao().deleteByUser(dbSession, user);

  95.       dbClient.almPatDao().deleteByUser(dbSession, user);

  96.       dbClient.sessionTokensDao().deleteByUser(dbSession, user);

  97.       dbClient.userDismissedMessagesDao().deleteByUser(dbSession, user);

  98.       dbClient.qualityGateUserPermissionDao().deleteByUser(dbSession, user);

  99.       dbClient.userDao().deactivateUser(dbSession, user);

  100.       userIndexer.commitAndIndex(dbSession, user);

  101.     }

  102. 

  103.     writeResponse(response, login);

  104.   }

  105. 

  106.   private void writeResponse(Response response, String login) {

  107.     try (DbSession dbSession = dbClient.openSession(false)) {

  108.       UserDto user = dbClient.userDao().selectByLogin(dbSession, login);

  109.       // safeguard. It exists as the check has already been done earlier

  110.       // when deactivating user

  111.       checkFound(user, "User '%s' doesn't exist", login);

  112. 

  113.       try (JsonWriter json = response.newJsonWriter()) {

  114.         json.beginObject();

  115.         json.name("user");

  116.         Set<String> groups = new HashSet<>(dbClient.groupMembershipDao().selectGroupsByLogins(dbSession, singletonList(login)).get(login));

  117.         userWriter.write(json, user, groups, UserJsonWriter.FIELDS);

  118.         json.endObject();

  119.       }

  120.     }

  121.   }

  122. 

  123.   private void ensureNotLastAdministrator(DbSession dbSession, UserDto user) {

  124.     boolean isLastAdmin = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, ADMINISTER.getKey(), user.getUuid()) == 0;

  125.     checkRequest(!isLastAdmin, "User is last administrator, and cannot be deactivated");

  126.   }

  127. 

  128. }