From 9ffbe3df1ee7405c6ed8486ea43fd84983d071e4 Mon Sep 17 00:00:00 2001
From: Teryk Bellahsene <teryk.bellahsene@sonarsource.com>
Date: Thu, 27 Aug 2015 10:47:42 +0200
Subject: SONAR-6805 WS permissions/remove_group allow removal of last group
 and users admin permissions

---
 .../src/main/java/org/sonar/server/permission/PermissionUpdater.java    | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'server')

diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionUpdater.java b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionUpdater.java
index b78b2541988..9ce9a0bdaa4 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionUpdater.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/permission/PermissionUpdater.java
@@ -146,6 +146,7 @@ public class PermissionUpdater {
 
   private void checkOtherAdminUsersExist(DbSession session, PermissionChange permissionChange) {
     if (GlobalPermissions.SYSTEM_ADMIN.equals(permissionChange.permission())
+      && permissionChange.componentKey() == null
       && dbClient.roleDao().countUserPermissions(session, permissionChange.permission(), null) <= 1) {
       throw new BadRequestException(String.format("Last user with '%s' permission. Permission cannot be removed.", GlobalPermissions.SYSTEM_ADMIN));
     }
@@ -154,6 +155,7 @@ public class PermissionUpdater {
   private void checkAdminUsersExistOutsideTheRemovedGroup(DbSession session, PermissionChange permissionChange, @Nullable Long groupIdToExclude) {
     if (GlobalPermissions.SYSTEM_ADMIN.equals(permissionChange.permission())
       && groupIdToExclude != null
+      && permissionChange.componentKey() == null
       && dbClient.roleDao().countUserPermissions(session, permissionChange.permission(), groupIdToExclude) <= 0) {
       throw new BadRequestException(String.format("Last group with '%s' permission. Permission cannot be removed.", GlobalPermissions.SYSTEM_ADMIN));
     }
-- 
cgit v1.2.3