aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimon Brandhof <simon.brandhof@sonarsource.com>2017-02-08 17:29:21 +0100
committerSimon Brandhof <simon.brandhof@sonarsource.com>2017-02-10 22:49:09 +0100
commit9fe9e202fe21e5c62378e11992cc46c8122ddf56 (patch)
tree9196f66c25adb69d260606fd8a3816aa7bb167dd
parenta477248ab4050a0c81cf9a462c3b99fe4fffddc1 (diff)
downloadsonarqube-9fe9e202fe21e5c62378e11992cc46c8122ddf56.tar.gz
sonarqube-9fe9e202fe21e5c62378e11992cc46c8122ddf56.zip
SONAR-8761 drop sync of root based on user permissions
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java7
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java13
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/permission/UserPermissionChanger.java13
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java3
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java1
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java6
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java5
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java6
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java131
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java3
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java3
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java57
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java72
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java4
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java52
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java61
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/user/ws/CreateActionTest.java45
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java55
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java79
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java106
-rw-r--r--sonar-db/src/main/java/org/sonar/db/user/GroupDao.java11
-rw-r--r--sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java8
-rw-r--r--sonar-db/src/main/java/org/sonar/db/user/UserDao.java11
-rw-r--r--sonar-db/src/main/java/org/sonar/db/user/UserMapper.java4
-rw-r--r--sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml88
-rw-r--r--sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml80
-rw-r--r--sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java196
-rw-r--r--sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java121
-rw-r--r--sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java32
29 files changed, 22 insertions, 1251 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java
index f7841fb52b5..8ddb2154bd5 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java
@@ -114,7 +114,6 @@ public class UserIdentityAuthenticator {
.build());
UserDto newUser = dbClient.userDao().selectOrFailByLogin(dbSession, userLogin);
syncGroups(dbSession, user, newUser);
- updateRootFlag(dbSession, newUser);
return newUser;
}
@@ -125,7 +124,6 @@ public class UserIdentityAuthenticator {
.setExternalIdentity(new ExternalIdentity(provider.getKey(), user.getProviderLogin()))
.setPassword(null));
syncGroups(dbSession, user, userDto);
- updateRootFlag(dbSession, userDto);
}
private void syncGroups(DbSession dbSession, UserIdentity userIdentity, UserDto userDto) {
@@ -165,11 +163,6 @@ public class UserIdentityAuthenticator {
});
}
- private void updateRootFlag(DbSession dbSession, UserDto userDto) {
- dbClient.userDao().updateRootFlagFromPermissions(dbSession, userDto.getId(), defaultOrganizationProvider.get().getUuid());
- dbSession.commit();
- }
-
private enum GroupDtoToName implements Function<GroupDto, String> {
INSTANCE;
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java b/server/sonar-server/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java
index 535f8995da9..1a4de6d5c98 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/GroupPermissionChanger.java
@@ -25,7 +25,6 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.GroupPermissionDto;
import org.sonar.server.exceptions.BadRequestException;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import static java.lang.String.format;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
@@ -34,11 +33,9 @@ import static org.sonar.server.permission.ws.PermissionRequestValidator.validate
public class GroupPermissionChanger {
private final DbClient dbClient;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
- public GroupPermissionChanger(DbClient dbClient, DefaultOrganizationProvider defaultOrganizationProvider) {
+ public GroupPermissionChanger(DbClient dbClient) {
this.dbClient = dbClient;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
}
public boolean apply(DbSession dbSession, GroupPermissionChange change) {
@@ -64,7 +61,6 @@ public class GroupPermissionChanger {
.setGroupId(change.getGroupIdOrAnyone().getId())
.setResourceId(change.getNullableProjectId());
dbClient.groupPermissionDao().insert(dbSession, addedDto);
- updateRootFlag(dbSession, change);
return true;
}
@@ -78,16 +74,9 @@ public class GroupPermissionChanger {
change.getOrganizationUuid(),
change.getGroupIdOrAnyone().getId(),
change.getNullableProjectId());
- updateRootFlag(dbSession, change);
return true;
}
- private void updateRootFlag(DbSession dbSession, GroupPermissionChange change) {
- if (SYSTEM_ADMIN.equals(change.getPermission()) && !change.getGroupIdOrAnyone().isAnyone() && !change.getProjectId().isPresent()) {
- dbClient.groupDao().updateRootFlagOfUsersInGroupFromPermissions(dbSession, change.getGroupIdOrAnyone().getId(), defaultOrganizationProvider.get().getUuid());
- }
- }
-
private List<String> loadExistingPermissions(DbSession dbSession, GroupPermissionChange change) {
Optional<ProjectId> projectId = change.getProjectId();
if (projectId.isPresent()) {
diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/UserPermissionChanger.java b/server/sonar-server/src/main/java/org/sonar/server/permission/UserPermissionChanger.java
index 8b7c0b56078..ed862bbbab9 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/UserPermissionChanger.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/UserPermissionChanger.java
@@ -25,7 +25,6 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.UserPermissionDto;
import org.sonar.server.exceptions.BadRequestException;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
@@ -35,11 +34,9 @@ import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
public class UserPermissionChanger {
private final DbClient dbClient;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
- public UserPermissionChanger(DbClient dbClient, DefaultOrganizationProvider defaultOrganizationProvider) {
+ public UserPermissionChanger(DbClient dbClient) {
this.dbClient = dbClient;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
}
public boolean apply(DbSession dbSession, UserPermissionChange change) {
@@ -59,7 +56,6 @@ public class UserPermissionChanger {
}
UserPermissionDto dto = new UserPermissionDto(change.getOrganizationUuid(), change.getPermission(), change.getUserId().getId(), change.getNullableProjectId());
dbClient.userPermissionDao().insert(dbSession, dto);
- updateRootFlag(dbSession, change);
return true;
}
@@ -74,7 +70,6 @@ public class UserPermissionChanger {
} else {
dbClient.userPermissionDao().deleteGlobalPermission(dbSession, change.getUserId().getId(), change.getPermission(), change.getOrganizationUuid());
}
- updateRootFlag(dbSession, change);
return true;
}
@@ -99,10 +94,4 @@ public class UserPermissionChanger {
}
}
}
-
- private void updateRootFlag(DbSession dbSession, UserPermissionChange change) {
- if (SYSTEM_ADMIN.equals(change.getPermission()) && !change.getProjectId().isPresent()) {
- dbClient.userDao().updateRootFlagFromPermissions(dbSession, change.getUserId().getId(), defaultOrganizationProvider.get().getUuid());
- }
- }
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
index 890be73e8e1..009fee22a68 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserSession.java
@@ -59,7 +59,8 @@ public interface UserSession {
boolean isLoggedIn();
/**
- * Whether the user has root privileges.
+ * Whether the user has root privileges when organizations are enabled.
+ * Always returns {@code false} when organizations are disabled.
*/
boolean isRoot();
diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
index 688636c5fcf..47c6ddf3ced 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
@@ -92,7 +92,6 @@ public class UserUpdater {
public UserDto create(NewUser newUser) {
try (DbSession dbSession = dbClient.openSession(false)) {
UserDto createdUser = create(dbSession, newUser);
- dbClient.userDao().updateRootFlagFromPermissions(dbSession, createdUser.getId(), defaultOrganizationProvider.get().getUuid());
dbSession.commit();
return createdUser;
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
index 0ef7cbb3caf..ab5f8a6203e 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/AddUserAction.java
@@ -28,7 +28,6 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserGroupDto;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
import static java.lang.String.format;
@@ -44,13 +43,11 @@ public class AddUserAction implements UserGroupsWsAction {
private final DbClient dbClient;
private final UserSession userSession;
private final GroupWsSupport support;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
- public AddUserAction(DbClient dbClient, UserSession userSession, GroupWsSupport support, DefaultOrganizationProvider defaultOrganizationProvider) {
+ public AddUserAction(DbClient dbClient, UserSession userSession, GroupWsSupport support) {
this.dbClient = dbClient;
this.userSession = userSession;
this.support = support;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
}
@Override
@@ -81,7 +78,6 @@ public class AddUserAction implements UserGroupsWsAction {
if (!isMemberOf(dbSession, user, groupId)) {
UserGroupDto membershipDto = new UserGroupDto().setGroupId(groupId.getId()).setUserId(user.getId());
dbClient.userGroupDao().insert(dbSession, membershipDto);
- dbClient.userDao().updateRootFlagFromPermissions(dbSession, user.getId(), defaultOrganizationProvider.get().getUuid());
dbSession.commit();
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
index 35b75f8f453..1a5ab10e85b 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/DeleteAction.java
@@ -80,7 +80,6 @@ public class DeleteAction implements UserGroupsWsAction {
checkNotTryingToDeleteLastAdminGroup(dbSession, groupId);
removeGroupPermissions(dbSession, groupId);
removeFromPermissionTemplates(dbSession, groupId);
- updateRootFlagOfMembers(dbSession, groupId);
removeGroupMembers(dbSession, groupId);
dbClient.groupDao().deleteById(dbSession, groupId.getId());
@@ -119,10 +118,6 @@ public class DeleteAction implements UserGroupsWsAction {
dbClient.permissionTemplateDao().deleteByGroup(dbSession, groupId.getId());
}
- private void updateRootFlagOfMembers(DbSession dbSession, GroupId groupId) {
- dbClient.groupDao().updateRootFlagOfUsersInGroupFromPermissions(dbSession, groupId.getId(), defaultOrganizationProvider.get().getUuid());
- }
-
private void removeGroupMembers(DbSession dbSession, GroupId groupId) {
dbClient.userGroupDao().deleteByGroupId(dbSession, groupId.getId());
}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
index 5287fc0656e..dc0e2b5da57 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/usergroups/ws/RemoveUserAction.java
@@ -27,7 +27,6 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
-import org.sonar.server.organization.DefaultOrganizationProvider;
import org.sonar.server.user.UserSession;
import static java.lang.String.format;
@@ -44,13 +43,11 @@ public class RemoveUserAction implements UserGroupsWsAction {
private final DbClient dbClient;
private final UserSession userSession;
private final GroupWsSupport support;
- private final DefaultOrganizationProvider defaultOrganizationProvider;
- public RemoveUserAction(DbClient dbClient, UserSession userSession, GroupWsSupport support, DefaultOrganizationProvider defaultOrganizationProvider) {
+ public RemoveUserAction(DbClient dbClient, UserSession userSession, GroupWsSupport support) {
this.dbClient = dbClient;
this.userSession = userSession;
this.support = support;
- this.defaultOrganizationProvider = defaultOrganizationProvider;
}
@Override
@@ -82,7 +79,6 @@ public class RemoveUserAction implements UserGroupsWsAction {
ensureLastAdminIsNotRemoved(dbSession, group, user);
dbClient.userGroupDao().delete(dbSession, group.getId(), user.getId());
- dbClient.userDao().updateRootFlagFromPermissions(dbSession, user.getId(), defaultOrganizationProvider.get().getUuid());
dbSession.commit();
response.noContent();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java
index 0f17e592ad8..373b0ce035e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java
@@ -105,6 +105,7 @@ public class UserIdentityAuthenticatorTest {
assertThat(user.getEmail()).isEqualTo("john@email.com");
assertThat(user.getExternalIdentity()).isEqualTo("johndoo");
assertThat(user.getExternalIdentityProvider()).isEqualTo("github");
+ assertThat(user.isRoot()).isFalse();
assertThat(db.users().selectGroupIdsOfUser(user)).containsOnly(defaultGroup.getId());
}
@@ -118,6 +119,7 @@ public class UserIdentityAuthenticatorTest {
Optional<UserDto> user = db.users().selectUserByLogin(USER_LOGIN);
assertThat(user).isPresent();
+ assertThat(user.get().isRoot()).isFalse();
assertThat(db.users().selectGroupIdsOfUser(user.get())).containsOnly(group1.getId(), group2.getId());
}
@@ -140,6 +142,7 @@ public class UserIdentityAuthenticatorTest {
assertThat(userDto.getEmail()).isEqualTo("john@email.com");
assertThat(userDto.getExternalIdentity()).isEqualTo("johndoo");
assertThat(userDto.getExternalIdentityProvider()).isEqualTo("github");
+ assertThat(userDto.isRoot()).isFalse();
}
@Test
@@ -160,6 +163,7 @@ public class UserIdentityAuthenticatorTest {
assertThat(userDto.getEmail()).isEqualTo("john@email.com");
assertThat(userDto.getExternalIdentity()).isEqualTo("johndoo");
assertThat(userDto.getExternalIdentityProvider()).isEqualTo("github");
+ assertThat(userDto.isRoot()).isFalse();
}
@Test
@@ -206,133 +210,6 @@ public class UserIdentityAuthenticatorTest {
}
@Test
- public void authenticate_new_user_and_add_it_to_no_group_sets_root_flag_to_false() {
- authenticate(USER_LOGIN);
-
- db.rootFlag().verify(USER_LOGIN, false);
- }
-
- @Test
- public void authenticate_new_user_and_add_it_to_admin_group_of_default_organization_sets_root_flag_to_true() {
- GroupDto adminGroup = db.users().insertAdminGroup(db.getDefaultOrganization());
-
- authenticate(USER_LOGIN, adminGroup.getName());
-
- db.rootFlag().verify(USER_LOGIN, true);
- }
-
- @Test
- public void authenticate_new_user_and_add_it_to_admin_group_of_other_organization_does_not_set_root_flag_to_true() {
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto adminGroup = db.users().insertAdminGroup(otherOrganization);
-
- authenticate(USER_LOGIN, adminGroup.getName());
-
- db.rootFlag().verify(USER_LOGIN, false);
- }
-
- @Test
- public void authenticate_existing_user_and_add_it_to_no_group_sets_root_flag_to_false() {
- UserDto userDto = db.users().insertUser();
-
- authenticate(userDto.getLogin());
-
- db.rootFlag().verify(userDto, false);
- }
-
- @Test
- public void authenticate_existing_user_and_add_it_to_admin_group_of_default_organization_sets_root_flag_to_true() {
- GroupDto adminGroup = db.users().insertAdminGroup(db.getDefaultOrganization());
- UserDto userDto = db.users().insertUser();
-
- authenticate(userDto.getLogin(), adminGroup.getName());
-
- db.rootFlag().verify(userDto, true);
- }
-
- @Test
- public void authenticate_existing_user_and_add_it_to_admin_group_of_other_organization_sets_root_flag_to_false() {
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto adminGroup = db.users().insertAdminGroup(otherOrganization);
- UserDto userDto = db.users().insertUser();
-
- authenticate(userDto.getLogin(), adminGroup.getName());
-
- db.rootFlag().verify(userDto, false);
- }
-
- @Test
- public void authenticate_existing_user_and_remove_it_from_admin_group_of_default_organization_sets_root_flag_to_false() {
- GroupDto adminGroup = db.users().insertAdminGroup(db.getDefaultOrganization());
- UserDto userDto = db.users().makeRoot(db.users().insertUser());
- db.users().insertMembers(adminGroup, userDto);
-
- authenticate(userDto.getLogin());
-
- db.rootFlag().verify(userDto, false);
- }
-
- @Test
- public void authenticate_existing_user_with_user_permission_admin_on_default_organization_with_no_group_does_not_set_root_flag_to_false() {
- UserDto rootUser = db.users().insertRootByUserPermission();
-
- authenticate(rootUser.getLogin());
-
- db.rootFlag().verify(rootUser, true);
- }
-
- @Test
- public void authenticate_existing_user_with_user_permission_admin_on_default_organization_with_non_admin_groups_does_not_set_root_flag_to_false() {
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto defaultOrgGroup = db.users().insertGroup(db.getDefaultOrganization());
- GroupDto otherOrgGroup = db.users().insertGroup(otherOrganization);
- UserDto rootUser = db.users().insertRootByUserPermission();
-
- authenticate(rootUser.getLogin(), defaultOrgGroup.getName(), otherOrgGroup.getName());
-
- db.rootFlag().verify(rootUser, true);
- }
-
- @Test
- public void authenticate_user_multiple_times_sets_root_flag_to_true_only_if_at_least_one_group_is_admin() {
- GroupDto defaultAdminGroup = db.users().insertAdminGroup(db.getDefaultOrganization(), "admin_of_default");
- GroupDto defaultSomeGroup = db.users().insertGroup(db.getDefaultOrganization(), "some_group_of_default");
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto otherAdminGroup = db.users().insertAdminGroup(otherOrganization, "admin_of_other");
- GroupDto otherSomeGroup = db.users().insertGroup(otherOrganization, "some_group_of_other");
-
- authenticate(USER_LOGIN, defaultAdminGroup.getName(), defaultSomeGroup.getName(), otherAdminGroup.getName(), otherSomeGroup.getName());
- db.rootFlag().verify(USER_LOGIN, true);
-
- authenticate(USER_LOGIN, defaultAdminGroup.getName(), defaultSomeGroup.getName(), otherAdminGroup.getName());
- db.rootFlag().verify(USER_LOGIN, true);
-
- authenticate(USER_LOGIN, otherAdminGroup.getName(), defaultAdminGroup.getName());
- db.rootFlag().verify(USER_LOGIN, true);
-
- authenticate(USER_LOGIN, otherAdminGroup.getName());
- db.rootFlag().verify(USER_LOGIN, false);
-
- authenticate(USER_LOGIN, otherAdminGroup.getName(), otherSomeGroup.getName());
- db.rootFlag().verify(USER_LOGIN, false);
-
- authenticate(USER_LOGIN, otherAdminGroup.getName(), otherSomeGroup.getName());
- db.rootFlag().verify(USER_LOGIN, false);
-
- authenticate(USER_LOGIN, otherAdminGroup.getName(), defaultAdminGroup.getName());
- db.rootFlag().verify(USER_LOGIN, true);
-
- authenticate(USER_LOGIN, defaultSomeGroup.getName(), defaultAdminGroup.getName());
- db.rootFlag().verify(USER_LOGIN, true);
-
- authenticate(USER_LOGIN, otherSomeGroup.getName(), defaultAdminGroup.getName());
- db.rootFlag().verify(USER_LOGIN, true);
-
- authenticate(USER_LOGIN, otherSomeGroup.getName(), defaultSomeGroup.getName());
- db.rootFlag().verify(USER_LOGIN, false);
- }
-
- @Test
public void ignore_groups_on_non_default_organizations() throws Exception {
OrganizationDto org = db.organizations().insert();
UserDto user = db.users().insertUser(newUserDto()
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java
index 48ff6a9c89c..fac0e312a19 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/GroupPermissionChangerTest.java
@@ -32,7 +32,6 @@ import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
-import org.sonar.server.organization.TestDefaultOrganizationProvider;
import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
import static org.assertj.core.api.Assertions.assertThat;
@@ -44,7 +43,7 @@ public class GroupPermissionChangerTest {
@Rule
public ExpectedException expectedException = ExpectedException.none();
- private GroupPermissionChanger underTest = new GroupPermissionChanger(db.getDbClient(), TestDefaultOrganizationProvider.from(db));
+ private GroupPermissionChanger underTest = new GroupPermissionChanger(db.getDbClient());
private OrganizationDto org;
private GroupDto group;
private ComponentDto project;
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java
index dabab36599f..23f27b4aad4 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/UserPermissionChangerTest.java
@@ -50,8 +50,7 @@ public class UserPermissionChangerTest {
@Rule
public ExpectedException expectedException = ExpectedException.none();
- private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(db);
- private UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient(), defaultOrganizationProvider);
+ private UserPermissionChanger underTest = new UserPermissionChanger(db.getDbClient());
private OrganizationDto org1;
private OrganizationDto org2;
private UserDto user1;
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
index c0cead62f5a..f93bdf80f9f 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddGroupActionTest.java
@@ -25,7 +25,6 @@ import org.sonar.db.component.ComponentDto;
import org.sonar.db.component.ComponentTesting;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
@@ -312,62 +311,6 @@ public class AddGroupActionTest extends BasePermissionWsTest<AddGroupAction> {
assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(ISSUE_ADMIN);
}
-
- @Test
- public void set_root_flag_to_true_on_all_users_in_group_when_admin_permission_to_group_of_default_organization_without_org_param() throws Exception {
- GroupDto group = db.users().insertGroup(db.getDefaultOrganization());
- UserDto rootByUserPermissionUser = db.users().insertRootByUserPermission();
- UserDto rootByGroupPermissionUser = db.users().insertRootByGroupPermission();
- UserDto notRootUser = db.users().insertUser();
- UserDto notInGroupUser = db.users().insertUser();
- db.users().insertMembers(group, rootByUserPermissionUser, rootByGroupPermissionUser, notRootUser);
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(group, SYSTEM_ADMIN);
-
- db.rootFlag().verify(rootByUserPermissionUser, true);
- db.rootFlag().verify(rootByGroupPermissionUser, true);
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(notInGroupUser);
- }
-
- @Test
- public void set_root_flag_to_true_on_all_users_in_group_when_admin_permission_to_group_of_default_organization_with_org_param() throws Exception {
- GroupDto group = db.users().insertGroup(db.getDefaultOrganization());
- UserDto rootByUserPermissionUser = db.users().insertRootByUserPermission();
- UserDto rootByGroupPermissionUser = db.users().insertRootByGroupPermission();
- UserDto notRootUser = db.users().insertUser();
- UserDto notInGroupUser = db.users().insertUser();
- db.users().insertMembers(group, rootByUserPermissionUser, rootByGroupPermissionUser, notRootUser);
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(group, db.getDefaultOrganization(), SYSTEM_ADMIN);
-
- db.rootFlag().verify(rootByUserPermissionUser, true);
- db.rootFlag().verify(rootByGroupPermissionUser, true);
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(notInGroupUser);
- }
-
- @Test
- public void does_not_set_root_flag_to_true_on_all_users_in_group_when_admin_permission_to_group_of_default_organization() throws Exception {
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto group = db.users().insertGroup(otherOrganization);
- UserDto rootByUserPermissionUser = db.users().insertRootByUserPermission();
- UserDto rootByGroupPermissionUser = db.users().insertRootByGroupPermission();
- UserDto notRootUser = db.users().insertUser();
- UserDto notInGroupUser = db.users().insertUser();
- db.users().insertMembers(group, rootByUserPermissionUser, rootByGroupPermissionUser, notRootUser);
- loginAsAdmin(otherOrganization);
-
- executeRequest(group, otherOrganization, SYSTEM_ADMIN);
-
- db.rootFlag().verify(rootByUserPermissionUser, true);
- db.rootFlag().verify(rootByGroupPermissionUser, true);
- db.rootFlag().verify(notRootUser, false);
- db.rootFlag().verifyUnchanged(notInGroupUser);
- }
-
private void executeRequest(GroupDto groupDto, OrganizationDto organizationDto, String permission) throws Exception {
newRequest()
.setParam(PARAM_GROUP_NAME, groupDto.getName())
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
index 44b8917e31a..1ac4b311c56 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/AddUserActionTest.java
@@ -262,77 +262,7 @@ public class AddUserActionTest extends BasePermissionWsTest<AddUserAction> {
assertThat(db.users().selectProjectPermissionsOfUser(user, project)).containsOnly(ISSUE_ADMIN);
}
- @Test
- public void sets_root_flag_to_true_when_adding_user_admin_permission_without_org_parameter() throws Exception {
- UserDto rootByUserPermissionUser = db.users().insertRootByUserPermission();
- UserDto rootByGroupPermissionUser = db.users().insertRootByGroupPermission();
- UserDto notRootUser = db.users().insertUser();
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(notRootUser, SYSTEM_ADMIN);
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(rootByUserPermissionUser);
- db.rootFlag().verifyUnchanged(rootByGroupPermissionUser);
-
- executeRequest(rootByUserPermissionUser, SYSTEM_ADMIN);
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(rootByUserPermissionUser); // because already has specified user permission
- db.rootFlag().verifyUnchanged(rootByGroupPermissionUser);
-
- executeRequest(rootByGroupPermissionUser, SYSTEM_ADMIN);
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(rootByUserPermissionUser);
- db.rootFlag().verify(rootByGroupPermissionUser, true);
- }
-
- @Test
- public void sets_root_flag_to_true_when_adding_user_admin_permission_with_default_organization_uuid() throws Exception {
- UserDto rootByUserPermissionUser = db.users().insertRootByUserPermission();
- UserDto rootByGroupPermissionUser = db.users().insertRootByGroupPermission();
- UserDto notRootUser = db.users().insertUser();
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(notRootUser, SYSTEM_ADMIN, db.getDefaultOrganization());
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(rootByUserPermissionUser);
- db.rootFlag().verifyUnchanged(rootByGroupPermissionUser);
-
- executeRequest(rootByUserPermissionUser, SYSTEM_ADMIN, db.getDefaultOrganization());
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(rootByUserPermissionUser); // because already has specified user permission
- db.rootFlag().verifyUnchanged(rootByGroupPermissionUser);
-
- executeRequest(rootByGroupPermissionUser, SYSTEM_ADMIN, db.getDefaultOrganization());
- db.rootFlag().verify(notRootUser, true);
- db.rootFlag().verifyUnchanged(rootByUserPermissionUser);
- db.rootFlag().verify(rootByGroupPermissionUser, true);
- }
-
- @Test
- public void does_not_set_root_flag_when_adding_user_admin_permission_with_other_organization_uuid() throws Exception {
- OrganizationDto otherOrganization = db.organizations().insert();
- UserDto rootByUserPermissionUser = db.users().insertRootByUserPermission();
- UserDto rootByGroupPermissionUser = db.users().insertRootByGroupPermission();
- UserDto notRootUser = db.users().insertUser();
- loginAsAdmin(otherOrganization);
-
- executeRequest(notRootUser, SYSTEM_ADMIN, otherOrganization);
- db.rootFlag().verify(notRootUser, false);
- db.rootFlag().verifyUnchanged(rootByUserPermissionUser);
- db.rootFlag().verifyUnchanged(rootByGroupPermissionUser);
-
- executeRequest(rootByUserPermissionUser, SYSTEM_ADMIN, otherOrganization);
- db.rootFlag().verify(notRootUser, false);
- db.rootFlag().verify(rootByUserPermissionUser, true);
- db.rootFlag().verifyUnchanged(rootByGroupPermissionUser);
-
- executeRequest(rootByGroupPermissionUser, SYSTEM_ADMIN, otherOrganization);
- db.rootFlag().verify(notRootUser, false);
- db.rootFlag().verify(rootByUserPermissionUser, true);
- db.rootFlag().verify(rootByGroupPermissionUser, true);
- }
-
- @Test
+@Test
public void organization_parameter_must_not_be_set_on_project_permissions() {
ComponentDto project = db.components().insertProject();
loginAsAdmin(db.getDefaultOrganization());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
index 7ce5ae37492..7cfa45aad6b 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/BasePermissionWsTest.java
@@ -78,8 +78,8 @@ public abstract class BasePermissionWsTest<A extends PermissionsWsAction> {
protected PermissionUpdater newPermissionUpdater() {
return new PermissionUpdater(db.getDbClient(),
mock(PermissionIndexer.class),
- new UserPermissionChanger(db.getDbClient(), defaultOrganizationProvider),
- new GroupPermissionChanger(db.getDbClient(), defaultOrganizationProvider));
+ new UserPermissionChanger(db.getDbClient()),
+ new GroupPermissionChanger(db.getDbClient()));
}
protected TestRequest newRequest() {
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java
index 51d752e5e6e..569e595e88f 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveGroupActionTest.java
@@ -25,7 +25,6 @@ import org.sonar.api.web.UserRole;
import org.sonar.db.component.ComponentDto;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
@@ -245,57 +244,6 @@ public class RemoveGroupActionTest extends BasePermissionWsTest<RemoveGroupActio
.execute();
}
- @Test
- public void sets_root_flag_to_false_on_all_users_in_group_when_removing_admin_permission_from_group_of_default_organization_without_org_param() throws Exception {
- UserDto lastAdminUser = db.users().insertRootByUserPermission();
- GroupDto adminGroup = db.users().insertAdminGroup();
- UserDto user1 = db.users().insertRootByGroupPermission("user1", adminGroup);
- UserDto user2 = db.users().insertRootByGroupPermission("user2", adminGroup);
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(adminGroup, SYSTEM_ADMIN);
-
- db.rootFlag().verify(user1, false);
- db.rootFlag().verify(user2, false);
- db.rootFlag().verifyUnchanged(lastAdminUser);
- }
-
- @Test
- public void sets_root_flag_to_false_on_all_users_in_group_when_removing_admin_permission_from_group_of_default_organization_with_org_param() throws Exception {
- UserDto lastAdminUser = db.users().insertRootByUserPermission();
- GroupDto adminGroup = db.users().insertAdminGroup();
- UserDto user1 = db.users().insertRootByGroupPermission("user1", adminGroup);
- UserDto user2 = db.users().insertRootByGroupPermission("user2", adminGroup);
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(adminGroup, db.getDefaultOrganization(), SYSTEM_ADMIN);
-
- db.rootFlag().verify(user1, false);
- db.rootFlag().verify(user2, false);
- db.rootFlag().verifyUnchanged(lastAdminUser);
- }
-
- @Test
- public void does_not_set_root_flag_to_false_on_all_users_in_group_when_removing_admin_permission_from_group_of_other_organization() throws Exception {
- OrganizationDto otherOrganization = db.organizations().insert();
- UserDto lastAdmin = db.users().insertUser();
- db.users().insertPermissionOnUser(otherOrganization, lastAdmin, SYSTEM_ADMIN);
- GroupDto adminGroup = db.users().insertAdminGroup(otherOrganization);
- UserDto rootByUserPermissionUser = db.users().insertRootByUserPermission();
- UserDto rootByGroupPermissionUser = db.users().insertRootByGroupPermission();
- UserDto inAdminGroupUser = db.users().insertUser();
- UserDto notInGroupUser = db.users().insertUser();
- db.users().insertMembers(adminGroup, rootByUserPermissionUser, rootByGroupPermissionUser, inAdminGroupUser);
- loginAsAdmin(otherOrganization);
-
- executeRequest(adminGroup, otherOrganization, SYSTEM_ADMIN);
-
- db.rootFlag().verify(rootByUserPermissionUser, true);
- db.rootFlag().verify(rootByGroupPermissionUser, true);
- db.rootFlag().verify(inAdminGroupUser, false);
- db.rootFlag().verifyUnchanged(notInGroupUser);
- }
-
private void executeRequest(GroupDto groupDto, String permission) throws Exception {
newRequest()
.setParam(PARAM_GROUP_NAME, groupDto.getName())
diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java
index d2b8c971d12..1652263f7a9 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java
@@ -23,7 +23,6 @@ import org.junit.Before;
import org.junit.Test;
import org.sonar.api.web.UserRole;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
@@ -40,7 +39,6 @@ import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.component.ComponentTesting.newFileDto;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.ComponentTesting.newView;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
@@ -232,65 +230,6 @@ public class RemoveUserActionTest extends BasePermissionWsTest<RemoveUserAction>
}
@Test
- public void sets_root_flag_to_false_when_removing_user_admin_permission_of_default_organization_without_org_parameter() throws Exception {
- UserDto lastAdminUser = db.users().insertRootByUserPermission();
- UserDto adminUser = db.users().insertRootByUserPermission();
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(adminUser, SYSTEM_ADMIN);
-
- db.rootFlag().verify(adminUser, false);
- }
-
- @Test
- public void sets_root_flag_to_false_when_removing_user_admin_permission_of_default_organization_with_org_parameter() throws Exception {
- UserDto lastAdminUser = db.users().insertRootByUserPermission();
- UserDto adminUser = db.users().insertRootByUserPermission();
- loginAsAdmin(db.getDefaultOrganization());
-
- executeRequest(adminUser, db.getDefaultOrganization(), SYSTEM_ADMIN);
-
- db.rootFlag().verify(adminUser, false);
- }
-
- @Test
- public void does_not_set_root_flag_to_false_when_removing_user_admin_permission_of_other_organization() throws Exception {
- UserDto rootUser = db.users().insertRootByUserPermission();
- UserDto notRootUser = db.users().insertUser();
- OrganizationDto otherOrganization = db.organizations().insert();
- db.users().insertPermissionOnUser(otherOrganization, rootUser, SYSTEM_ADMIN);
- db.users().insertPermissionOnUser(otherOrganization, notRootUser, SYSTEM_ADMIN);
- // another admin is required so that admin permission can be dropped
- UserDto anotherAdmin = db.users().insertUser();
- db.users().insertPermissionOnUser(otherOrganization, anotherAdmin, SYSTEM_ADMIN);
-
- loginAsAdmin(otherOrganization);
-
- executeRequest(rootUser, otherOrganization, SYSTEM_ADMIN);
- db.rootFlag().verify(rootUser, true);
- db.rootFlag().verifyUnchanged(notRootUser);
-
- executeRequest(notRootUser, otherOrganization, SYSTEM_ADMIN);
- db.rootFlag().verify(rootUser, true);
- db.rootFlag().verify(notRootUser, false);
- }
-
- private void executeRequest(UserDto userDto, OrganizationDto organizationDto, String permission) throws Exception {
- newRequest()
- .setParam(PARAM_USER_LOGIN, userDto.getLogin())
- .setParam(PARAM_PERMISSION, permission)
- .setParam(PARAM_ORGANIZATION, organizationDto.getKey())
- .execute();
- }
-
- private void executeRequest(UserDto userDto, String permission) throws Exception {
- newRequest()
- .setParam(PARAM_USER_LOGIN, userDto.getLogin())
- .setParam(PARAM_PERMISSION, permission)
- .execute();
- }
-
- @Test
public void removing_global_permission_fails_if_not_administrator_of_organization() throws Exception {
userSession.logIn();
diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CreateActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CreateActionTest.java
index 269ca936220..c5347fc49b9 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/user/ws/CreateActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/ws/CreateActionTest.java
@@ -113,6 +113,7 @@ public class CreateActionTest {
// exists in db
Optional<UserDto> dbUser = db.users().selectUserByLogin("john");
assertThat(dbUser).isPresent();
+ assertThat(dbUser.get().isRoot()).isFalse();
// member of default group in default organization
assertThat(db.users().selectGroupIdsOfUser(dbUser.get())).containsOnly(defaultGroupInDefaultOrg.getId());
@@ -130,8 +131,8 @@ public class CreateActionTest {
.build());
assertThat(db.users().selectUserByLogin("john").get())
- .extracting(UserDto::isLocal, UserDto::getExternalIdentityProvider, UserDto::getExternalIdentity)
- .containsOnly(true, "sonarqube", "john");
+ .extracting(UserDto::isLocal, UserDto::getExternalIdentityProvider, UserDto::getExternalIdentity, UserDto::isRoot)
+ .containsOnly(true, "sonarqube", "john", false);
}
@Test
@@ -145,8 +146,8 @@ public class CreateActionTest {
.build());
assertThat(db.users().selectUserByLogin("john").get())
- .extracting(UserDto::isLocal, UserDto::getExternalIdentityProvider, UserDto::getExternalIdentity)
- .containsOnly(false, "sonarqube", "john");
+ .extracting(UserDto::isLocal, UserDto::getExternalIdentityProvider, UserDto::getExternalIdentity, UserDto::isRoot)
+ .containsOnly(false, "sonarqube", "john", false);
}
@Test
@@ -213,27 +214,6 @@ public class CreateActionTest {
}
@Test
- public void create_user_with_root_flag_to_false_if_default_group_is_unset() throws Exception {
- unsetDefaultGroupProperty();
- logInAsRoot();
-
- executeRequest("john");
-
- db.rootFlag().verify("john", false);
- }
-
- @Test
- public void create_user_with_root_flag_to_false_if_default_group_is_non_admin_on_default_organization() throws Exception {
- GroupDto adminGroup = db.users().insertGroup(db.getDefaultOrganization());
- setDefaultGroupProperty(adminGroup);
- logInAsRoot();
-
- executeRequest("foo");
-
- db.rootFlag().verify("foo", false);
- }
-
- @Test
public void request_fails_with_ServerException_when_default_group_belongs_to_another_organization() throws Exception {
OrganizationDto otherOrganization = db.organizations().insert();
GroupDto group = db.users().insertGroup(otherOrganization);
@@ -248,17 +228,6 @@ public class CreateActionTest {
}
@Test
- public void create_user_with_root_flag_to_true_if_default_group_is_admin_on_default_organization() throws Exception {
- GroupDto adminGroup = db.users().insertAdminGroup(db.getDefaultOrganization());
- setDefaultGroupProperty(adminGroup);
- logInAsRoot();
-
- executeRequest("doh");
-
- db.rootFlag().verify("doh", true);
- }
-
- @Test
public void fail_when_missing_login() throws Exception {
logInAsRoot();
@@ -322,10 +291,6 @@ public class CreateActionTest {
executeRequest("john");
}
- private void unsetDefaultGroupProperty() {
- settings.setProperty("sonar.defaultGroup", (String) null);
- }
-
private void setDefaultGroupProperty(GroupDto adminGroup) {
settings.setProperty("sonar.defaultGroup", adminGroup.getName());
}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
index 449b56b292c..95bb208352a 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/AddUserActionTest.java
@@ -58,7 +58,7 @@ public class AddUserActionTest {
@Before
public void setUp() {
- ws = new WsTester(new UserGroupsWs(new AddUserAction(db.getDbClient(), userSession, newGroupWsSupport(), defaultOrganizationProvider)));
+ ws = new WsTester(new UserGroupsWs(new AddUserAction(db.getDbClient(), userSession, newGroupWsSupport())));
}
@Test
@@ -197,47 +197,6 @@ public class AddUserActionTest {
executeRequest(group, user);
}
- @Test
- public void set_root_flag_to_true_when_adding_user_to_group_of_default_organization_with_admin_permission() throws Exception {
- GroupDto group = db.users().insertAdminGroup();
- UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser("falselyRootUser"));
- UserDto notRootUser = db.users().insertUser("notRootUser");
- loginAsAdminOnDefaultOrganization();
-
- executeRequest(group, falselyRootUser);
- verifyUserInGroup(falselyRootUser, group);
- db.rootFlag().verify(falselyRootUser, true);
- verifyUserNotInGroup(notRootUser, group);
- db.rootFlag().verifyUnchanged(notRootUser);
-
- executeRequest(group, notRootUser);
- verifyUserInGroup(falselyRootUser, group);
- db.rootFlag().verify(falselyRootUser, true);
- verifyUserInGroup(notRootUser, group);
- db.rootFlag().verify(notRootUser, true);
- }
-
- @Test
- public void does_not_set_root_flag_to_true_when_adding_user_to_group_of_other_organization_with_admin_permission() throws Exception {
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto group = db.users().insertAdminGroup(otherOrganization);
- UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser("falselyRootUser"));
- UserDto notRootUser = db.users().insertUser("notRootUser");
- loginAsAdmin(otherOrganization);
-
- executeRequest(group, falselyRootUser);
- verifyUserInGroup(falselyRootUser, group);
- db.rootFlag().verify(falselyRootUser, false);
- verifyUserNotInGroup(notRootUser, group);
- db.rootFlag().verifyUnchanged(notRootUser);
-
- executeRequest(group, notRootUser);
- verifyUserInGroup(falselyRootUser, group);
- db.rootFlag().verify(falselyRootUser, false);
- verifyUserInGroup(notRootUser, group);
- db.rootFlag().verify(notRootUser, false);
- }
-
private void executeRequest(GroupDto groupDto, UserDto userDto) throws Exception {
newRequest()
.setParam("id", groupDto.getId().toString())
@@ -278,18 +237,6 @@ public class AddUserActionTest {
return new GroupWsSupport(db.getDbClient(), defaultOrganizationProvider);
}
- private void verifyUserInGroup(UserDto userDto, GroupDto groupDto) {
- assertThat(isUserInGroup(userDto, groupDto))
- .as("user '%s' is a member of group '%s' of organization '%s'", userDto.getLogin(), groupDto.getName(), groupDto.getOrganizationUuid())
- .isTrue();
- }
-
- private void verifyUserNotInGroup(UserDto userDto, GroupDto groupDto) {
- assertThat(isUserInGroup(userDto, groupDto))
- .as("user '%s' is not a member of group '%s' of organization '%s'", userDto.getLogin(), groupDto.getName(), groupDto.getOrganizationUuid())
- .isFalse();
- }
-
private boolean isUserInGroup(UserDto userDto, GroupDto groupDto) {
List<UserMembershipDto> members = db.getDbClient().groupMembershipDao()
.selectMembers(db.getSession(), UserMembershipQuery.builder().groupId(groupDto.getId()).membership(UserMembershipQuery.IN).build(), 0, Integer.MAX_VALUE);
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
index 5e97c03b196..6893bd8e510 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java
@@ -270,85 +270,6 @@ public class DeleteActionTest {
assertThat(db.users().selectGroupPermissions(adminGroup2, null)).hasSize(1);
}
- @Test
- public void deleting_a_group_of_default_organization_with_admin_permissions_updates_root_flag_of_its_members() throws Exception {
- UserDto rootByUserPermission1 = db.users().insertRootByUserPermission("root1");
- UserDto rootByUserPermission2 = db.users().insertRootByUserPermission("root2");
- UserDto rootByUserPermission3 = db.users().insertRootByUserPermission("root3");
- GroupDto adminGroup1 = db.users().insertAdminGroup(db.getDefaultOrganization());
- GroupDto adminGroup2 = db.users().insertAdminGroup(db.getDefaultOrganization());
- // member of admin group 1
- UserDto rootByGroupPermission1 = db.users().insertRootByGroupPermission(adminGroup1);
- UserDto rootByGroupPermission2 = db.users().insertRootByGroupPermission(adminGroup1);
- db.users().insertMembers(adminGroup1, rootByUserPermission1);
- db.users().insertMembers(adminGroup1, rootByUserPermission3);
- // members of admin group 2
- UserDto rootByGroupPermission3 = db.users().insertRootByGroupPermission(adminGroup2);
- db.users().insertMembers(adminGroup2, rootByUserPermission2);
- db.users().insertMembers(adminGroup2, rootByUserPermission3);
- db.users().insertMembers(adminGroup2, rootByGroupPermission2);
- loginAsAdmin(db.getDefaultOrganization());
-
- executeDeleteGroupRequest(adminGroup1);
- db.rootFlag().verify(rootByUserPermission1, true);
- db.rootFlag().verifyUnchanged(rootByUserPermission2);
- db.rootFlag().verify(rootByUserPermission3, true);
- db.rootFlag().verify(rootByGroupPermission1, false);
- db.rootFlag().verify(rootByGroupPermission2, true);
- db.rootFlag().verifyUnchanged(rootByGroupPermission3);
-
- executeDeleteGroupRequest(adminGroup2);
- db.rootFlag().verify(rootByUserPermission1, true);
- db.rootFlag().verify(rootByUserPermission2, true);
- db.rootFlag().verify(rootByUserPermission3, true);
- db.rootFlag().verify(rootByGroupPermission1, false);
- db.rootFlag().verify(rootByGroupPermission2, false);
- db.rootFlag().verify(rootByGroupPermission3, false);
- }
-
- @Test
- public void deleting_a_group_of_other_organization_with_admin_permissions_does_not_update_root_flag_of_its_members() throws Exception {
- OrganizationDto otherOrganization = db.organizations().insert();
- UserDto rootByUserPermission1 = db.users().insertRootByUserPermission("root1");
- UserDto rootByUserPermission2 = db.users().insertRootByUserPermission("root2");
- UserDto rootByUserPermission3 = db.users().insertRootByUserPermission("root3");
- db.users().insertPermissionOnUser(otherOrganization, rootByUserPermission1, SYSTEM_ADMIN);
- db.users().insertPermissionOnUser(otherOrganization, rootByUserPermission2, SYSTEM_ADMIN);
- db.users().insertPermissionOnUser(otherOrganization, rootByUserPermission3, SYSTEM_ADMIN);
- GroupDto adminGroup1 = db.users().insertAdminGroup(otherOrganization);
- GroupDto adminGroup2 = db.users().insertAdminGroup(otherOrganization);
- // member of admin group 1
- UserDto falselyRootByGroupPermission1 = db.users().makeRoot(db.users().insertUser());
- UserDto falselyRootByGroupPermission2 = db.users().makeRoot(db.users().insertUser());
- db.users().insertMembers(adminGroup1, falselyRootByGroupPermission1);
- db.users().insertMembers(adminGroup1, falselyRootByGroupPermission2);
- db.users().insertMembers(adminGroup1, rootByUserPermission1);
- db.users().insertMembers(adminGroup1, rootByUserPermission3);
- // members of admin group 2
- UserDto falselyRootByGroupPermission3 = db.users().makeRoot(db.users().insertUser());
- db.users().insertMembers(adminGroup2, falselyRootByGroupPermission3);
- db.users().insertMembers(adminGroup2, rootByUserPermission2);
- db.users().insertMembers(adminGroup2, rootByUserPermission3);
- db.users().insertMembers(adminGroup2, falselyRootByGroupPermission2);
- loginAsAdmin(otherOrganization);
-
- executeDeleteGroupRequest(adminGroup1);
- db.rootFlag().verify(rootByUserPermission1, true);
- db.rootFlag().verifyUnchanged(rootByUserPermission2);
- db.rootFlag().verify(rootByUserPermission3, true);
- db.rootFlag().verify(falselyRootByGroupPermission1, false);
- db.rootFlag().verify(falselyRootByGroupPermission2, false);
- db.rootFlag().verifyUnchanged(falselyRootByGroupPermission3);
-
- executeDeleteGroupRequest(adminGroup2);
- db.rootFlag().verify(rootByUserPermission1, true);
- db.rootFlag().verify(rootByUserPermission2, true);
- db.rootFlag().verify(rootByUserPermission3, true);
- db.rootFlag().verify(falselyRootByGroupPermission1, false);
- db.rootFlag().verify(falselyRootByGroupPermission2, false);
- db.rootFlag().verify(falselyRootByGroupPermission3, false);
- }
-
private WsTester.Result executeDeleteGroupRequest(GroupDto adminGroup1) throws Exception {
return newRequest()
.setParam(PARAM_GROUP_ID, adminGroup1.getId().toString())
diff --git a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
index 0dc09b99f0d..1bd98d38376 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/usergroups/ws/RemoveUserActionTest.java
@@ -19,7 +19,6 @@
*/
package org.sonar.server.usergroups.ws;
-import java.util.List;
import org.junit.Before;
import org.junit.Rule;
import org.junit.Test;
@@ -30,8 +29,6 @@ import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
-import org.sonar.db.user.UserMembershipDto;
-import org.sonar.db.user.UserMembershipQuery;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
@@ -59,7 +56,7 @@ public class RemoveUserActionTest {
@Before
public void setUp() {
GroupWsSupport groupSupport = new GroupWsSupport(db.getDbClient(), defaultOrganizationProvider);
- ws = new WsTester(new UserGroupsWs(new RemoveUserAction(db.getDbClient(), userSession, groupSupport, defaultOrganizationProvider)));
+ ws = new WsTester(new UserGroupsWs(new RemoveUserAction(db.getDbClient(), userSession, groupSupport)));
}
@Test
@@ -185,68 +182,6 @@ public class RemoveUserActionTest {
}
@Test
- public void sets_root_flag_to_false_when_removing_user_from_group_of_default_organization_with_admin_permission() throws Exception {
- // keep an administrator
- insertAnAdministratorInDefaultOrganization();
-
- GroupDto adminGroup = db.users().insertAdminGroup();
- UserDto user1 = db.users().insertRootByGroupPermission("user1", adminGroup);
- UserDto user2 = db.users().insertRootByGroupPermission("user2", adminGroup);
- loginAsAdminOnDefaultOrganization();
-
- executeRequest(adminGroup, user1);
- verifyUserNotInGroup(user1, adminGroup);
- verifyRootFlagUpdated(user1, false);
- verifyUserInGroup(user2, adminGroup);
- verifyUnchanged(user2);
-
- executeRequest(adminGroup, user2);
- verifyUserNotInGroup(user1, adminGroup);
- verifyRootFlag(user1, false);
- verifyUserNotInGroup(user2, adminGroup);
- verifyRootFlagUpdated(user2, false);
- }
-
- @Test
- public void does_not_set_root_flag_to_false_when_removing_user_from_group_of_default_organization_and_user_is_admin_of_default_organization_another_way()
- throws Exception {
- GroupDto adminGroup1 = db.users().insertAdminGroup();
- UserDto adminUserByUserPermission = db.users().insertRootByUserPermission("adminUserByUserPermission");
- UserDto adminUserByTwoGroups = db.users().insertRootByGroupPermission("adminUserByTwoGroups", adminGroup1);
- UserDto adminUserBySingleGroup = db.users().insertUser("adminUserBySingleGroup");
- GroupDto adminGroup2 = db.users().insertAdminGroup();
- db.users().insertMembers(adminGroup2, adminUserByUserPermission, adminUserByTwoGroups, adminUserBySingleGroup);
- loginAsAdminOnDefaultOrganization();
-
- executeRequest(adminGroup2, adminUserByUserPermission);
- verifyUserNotInGroup(adminUserByUserPermission, adminGroup2);
- verifyRootFlagUpdated(adminUserByUserPermission, true);
- verifyUserInGroup(adminUserByTwoGroups, adminGroup2);
- verifyUserInGroup(adminUserByTwoGroups, adminGroup1);
- verifyUnchanged(adminUserByTwoGroups);
- verifyUserInGroup(adminUserBySingleGroup, adminGroup2);
- verifyUnchanged(adminUserBySingleGroup);
-
- executeRequest(adminGroup2, adminUserByTwoGroups);
- verifyUserNotInGroup(adminUserByUserPermission, adminGroup2);
- verifyRootFlag(adminUserByUserPermission, true);
- verifyUserNotInGroup(adminUserByTwoGroups, adminGroup2);
- verifyUserInGroup(adminUserByTwoGroups, adminGroup1);
- verifyRootFlagUpdated(adminUserByTwoGroups, true);
- verifyUserInGroup(adminUserBySingleGroup, adminGroup2);
- verifyUnchanged(adminUserBySingleGroup);
-
- executeRequest(adminGroup2, adminUserBySingleGroup);
- verifyUserNotInGroup(adminUserByUserPermission, adminGroup2);
- verifyRootFlag(adminUserByUserPermission, true);
- verifyUserNotInGroup(adminUserByTwoGroups, adminGroup2);
- verifyUserInGroup(adminUserByTwoGroups, adminGroup1);
- verifyRootFlagUpdated(adminUserByTwoGroups, true);
- verifyUserNotInGroup(adminUserBySingleGroup, adminGroup2);
- verifyRootFlagUpdated(adminUserBySingleGroup, false);
- }
-
- @Test
public void throw_ForbiddenException_if_not_administrator_of_organization() throws Exception {
OrganizationDto org = db.organizations().insert();
GroupDto group = db.users().insertGroup(org, "a-group");
@@ -281,13 +216,6 @@ public class RemoveUserActionTest {
.execute();
}
- private void executeRequest(GroupDto group, UserDto user) throws Exception {
- newRequest()
- .setParam("id", group.getId().toString())
- .setParam("login", user.getLogin())
- .execute();
- }
-
private WsTester.TestRequest newRequest() {
return ws.newPostRequest("api/user_groups", "remove_user");
}
@@ -300,38 +228,6 @@ public class RemoveUserActionTest {
userSession.logIn("admin").addOrganizationPermission(org.getUuid(), GlobalPermissions.SYSTEM_ADMIN);
}
- private void verifyUnchanged(UserDto user) {
- db.rootFlag().verifyUnchanged(user);
- }
-
- private void verifyRootFlagUpdated(UserDto userDto, boolean root) {
- db.rootFlag().verify(userDto, root);
- }
-
- private void verifyRootFlag(UserDto userDto, boolean root) {
- db.rootFlag().verify(userDto, root);
- }
-
- private void verifyUserInGroup(UserDto userDto, GroupDto groupDto) {
- assertThat(isUserInGroup(userDto, groupDto))
- .as("user '%s' is a member of group '%s' of organization '%s'", userDto.getLogin(), groupDto.getName(), groupDto.getOrganizationUuid())
- .isTrue();
- }
-
- private void verifyUserNotInGroup(UserDto userDto, GroupDto groupDto) {
- assertThat(isUserInGroup(userDto, groupDto))
- .as("user '%s' is not a member of group '%s' of organization '%s'", userDto.getLogin(), groupDto.getName(), groupDto.getOrganizationUuid())
- .isFalse();
- }
-
- private boolean isUserInGroup(UserDto userDto, GroupDto groupDto) {
- List<UserMembershipDto> members = db.getDbClient().groupMembershipDao()
- .selectMembers(db.getSession(), UserMembershipQuery.builder().groupId(groupDto.getId()).membership(UserMembershipQuery.IN).build(), 0, Integer.MAX_VALUE);
- return members
- .stream()
- .anyMatch(dto -> dto.getLogin().equals(userDto.getLogin()));
- }
-
private UserDto insertAnAdministratorInDefaultOrganization() {
return db.users().insertAdminByUserPermission(db.getDefaultOrganization());
}
diff --git a/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java b/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java
index be74102e5c9..a046383ecb1 100644
--- a/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java
@@ -115,17 +115,6 @@ public class GroupDao implements Dao {
return mapper(dbSession).selectByOrganizationUuid(organizationUuid);
}
- /**
- * Ensures all users of the specified group have its root flag set or unset depending on whether each of them have the
- * 'admin' permission in the default organization or not.
- */
- public void updateRootFlagOfUsersInGroupFromPermissions(DbSession dbSession, long groupId, String defaultOrganizationUuid) {
- long now = system.now();
- GroupMapper mapper = mapper(dbSession);
- mapper.updateRootUsersOfGroup(groupId, defaultOrganizationUuid, now);
- mapper.updateNonRootUsersOfGroup(groupId, defaultOrganizationUuid, now);
- }
-
private static GroupMapper mapper(DbSession session) {
return session.getMapper(GroupMapper.class);
}
diff --git a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java
index eeb2ab8e9b0..f6a7164b5b8 100644
--- a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java
@@ -58,13 +58,5 @@ public interface GroupMapper {
List<GroupDto> selectByOrganizationUuid(@Param("organizationUuid") String organizationUuid);
- int updateRootUsersOfGroup(@Param("groupId") long groupId,
- @Param("defaultOrganizationUuid") String defaultOrganizationUuid,
- @Param("now") long now);
-
- int updateNonRootUsersOfGroup(@Param("groupId") long groupId,
- @Param("defaultOrganizationUuid") String defaultOrganizationUuid,
- @Param("now") long now);
-
List<GroupDto> selectByIds(@Param("ids") List<Long> ids);
}
diff --git a/sonar-db/src/main/java/org/sonar/db/user/UserDao.java b/sonar-db/src/main/java/org/sonar/db/user/UserDao.java
index 19c5cde9b28..0a87ffddae5 100644
--- a/sonar-db/src/main/java/org/sonar/db/user/UserDao.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/UserDao.java
@@ -194,17 +194,6 @@ public class UserDao implements Dao {
return mapper(dbSession).countByEmail(email.toLowerCase(Locale.ENGLISH)) > 0;
}
- /**
- * Ensures the specified user has its root flag set or unset depending on whether the user has the 'admin' permission
- * in the default organization or not.
- */
- public void updateRootFlagFromPermissions(DbSession dbSession, long userId, String defaultOrganizationUuid) {
- long now = system2.now();
- UserMapper mapper = mapper(dbSession);
- mapper.updateRootUser(userId, defaultOrganizationUuid, now);
- mapper.updateNonRootUser(userId, defaultOrganizationUuid, now);
- }
-
protected UserMapper mapper(DbSession session) {
return session.getMapper(UserMapper.class);
}
diff --git a/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java b/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java
index 799d73f2414..b7cf25be54e 100644
--- a/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java
@@ -74,8 +74,4 @@ public interface UserMapper {
void deactivateUser(@Param("id") long userId, @Param("now") long now);
- int updateRootUser(@Param("userId") long userId, @Param("defaultOrganizationUuid") String defaultOrganizationUuid, @Param("now") long now);
-
- int updateNonRootUser(@Param("userId") long userId, @Param("defaultOrganizationUuid") String defaultOrganizationUuid, @Param("now") long now);
-
}
diff --git a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml
index 39b0193fc31..4f6928e7b28 100644
--- a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml
+++ b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml
@@ -137,92 +137,4 @@
order by upper(g.name)
</select>
- <update id="updateRootUsersOfGroup">
- update users u set
- is_root = ${_true},
- updated_at = #{now,jdbcType=BIGINT}
- where
- u.id in (<include refid="userIdsForGroupId"/>)
- and exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <update id="updateRootUsersOfGroup" databaseId="mssql">
- update u set
- is_root = ${_true},
- updated_at = #{now,jdbcType=BIGINT}
- from users u
- where
- u.id in (<include refid="userIdsForGroupId"/>)
- and exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <update id="updateNonRootUsersOfGroup">
- update users u set
- is_root = ${_false},
- updated_at = #{now,jdbcType=BIGINT}
- where
- u.id in (<include refid="userIdsForGroupId"/>)
- and not exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <update id="updateNonRootUsersOfGroup" databaseId="mssql">
- update u set
- is_root = ${_false},
- updated_at = #{now,jdbcType=BIGINT}
- from users u
- where
- u.id in (<include refid="userIdsForGroupId"/>)
- and not exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <sql id="userIdsForGroupId">
- select
- gu.user_id
- from
- groups_users gu
- where
- gu.group_id = #{groupId,jdbcType=BIGINT}
- </sql>
-
- <sql id="userPermissionAdminInDefaultOrganizationForUser">
- select
- 1
- from
- user_roles ur
- where
- ur.user_id = u.id
- and ur.role = 'admin'
- and ur.resource_id is null
- and ur.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR}
- </sql>
-
- <sql id="groupPermissionAdminInDefaultOrganizationForUser">
- select
- 1
- from
- groups_users gu,
- group_roles gr
- where
- gu.user_id = u.id
- and gu.group_id = gr.group_id
- and gr.role = 'admin'
- and gr.resource_id is null
- and gr.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR}
- </sql>
</mapper>
diff --git a/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml b/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml
index cb65570170f..17818753a6a 100644
--- a/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml
+++ b/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml
@@ -210,84 +210,4 @@
login = #{login}
</insert>
- <update id="updateRootUser">
- update users u set
- is_root = ${_true},
- updated_at = #{now,jdbcType=BIGINT}
- where
- u.id = #{userId,jdbcType=BIGINT}
- and exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <update id="updateRootUser" databaseId="mssql">
- update u set
- is_root = ${_true},
- updated_at = #{now,jdbcType=BIGINT}
- from users u
- where
- u.id = #{userId,jdbcType=BIGINT}
- and exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <update id="updateNonRootUser">
- update users u set
- is_root = ${_false},
- updated_at = #{now,jdbcType=BIGINT}
- where
- u.id = #{userId,jdbcType=BIGINT}
- and not exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <update id="updateNonRootUser" databaseId="mssql">
- update u set
- is_root = ${_false},
- updated_at = #{now,jdbcType=BIGINT}
- from users u
- where
- u.id = #{userId,jdbcType=BIGINT}
- and not exists (
- <include refid="userPermissionAdminInDefaultOrganizationForUser"/>
- union
- <include refid="groupPermissionAdminInDefaultOrganizationForUser"/>
- )
- </update>
-
- <sql id="userPermissionAdminInDefaultOrganizationForUser">
- select
- 1
- from
- user_roles ur
- where
- ur.user_id = u.id
- and ur.role = 'admin'
- and ur.resource_id is null
- and ur.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR}
- </sql>
-
- <sql id="groupPermissionAdminInDefaultOrganizationForUser">
- select
- 1
- from
- groups_users gu,
- group_roles gr
- where
- gu.user_id = u.id
- and gu.group_id = gr.group_id
- and gr.role = 'admin'
- and gr.resource_id is null
- and gr.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR}
- </sql>
-
</mapper>
diff --git a/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java
index b5c641f54f7..ca641b39463 100644
--- a/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java
@@ -32,11 +32,9 @@ import org.sonar.db.DbTester;
import org.sonar.db.organization.OrganizationDto;
import static java.util.Arrays.asList;
-import static java.util.Arrays.stream;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.user.GroupTesting.newGroupDto;
public class GroupDaoTest {
@@ -47,8 +45,6 @@ public class GroupDaoTest {
.setKey("an-org")
.setName("An Org")
.setUuid("abcde");
- private static final long DATE_1 = 8_776_543L;
- private static final long DATE_2 = 4_776_898L;
private System2 system2 = mock(System2.class);
@@ -223,192 +219,6 @@ public class GroupDaoTest {
}
@Test
- public void updateRootFlagOfUsersInGroupFromPermissions_sets_root_flag_to_false_if_users_have_no_permission_at_all() {
- UserDto[] usersInGroup1 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] usersInGroup2 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] usersNotInGroup = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- GroupDto group1 = db.users().insertGroup();
- stream(usersInGroup1).forEach(user -> db.users().insertMember(group1, user));
- GroupDto group2 = db.users().insertGroup();
- stream(usersInGroup2).forEach(user -> db.users().insertMember(group2, user));
-
- call_updateRootFlagFromPermissions(group1, DATE_1);
- stream(usersInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersInGroup2).forEach(db.rootFlag()::verifyUnchanged);
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
-
- call_updateRootFlagFromPermissions(group2, DATE_2);
- stream(usersInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(usersInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
- }
-
- @Test
- public void updateRootFlagOfUsersInGroupFromPermissions_sets_root_flag_to_true_if_users_has_admin_user_permission_on_default_organization() {
- UserDto[] usersWithAdminInGroup1 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser(),
- };
- UserDto[] usersWithoutAdminInGroup1 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser(),
- };
- UserDto[] usersWithAdminInGroup2 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] usersWithoutAdminInGroup2 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] usersNotInGroup = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- GroupDto group1 = db.users().insertGroup();
- stream(usersWithAdminInGroup1).forEach(user -> db.users().insertMember(group1, user));
- stream(usersWithoutAdminInGroup1).forEach(user -> db.users().insertMember(group1, user));
- stream(usersWithAdminInGroup1).forEach(user -> db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN));
- GroupDto group2 = db.users().insertGroup();
- stream(usersWithAdminInGroup2).forEach(user -> db.users().insertMember(group2, user));
- stream(usersWithoutAdminInGroup2).forEach(user -> db.users().insertMember(group2, user));
- stream(usersWithAdminInGroup2).forEach(user -> db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN));
-
- call_updateRootFlagFromPermissions(group1, DATE_1);
- stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, true, DATE_1));
- stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersWithAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged);
- stream(usersWithoutAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged);
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
-
- call_updateRootFlagFromPermissions(group2, DATE_2);
- stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, true, DATE_1));
- stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersWithAdminInGroup2).forEach(user -> db.rootFlag().verify(user, true, DATE_2));
- stream(usersWithoutAdminInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
- }
-
- @Test
- public void updateRootFlagOfUsersInGroupFromPermissions_ignores_permissions_on_anyone_on_default_organization() {
- UserDto[] usersWithAdminInGroup1 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser(),
- };
- UserDto[] usersWithoutAdminInGroup1 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser(),
- };
- UserDto[] usersWithAdminInGroup2 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] usersWithoutAdminInGroup2 = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] usersNotInGroup = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- GroupDto group1 = db.users().insertGroup();
- stream(usersWithAdminInGroup1).forEach(user -> db.users().insertMember(group1, user));
- stream(usersWithoutAdminInGroup1).forEach(user -> db.users().insertMember(group1, user));
- GroupDto group2 = db.users().insertGroup();
- stream(usersWithAdminInGroup2).forEach(user -> db.users().insertMember(group2, user));
- stream(usersWithoutAdminInGroup2).forEach(user -> db.users().insertMember(group2, user));
- db.users().insertPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN);
-
- call_updateRootFlagFromPermissions(group1, DATE_1);
- stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersWithAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged);
- stream(usersWithoutAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged);
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
-
- call_updateRootFlagFromPermissions(group2, DATE_2);
- stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersWithAdminInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(usersWithoutAdminInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
- }
-
- @Test
- public void updateRootFlagOfUsersInGroupFromPermissions_ignores_permissions_on_anyone_on_other_organization() {
- UserDto[] usersInGroup = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser(),
- };
- UserDto[] usersInOtherGroup = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] usersNotInGroup = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- GroupDto group = db.users().insertGroup();
- stream(usersInGroup).forEach(user -> db.users().insertMember(group, user));
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto otherGroup = db.users().insertGroup(otherOrganization);
- stream(usersInOtherGroup).forEach(user -> db.users().insertMember(otherGroup, user));
- db.users().insertPermissionOnAnyone(otherOrganization, SYSTEM_ADMIN);
-
- call_updateRootFlagFromPermissions(group, DATE_1);
- stream(usersInGroup).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersInOtherGroup).forEach(db.rootFlag()::verifyUnchanged);
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
-
- call_updateRootFlagFromPermissions(otherGroup, DATE_2);
- stream(usersInGroup).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- stream(usersInOtherGroup).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged);
- }
-
- @Test
- public void updateRootFlagOfUsersInGroupFromPermissions_set_root_flag_to_false_on_users_of_group_of_non_default_organization() {
- UserDto[] nonAdminUsers = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser()
- };
- UserDto[] adminPerUserPermissionUsers = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser() // incorrectly not root
- };
- UserDto[] adminPerGroupPermissionUsers = {
- db.users().makeRoot(db.users().insertUser()),
- db.users().insertUser() // incorrectly not root
- };
- OrganizationDto otherOrganization = db.organizations().insert();
- GroupDto nonAdminGroup = db.users().insertGroup(otherOrganization);
- db.users().insertMembers(nonAdminGroup, nonAdminUsers);
- db.users().insertMembers(nonAdminGroup, adminPerUserPermissionUsers);
- stream(adminPerUserPermissionUsers).forEach(user -> db.users().insertPermissionOnUser(otherOrganization, user, SYSTEM_ADMIN));
- GroupDto adminGroup = db.users().insertAdminGroup(otherOrganization);
- db.users().insertMembers(adminGroup, adminPerGroupPermissionUsers);
-
- call_updateRootFlagFromPermissions(nonAdminGroup, DATE_2);
- stream(nonAdminUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(adminPerUserPermissionUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(adminPerGroupPermissionUsers).forEach(db.rootFlag()::verifyUnchanged);
-
- call_updateRootFlagFromPermissions(adminGroup, DATE_1);
- stream(nonAdminUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(adminPerUserPermissionUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2));
- stream(adminPerGroupPermissionUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_1));
- }
-
- @Test
public void deleteByOrganization_does_not_fail_when_table_is_empty() {
underTest.deleteByOrganization(dbSession, "some uuid");
dbSession.commit();
@@ -452,10 +262,4 @@ public class GroupDaoTest {
.extracting(row -> (String) row.get("organizationUuid"))
.containsOnly(organizationUuids);
}
-
- private void call_updateRootFlagFromPermissions(GroupDto groupDto, long now) {
- when(system2.now()).thenReturn(now);
- underTest.updateRootFlagOfUsersInGroupFromPermissions(db.getSession(), groupDto.getId(), db.getDefaultOrganization().getUuid());
- db.commit();
- }
}
diff --git a/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java
index f9628b6d7fb..cbd7af7558b 100644
--- a/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java
@@ -33,7 +33,6 @@ import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
import org.sonar.db.RowNotFoundException;
-import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.property.PropertyDto;
import org.sonar.db.property.PropertyQuery;
@@ -43,7 +42,6 @@ import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
-import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
import static org.sonar.db.user.GroupMembershipQuery.IN;
import static org.sonar.db.user.GroupMembershipQuery.builder;
import static org.sonar.db.user.GroupTesting.newGroupDto;
@@ -51,8 +49,6 @@ import static org.sonar.db.user.UserTesting.newUserDto;
public class UserDaoTest {
private static final long NOW = 1_500_000_000_000L;
- private static final long DATE_1 = 1_222_001L;
- private static final long DATE_2 = 4_333_555L;
private System2 system2 = mock(System2.class);
@@ -596,116 +592,6 @@ public class UserDaoTest {
assertThat(underTest.selectByLogin(session, inactiveRootUser.getLogin()).isRoot()).isTrue();
}
- @Test
- public void updateRootFlagFromPermissions_sets_root_flag_to_false_if_user_has_no_permission_at_all() {
- UserDto rootUser = db.users().makeRoot(db.users().insertUser());
- UserDto notRootUser = db.users().insertUser();
-
- call_updateRootFlagFromPermissions(rootUser, DATE_1);
- db.rootFlag().verify(rootUser, false, DATE_1);
- db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt());
-
- call_updateRootFlagFromPermissions(notRootUser, DATE_2);
- db.rootFlag().verify(rootUser, false, DATE_1);
- db.rootFlag().verify(notRootUser, false, DATE_2);
- }
-
- @Test
- public void updateRootFlagFromPermissions_sets_root_flag_to_true_if_user_has_admin_user_permission_on_default_organization() {
- UserDto rootUser = db.users().insertRootByUserPermission();
- UserDto incorrectlyNotRootUser = db.users().insertUser();
- db.users().insertPermissionOnUser(db.getDefaultOrganization(), incorrectlyNotRootUser, SYSTEM_ADMIN);
-
- call_updateRootFlagFromPermissions(rootUser, DATE_1);
- db.rootFlag().verify(rootUser, true, DATE_1);
- db.rootFlag().verify(incorrectlyNotRootUser, false, incorrectlyNotRootUser.getUpdatedAt());
-
- call_updateRootFlagFromPermissions(incorrectlyNotRootUser, DATE_2);
- db.rootFlag().verify(rootUser, true, DATE_1);
- db.rootFlag().verify(incorrectlyNotRootUser, true, DATE_2);
- }
-
- @Test
- public void updateRootFlagFromPermissions_ignores_permissions_on_anyone_on_default_organization() {
- UserDto rootUser = db.users().makeRoot(db.users().insertUser());
- UserDto incorrectlyNotRootUser = db.users().insertUser();
- db.users().insertPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN);
-
- call_updateRootFlagFromPermissions(rootUser, DATE_1);
- db.rootFlag().verify(rootUser, false, DATE_1);
- db.rootFlag().verify(incorrectlyNotRootUser, false, incorrectlyNotRootUser.getUpdatedAt());
-
- call_updateRootFlagFromPermissions(incorrectlyNotRootUser, DATE_2);
- db.rootFlag().verify(rootUser, false, DATE_1);
- db.rootFlag().verify(incorrectlyNotRootUser, false, DATE_2);
- }
-
- @Test
- public void updateRootFlagFromPermissions_ignores_permissions_on_anyone_on_other_organization() {
- UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser());
- UserDto notRootUser = db.users().insertUser();
- OrganizationDto otherOrganization = db.organizations().insert();
- db.users().insertPermissionOnAnyone(otherOrganization, SYSTEM_ADMIN);
-
- call_updateRootFlagFromPermissions(falselyRootUser, DATE_2);
- db.rootFlag().verify(falselyRootUser, false, DATE_2);
- db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt());
-
- call_updateRootFlagFromPermissions(notRootUser, DATE_1);
- db.rootFlag().verify(falselyRootUser, false, DATE_2);
- db.rootFlag().verify(notRootUser, false, DATE_1);
- }
-
- @Test
- public void updateRootFlagFromPermissions_sets_root_flag_to_false_if_user_has_admin_user_permission_on_other_organization() {
- UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser());
- UserDto notRootUser = db.users().insertUser();
- OrganizationDto otherOrganization = db.organizations().insert();
- db.users().insertPermissionOnUser(otherOrganization, falselyRootUser, SYSTEM_ADMIN);
- db.users().insertPermissionOnUser(otherOrganization, notRootUser, SYSTEM_ADMIN);
-
- call_updateRootFlagFromPermissions(falselyRootUser, DATE_1);
- db.rootFlag().verify(falselyRootUser, false, DATE_1);
- db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt());
-
- call_updateRootFlagFromPermissions(notRootUser, DATE_2);
- db.rootFlag().verify(falselyRootUser, false, DATE_1);
- db.rootFlag().verify(notRootUser, false, DATE_2);
- }
-
- @Test
- public void updateRootFlagFromPermissions_sets_root_flag_to_true_if_user_has_admin_group_permission_on_default_organization() {
- UserDto rootUser = db.users().makeRoot(db.users().insertUser());
- UserDto incorrectlyNotRootUser = db.users().insertUser();
- GroupDto groupDto = db.users().insertAdminGroup(db.getDefaultOrganization());
- db.users().insertMembers(groupDto, rootUser, incorrectlyNotRootUser);
-
- call_updateRootFlagFromPermissions(rootUser, DATE_1);
- db.rootFlag().verify(rootUser, true, DATE_1);
- db.rootFlag().verify(incorrectlyNotRootUser, false, incorrectlyNotRootUser.getUpdatedAt());
-
- call_updateRootFlagFromPermissions(incorrectlyNotRootUser, DATE_2);
- db.rootFlag().verify(rootUser, true, DATE_1);
- db.rootFlag().verify(incorrectlyNotRootUser, true, DATE_2);
- }
-
- @Test
- public void updateRootFlagFromPermissions_sets_root_flag_to_false_if_user_has_admin_group_permission_on_other_organization() {
- UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser());
- UserDto notRootUser = db.users().insertUser();
- GroupDto otherOrganizationGroupDto = db.users().insertGroup(db.organizations().insert());
- db.users().insertPermissionOnGroup(otherOrganizationGroupDto, SYSTEM_ADMIN);
- db.users().insertMembers(otherOrganizationGroupDto, falselyRootUser, notRootUser);
-
- call_updateRootFlagFromPermissions(falselyRootUser, DATE_2);
- db.rootFlag().verify(falselyRootUser, false, DATE_2);
- db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt());
-
- call_updateRootFlagFromPermissions(notRootUser, DATE_1);
- db.rootFlag().verify(falselyRootUser, false, DATE_2);
- db.rootFlag().verify(notRootUser, false, DATE_1);
- }
-
private void commit(Runnable runnable) {
runnable.run();
session.commit();
@@ -741,11 +627,4 @@ public class UserDaoTest {
dbClient.userGroupDao().insert(session, dto);
return dto;
}
-
- private void call_updateRootFlagFromPermissions(UserDto userDto, long now) {
- when(system2.now()).thenReturn(now);
- underTest.updateRootFlagFromPermissions(db.getSession(), userDto.getId(), db.getDefaultOrganization().getUuid());
- db.commit();
- }
-
}
diff --git a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java
index e1de83d0d24..10e539f2c80 100644
--- a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java
@@ -80,45 +80,13 @@ public class UserDbTester {
return insertRootByUserPermissionImpl(requireNonNull(login));
}
- public UserDto insertRootByUserPermission() {
- return insertRootByUserPermissionImpl(null);
- }
-
private UserDto insertRootByUserPermissionImpl(@Nullable String login) {
UserDto rootByUserPermissionUser = makeRoot(login == null ? insertUser() : insertUser(login));
insertPermissionOnUser(db.getDefaultOrganization(), rootByUserPermissionUser, SYSTEM_ADMIN);
return rootByUserPermissionUser;
}
- public UserDto insertRootByGroupPermission(String login) {
- return insertRootByGroupPermissionImpl(requireNonNull(login), null);
- }
-
- /**
- * @see #insertAdminGroup()
- */
- public UserDto insertRootByGroupPermission(String login, GroupDto adminGroupDto) {
- return insertRootByGroupPermissionImpl(requireNonNull(login), adminGroupDto);
- }
-
- /**
- * @see #insertAdminGroup()
- */
- public UserDto insertRootByGroupPermission(GroupDto adminGroupDto) {
- return insertRootByGroupPermissionImpl(null, adminGroupDto);
- }
-
- public UserDto insertRootByGroupPermission() {
- return insertRootByGroupPermissionImpl(null, null);
- }
-
- public UserDto insertRootByGroupPermissionImpl(@Nullable String login, @Nullable GroupDto groupDto) {
- UserDto rootByGroupPermissionUser = db.users().makeRoot(login == null ? insertUser() : insertUser(login));
- GroupDto adminGroup = createOrCheckAdminGroup(groupDto);
- insertMember(adminGroup, rootByGroupPermissionUser);
- return rootByGroupPermissionUser;
- }
public UserDto insertAdminByUserPermission(OrganizationDto org) {
UserDto user = db.users().insertUser();