SONAR-15442 Deactivate an user should remove its permission on Quality Gate

author: Zipeng WU <zipeng.wu@sonarsource.com> 2021-10-20 09:17:36 +0200
committer: sonartech <sonartech@sonarsource.com> 2021-10-22 20:03:28 +0000
commit: d64a04c89a6c31839faac5b78a556cb4e3fed5ee (patch)
tree: 6ecc14db3817fba88283def1ccbabe16745c32a9
parent: 6770559c5db408687b25b483140d2d4530e7f9a7 (diff)
download: sonarqube-d64a04c89a6c31839faac5b78a556cb4e3fed5ee.tar.gz
sonarqube-d64a04c89a6c31839faac5b78a556cb4e3fed5ee.zip
6 files changed, 59 insertions, 13 deletions
diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java
index 407893ff023..5d383b5f5b8 100644
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDao.java
@@ -64,6 +64,10 @@ public class QualityGateUserPermissionsDao implements Dao {
     return mapper(dbSession).countByQuery(query);
   }
 
+  public void deleteByUser(DbSession dbSession, UserDto user) {
+    mapper(dbSession).deleteByUser(user.getUuid());
+  }
+
   public void deleteByQualityGate(DbSession dbSession, QualityGateDto qualityGate) {
     mapper(dbSession).deleteByQualityGate(qualityGate.getUuid());
   }
diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java
index 93fbcf889f3..8f3a7c8e268 100644
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.java
@@ -35,6 +35,8 @@ public interface QualityGateUserPermissionsMapper {
 
   int countByQuery(@Param("query") SearchPermissionQuery query);
 
+  void deleteByUser(@Param("userUuid") String userUuid);
+
   void deleteByQualityGate(@Param("qualityGateUuid") String qualityGateUuid);
 
 }
diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml
index 28445e07760..628a828f1f7 100644
--- a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml
+++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualitygate/QualityGateUserPermissionsMapper.xml
@@ -92,6 +92,11 @@
     </where>
   </sql>
 
+  <delete id="deleteByUser">
+    delete from qgate_user_permissions
+    where user_uuid = #{userUuid}
+  </delete>
+
   <delete id="deleteByQualityGate">
     delete from qgate_user_permissions
     where quality_gate_uuid = #{qualityGateUuid, jdbcType=VARCHAR}
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java
index bcf971e30b3..048be73e898 100644
--- a/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/qualitygate/QualityGateUserPermissionsDaoTest.java
@@ -208,6 +208,25 @@ public class QualityGateUserPermissionsDaoTest {
   }
 
   @Test
+  public void deleteByUser() {
+    QualityGateDto qualityGateDto1 = db.qualityGates().insertQualityGate();
+    QualityGateDto qualityGateDto2 = db.qualityGates().insertQualityGate();
+    QualityGateDto qualityGateDto3 = db.qualityGates().insertQualityGate();
+
+    UserDto user1 = db.users().insertUser(u -> u.setName("user1"));
+    UserDto user2 = db.users().insertUser(u -> u.setName("user2"));
+    db.qualityGates().addUserPermission(qualityGateDto1, user1);
+    db.qualityGates().addUserPermission(qualityGateDto2, user2);
+    db.qualityGates().addUserPermission(qualityGateDto3, user1);
+
+    underTest.deleteByUser(dbSession, user1);
+
+    assertThat(underTest.exists(dbSession, qualityGateDto1, user1)).isFalse();
+    assertThat(underTest.exists(dbSession, qualityGateDto2, user2)).isTrue();
+    assertThat(underTest.exists(dbSession, qualityGateDto3, user1)).isFalse();
+  }
+
+  @Test
   public void deleteByQualityGate() {
     QualityGateDto qualityGateDto1 = qualityGateDbTester.insertQualityGate();
     QualityGateDto qualityGateDto2 = qualityGateDbTester.insertQualityGate();
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
index 4951247e445..d66cd8bc608 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/user/ws/DeactivateAction.java
@@ -96,6 +96,7 @@ public class DeactivateAction implements UsersWsAction {
       dbClient.almPatDao().deleteByUser(dbSession, user);
       dbClient.sessionTokensDao().deleteByUser(dbSession, user);
       dbClient.userDismissedMessagesDao().deleteByUser(dbSession, user);
+      dbClient.qualityGateUserPermissionDao().deleteByUser(dbSession, user);
       dbClient.userDao().deactivateUser(dbSession, user);
       userIndexer.commitAndIndex(dbSession, user);
     }
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java
index 29350829f84..4bed9a39c92 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/user/ws/DeactivateActionTest.java
@@ -38,6 +38,7 @@ import org.sonar.db.permission.template.PermissionTemplateUserDto;
 import org.sonar.db.project.ProjectDto;
 import org.sonar.db.property.PropertyDto;
 import org.sonar.db.property.PropertyQuery;
+import org.sonar.db.qualitygate.QualityGateDto;
 import org.sonar.db.qualityprofile.QProfileDto;
 import org.sonar.db.user.GroupDto;
 import org.sonar.db.user.SessionTokenDto;
@@ -89,7 +90,7 @@ public class DeactivateActionTest {
   private final WsActionTester ws = new WsActionTester(new DeactivateAction(dbClient, userIndexer, userSession, new UserJsonWriter(userSession)));
 
   @Test
-  public void deactivate_user_and_delete_his_related_data() {
+  public void deactivate_user_and_delete_their_related_data() {
     createAdminUser();
     UserDto user = db.users().insertUser(u -> u
       .setLogin("ada.lovelace")
@@ -110,7 +111,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_group_membership() {
+  public void deactivate_user_deletes_their_group_membership() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -124,7 +125,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_tokens() {
+  public void deactivate_user_deletes_their_tokens() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -138,13 +139,13 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_properties() {
+  public void deactivate_user_deletes_their_properties() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
     ComponentDto project = db.components().insertPrivateProject();
     db.properties().insertProperty(newUserPropertyDto(user), null, null, null, user.getLogin());
-    db.properties().insertProperty(newUserPropertyDto(user), null,null, null,  user.getLogin());
+    db.properties().insertProperty(newUserPropertyDto(user), null, null, null, user.getLogin());
     db.properties().insertProperty(newUserPropertyDto(user).setComponentUuid(project.uuid()), project.getKey(),
       project.name(), project.qualifier(), user.getLogin());
 
@@ -155,7 +156,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_permissions() {
+  public void deactivate_user_deletes_their_permissions() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -172,7 +173,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_permission_templates() {
+  public void deactivate_user_deletes_their_permission_templates() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -190,7 +191,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_qprofiles_permissions() {
+  public void deactivate_user_deletes_their_qprofiles_permissions() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -203,7 +204,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_default_assignee_settings() {
+  public void deactivate_user_deletes_their_default_assignee_settings() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -223,7 +224,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_user_settings() {
+  public void deactivate_user_deletes_their_user_settings() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -239,7 +240,21 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_alm_pat() {
+  public void deactivate_user_deletes_their_qgate_permissions() {
+    createAdminUser();
+    logInAsSystemAdministrator();
+    UserDto user = db.users().insertUser();
+    QualityGateDto qualityGate = db.qualityGates().insertQualityGate();
+    db.qualityGates().addUserPermission(qualityGate, user);
+    assertThat(db.countRowsOfTable("qgate_user_permissions")).isEqualTo(1);
+
+    deactivate(user.getLogin());
+
+    assertThat(db.countRowsOfTable("qgate_user_permissions")).isZero();
+  }
+
+  @Test
+  public void deactivate_user_deletes_their_alm_pat() {
     createAdminUser();
     logInAsSystemAdministrator();
     AlmSettingDto almSettingDto = db.almSettings().insertBitbucketAlmSetting();
@@ -255,7 +270,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_session_tokens() {
+  public void deactivate_user_deletes_their_session_tokens() {
     createAdminUser();
     logInAsSystemAdministrator();
     UserDto user = db.users().insertUser();
@@ -272,7 +287,7 @@ public class DeactivateActionTest {
   }
 
   @Test
-  public void deactivate_user_deletes_his_dismissed_messages() {
+  public void deactivate_user_deletes_their_dismissed_messages() {
     createAdminUser();
     logInAsSystemAdministrator();
     ProjectDto project1 = db.components().insertPrivateProjectDto();
author	Zipeng WU <zipeng.wu@sonarsource.com>	2021-10-20 09:17:36 +0200
committer	sonartech <sonartech@sonarsource.com>	2021-10-22 20:03:28 +0000
commit	d64a04c89a6c31839faac5b78a556cb4e3fed5ee (patch)
tree	6ecc14db3817fba88283def1ccbabe16745c32a9
parent	6770559c5db408687b25b483140d2d4530e7f9a7 (diff)
download	sonarqube-d64a04c89a6c31839faac5b78a556cb4e3fed5ee.tar.gz sonarqube-d64a04c89a6c31839faac5b78a556cb4e3fed5ee.zip