SONAR-21051 use UUID as resource id for /api/v2/users-management/users

author: Aurelien Poscia <aurelien.poscia@sonarsource.com> 2023-11-17 15:18:04 +0100
committer: sonartech <sonartech@sonarsource.com> 2023-11-20 20:02:38 +0000
commit: aeb53a50d3ef212e5cf4068b2c4b17bca1ef6aaf (patch)
tree: d8f6455acf01080621e21223eee14c706f21768f /server/sonar-webserver-common
parent: 0fd28e7faf95aac9e0ee267b54957c2d22adcf66 (diff)
download: sonarqube-aeb53a50d3ef212e5cf4068b2c4b17bca1ef6aaf.tar.gz
sonarqube-aeb53a50d3ef212e5cf4068b2c4b17bca1ef6aaf.zip
3 files changed, 58 insertions, 59 deletions
diff --git a/server/sonar-webserver-common/src/it/java/org/sonar/server/common/user/service/UserServiceIT.java b/server/sonar-webserver-common/src/it/java/org/sonar/server/common/user/service/UserServiceIT.java
index 61a691e815f..0ad92fa02f4 100644
--- a/server/sonar-webserver-common/src/it/java/org/sonar/server/common/user/service/UserServiceIT.java
+++ b/server/sonar-webserver-common/src/it/java/org/sonar/server/common/user/service/UserServiceIT.java
@@ -469,7 +469,7 @@ public class UserServiceIT {
       .setName("Ada Lovelace")
       .setScmAccounts(singletonList("al")));
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     verifyThatUserIsDeactivated(user.getLogin());
   }
@@ -483,7 +483,7 @@ public class UserServiceIT {
       .setName("Ada Lovelace")
       .setScmAccounts(singletonList("al")));
 
-    userService.deactivate(user.getLogin(), true);
+    userService.deactivate(user.getUuid(), true);
 
     verifyThatUserIsDeactivated("anonymized");
     verifyThatUserIsAnomymized("anonymized");
@@ -497,7 +497,7 @@ public class UserServiceIT {
     db.users().insertGroup();
     db.users().insertMember(group1, user);
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().groupMembershipDao().selectGroupUuidsByUserUuid(dbSession, user.getUuid())).isEmpty();
   }
@@ -510,7 +510,7 @@ public class UserServiceIT {
     db.users().insertToken(user);
     db.commit();
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(),false);
 
     assertThat(db.getDbClient().userTokenDao().selectByUser(dbSession, user)).isEmpty();
   }
@@ -525,7 +525,7 @@ public class UserServiceIT {
     db.properties().insertProperty(newUserPropertyDto(user).setEntityUuid(project.uuid()), project.getKey(),
       project.name(), project.qualifier(), user.getLogin());
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().setUserUuid(user.getUuid()).build(), dbSession)).isEmpty();
     assertThat(db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().setUserUuid(user.getUuid()).setEntityUuid(project.uuid()).build(), dbSession)).isEmpty();
@@ -541,7 +541,7 @@ public class UserServiceIT {
     db.users().insertProjectPermissionOnUser(user, UserRole.USER, project);
     db.users().insertProjectPermissionOnUser(user, UserRole.CODEVIEWER, project);
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().userPermissionDao().selectGlobalPermissionsOfUser(dbSession, user.getUuid())).isEmpty();
     assertThat(db.getDbClient().userPermissionDao().selectEntityPermissionsOfUser(dbSession, user.getUuid(), project.uuid())).isEmpty();
@@ -556,7 +556,7 @@ public class UserServiceIT {
     db.permissionTemplates().addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin());
     db.permissionTemplates().addUserToTemplate(anotherTemplate.getUuid(), user.getUuid(), UserRole.CODEVIEWER, anotherTemplate.getName(), user.getLogin());
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().permissionTemplateDao().selectUserPermissionsByTemplateId(dbSession, template.getUuid())).extracting(PermissionTemplateUserDto::getUserUuid)
       .isEmpty();
@@ -571,7 +571,7 @@ public class UserServiceIT {
     QProfileDto profile = db.qualityProfiles().insert();
     db.qualityProfiles().addUserPermission(profile, user);
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().qProfileEditUsersDao().exists(dbSession, profile, user)).isFalse();
   }
@@ -589,7 +589,7 @@ public class UserServiceIT {
     db.properties().insertProperty(new PropertyDto().setKey("other").setValue(user.getLogin())
       .setEntityUuid(anotherProject.uuid()), anotherProject.getKey(), anotherProject.name(), anotherProject.qualifier(), user.getLogin());
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().setKey("sonar.issues.defaultAssigneeLogin").build(), db.getSession())).isEmpty();
     assertThat(db.getDbClient().propertiesDao().selectByQuery(PropertyQuery.builder().build(), db.getSession())).extracting(PropertyDto::getKey).containsOnly("other");
@@ -603,7 +603,7 @@ public class UserServiceIT {
     db.qualityGates().addUserPermission(qualityGate, user);
     assertThat(db.countRowsOfTable("qgate_user_permissions")).isOne();
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.countRowsOfTable("qgate_user_permissions")).isZero();
   }
@@ -617,7 +617,7 @@ public class UserServiceIT {
     UserDto anotherUser = db.users().insertUser();
     db.almPats().insert(p -> p.setUserUuid(anotherUser.getUuid()), p -> p.setAlmSettingUuid(almSettingDto.getUuid()));
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().almPatDao().selectByUserAndAlmSetting(dbSession, user.getUuid(), almSettingDto)).isEmpty();
     assertThat(db.getDbClient().almPatDao().selectByUserAndAlmSetting(dbSession, anotherUser.getUuid(), almSettingDto)).isNotNull();
@@ -632,7 +632,7 @@ public class UserServiceIT {
     UserDto anotherUser = db.users().insertUser();
     SessionTokenDto sessionToken3 = db.users().insertSessionToken(anotherUser);
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().sessionTokensDao().selectByUuid(dbSession, sessionToken1.getUuid())).isNotPresent();
     assertThat(db.getDbClient().sessionTokensDao().selectByUuid(dbSession, sessionToken2.getUuid())).isNotPresent();
@@ -652,7 +652,7 @@ public class UserServiceIT {
     UserDismissedMessageDto msg3 = db.users().insertUserDismissedMessageOnProject(anotherUser, project1, MessageType.SUGGEST_DEVELOPER_EDITION_UPGRADE);
     UserDismissedMessageDto msg4 = db.users().insertUserDismissedMessageOnProject(anotherUser, project2, MessageType.SUGGEST_DEVELOPER_EDITION_UPGRADE);
 
-    userService.deactivate(user.getLogin(), false);
+    userService.deactivate(user.getUuid(), false);
 
     assertThat(db.getDbClient().userDismissedMessagesDao().selectByUser(dbSession, user)).isEmpty();
     assertThat(db.getDbClient().userDismissedMessagesDao().selectByUser(dbSession, anotherUser))
@@ -676,7 +676,7 @@ public class UserServiceIT {
     db.users().insertGlobalPermissionOnUser(admin, GlobalPermission.ADMINISTER);
 
     assertThatThrownBy(() -> {
-      userService.deactivate(admin.getLogin(), false);
+      userService.deactivate(admin.getUuid(), false);
     })
       .isInstanceOf(BadRequestException.class)
       .hasMessage("User is last administrator, and cannot be deactivated");
@@ -688,7 +688,7 @@ public class UserServiceIT {
 
     UserDto anotherAdmin = createAdminUser();
 
-    userService.deactivate(admin.getLogin(), false);
+    userService.deactivate(admin.getUuid(), false);
 
     verifyThatUserIsDeactivated(admin.getLogin());
     verifyThatUserExists(anotherAdmin.getLogin());
@@ -701,7 +701,7 @@ public class UserServiceIT {
     db.getDbClient().scimUserDao().enableScimForUser(dbSession, user.getUuid());
     db.commit();
 
-    userService.deactivate(user.getLogin(), true);
+    userService.deactivate(user.getUuid(), true);
 
     assertThat(db.getDbClient().scimUserDao().findByUserUuid(dbSession, user.getUuid())).isEmpty();
   }
@@ -712,8 +712,8 @@ public class UserServiceIT {
     UserDto user = db.users().insertUser();
     doThrow(new IllegalStateException("User managed")).when(managedInstanceChecker).throwIfUserIsManaged(any(), eq(user.getUuid()));
 
-    String login = user.getLogin();
-    assertThatThrownBy(() -> userService.deactivate(login, false))
+    String uuid = user.getUuid();
+    assertThatThrownBy(() -> userService.deactivate(uuid, false))
       .isInstanceOf(IllegalStateException.class)
       .hasMessage("User managed");
   }
@@ -738,7 +738,7 @@ public class UserServiceIT {
 
     when(managedInstanceService.isUserManaged(any(), eq(user.getUuid()))).thenReturn(false);
 
-    UserInformation result = userService.fetchUser(user.getLogin());
+    UserInformation result = userService.fetchUser(user.getUuid());
     UserDto resultUser = result.userDto();
     Collection<String> resultGroups = result.groups();
 
@@ -764,7 +764,7 @@ public class UserServiceIT {
     updateUser.setEmail("newemail@example.com");
     updateUser.setScmAccounts(List.of("account1", "account2"));
 
-    userService.updateUser(user.getLogin(), updateUser);
+    userService.updateUser(user.getUuid(), updateUser);
 
     UserDto updatedUser = db.users().selectUserByLogin(user.getLogin()).orElseThrow();
 
diff --git a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/UserDeactivator.java b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/UserDeactivator.java
index 9c5fd4d5801..92e2d51cdb1 100644
--- a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/UserDeactivator.java
+++ b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/UserDeactivator.java
@@ -40,15 +40,13 @@ public class UserDeactivator {
 
   public UserDto deactivateUser(DbSession dbSession, String login) {
     UserDto user = doBeforeDeactivation(dbSession, login);
-    deactivateUser(dbSession, user);
-    return user;
+    return deactivateUser(dbSession, user);
   }
 
   public UserDto deactivateUserWithAnonymization(DbSession dbSession, String login) {
     UserDto user = doBeforeDeactivation(dbSession, login);
     anonymizeUser(dbSession, user);
-    deactivateUser(dbSession, user);
-    return user;
+    return deactivateUser(dbSession, user);
   }
 
   private UserDto doBeforeDeactivation(DbSession dbSession, String login) {
@@ -58,11 +56,6 @@ public class UserDeactivator {
     return user;
   }
 
-  private UserDto getUserOrThrow(DbSession dbSession, String login) {
-    UserDto user = dbClient.userDao().selectByLogin(dbSession, login);
-    return checkFound(user, "User '%s' doesn't exist", login);
-  }
-
   private void ensureNotLastAdministrator(DbSession dbSession, UserDto user) {
     boolean isLastAdmin = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUser(dbSession, ADMINISTER.getKey(), user.getUuid()) == 0;
     checkRequest(!isLastAdmin, "User is last administrator, and cannot be deactivated");
@@ -89,8 +82,14 @@ public class UserDeactivator {
     dbClient.scimUserDao().deleteByUserUuid(dbSession, user.getUuid());
   }
 
-  private void deactivateUser(DbSession dbSession, UserDto user) {
+  private UserDto deactivateUser(DbSession dbSession, UserDto user) {
     dbClient.userDao().deactivateUser(dbSession, user);
     dbSession.commit();
+    return getUserOrThrow(dbSession, user.getLogin());
+  }
+
+  private UserDto getUserOrThrow(DbSession dbSession, String login) {
+    UserDto user = dbClient.userDao().selectByLogin(dbSession, login);
+    return checkFound(user, "User '%s' doesn't exist", login);
   }
 }
diff --git a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/service/UserService.java b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/service/UserService.java
index 6dc3d7df6d0..5b60eb8b150 100644
--- a/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/service/UserService.java
+++ b/server/sonar-webserver-common/src/main/java/org/sonar/server/common/user/service/UserService.java
@@ -139,35 +139,21 @@ public class UserService {
     return users.stream().map(UserDto::getUuid).collect(Collectors.toSet());
   }
 
-  public UserDto deactivate(String login, Boolean anonymize) {
+  public UserDto deactivate(String uuid, Boolean anonymize) {
     try (DbSession dbSession = dbClient.openSession(false)) {
-      UserDto userDto = findUserOrThrow(login, dbSession);
-      managedInstanceChecker.throwIfUserIsManaged(dbSession, userDto.getUuid());
+      UserDto userDto = findUserOrThrow(uuid, dbSession);
+      managedInstanceChecker.throwIfUserIsManaged(dbSession, uuid);
       UserDto deactivatedUser;
       if (Boolean.TRUE.equals(anonymize)) {
-        deactivatedUser = userDeactivator.deactivateUserWithAnonymization(dbSession, login);
+        deactivatedUser = userDeactivator.deactivateUserWithAnonymization(dbSession, userDto.getLogin());
       } else {
-        deactivatedUser = userDeactivator.deactivateUser(dbSession, login);
+        deactivatedUser = userDeactivator.deactivateUser(dbSession, userDto.getLogin());
       }
       dbSession.commit();
       return deactivatedUser;
     }
   }
 
-  private UserDto findUserOrThrow(String login, DbSession dbSession) {
-    return checkFound(dbClient.userDao().selectByLogin(dbSession, login), USER_NOT_FOUND_MESSAGE, login);
-  }
-
-  public UserInformation fetchUser(String login) {
-    try (DbSession dbSession = dbClient.openSession(false)) {
-      UserDto userDto = findUserOrThrow(login, dbSession);
-      Collection<String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(dbSession, Set.of(login)).get(login);
-      int tokenCount = dbClient.userTokenDao().selectByUser(dbSession, userDto).size();
-      boolean isManaged = managedInstanceService.isUserManaged(dbSession, userDto.getUuid());
-      return toUserSearchResult(groups, tokenCount, isManaged, userDto);
-    }
-  }
-
   private UserInformation toUserSearchResult(Collection<String> groups, int tokenCount, boolean managed, UserDto userDto) {
     return new UserInformation(
       userDto,
@@ -192,21 +178,21 @@ public class UserService {
       if (Boolean.FALSE.equals(userCreateRequest.isLocal())) {
         newUserBuilder.setExternalIdentity(new ExternalIdentity(SQ_AUTHORITY, login, login));
       }
-      return registerUser(dbSession, login, newUserBuilder);
+      return registerUser(dbSession, login, newUserBuilder.build());
     }
   }
 
-  private UserInformation registerUser(DbSession dbSession, String login, NewUser.Builder newUserBuilder) {
-    UserDto user = dbClient.userDao().selectByLogin(dbSession, login);
+  private UserInformation registerUser(DbSession dbSession, String uuid, NewUser newUserBuilder) {
+    UserDto user = dbClient.userDao().selectByLogin(dbSession, newUserBuilder.login());
     if (user == null) {
-      user = userUpdater.createAndCommit(dbSession, newUserBuilder.build(), u -> {
+      user = userUpdater.createAndCommit(dbSession, newUserBuilder, u -> {
       });
     } else {
-      checkArgument(!user.isActive(), "An active user with login '%s' already exists", login);
-      user = userUpdater.reactivateAndCommit(dbSession, user, newUserBuilder.build(), u -> {
+      checkArgument(!user.isActive(), "An active user with login '%s' already exists", user.getLogin());
+      user = userUpdater.reactivateAndCommit(dbSession, user, newUserBuilder, u -> {
       });
     }
-    return fetchUser(user.getLogin());
+    return fetchUser(user.getUuid());
   }
 
   public static void validateScmAccounts(List<String> scmAccounts) {
@@ -225,13 +211,27 @@ public class UserService {
     }
   }
 
-  public UserInformation updateUser(String login, UpdateUser updateUser) {
+  public UserInformation updateUser(String uuid, UpdateUser updateUser) {
     try (DbSession dbSession = dbClient.openSession(false)) {
-      UserDto userDto = findUserOrThrow(login, dbSession);
+      UserDto userDto = findUserOrThrow(uuid, dbSession);
       userUpdater.updateAndCommit(dbSession, userDto, updateUser, u -> {
       });
-      return fetchUser(userDto.getLogin());
+      return fetchUser(userDto.getUuid());
     }
   }
 
+  public UserInformation fetchUser(String uuid) {
+    try (DbSession dbSession = dbClient.openSession(false)) {
+      UserDto userDto = findUserOrThrow(uuid, dbSession);
+      Collection<String> groups = dbClient.groupMembershipDao().selectGroupsByLogins(dbSession, Set.of(userDto.getLogin())).get(userDto.getLogin());
+      int tokenCount = dbClient.userTokenDao().selectByUser(dbSession, userDto).size();
+      boolean isManaged = managedInstanceService.isUserManaged(dbSession, uuid);
+      return toUserSearchResult(groups, tokenCount, isManaged, userDto);
+    }
+  }
+
+  private UserDto findUserOrThrow(String uuid, DbSession dbSession) {
+    return checkFound(dbClient.userDao().selectByUuid(dbSession, uuid), USER_NOT_FOUND_MESSAGE, uuid);
+  }
+
 }
author	Aurelien Poscia <aurelien.poscia@sonarsource.com>	2023-11-17 15:18:04 +0100
committer	sonartech <sonartech@sonarsource.com>	2023-11-20 20:02:38 +0000
commit	aeb53a50d3ef212e5cf4068b2c4b17bca1ef6aaf (patch)
tree	d8f6455acf01080621e21223eee14c706f21768f /server/sonar-webserver-common
parent	0fd28e7faf95aac9e0ee267b54957c2d22adcf66 (diff)
download	sonarqube-aeb53a50d3ef212e5cf4068b2c4b17bca1ef6aaf.tar.gz sonarqube-aeb53a50d3ef212e5cf4068b2c4b17bca1ef6aaf.zip