private void checkNotTryingToDeleteLastAdminGroup(DbSession dbSession, GroupDto group) { int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId()); checkArgument(remaining > 0, "The last system admin group cannot be deleted"); }
private void checkIfRemainingGlobalAdministrators(DbSession dbSession, GroupPermissionChange change) { if (SYSTEM_ADMIN.equals(change.getPermission()) && !change.getGroupIdOrAnyone().isAnyone() && !change.getProjectId().isPresent()) { // removing global admin permission from group int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, change.getOrganizationUuid(), SYSTEM_ADMIN, change.getGroupIdOrAnyone().getId()); checkRequest(remaining > 0, "Last group with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); } }
assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(), organization.getUuid(), "perm1", group1.getId())).isEqualTo(3); assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(), organization.getUuid(), "perm1", group2.getId())).isEqualTo(3); assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(), organization.getUuid(), "perm1", group3.getId())).isEqualTo(4); assertThat(underTest.countUsersWithGlobalPermissionExcludingGroup(db.getSession(), organization.getUuid(), "missingPermission", group1.getId())).isEqualTo(0);
private void checkNotTryingToDeleteLastAdminGroup(DbSession dbSession, GroupDto group) { int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId()); checkArgument(remaining > 0, "The last system admin group cannot be deleted"); }
private void checkIfRemainingGlobalAdministrators(DbSession dbSession, GroupPermissionChange change) { if (SYSTEM_ADMIN.equals(change.getPermission()) && !change.getGroupIdOrAnyone().isAnyone() && !change.getProjectId().isPresent()) { // removing global admin permission from group int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, change.getOrganizationUuid(), SYSTEM_ADMIN, change.getGroupIdOrAnyone().getId()); checkRequest(remaining > 0, "Last group with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); } }