diff options
Diffstat (limited to 'sonar-db/src')
9 files changed, 0 insertions, 551 deletions
diff --git a/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java b/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java index be74102e5c9..a046383ecb1 100644 --- a/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java +++ b/sonar-db/src/main/java/org/sonar/db/user/GroupDao.java @@ -115,17 +115,6 @@ public class GroupDao implements Dao { return mapper(dbSession).selectByOrganizationUuid(organizationUuid); } - /** - * Ensures all users of the specified group have its root flag set or unset depending on whether each of them have the - * 'admin' permission in the default organization or not. - */ - public void updateRootFlagOfUsersInGroupFromPermissions(DbSession dbSession, long groupId, String defaultOrganizationUuid) { - long now = system.now(); - GroupMapper mapper = mapper(dbSession); - mapper.updateRootUsersOfGroup(groupId, defaultOrganizationUuid, now); - mapper.updateNonRootUsersOfGroup(groupId, defaultOrganizationUuid, now); - } - private static GroupMapper mapper(DbSession session) { return session.getMapper(GroupMapper.class); } diff --git a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java index eeb2ab8e9b0..f6a7164b5b8 100644 --- a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java +++ b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java @@ -58,13 +58,5 @@ public interface GroupMapper { List<GroupDto> selectByOrganizationUuid(@Param("organizationUuid") String organizationUuid); - int updateRootUsersOfGroup(@Param("groupId") long groupId, - @Param("defaultOrganizationUuid") String defaultOrganizationUuid, - @Param("now") long now); - - int updateNonRootUsersOfGroup(@Param("groupId") long groupId, - @Param("defaultOrganizationUuid") String defaultOrganizationUuid, - @Param("now") long now); - List<GroupDto> selectByIds(@Param("ids") List<Long> ids); } diff --git a/sonar-db/src/main/java/org/sonar/db/user/UserDao.java b/sonar-db/src/main/java/org/sonar/db/user/UserDao.java index 19c5cde9b28..0a87ffddae5 100644 --- a/sonar-db/src/main/java/org/sonar/db/user/UserDao.java +++ b/sonar-db/src/main/java/org/sonar/db/user/UserDao.java @@ -194,17 +194,6 @@ public class UserDao implements Dao { return mapper(dbSession).countByEmail(email.toLowerCase(Locale.ENGLISH)) > 0; } - /** - * Ensures the specified user has its root flag set or unset depending on whether the user has the 'admin' permission - * in the default organization or not. - */ - public void updateRootFlagFromPermissions(DbSession dbSession, long userId, String defaultOrganizationUuid) { - long now = system2.now(); - UserMapper mapper = mapper(dbSession); - mapper.updateRootUser(userId, defaultOrganizationUuid, now); - mapper.updateNonRootUser(userId, defaultOrganizationUuid, now); - } - protected UserMapper mapper(DbSession session) { return session.getMapper(UserMapper.class); } diff --git a/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java b/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java index 799d73f2414..b7cf25be54e 100644 --- a/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java +++ b/sonar-db/src/main/java/org/sonar/db/user/UserMapper.java @@ -74,8 +74,4 @@ public interface UserMapper { void deactivateUser(@Param("id") long userId, @Param("now") long now); - int updateRootUser(@Param("userId") long userId, @Param("defaultOrganizationUuid") String defaultOrganizationUuid, @Param("now") long now); - - int updateNonRootUser(@Param("userId") long userId, @Param("defaultOrganizationUuid") String defaultOrganizationUuid, @Param("now") long now); - } diff --git a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml index 39b0193fc31..4f6928e7b28 100644 --- a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml +++ b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml @@ -137,92 +137,4 @@ order by upper(g.name) </select> - <update id="updateRootUsersOfGroup"> - update users u set - is_root = ${_true}, - updated_at = #{now,jdbcType=BIGINT} - where - u.id in (<include refid="userIdsForGroupId"/>) - and exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <update id="updateRootUsersOfGroup" databaseId="mssql"> - update u set - is_root = ${_true}, - updated_at = #{now,jdbcType=BIGINT} - from users u - where - u.id in (<include refid="userIdsForGroupId"/>) - and exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <update id="updateNonRootUsersOfGroup"> - update users u set - is_root = ${_false}, - updated_at = #{now,jdbcType=BIGINT} - where - u.id in (<include refid="userIdsForGroupId"/>) - and not exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <update id="updateNonRootUsersOfGroup" databaseId="mssql"> - update u set - is_root = ${_false}, - updated_at = #{now,jdbcType=BIGINT} - from users u - where - u.id in (<include refid="userIdsForGroupId"/>) - and not exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <sql id="userIdsForGroupId"> - select - gu.user_id - from - groups_users gu - where - gu.group_id = #{groupId,jdbcType=BIGINT} - </sql> - - <sql id="userPermissionAdminInDefaultOrganizationForUser"> - select - 1 - from - user_roles ur - where - ur.user_id = u.id - and ur.role = 'admin' - and ur.resource_id is null - and ur.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR} - </sql> - - <sql id="groupPermissionAdminInDefaultOrganizationForUser"> - select - 1 - from - groups_users gu, - group_roles gr - where - gu.user_id = u.id - and gu.group_id = gr.group_id - and gr.role = 'admin' - and gr.resource_id is null - and gr.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR} - </sql> </mapper> diff --git a/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml b/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml index cb65570170f..17818753a6a 100644 --- a/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml +++ b/sonar-db/src/main/resources/org/sonar/db/user/UserMapper.xml @@ -210,84 +210,4 @@ login = #{login} </insert> - <update id="updateRootUser"> - update users u set - is_root = ${_true}, - updated_at = #{now,jdbcType=BIGINT} - where - u.id = #{userId,jdbcType=BIGINT} - and exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <update id="updateRootUser" databaseId="mssql"> - update u set - is_root = ${_true}, - updated_at = #{now,jdbcType=BIGINT} - from users u - where - u.id = #{userId,jdbcType=BIGINT} - and exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <update id="updateNonRootUser"> - update users u set - is_root = ${_false}, - updated_at = #{now,jdbcType=BIGINT} - where - u.id = #{userId,jdbcType=BIGINT} - and not exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <update id="updateNonRootUser" databaseId="mssql"> - update u set - is_root = ${_false}, - updated_at = #{now,jdbcType=BIGINT} - from users u - where - u.id = #{userId,jdbcType=BIGINT} - and not exists ( - <include refid="userPermissionAdminInDefaultOrganizationForUser"/> - union - <include refid="groupPermissionAdminInDefaultOrganizationForUser"/> - ) - </update> - - <sql id="userPermissionAdminInDefaultOrganizationForUser"> - select - 1 - from - user_roles ur - where - ur.user_id = u.id - and ur.role = 'admin' - and ur.resource_id is null - and ur.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR} - </sql> - - <sql id="groupPermissionAdminInDefaultOrganizationForUser"> - select - 1 - from - groups_users gu, - group_roles gr - where - gu.user_id = u.id - and gu.group_id = gr.group_id - and gr.role = 'admin' - and gr.resource_id is null - and gr.organization_uuid = #{defaultOrganizationUuid,jdbcType=VARCHAR} - </sql> - </mapper> diff --git a/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java index b5c641f54f7..ca641b39463 100644 --- a/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java +++ b/sonar-db/src/test/java/org/sonar/db/user/GroupDaoTest.java @@ -32,11 +32,9 @@ import org.sonar.db.DbTester; import org.sonar.db.organization.OrganizationDto; import static java.util.Arrays.asList; -import static java.util.Arrays.stream; import static org.assertj.core.api.Assertions.assertThat; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.user.GroupTesting.newGroupDto; public class GroupDaoTest { @@ -47,8 +45,6 @@ public class GroupDaoTest { .setKey("an-org") .setName("An Org") .setUuid("abcde"); - private static final long DATE_1 = 8_776_543L; - private static final long DATE_2 = 4_776_898L; private System2 system2 = mock(System2.class); @@ -223,192 +219,6 @@ public class GroupDaoTest { } @Test - public void updateRootFlagOfUsersInGroupFromPermissions_sets_root_flag_to_false_if_users_have_no_permission_at_all() { - UserDto[] usersInGroup1 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] usersInGroup2 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] usersNotInGroup = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - GroupDto group1 = db.users().insertGroup(); - stream(usersInGroup1).forEach(user -> db.users().insertMember(group1, user)); - GroupDto group2 = db.users().insertGroup(); - stream(usersInGroup2).forEach(user -> db.users().insertMember(group2, user)); - - call_updateRootFlagFromPermissions(group1, DATE_1); - stream(usersInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersInGroup2).forEach(db.rootFlag()::verifyUnchanged); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - - call_updateRootFlagFromPermissions(group2, DATE_2); - stream(usersInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(usersInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - } - - @Test - public void updateRootFlagOfUsersInGroupFromPermissions_sets_root_flag_to_true_if_users_has_admin_user_permission_on_default_organization() { - UserDto[] usersWithAdminInGroup1 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser(), - }; - UserDto[] usersWithoutAdminInGroup1 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser(), - }; - UserDto[] usersWithAdminInGroup2 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] usersWithoutAdminInGroup2 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] usersNotInGroup = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - GroupDto group1 = db.users().insertGroup(); - stream(usersWithAdminInGroup1).forEach(user -> db.users().insertMember(group1, user)); - stream(usersWithoutAdminInGroup1).forEach(user -> db.users().insertMember(group1, user)); - stream(usersWithAdminInGroup1).forEach(user -> db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN)); - GroupDto group2 = db.users().insertGroup(); - stream(usersWithAdminInGroup2).forEach(user -> db.users().insertMember(group2, user)); - stream(usersWithoutAdminInGroup2).forEach(user -> db.users().insertMember(group2, user)); - stream(usersWithAdminInGroup2).forEach(user -> db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN)); - - call_updateRootFlagFromPermissions(group1, DATE_1); - stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, true, DATE_1)); - stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersWithAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged); - stream(usersWithoutAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - - call_updateRootFlagFromPermissions(group2, DATE_2); - stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, true, DATE_1)); - stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersWithAdminInGroup2).forEach(user -> db.rootFlag().verify(user, true, DATE_2)); - stream(usersWithoutAdminInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - } - - @Test - public void updateRootFlagOfUsersInGroupFromPermissions_ignores_permissions_on_anyone_on_default_organization() { - UserDto[] usersWithAdminInGroup1 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser(), - }; - UserDto[] usersWithoutAdminInGroup1 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser(), - }; - UserDto[] usersWithAdminInGroup2 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] usersWithoutAdminInGroup2 = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] usersNotInGroup = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - GroupDto group1 = db.users().insertGroup(); - stream(usersWithAdminInGroup1).forEach(user -> db.users().insertMember(group1, user)); - stream(usersWithoutAdminInGroup1).forEach(user -> db.users().insertMember(group1, user)); - GroupDto group2 = db.users().insertGroup(); - stream(usersWithAdminInGroup2).forEach(user -> db.users().insertMember(group2, user)); - stream(usersWithoutAdminInGroup2).forEach(user -> db.users().insertMember(group2, user)); - db.users().insertPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN); - - call_updateRootFlagFromPermissions(group1, DATE_1); - stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersWithAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged); - stream(usersWithoutAdminInGroup2).forEach(db.rootFlag()::verifyUnchanged); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - - call_updateRootFlagFromPermissions(group2, DATE_2); - stream(usersWithAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersWithoutAdminInGroup1).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersWithAdminInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(usersWithoutAdminInGroup2).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - } - - @Test - public void updateRootFlagOfUsersInGroupFromPermissions_ignores_permissions_on_anyone_on_other_organization() { - UserDto[] usersInGroup = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser(), - }; - UserDto[] usersInOtherGroup = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] usersNotInGroup = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - GroupDto group = db.users().insertGroup(); - stream(usersInGroup).forEach(user -> db.users().insertMember(group, user)); - OrganizationDto otherOrganization = db.organizations().insert(); - GroupDto otherGroup = db.users().insertGroup(otherOrganization); - stream(usersInOtherGroup).forEach(user -> db.users().insertMember(otherGroup, user)); - db.users().insertPermissionOnAnyone(otherOrganization, SYSTEM_ADMIN); - - call_updateRootFlagFromPermissions(group, DATE_1); - stream(usersInGroup).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersInOtherGroup).forEach(db.rootFlag()::verifyUnchanged); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - - call_updateRootFlagFromPermissions(otherGroup, DATE_2); - stream(usersInGroup).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - stream(usersInOtherGroup).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(usersNotInGroup).forEach(db.rootFlag()::verifyUnchanged); - } - - @Test - public void updateRootFlagOfUsersInGroupFromPermissions_set_root_flag_to_false_on_users_of_group_of_non_default_organization() { - UserDto[] nonAdminUsers = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() - }; - UserDto[] adminPerUserPermissionUsers = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() // incorrectly not root - }; - UserDto[] adminPerGroupPermissionUsers = { - db.users().makeRoot(db.users().insertUser()), - db.users().insertUser() // incorrectly not root - }; - OrganizationDto otherOrganization = db.organizations().insert(); - GroupDto nonAdminGroup = db.users().insertGroup(otherOrganization); - db.users().insertMembers(nonAdminGroup, nonAdminUsers); - db.users().insertMembers(nonAdminGroup, adminPerUserPermissionUsers); - stream(adminPerUserPermissionUsers).forEach(user -> db.users().insertPermissionOnUser(otherOrganization, user, SYSTEM_ADMIN)); - GroupDto adminGroup = db.users().insertAdminGroup(otherOrganization); - db.users().insertMembers(adminGroup, adminPerGroupPermissionUsers); - - call_updateRootFlagFromPermissions(nonAdminGroup, DATE_2); - stream(nonAdminUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(adminPerUserPermissionUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(adminPerGroupPermissionUsers).forEach(db.rootFlag()::verifyUnchanged); - - call_updateRootFlagFromPermissions(adminGroup, DATE_1); - stream(nonAdminUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(adminPerUserPermissionUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_2)); - stream(adminPerGroupPermissionUsers).forEach(user -> db.rootFlag().verify(user, false, DATE_1)); - } - - @Test public void deleteByOrganization_does_not_fail_when_table_is_empty() { underTest.deleteByOrganization(dbSession, "some uuid"); dbSession.commit(); @@ -452,10 +262,4 @@ public class GroupDaoTest { .extracting(row -> (String) row.get("organizationUuid")) .containsOnly(organizationUuids); } - - private void call_updateRootFlagFromPermissions(GroupDto groupDto, long now) { - when(system2.now()).thenReturn(now); - underTest.updateRootFlagOfUsersInGroupFromPermissions(db.getSession(), groupDto.getId(), db.getDefaultOrganization().getUuid()); - db.commit(); - } } diff --git a/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java index f9628b6d7fb..cbd7af7558b 100644 --- a/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java +++ b/sonar-db/src/test/java/org/sonar/db/user/UserDaoTest.java @@ -33,7 +33,6 @@ import org.sonar.db.DbClient; import org.sonar.db.DbSession; import org.sonar.db.DbTester; import org.sonar.db.RowNotFoundException; -import org.sonar.db.organization.OrganizationDto; import org.sonar.db.property.PropertyDto; import org.sonar.db.property.PropertyQuery; @@ -43,7 +42,6 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.fail; import static org.mockito.Mockito.mock; import static org.mockito.Mockito.when; -import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; import static org.sonar.db.user.GroupMembershipQuery.IN; import static org.sonar.db.user.GroupMembershipQuery.builder; import static org.sonar.db.user.GroupTesting.newGroupDto; @@ -51,8 +49,6 @@ import static org.sonar.db.user.UserTesting.newUserDto; public class UserDaoTest { private static final long NOW = 1_500_000_000_000L; - private static final long DATE_1 = 1_222_001L; - private static final long DATE_2 = 4_333_555L; private System2 system2 = mock(System2.class); @@ -596,116 +592,6 @@ public class UserDaoTest { assertThat(underTest.selectByLogin(session, inactiveRootUser.getLogin()).isRoot()).isTrue(); } - @Test - public void updateRootFlagFromPermissions_sets_root_flag_to_false_if_user_has_no_permission_at_all() { - UserDto rootUser = db.users().makeRoot(db.users().insertUser()); - UserDto notRootUser = db.users().insertUser(); - - call_updateRootFlagFromPermissions(rootUser, DATE_1); - db.rootFlag().verify(rootUser, false, DATE_1); - db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt()); - - call_updateRootFlagFromPermissions(notRootUser, DATE_2); - db.rootFlag().verify(rootUser, false, DATE_1); - db.rootFlag().verify(notRootUser, false, DATE_2); - } - - @Test - public void updateRootFlagFromPermissions_sets_root_flag_to_true_if_user_has_admin_user_permission_on_default_organization() { - UserDto rootUser = db.users().insertRootByUserPermission(); - UserDto incorrectlyNotRootUser = db.users().insertUser(); - db.users().insertPermissionOnUser(db.getDefaultOrganization(), incorrectlyNotRootUser, SYSTEM_ADMIN); - - call_updateRootFlagFromPermissions(rootUser, DATE_1); - db.rootFlag().verify(rootUser, true, DATE_1); - db.rootFlag().verify(incorrectlyNotRootUser, false, incorrectlyNotRootUser.getUpdatedAt()); - - call_updateRootFlagFromPermissions(incorrectlyNotRootUser, DATE_2); - db.rootFlag().verify(rootUser, true, DATE_1); - db.rootFlag().verify(incorrectlyNotRootUser, true, DATE_2); - } - - @Test - public void updateRootFlagFromPermissions_ignores_permissions_on_anyone_on_default_organization() { - UserDto rootUser = db.users().makeRoot(db.users().insertUser()); - UserDto incorrectlyNotRootUser = db.users().insertUser(); - db.users().insertPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN); - - call_updateRootFlagFromPermissions(rootUser, DATE_1); - db.rootFlag().verify(rootUser, false, DATE_1); - db.rootFlag().verify(incorrectlyNotRootUser, false, incorrectlyNotRootUser.getUpdatedAt()); - - call_updateRootFlagFromPermissions(incorrectlyNotRootUser, DATE_2); - db.rootFlag().verify(rootUser, false, DATE_1); - db.rootFlag().verify(incorrectlyNotRootUser, false, DATE_2); - } - - @Test - public void updateRootFlagFromPermissions_ignores_permissions_on_anyone_on_other_organization() { - UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser()); - UserDto notRootUser = db.users().insertUser(); - OrganizationDto otherOrganization = db.organizations().insert(); - db.users().insertPermissionOnAnyone(otherOrganization, SYSTEM_ADMIN); - - call_updateRootFlagFromPermissions(falselyRootUser, DATE_2); - db.rootFlag().verify(falselyRootUser, false, DATE_2); - db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt()); - - call_updateRootFlagFromPermissions(notRootUser, DATE_1); - db.rootFlag().verify(falselyRootUser, false, DATE_2); - db.rootFlag().verify(notRootUser, false, DATE_1); - } - - @Test - public void updateRootFlagFromPermissions_sets_root_flag_to_false_if_user_has_admin_user_permission_on_other_organization() { - UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser()); - UserDto notRootUser = db.users().insertUser(); - OrganizationDto otherOrganization = db.organizations().insert(); - db.users().insertPermissionOnUser(otherOrganization, falselyRootUser, SYSTEM_ADMIN); - db.users().insertPermissionOnUser(otherOrganization, notRootUser, SYSTEM_ADMIN); - - call_updateRootFlagFromPermissions(falselyRootUser, DATE_1); - db.rootFlag().verify(falselyRootUser, false, DATE_1); - db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt()); - - call_updateRootFlagFromPermissions(notRootUser, DATE_2); - db.rootFlag().verify(falselyRootUser, false, DATE_1); - db.rootFlag().verify(notRootUser, false, DATE_2); - } - - @Test - public void updateRootFlagFromPermissions_sets_root_flag_to_true_if_user_has_admin_group_permission_on_default_organization() { - UserDto rootUser = db.users().makeRoot(db.users().insertUser()); - UserDto incorrectlyNotRootUser = db.users().insertUser(); - GroupDto groupDto = db.users().insertAdminGroup(db.getDefaultOrganization()); - db.users().insertMembers(groupDto, rootUser, incorrectlyNotRootUser); - - call_updateRootFlagFromPermissions(rootUser, DATE_1); - db.rootFlag().verify(rootUser, true, DATE_1); - db.rootFlag().verify(incorrectlyNotRootUser, false, incorrectlyNotRootUser.getUpdatedAt()); - - call_updateRootFlagFromPermissions(incorrectlyNotRootUser, DATE_2); - db.rootFlag().verify(rootUser, true, DATE_1); - db.rootFlag().verify(incorrectlyNotRootUser, true, DATE_2); - } - - @Test - public void updateRootFlagFromPermissions_sets_root_flag_to_false_if_user_has_admin_group_permission_on_other_organization() { - UserDto falselyRootUser = db.users().makeRoot(db.users().insertUser()); - UserDto notRootUser = db.users().insertUser(); - GroupDto otherOrganizationGroupDto = db.users().insertGroup(db.organizations().insert()); - db.users().insertPermissionOnGroup(otherOrganizationGroupDto, SYSTEM_ADMIN); - db.users().insertMembers(otherOrganizationGroupDto, falselyRootUser, notRootUser); - - call_updateRootFlagFromPermissions(falselyRootUser, DATE_2); - db.rootFlag().verify(falselyRootUser, false, DATE_2); - db.rootFlag().verify(notRootUser, false, notRootUser.getUpdatedAt()); - - call_updateRootFlagFromPermissions(notRootUser, DATE_1); - db.rootFlag().verify(falselyRootUser, false, DATE_2); - db.rootFlag().verify(notRootUser, false, DATE_1); - } - private void commit(Runnable runnable) { runnable.run(); session.commit(); @@ -741,11 +627,4 @@ public class UserDaoTest { dbClient.userGroupDao().insert(session, dto); return dto; } - - private void call_updateRootFlagFromPermissions(UserDto userDto, long now) { - when(system2.now()).thenReturn(now); - underTest.updateRootFlagFromPermissions(db.getSession(), userDto.getId(), db.getDefaultOrganization().getUuid()); - db.commit(); - } - } diff --git a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java index e1de83d0d24..10e539f2c80 100644 --- a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java +++ b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java @@ -80,45 +80,13 @@ public class UserDbTester { return insertRootByUserPermissionImpl(requireNonNull(login)); } - public UserDto insertRootByUserPermission() { - return insertRootByUserPermissionImpl(null); - } - private UserDto insertRootByUserPermissionImpl(@Nullable String login) { UserDto rootByUserPermissionUser = makeRoot(login == null ? insertUser() : insertUser(login)); insertPermissionOnUser(db.getDefaultOrganization(), rootByUserPermissionUser, SYSTEM_ADMIN); return rootByUserPermissionUser; } - public UserDto insertRootByGroupPermission(String login) { - return insertRootByGroupPermissionImpl(requireNonNull(login), null); - } - - /** - * @see #insertAdminGroup() - */ - public UserDto insertRootByGroupPermission(String login, GroupDto adminGroupDto) { - return insertRootByGroupPermissionImpl(requireNonNull(login), adminGroupDto); - } - - /** - * @see #insertAdminGroup() - */ - public UserDto insertRootByGroupPermission(GroupDto adminGroupDto) { - return insertRootByGroupPermissionImpl(null, adminGroupDto); - } - - public UserDto insertRootByGroupPermission() { - return insertRootByGroupPermissionImpl(null, null); - } - - public UserDto insertRootByGroupPermissionImpl(@Nullable String login, @Nullable GroupDto groupDto) { - UserDto rootByGroupPermissionUser = db.users().makeRoot(login == null ? insertUser() : insertUser(login)); - GroupDto adminGroup = createOrCheckAdminGroup(groupDto); - insertMember(adminGroup, rootByGroupPermissionUser); - return rootByGroupPermissionUser; - } public UserDto insertAdminByUserPermission(OrganizationDto org) { UserDto user = db.users().insertUser(); |