private void checkOtherAdminsExist(DbSession dbSession, UserPermissionChange change) { if (SYSTEM_ADMIN.equals(change.getPermission()) && !change.getProjectId().isPresent()) { int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUserPermission(dbSession, change.getOrganizationUuid(), change.getPermission(), change.getUserId().getId()); checkRequest(remaining > 0, "Last user with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); } } }
@Test public void countUsersWithGlobalPermissionExcludingUserPermission() { // u1 and u2 have the direct permission, u3 has the permission through his group UserDto u1 = db.users().insertUser(); db.users().insertPermissionOnUser(organization, u1, A_PERMISSION); UserDto u2 = db.users().insertUser(); db.users().insertPermissionOnUser(organization, u2, A_PERMISSION); db.users().insertPermissionOnGroup(group1, A_PERMISSION); UserDto u3 = db.users().insertUser(); db.users().insertMember(group1, u3); // excluding u2 permission --> remain u1 and u3 int count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, organization.getUuid(), A_PERMISSION, u2.getId()); assertThat(count).isEqualTo(2); // excluding unknown user count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, organization.getUuid(), A_PERMISSION, MISSING_ID); assertThat(count).isEqualTo(3); // another organization count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, DOES_NOT_EXIST, A_PERMISSION, u2.getId()); assertThat(count).isEqualTo(0); // another permission count = underTest.countUsersWithGlobalPermissionExcludingUserPermission(dbSession, organization.getUuid(), DOES_NOT_EXIST, u2.getId()); assertThat(count).isEqualTo(0); }
private void checkOtherAdminsExist(DbSession dbSession, UserPermissionChange change) { if (SYSTEM_ADMIN.equals(change.getPermission()) && !change.getProjectId().isPresent()) { int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingUserPermission(dbSession, change.getOrganizationUuid(), change.getPermission(), change.getUserId().getId()); checkRequest(remaining > 0, "Last user with permission '%s'. Permission cannot be removed.", SYSTEM_ADMIN); } } }