From fcf197ca9827fc1606ecedd49d7ca37273138d8f Mon Sep 17 00:00:00 2001
From: Sébastien Lesaint <sebastien.lesaint@sonarsource.com>
Date: Thu, 19 Jan 2017 10:00:52 +0100
Subject: SONAR-8608 consistent organization on permission/group/component

---
 .../org/sonar/db/component/ComponentMapper.java    |   8 +
 .../sonar/db/permission/GroupPermissionDao.java    |  27 +++
 .../org/sonar/db/permission/UserPermissionDao.java |  13 ++
 .../main/java/org/sonar/db/user/GroupMapper.java   |   7 +
 .../org/sonar/db/component/ComponentMapper.xml     |   9 +
 .../resources/org/sonar/db/user/GroupMapper.xml    |   9 +
 .../sonar/db/permission/AuthorizationDaoTest.java  |  23 +--
 .../db/permission/GroupPermissionDaoTest.java      | 185 +++++++++++----------
 .../sonar/db/permission/UserPermissionDaoTest.java | 158 +++++++++---------
 .../test/java/org/sonar/db/user/RoleDaoTest.java   |   5 +-
 .../test/java/org/sonar/db/user/UserDbTester.java  |  20 +--
 11 files changed, 259 insertions(+), 205 deletions(-)

(limited to 'sonar-db/src')

diff --git a/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java b/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java
index 7cf6f163b49..ed88b3950e0 100644
--- a/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java
+++ b/sonar-db/src/main/java/org/sonar/db/component/ComponentMapper.java
@@ -57,6 +57,14 @@ public interface ComponentMapper {
 
   List<ComponentDto> selectComponentsByQualifiers(@Param("qualifiers") Collection<String> qualifiers);
 
+  /**
+   * Counts the number of components with the specified id belonging to the specified organization.
+   *
+   * @return 1 or 0. Either because the organization uuid is not the one of the component or because the component does
+   *         not exist.
+   */
+  int countComponentByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("componentId") long componentId);
+
   List<ComponentDto> selectByQuery(@Param("query") ComponentQuery query, RowBounds rowBounds);
 
   int countByQuery(@Param("query") ComponentQuery query);
diff --git a/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java b/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java
index 77ee9cd6907..ac972f2e31a 100644
--- a/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java
+++ b/sonar-db/src/main/java/org/sonar/db/permission/GroupPermissionDao.java
@@ -28,7 +28,10 @@ import org.apache.ibatis.session.RowBounds;
 import org.sonar.api.security.DefaultGroups;
 import org.sonar.db.Dao;
 import org.sonar.db.DbSession;
+import org.sonar.db.component.ComponentMapper;
+import org.sonar.db.user.GroupMapper;
 
+import static com.google.common.base.Preconditions.checkArgument;
 import static org.sonar.db.DatabaseUtils.executeLargeInputs;
 import static org.sonar.db.DatabaseUtils.executeLargeInputsWithoutOutput;
 
@@ -102,9 +105,33 @@ public class GroupPermissionDao implements Dao {
   }
 
   public void insert(DbSession dbSession, GroupPermissionDto dto) {
+    ensureComponentPermissionConsistency(dbSession, dto);
+    ensureGroupPermissionConsistency(dbSession, dto);
     mapper(dbSession).insert(dto);
   }
 
+  private static void ensureComponentPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
+    if (dto.getResourceId() == null) {
+      return;
+    }
+    ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
+    checkArgument(
+      componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getResourceId()) == 1,
+      "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
+      dto.getRole(), dto.getResourceId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+  }
+
+  private static void ensureGroupPermissionConsistency(DbSession dbSession, GroupPermissionDto dto) {
+    if (dto.getGroupId() == null) {
+      return;
+    }
+    GroupMapper groupMapper = dbSession.getMapper(GroupMapper.class);
+    checkArgument(
+      groupMapper.countGroupByOrganizationAndId(dto.getOrganizationUuid(), dto.getGroupId()) == 1,
+      "Can't insert permission '%s' for group with id '%s' in organization with uuid '%s' because this group does not belong to organization with uuid '%s'",
+      dto.getRole(), dto.getGroupId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+  }
+
   /**
    * Delete all the permissions associated to a root component (project)
    */
diff --git a/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java b/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java
index ac72fe33491..5490c119b70 100644
--- a/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java
+++ b/sonar-db/src/main/java/org/sonar/db/permission/UserPermissionDao.java
@@ -27,6 +27,7 @@ import org.sonar.core.util.stream.Collectors;
 import org.sonar.db.Dao;
 import org.sonar.db.DatabaseUtils;
 import org.sonar.db.DbSession;
+import org.sonar.db.component.ComponentMapper;
 
 import static com.google.common.base.Preconditions.checkArgument;
 import static java.util.Collections.emptyList;
@@ -107,9 +108,21 @@ public class UserPermissionDao implements Dao {
   }
 
   public void insert(DbSession dbSession, UserPermissionDto dto) {
+    ensureComponentPermissionConsistency(dbSession, dto);
     mapper(dbSession).insert(dto);
   }
 
+  private static void ensureComponentPermissionConsistency(DbSession dbSession, UserPermissionDto dto) {
+    if (dto.getComponentId() == null) {
+      return;
+    }
+    ComponentMapper componentMapper = dbSession.getMapper(ComponentMapper.class);
+    checkArgument(
+      componentMapper.countComponentByOrganizationAndId(dto.getOrganizationUuid(), dto.getComponentId()) == 1,
+      "Can't insert permission '%s' for component with id '%s' in organization with uuid '%s' because this component does not belong to organization with uuid '%s'",
+      dto.getPermission(), dto.getComponentId(), dto.getOrganizationUuid(), dto.getOrganizationUuid());
+  }
+
   /**
    * Removes a single global permission from user
    */
diff --git a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java
index cbb3e0dff7c..8066482bb79 100644
--- a/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java
+++ b/sonar-db/src/main/java/org/sonar/db/user/GroupMapper.java
@@ -42,6 +42,13 @@ public interface GroupMapper {
 
   int countByQuery(@Param("organizationUuid") String organizationUuid, @Nullable @Param("query") String query);
 
+  /**
+   * Counts the number of groups with the specified id belonging to the specified organization.
+   *
+   * @return 1 or 0. Either because the organization uuid is not the one of the group or because the group does not exist
+   */
+  int countGroupByOrganizationAndId(@Param("organizationUuid") String organizationUuid, @Param("groupId") long groupId);
+
   void deleteById(long groupId);
 
   void deleteByOrganization(@Param("organizationUuid") String organizationUuid);
diff --git a/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml b/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml
index 0607cbce185..c6614dd1d44 100644
--- a/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml
+++ b/sonar-db/src/main/resources/org/sonar/db/component/ComponentMapper.xml
@@ -225,6 +225,15 @@
       </foreach>
   </select>
 
+  <select id="countComponentByOrganizationAndId" resultType="int">
+    select
+      count(1)
+    from projects p
+    where
+      p.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
+      and p.id = #{componentId,jdbcType=BIGINT}
+  </select>
+
   <select id="selectByQuery" resultType="Component">
     select
       <include refid="componentColumns"/>
diff --git a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml
index bc74e334d7e..39b0193fc31 100644
--- a/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml
+++ b/sonar-db/src/main/resources/org/sonar/db/user/GroupMapper.xml
@@ -120,6 +120,15 @@
     </if>
   </select>
 
+  <select id="countGroupByOrganizationAndId" parameterType="map" resultType="int">
+    select
+      count(1)
+    from groups g
+    where
+      g.organization_uuid = #{organizationUuid,jdbcType=VARCHAR}
+      and g.id = #{groupId,jdbcType=BIGINT}
+  </select>
+
   <select id="selectByOrganizationUuid" parameterType="map" resultType="Group">
     select
     <include refid="groupColumns"/>
diff --git a/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java b/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java
index 0bc7faa939a..b44fcf8c1b7 100644
--- a/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/permission/AuthorizationDaoTest.java
@@ -53,6 +53,7 @@ public class AuthorizationDaoTest {
 
   @Rule
   public DbTester db = DbTester.create(System2.INSTANCE);
+
   private DbSession dbSession = db.getSession();
   private AuthorizationDao underTest = new AuthorizationDao(db.myBatis());
   private OrganizationDto org;
@@ -76,10 +77,10 @@ public class AuthorizationDaoTest {
    */
   @Test
   public void selectOrganizationPermissions_for_logged_in_user() {
-    ComponentDto project = db.components().insertProject();
+    ComponentDto project = db.components().insertProject(org);
     db.users().insertMember(group1, user);
     db.users().insertPermissionOnUser(org, user, "perm1");
-    db.users().insertProjectPermissionOnUser(org, user, "perm42", project);
+    db.users().insertProjectPermissionOnUser(user, "perm42", project);
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertPermissionOnAnyone(org, "perm3");
 
@@ -117,8 +118,8 @@ public class AuthorizationDaoTest {
   @Test
   public void selectRootComponentPermissions_for_logged_in_user() {
     db.users().insertMember(group1, user);
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertProjectPermissionOnAnyone("perm1", project1);
+    ComponentDto project1 = db.components().insertProject(org);
+    db.users().insertProjectPermissionOnAnyone(org, "perm1", project1);
     db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);
     db.users().insertProjectPermissionOnUser(user, "perm3", project1);
 
@@ -141,14 +142,14 @@ public class AuthorizationDaoTest {
    */
   @Test
   public void selectRootComponentPermissions_for_anonymous_user() {
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertProjectPermissionOnAnyone("perm1", project1);
+    ComponentDto project1 = db.components().insertProject(org);
+    db.users().insertProjectPermissionOnAnyone(org, "perm1", project1);
 
     // ignored permissions
     db.users().insertPermissionOnAnyone(org, "ignored");
     db.users().insertPermissionOnUser(org, user, "ignored");
     db.users().insertPermissionOnGroup(group1, "ignored");
-    ComponentDto project2 = db.components().insertProject();
+    ComponentDto project2 = db.components().insertProject(org);
     db.users().insertProjectPermissionOnGroup(group1, "ignored", project2);
 
     Set<String> permissions = underTest.selectRootComponentPermissionsOfAnonymous(dbSession, project1.getId());
@@ -560,11 +561,11 @@ public class AuthorizationDaoTest {
     assertThat(count).isEqualTo(3);
 
     // another organization
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION,  group1.getId(), u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, DOES_NOT_EXIST, A_PERMISSION, group1.getId(), u2.getId());
     assertThat(count).isEqualTo(0);
 
     // another permission
-    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST,  group1.getId(), u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingGroupMember(dbSession, org.getUuid(), DOES_NOT_EXIST, group1.getId(), u2.getId());
     assertThat(count).isEqualTo(0);
   }
 
@@ -588,11 +589,11 @@ public class AuthorizationDaoTest {
     assertThat(count).isEqualTo(3);
 
     // another organization
-    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION,  u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getId());
     assertThat(count).isEqualTo(0);
 
     // another permission
-    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST,  u2.getId());
+    count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, org.getUuid(), DOES_NOT_EXIST, u2.getId());
     assertThat(count).isEqualTo(0);
   }
 
diff --git a/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java b/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java
index 2ae7ec72b25..3383821e733 100644
--- a/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/permission/GroupPermissionDaoTest.java
@@ -35,6 +35,7 @@ import org.sonar.db.organization.OrganizationDto;
 import org.sonar.db.user.GroupDto;
 
 import static java.util.Arrays.asList;
+import static java.util.Collections.singletonList;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.assertj.core.api.Assertions.tuple;
 import static org.sonar.api.security.DefaultGroups.ANYONE;
@@ -45,7 +46,6 @@ import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
 import static org.sonar.core.permission.GlobalPermissions.SCAN_EXECUTION;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
 import static org.sonar.db.component.ComponentTesting.newProjectDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
 
 public class GroupPermissionDaoTest {
 
@@ -78,7 +78,7 @@ public class GroupPermissionDaoTest {
     db.users().insertProjectPermissionOnGroup(group2, ADMIN, project2);
     db.users().insertProjectPermissionOnGroup(group3, ADMIN, project2);
     // anyone group
-    db.users().insertProjectPermissionOnAnyone(ADMIN, project2);
+    db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), ADMIN, project2);
     db.users().insertProjectPermissionOnGroup(group1, USER, project2);
     db.users().insertProjectPermissionOnGroup(group1, USER, project3);
 
@@ -94,21 +94,23 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_is_ordered_by_group_names() {
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
 
-    assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().build())).containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName());
+    assertThat(underTest.selectGroupNamesByQuery(dbSession, organizationDto.getUuid(), PermissionQuery.builder().build()))
+      .containsExactly(ANYONE, group1.getName(), group2.getName(), group3.getName());
   }
 
   @Test
   public void countGroupsByQuery() {
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
-    addGroupOnDefaultOrganization("Group-2");
-    addGroupOnDefaultOrganization("Group-3");
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
+    OrganizationDto organizationDto = db.getDefaultOrganization();
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+    db.users().insertGroup(organizationDto, "Group-2");
+    db.users().insertGroup(organizationDto, "Group-3");
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
     db.users().insertPermissionOnGroup(group1, PROVISIONING);
 
     assertThat(underTest.countGroupsByQuery(dbSession,
@@ -125,26 +127,27 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_with_global_permission() {
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
 
-    ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization()));
+    ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
 
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
-    db.users().insertPermissionOnAnyone(PROVISIONING);
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+    db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING);
     db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION);
     db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN);
     db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName());
+      organizationDto.getUuid(), PermissionQuery.builder().setPermission(SCAN_EXECUTION).build())).containsExactly(ANYONE, group1.getName());
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName());
+      organizationDto.getUuid(), PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build())).containsExactly(group3.getName());
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
-      defaultOrganizationUuid, PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE);
+      organizationDto.getUuid(), PermissionQuery.builder().setPermission(PROVISIONING).build())).containsExactly(ANYONE);
   }
 
   @Test
@@ -158,10 +161,10 @@ public class GroupPermissionDaoTest {
 
     db.users().insertProjectPermissionOnGroup(group1, SCAN_EXECUTION, project);
     db.users().insertProjectPermissionOnGroup(group1, PROVISIONING, project);
-    db.users().insertProjectPermissionOnAnyone(USER, project);
+    db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), USER, project);
 
     db.users().insertProjectPermissionOnGroup(group1, SYSTEM_ADMIN, anotherProject);
-    db.users().insertProjectPermissionOnAnyone(SYSTEM_ADMIN, anotherProject);
+    db.users().insertProjectPermissionOnAnyone(db.getDefaultOrganization(), SYSTEM_ADMIN, anotherProject);
     db.users().insertProjectPermissionOnGroup(group3, SCAN_EXECUTION, anotherProject);
     db.users().insertPermissionOnGroup(group2, SCAN_EXECUTION);
 
@@ -176,7 +179,7 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_is_paginated() {
-    IntStream.rangeClosed(0, 9).forEach(i -> addGroupOnDefaultOrganization(i + "-name"));
+    IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertGroup(db.getDefaultOrganization(), i + "-name"));
 
     List<String> groupNames = underTest.selectGroupNamesByQuery(dbSession,
       defaultOrganizationUuid, PermissionQuery.builder().setPageIndex(2).setPageSize(3).build());
@@ -185,8 +188,8 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void selectGroupNamesByQuery_with_search_query() {
-    GroupDto group = addGroupOnDefaultOrganization("group-anyone");
-    addGroupOnDefaultOrganization("unknown");
+    GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "group-anyone");
+    db.users().insertGroup(db.getDefaultOrganization(), "unknown");
     db.users().insertPermissionOnGroup(group, SCAN_EXECUTION);
 
     assertThat(underTest.selectGroupNamesByQuery(dbSession,
@@ -207,75 +210,76 @@ public class GroupPermissionDaoTest {
   public void selectByGroupIds_on_global_permissions() {
     OrganizationDto organizationDto = db.organizations().insert();
 
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
     db.users().insertPermissionOnGroup(group1, SCAN_EXECUTION);
 
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
     ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
     db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
 
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
     db.users().insertPermissionOnGroup(group3, SYSTEM_ADMIN);
 
     // Anyone
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
-    db.users().insertPermissionOnAnyone(PROVISIONING);
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+    db.users().insertPermissionOnAnyone(organizationDto, PROVISIONING);
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), null))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId()), null))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group1.getId(), SCAN_EXECUTION, null));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), null)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group2.getId()), null)).isEmpty();
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), null))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group3.getId()), null))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group3.getId(), SYSTEM_ADMIN, null));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), null))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(ANYONE_ID), null))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(
         tuple(0L, SCAN_EXECUTION, null),
         tuple(0L, PROVISIONING, null));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3);
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), null)).isEmpty();
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), null)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), null)).hasSize(3);
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(MISSING_ID), null)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), null)).isEmpty();
   }
 
   @Test
   public void selectByGroupIds_on_projects() {
-    GroupDto group1 = addGroupOnDefaultOrganization("Group-1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto, "Group-1");
     db.users().insertPermissionOnGroup(group1, PROVISIONING);
 
-    GroupDto group2 = addGroupOnDefaultOrganization("Group-2");
-    ComponentDto project = db.components().insertComponent(newProjectDto(db.getDefaultOrganization()));
+    GroupDto group2 = db.users().insertGroup(organizationDto, "Group-2");
+    ComponentDto project = db.components().insertComponent(newProjectDto(organizationDto));
     db.users().insertProjectPermissionOnGroup(group2, USER, project);
 
-    GroupDto group3 = addGroupOnDefaultOrganization("Group-3");
+    GroupDto group3 = db.users().insertGroup(organizationDto, "Group-3");
     db.users().insertProjectPermissionOnGroup(group3, USER, project);
 
     // Anyone group
-    db.users().insertPermissionOnAnyone(SCAN_EXECUTION);
-    db.users().insertProjectPermissionOnAnyone(PROVISIONING, project);
+    db.users().insertPermissionOnAnyone(organizationDto, SCAN_EXECUTION);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, PROVISIONING, project);
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), project.getId())).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, singletonList(group1.getId()), project.getId())).isEmpty();
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group2.getId()), project.getId()))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group2.getId()), project.getId()))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group2.getId(), USER, project.getId()));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group3.getId()), project.getId()))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group3.getId()), project.getId()))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(group3.getId(), USER, project.getId()));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(ANYONE_ID), project.getId()))
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(ANYONE_ID), project.getId()))
       .extracting(GroupPermissionDto::getGroupId, GroupPermissionDto::getRole, GroupPermissionDto::getResourceId)
       .containsOnly(tuple(0L, PROVISIONING, project.getId()));
 
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2);
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(MISSING_ID), project.getId())).isEmpty();
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, asList(group1.getId()), 123L)).isEmpty();
-    assertThat(underTest.selectByGroupIds(dbSession, defaultOrganizationUuid, Collections.emptyList(), project.getId())).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), asList(group1.getId(), group2.getId(), ANYONE_ID), project.getId())).hasSize(2);
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(MISSING_ID), project.getId())).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), singletonList(group1.getId()), 123L)).isEmpty();
+    assertThat(underTest.selectByGroupIds(dbSession, organizationDto.getUuid(), Collections.emptyList(), project.getId())).isEmpty();
   }
 
   @Test
@@ -284,7 +288,7 @@ public class GroupPermissionDaoTest {
     OrganizationDto org2 = db.organizations().insert();
     GroupDto group1 = db.users().insertGroup(org1, "group1");
     GroupDto group2 = db.users().insertGroup(org2, "group2");
-    ComponentDto project = db.components().insertProject();
+    ComponentDto project = db.components().insertProject(org1);
 
     db.users().insertPermissionOnAnyone(org1, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
@@ -306,8 +310,8 @@ public class GroupPermissionDaoTest {
   public void selectProjectPermissionsOfGroup() {
     OrganizationDto org1 = db.organizations().insert();
     GroupDto group1 = db.users().insertGroup(org1, "group1");
-    ComponentDto project1 = db.components().insertProject();
-    ComponentDto project2 = db.components().insertProject();
+    ComponentDto project1 = db.components().insertProject(org1);
+    ComponentDto project2 = db.components().insertProject(org1);
 
     db.users().insertPermissionOnAnyone(org1, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
@@ -328,16 +332,18 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void projectHasPermissions_is_false_if_no_permissions_at_all() {
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isFalse();
   }
 
   @Test
   public void projectHasPermissions_is_true_if_at_least_one_permission_on_group() {
-    GroupDto group1 = db.users().insertGroup(newGroupDto());
-    ComponentDto project1 = db.components().insertProject();
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
     db.users().insertProjectPermissionOnGroup(group1, "perm1", project1);
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
@@ -345,9 +351,10 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void projectHasPermissions_is_true_if_at_least_one_permission_on_anyone() {
-    ComponentDto project1 = db.components().insertProject();
-    ComponentDto project2 = db.components().insertProject();
-    db.users().insertProjectPermissionOnAnyone("perm1", project1);
+    OrganizationDto organizationDto = db.organizations().insert();
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    ComponentDto project2 = db.components().insertProject(organizationDto);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm1", project1);
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
     assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse();
@@ -355,13 +362,14 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void deleteByRootComponentId() {
-    GroupDto group1 = db.users().insertGroup(newGroupDto());
-    GroupDto group2 = db.users().insertGroup(newGroupDto());
-    ComponentDto project1 = db.components().insertProject();
-    ComponentDto project2 = db.components().insertProject();
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    GroupDto group2 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    ComponentDto project2 = db.components().insertProject(organizationDto);
     db.users().insertPermissionOnGroup(group1, "perm1");
     db.users().insertProjectPermissionOnGroup(group1, "perm2", project1);
-    db.users().insertProjectPermissionOnAnyone("perm3", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm3", project1);
     db.users().insertProjectPermissionOnGroup(group2, "perm4", project2);
 
     underTest.deleteByRootComponentId(dbSession, project1.getId());
@@ -373,12 +381,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_global_permission_from_group() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm2", group1.getOrganizationUuid(), group1.getId(), null);
     dbSession.commit();
@@ -389,12 +398,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_global_permission_from_anyone() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm1", group1.getOrganizationUuid(), null, null);
     dbSession.commit();
@@ -405,12 +415,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_project_permission_from_group() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm3", group1.getOrganizationUuid(), group1.getId(), project1.getId());
     dbSession.commit();
@@ -421,12 +432,13 @@ public class GroupPermissionDaoTest {
 
   @Test
   public void delete_project_permission_from_anybody() {
-    GroupDto group1 = db.users().insertGroup();
-    ComponentDto project1 = db.components().insertProject();
-    db.users().insertPermissionOnAnyone("perm1");
+    OrganizationDto organizationDto = db.organizations().insert();
+    GroupDto group1 = db.users().insertGroup(organizationDto);
+    ComponentDto project1 = db.components().insertProject(organizationDto);
+    db.users().insertPermissionOnAnyone(organizationDto, "perm1");
     db.users().insertPermissionOnGroup(group1, "perm2");
     db.users().insertProjectPermissionOnGroup(group1, "perm3", project1);
-    db.users().insertProjectPermissionOnAnyone("perm4", project1);
+    db.users().insertProjectPermissionOnAnyone(organizationDto, "perm4", project1);
 
     underTest.delete(dbSession, "perm4", group1.getOrganizationUuid(), null, project1.getId());
     dbSession.commit();
@@ -478,8 +490,8 @@ public class GroupPermissionDaoTest {
 
   private void verifyOrganizationUuidsInTable(String... organizationUuids) {
     assertThat(db.select("select distinct organization_uuid as \"organizationUuid\" from group_roles"))
-        .extracting((row) -> (String) row.get("organizationUuid"))
-        .containsOnly(organizationUuids);
+      .extracting((row) -> (String) row.get("organizationUuid"))
+      .containsOnly(organizationUuids);
   }
 
   private Long insertGroupWithPermissions(OrganizationDto organization1) {
@@ -494,7 +506,4 @@ public class GroupPermissionDaoTest {
     assertThat(db.countSql("select count(id) from group_roles where role='" + permission + "'")).isEqualTo(0);
   }
 
-  private GroupDto addGroupOnDefaultOrganization(String name) {
-    return db.users().insertGroup(db.getDefaultOrganization(), name);
-  }
 }
diff --git a/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java b/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java
index 186fc7e3fb4..e8aec519644 100644
--- a/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/permission/UserPermissionDaoTest.java
@@ -41,7 +41,6 @@ import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
 import static org.sonar.api.web.UserRole.USER;
 import static org.sonar.core.permission.GlobalPermissions.PROVISIONING;
 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
-import static org.sonar.db.organization.OrganizationTesting.newOrganizationDto;
 import static org.sonar.db.user.UserTesting.newUserDto;
 
 public class UserPermissionDaoTest {
@@ -53,6 +52,7 @@ public class UserPermissionDaoTest {
   private UserDto user1 = newUserDto().setLogin("login1").setName("Marius").setActive(true);
   private UserDto user2 = newUserDto().setLogin("login2").setName("Marie").setActive(true);
   private UserDto user3 = newUserDto().setLogin("login3").setName("Bernard").setActive(true);
+  private OrganizationDto organizationDto;
   private ComponentDto project1;
   private ComponentDto project2;
   private DbSession dbSession = dbTester.getSession();
@@ -63,7 +63,7 @@ public class UserPermissionDaoTest {
     dbClient.userDao().insert(dbSession, user1);
     dbClient.userDao().insert(dbSession, user2);
     dbClient.userDao().insert(dbSession, user3);
-    OrganizationDto organizationDto = dbTester.organizations().insert();
+    organizationDto = dbTester.organizations().insert();
     project1 = dbTester.components().insertProject(organizationDto);
     project2 = dbTester.components().insertProject(organizationDto);
     dbTester.commit();
@@ -71,133 +71,133 @@ public class UserPermissionDaoTest {
 
   @Test
   public void select_global_permissions() {
-    OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto());
-    UserPermissionDto global1 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    UserPermissionDto global2 = addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user2);
-    UserPermissionDto global3 = addGlobalPermissionOnDefaultOrganization(PROVISIONING, user2);
-    UserPermissionDto project1Perm = addProjectPermissionOnDefaultOrganization(USER, user3, project1);
+    OrganizationDto org2 = dbTester.organizations().insert();
+    UserPermissionDto global1 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    UserPermissionDto global2 = addGlobalPermission(organizationDto, SYSTEM_ADMIN, user2);
+    UserPermissionDto global3 = addGlobalPermission(organizationDto, PROVISIONING, user2);
+    UserPermissionDto project1Perm = addProjectPermission(organizationDto, USER, user3, project1);
     // permissions on another organization, to be excluded
     UserPermissionDto org2Global1 = addGlobalPermission(org2, SYSTEM_ADMIN, user1);
     UserPermissionDto org2Global2 = addGlobalPermission(org2, PROVISIONING, user2);
 
     // global permissions of users who has at least one global permission, ordered by user name then permission
     PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, null, global2, global3, global1);
+    expectPermissions(organizationDto, query, null, global2, global3, global1);
 
     // default query returns all users, whatever their permissions nor organizations
     // (that's a non-sense, but still this is required for api/permissions/groups
     // when filtering users by name)
     query = PermissionQuery.builder().build();
-    expectPermissions(query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1);
+    expectPermissions(organizationDto, query, null, project1Perm, global2, global3, org2Global2, global1, org2Global1);
 
     // return empty list if non-null but empty logins
-    expectPermissions(query, Collections.emptyList());
+    expectPermissions(organizationDto, query, Collections.emptyList());
 
     // global permissions of user1
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user1.getLogin()), global1);
+    expectPermissions(organizationDto, query, asList(user1.getLogin()), global1);
 
     // global permissions of user2
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user2.getLogin()), global2, global3);
+    expectPermissions(organizationDto, query, asList(user2.getLogin()), global2, global3);
 
     // global permissions of user1, user2 and another one
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1);
+    expectPermissions(organizationDto, query, asList(user1.getLogin(), user2.getLogin(), "missing"), global2, global3, global1);
 
     // empty global permissions if login does not exist
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList("missing"));
+    expectPermissions(organizationDto, query, asList("missing"));
 
     // empty global permissions if user does not have any
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user3.getLogin()));
+    expectPermissions(organizationDto, query, asList(user3.getLogin()));
 
     // user3 has no global permissions
     query = PermissionQuery.builder().withAtLeastOnePermission().build();
-    expectPermissions(query, asList(user3.getLogin()));
+    expectPermissions(organizationDto, query, asList(user3.getLogin()));
 
     // global permissions "admin"
     query = PermissionQuery.builder().setPermission(SYSTEM_ADMIN).build();
-    expectPermissions(query, null, global2, global1);
+    expectPermissions(organizationDto, query, null, global2, global1);
 
     // empty if nobody has the specified global permission
     query = PermissionQuery.builder().setPermission("missing").build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
 
     // search by user name (matches 2 users)
     query = PermissionQuery.builder().withAtLeastOnePermission().setSearchQuery("Mari").build();
-    expectPermissions(query, null, global2, global3, global1);
+    expectPermissions(organizationDto, query, null, global2, global3, global1);
 
     // search by user name (matches 2 users) and global permission
     query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(PROVISIONING).build();
-    expectPermissions(query, null, global3);
+    expectPermissions(organizationDto, query, null, global3);
 
     // search by user name (no match)
     query = PermissionQuery.builder().setSearchQuery("Unknown").build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
   }
 
   @Test
   public void select_project_permissions() {
-    addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    UserPermissionDto perm1 = addProjectPermissionOnDefaultOrganization(USER, user1, project1);
-    UserPermissionDto perm2 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1);
-    UserPermissionDto perm3 = addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user3, project2);
+    addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    UserPermissionDto perm1 = addProjectPermission(organizationDto, USER, user1, project1);
+    UserPermissionDto perm2 = addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1);
+    UserPermissionDto perm3 = addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user3, project2);
 
     // project permissions of users who has at least one permission on this project
     PermissionQuery query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null, perm3, perm2, perm1);
+    expectPermissions(organizationDto, query, null, perm3, perm2, perm1);
 
     // project permissions of user1
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user1.getLogin()), perm2, perm1);
+    expectPermissions(organizationDto, query, asList(user1.getLogin()), perm2, perm1);
 
     // project permissions of user2
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user2.getLogin()), perm3);
+    expectPermissions(organizationDto, query, asList(user2.getLogin()), perm3);
 
     // project permissions of user2 and another one
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user2.getLogin(), "missing"), perm3);
+    expectPermissions(organizationDto, query, asList(user2.getLogin(), "missing"), perm3);
 
     // empty project permissions if login does not exist
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList("missing"));
+    expectPermissions(organizationDto, query, asList("missing"));
 
     // empty project permissions if user does not have any
     query = PermissionQuery.builder().withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, asList(user3.getLogin()));
+    expectPermissions(organizationDto, query, asList(user3.getLogin()));
 
     // empty if nobody has the specified global permission
     query = PermissionQuery.builder().setPermission("missing").setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
 
     // search by user name (matches 2 users), users with at least one permission
     query = PermissionQuery.builder().setSearchQuery("Mari").withAtLeastOnePermission().setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null, perm3, perm2, perm1);
+    expectPermissions(organizationDto, query, null, perm3, perm2, perm1);
 
     // search by user name (matches 2 users) and project permission
     query = PermissionQuery.builder().setSearchQuery("Mari").setPermission(ISSUE_ADMIN).setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null, perm3, perm2);
+    expectPermissions(organizationDto, query, null, perm3, perm2);
 
     // search by user name (no match)
     query = PermissionQuery.builder().setSearchQuery("Unknown").setComponentUuid(project1.uuid()).build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
 
     // permissions of unknown project
     query = PermissionQuery.builder().setComponentUuid("missing").withAtLeastOnePermission().build();
-    expectPermissions(query, null);
+    expectPermissions(organizationDto, query, null);
   }
 
   @Test
   public void countUsersByProjectPermission() {
-    addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    addProjectPermissionOnDefaultOrganization(USER, user1, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user1, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project1);
-    addProjectPermissionOnDefaultOrganization(ISSUE_ADMIN, user2, project2);
+    addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    addProjectPermission(organizationDto, USER, user1, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user1, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project1);
+    addProjectPermission(organizationDto, ISSUE_ADMIN, user2, project2);
 
     // no projects -> return empty list
     assertThat(underTest.countUsersByProjectPermission(dbSession, Collections.emptyList())).isEmpty();
@@ -216,8 +216,10 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectUserIds() {
-    OrganizationDto org1 = dbTester.organizations().insert(newOrganizationDto());
-    OrganizationDto org2 = dbTester.organizations().insert(newOrganizationDto());
+    OrganizationDto org1 = dbTester.organizations().insert();
+    OrganizationDto org2 = dbTester.organizations().insert();
+    ComponentDto project1 = dbTester.components().insertProject(org1);
+    ComponentDto project2 = dbTester.components().insertProject(org2);
 
     addProjectPermission(org1, USER, user1, project1);
     addProjectPermission(org1, USER, user2, project1);
@@ -253,11 +255,11 @@ public class UserPermissionDaoTest {
 
   @Test
   public void deleteGlobalPermission() {
-    addGlobalPermissionOnDefaultOrganization("perm1", user1);
-    addGlobalPermissionOnDefaultOrganization("perm2", user1);
-    addProjectPermissionOnDefaultOrganization("perm1", user1, project1);
-    addProjectPermissionOnDefaultOrganization("perm3", user2, project1);
-    addProjectPermissionOnDefaultOrganization("perm4", user2, project2);
+    addGlobalPermission(organizationDto, "perm1", user1);
+    addGlobalPermission(organizationDto, "perm2", user1);
+    addProjectPermission(organizationDto, "perm1", user1, project1);
+    addProjectPermission(organizationDto, "perm3", user2, project1);
+    addProjectPermission(organizationDto, "perm4", user2, project2);
 
     // user2 does not have global permissions -> do nothing
     underTest.deleteGlobalPermission(dbSession, user2.getId(), "perm1", dbTester.getDefaultOrganization().getUuid());
@@ -276,17 +278,17 @@ public class UserPermissionDaoTest {
     assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(5);
 
     // global permission exists -> delete it, but not the project permission with the same name !
-    underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", dbTester.getDefaultOrganization().getUuid());
+    underTest.deleteGlobalPermission(dbSession, user1.getId(), "perm1", organizationDto.getUuid());
     assertThat(dbTester.countSql(dbSession, "select count(id) from user_roles where role='perm1' and resource_id is null")).isEqualTo(0);
     assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(4);
   }
 
   @Test
   public void deleteProjectPermission() {
-    addGlobalPermissionOnDefaultOrganization("perm", user1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project2);
-    addProjectPermissionOnDefaultOrganization("perm", user2, project1);
+    addGlobalPermission(organizationDto, "perm", user1);
+    addProjectPermission(organizationDto, "perm", user1, project1);
+    addProjectPermission(organizationDto, "perm", user1, project2);
+    addProjectPermission(organizationDto, "perm", user2, project1);
 
     // no such provision -> ignore
     underTest.deleteProjectPermission(dbSession, user1.getId(), "anotherPerm", project1.getId());
@@ -299,10 +301,10 @@ public class UserPermissionDaoTest {
 
   @Test
   public void deleteProjectPermissions() {
-    addGlobalPermissionOnDefaultOrganization("perm", user1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project1);
-    addProjectPermissionOnDefaultOrganization("perm", user2, project1);
-    addProjectPermissionOnDefaultOrganization("perm", user1, project2);
+    addGlobalPermission(organizationDto, "perm", user1);
+    addProjectPermission(organizationDto, "perm", user1, project1);
+    addProjectPermission(organizationDto, "perm", user2, project1);
+    addProjectPermission(organizationDto, "perm", user1, project2);
 
     underTest.deleteProjectPermissions(dbSession, project1.getId());
     assertThat(dbTester.countRowsOfTable(dbSession, "user_roles")).isEqualTo(2);
@@ -311,8 +313,8 @@ public class UserPermissionDaoTest {
 
   @Test
   public void projectHasPermissions() {
-    addGlobalPermissionOnDefaultOrganization(SYSTEM_ADMIN, user1);
-    addProjectPermissionOnDefaultOrganization(USER, user1, project1);
+    addGlobalPermission(organizationDto, SYSTEM_ADMIN, user1);
+    addProjectPermission(organizationDto, USER, user1, project1);
 
     assertThat(underTest.hasRootComponentPermissions(dbSession, project1.getId())).isTrue();
     assertThat(underTest.hasRootComponentPermissions(dbSession, project2.getId())).isFalse();
@@ -320,12 +322,12 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectGlobalPermissionsOfUser() {
-    OrganizationDto org = dbTester.organizations().insert(newOrganizationDto());
-    addGlobalPermissionOnDefaultOrganization("perm1", user1);
-    addGlobalPermissionOnDefaultOrganization("perm2", user2);
+    OrganizationDto org = dbTester.organizations().insert();
+    addGlobalPermission(dbTester.getDefaultOrganization(), "perm1", user1);
+    addGlobalPermission(org, "perm2", user2);
     addGlobalPermission(org, "perm3", user1);
-    addProjectPermissionOnDefaultOrganization("perm4", user1, project1);
-    addProjectPermission(org, "perm5", user1, project1);
+    addProjectPermission(organizationDto, "perm4", user1, project1);
+    addProjectPermission(organizationDto, "perm5", user1, project1);
 
     assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), org.getUuid())).containsOnly("perm3");
     assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user1.getId(), dbTester.getDefaultOrganization().getUuid())).containsOnly("perm1");
@@ -335,13 +337,13 @@ public class UserPermissionDaoTest {
 
   @Test
   public void selectProjectPermissionsOfUser() {
-    OrganizationDto org = dbTester.organizations().insert(newOrganizationDto());
-    ComponentDto project3 = dbTester.components().insertProject();
-    addGlobalPermission(org, "perm1", user1);
-    addProjectPermission(org, "perm2", user1, project1);
-    addProjectPermission(org, "perm3", user1, project1);
-    addProjectPermission(org, "perm4", user1, project2);
-    addProjectPermission(org, "perm5", user2, project1);
+    OrganizationDto org = dbTester.organizations().insert();
+    ComponentDto project3 = dbTester.components().insertProject(org);
+    addGlobalPermission(organizationDto, "perm1", user1);
+    addProjectPermission(organizationDto, "perm2", user1, project1);
+    addProjectPermission(organizationDto, "perm3", user1, project1);
+    addProjectPermission(organizationDto, "perm4", user1, project2);
+    addProjectPermission(organizationDto, "perm5", user2, project1);
 
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project1.getId())).containsOnly("perm2", "perm3");
     assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user1.getId(), project2.getId())).containsOnly("perm4");
@@ -411,10 +413,6 @@ public class UserPermissionDaoTest {
     }
   }
 
-  private void expectPermissions(PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) {
-    expectPermissions(dbTester.getDefaultOrganization(), query, logins, expected);
-  }
-
   private void expectPermissions(OrganizationDto org, PermissionQuery query, @Nullable Collection<String> logins, UserPermissionDto... expected) {
     // test method "select()"
     List<UserPermissionDto> permissions = underTest.select(dbSession, org.getUuid(), query, logins);
@@ -434,10 +432,6 @@ public class UserPermissionDaoTest {
     }
   }
 
-  private UserPermissionDto addGlobalPermissionOnDefaultOrganization(String permission, UserDto user) {
-    return addGlobalPermission(dbTester.getDefaultOrganization(), permission, user);
-  }
-
   private UserPermissionDto addGlobalPermission(OrganizationDto org, String permission, UserDto user) {
     UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), null);
     underTest.insert(dbSession, dto);
@@ -445,10 +439,6 @@ public class UserPermissionDaoTest {
     return dto;
   }
 
-  private UserPermissionDto addProjectPermissionOnDefaultOrganization(String permission, UserDto user, ComponentDto project) {
-    return addProjectPermission(dbTester.getDefaultOrganization(), permission, user, project);
-  }
-
   private UserPermissionDto addProjectPermission(OrganizationDto org, String permission, UserDto user, ComponentDto project) {
     UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId());
     underTest.insert(dbSession, dto);
diff --git a/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java b/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java
index 52cfd71a593..7190db6203a 100644
--- a/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/RoleDaoTest.java
@@ -32,7 +32,6 @@ import org.sonar.db.component.ComponentDbTester;
 import org.sonar.db.component.ComponentDto;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
 
 public class RoleDaoTest {
 
@@ -74,8 +73,8 @@ public class RoleDaoTest {
 
   @Test
   public void selectComponentIdsByPermissionAndUserId_group_permissions() {
-    GroupDto group1 = db.users().insertGroup(newGroupDto());
-    GroupDto group2 = db.users().insertGroup(newGroupDto());
+    GroupDto group1 = db.users().insertGroup();
+    GroupDto group2 = db.users().insertGroup();
     db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project1);
     db.users().insertMember(group1, user1);
     db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project2);
diff --git a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java
index ed11b06605e..b62e2b6e765 100644
--- a/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java
+++ b/sonar-db/src/test/java/org/sonar/db/user/UserDbTester.java
@@ -237,13 +237,6 @@ public class UserDbTester {
 
   // GROUP PERMISSIONS
 
-  /**
-   * Grant permission to virtual group "anyone" in default organization
-   */
-  public GroupPermissionDto insertPermissionOnAnyone(String permission) {
-    return insertPermissionOnAnyone(db.getDefaultOrganization(), permission);
-  }
-
   public GroupPermissionDto insertPermissionOnAnyone(OrganizationDto org, String permission) {
     GroupPermissionDto dto = new GroupPermissionDto()
       .setOrganizationUuid(org.getUuid())
@@ -269,10 +262,6 @@ public class UserDbTester {
     db.commit();
   }
 
-  public GroupPermissionDto insertProjectPermissionOnAnyone(String permission, ComponentDto project) {
-    return insertProjectPermissionOnAnyone(db.getDefaultOrganization(), permission, project);
-  }
-
   public GroupPermissionDto insertProjectPermissionOnAnyone(OrganizationDto org, String permission, ComponentDto project) {
     GroupPermissionDto dto = new GroupPermissionDto()
       .setOrganizationUuid(org.getUuid())
@@ -336,14 +325,7 @@ public class UserDbTester {
    * Grant permission on given project in default organization
    */
   public UserPermissionDto insertProjectPermissionOnUser(UserDto user, String permission, ComponentDto project) {
-    return insertProjectPermissionOnUser(db.getDefaultOrganization(), user, permission, project);
-  }
-
-  /**
-   * Grant permission on given project
-   */
-  public UserPermissionDto insertProjectPermissionOnUser(OrganizationDto org, UserDto user, String permission, ComponentDto project) {
-    UserPermissionDto dto = new UserPermissionDto(org.getUuid(), permission, user.getId(), project.getId());
+    UserPermissionDto dto = new UserPermissionDto(project.getOrganizationUuid(), permission, user.getId(), project.getId());
     db.getDbClient().userPermissionDao().insert(db.getSession(), dto);
     db.commit();
     return dto;
-- 
cgit v1.2.3