From f0af72abc18ccbe6eb0227d38dc898f052e04eda Mon Sep 17 00:00:00 2001
From: Julien Lancelot <julien.lancelot@sonarsource.com>
Date: Wed, 27 Sep 2017 18:22:39 +0200
Subject: SONAR-1330 Purge edit permissions when deleting user

---
 .../db/qualityprofile/QProfileEditUsersDao.java      |  4 ++++
 .../db/qualityprofile/QProfileEditUsersMapper.java   |  2 ++
 .../db/qualityprofile/QProfileEditUsersMapper.xml    |  5 +++++
 .../db/qualityprofile/QProfileEditUsersDaoTest.java  | 20 ++++++++++++++++++++
 4 files changed, 31 insertions(+)

(limited to 'server/sonar-db-dao')

diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java
index df41e1f4963..c41940af852 100644
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersDao.java
@@ -66,6 +66,10 @@ public class QProfileEditUsersDao implements Dao {
     executeLargeUpdates(qProfiles.stream().map(QProfileDto::getKee).collect(toList()), p -> mapper(dbSession).deleteByQProfiles(p));
   }
 
+  public void deleteByUser(DbSession dbSession, UserDto user) {
+    mapper(dbSession).deleteByUser(user.getId());
+  }
+
   private static QProfileEditUsersMapper mapper(DbSession dbSession) {
     return dbSession.getMapper(QProfileEditUsersMapper.class);
   }
diff --git a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java
index 4397d075714..399a0e58f4d 100644
--- a/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java
+++ b/server/sonar-db-dao/src/main/java/org/sonar/db/qualityprofile/QProfileEditUsersMapper.java
@@ -39,4 +39,6 @@ public interface QProfileEditUsersMapper {
   void delete(@Param("qProfileUuid") String qProfileUuid, @Param("userId") int userId);
 
   void deleteByQProfiles(@Param("qProfileUuids") Collection<String> qProfileUuids);
+
+  void deleteByUser(@Param("userId") int userId);
 }
diff --git a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml
index 1f46018f276..2365902336a 100644
--- a/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml
+++ b/server/sonar-db-dao/src/main/resources/org/sonar/db/qualityprofile/QProfileEditUsersMapper.xml
@@ -110,5 +110,10 @@
     where qprofile_uuid in <foreach collection="qProfileUuids" open="(" close=")" item="qProfileUuid" separator=",">#{qProfileUuid, jdbcType=VARCHAR}</foreach>
   </delete>
 
+  <delete id="deleteByUser" parameterType="map">
+    delete from qprofile_edit_users
+    where user_id = #{userId, jdbcType=INTEGER}
+  </delete>
+
 </mapper>
 
diff --git a/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java b/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java
index 2f7f8298f61..35c8ee81f3d 100644
--- a/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java
+++ b/server/sonar-db-dao/src/test/java/org/sonar/db/qualityprofile/QProfileEditUsersDaoTest.java
@@ -309,4 +309,24 @@ public class QProfileEditUsersDaoTest {
     assertThat(underTest.exists(db.getSession(), profile3, user1)).isTrue();
     assertThat(underTest.exists(db.getSession(), anotherProfile, user1)).isTrue();
   }
+
+  @Test
+  public void deleteByUser() {
+    OrganizationDto organization1 = db.organizations().insert();
+    OrganizationDto organization2 = db.organizations().insert();
+    QProfileDto profile1 = db.qualityProfiles().insert(organization1);
+    QProfileDto profile2 = db.qualityProfiles().insert(organization2);
+    QProfileDto profile3 = db.qualityProfiles().insert(organization1);
+    UserDto user1 = db.users().insertUser();
+    UserDto user2 = db.users().insertUser();
+    db.qualityProfiles().addUserPermission(profile1, user1);
+    db.qualityProfiles().addUserPermission(profile2, user1);
+    db.qualityProfiles().addUserPermission(profile3, user2);
+
+    underTest.deleteByUser(db.getSession(), user1);
+
+    assertThat(underTest.exists(db.getSession(), profile1, user1)).isFalse();
+    assertThat(underTest.exists(db.getSession(), profile2, user1)).isFalse();
+    assertThat(underTest.exists(db.getSession(), profile3, user2)).isTrue();
+  }
 }
-- 
cgit v1.2.3