aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java6
-rw-r--r--server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java29
-rw-r--r--sonar-db/src/test/java/org/sonar/db/organization/OrganizationDbTester.java11
3 files changed, 39 insertions, 7 deletions
diff --git a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
index 5f55af3c5f3..f25940ff6fb 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/organization/ws/DeleteAction.java
@@ -82,7 +82,11 @@ public class DeleteAction implements OrganizationsAction {
"Organization with key '%s' not found",
key);
- userSession.checkOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
+ if (organizationDto.isGuarded()) {
+ userSession.checkIsRoot();
+ } else {
+ userSession.checkOrganizationPermission(organizationDto.getUuid(), SYSTEM_ADMIN);
+ }
deleteProjects(dbSession, organizationDto.getUuid());
deletePermissions(dbSession, organizationDto.getUuid());
diff --git a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
index 5b49ab11772..3fcf6e43329 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/organization/ws/DeleteActionTest.java
@@ -126,7 +126,7 @@ public class DeleteActionTest {
}
@Test
- public void request_fails_with_ForbiddenException_when_user_has_no_System_Administer_permission() {
+ public void request_fails_with_ForbiddenException_when_user_has_no_System_Administer_permission_for_non_guarded_organization() {
OrganizationDto organization = dbTester.organizations().insert();
userSession.logIn();
@@ -137,7 +137,7 @@ public class DeleteActionTest {
}
@Test
- public void request_fails_with_ForbiddenException_when_user_does_not_have_System_Administer_permission_on_specified_organization() {
+ public void request_fails_with_ForbiddenException_when_user_does_not_have_System_Administer_permission_on_specified_non_guarded_organization() {
OrganizationDto organization = dbTester.organizations().insert();
userSession.logIn().addOrganizationPermission(dbTester.getDefaultOrganization().getUuid(), SYSTEM_ADMIN);
@@ -148,7 +148,7 @@ public class DeleteActionTest {
}
@Test
- public void request_deletes_specified_organization_if_exists_and_user_has_Admin_permission_on_it() {
+ public void request_deletes_specified_non_guarded_organization_if_exists_and_user_has_Admin_permission_on_it() {
OrganizationDto organization = dbTester.organizations().insert();
userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
@@ -158,7 +158,18 @@ public class DeleteActionTest {
}
@Test
- public void request_deletes_specified_organization_if_exists_and_user_is_root() {
+ public void request_fails_with_ForbiddenException_when_user_has_System_Administer_permission_on_specified_guarded_organization() {
+ OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
+ userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
+
+ expectedException.expect(ForbiddenException.class);
+ expectedException.expectMessage("Insufficient privileges");
+
+ sendRequest(organization);
+ }
+
+ @Test
+ public void request_deletes_specified_non_guarded_organization_if_exists_and_user_is_root() {
OrganizationDto organization = dbTester.organizations().insert();
userSession.logIn().setRoot();
@@ -168,6 +179,16 @@ public class DeleteActionTest {
}
@Test
+ public void request_deletes_specified_guarded_organization_if_exists_and_user_is_root() {
+ OrganizationDto organization = dbTester.organizations().insert(dto -> dto.setGuarded(true));
+ userSession.logIn().setRoot();
+
+ sendRequest(organization);
+
+ verifyOrganizationDoesNotExist(organization);
+ }
+
+ @Test
public void request_also_deletes_components_of_specified_organization() {
userSession.logIn().setRoot();
diff --git a/sonar-db/src/test/java/org/sonar/db/organization/OrganizationDbTester.java b/sonar-db/src/test/java/org/sonar/db/organization/OrganizationDbTester.java
index ee67f83555b..b6de3ebc321 100644
--- a/sonar-db/src/test/java/org/sonar/db/organization/OrganizationDbTester.java
+++ b/sonar-db/src/test/java/org/sonar/db/organization/OrganizationDbTester.java
@@ -19,6 +19,7 @@
*/
package org.sonar.db.organization;
+import java.util.function.Consumer;
import javax.annotation.Nullable;
import org.sonar.db.DbSession;
import org.sonar.db.DbTester;
@@ -40,12 +41,18 @@ public class OrganizationDbTester {
return insert(OrganizationTesting.newOrganizationDto());
}
+ public OrganizationDto insert(Consumer<OrganizationDto> populator) {
+ OrganizationDto dto = OrganizationTesting.newOrganizationDto();
+ populator.accept(dto);
+ return insert(dto);
+ }
+
public OrganizationDto insertForKey(String key) {
- return insert(OrganizationTesting.newOrganizationDto().setKey(key));
+ return insert(dto -> dto.setKey(key));
}
public OrganizationDto insertForUuid(String organizationUuid) {
- return insert(OrganizationTesting.newOrganizationDto().setUuid(organizationUuid));
+ return insert(dto -> dto.setUuid(organizationUuid));
}
/**
generated by cgit v1.2.3 (git 2.39.1) at 2025-02-02 08:21:59 +0000