public static GroupId from(GroupDto dto) { return new GroupId(dto.getOrganizationUuid(), dto.getId()); } }
void checkGroupIsNotDefault(DbSession dbSession, GroupDto groupDto) { GroupDto defaultGroup = defaultGroupFinder.findDefaultGroup(dbSession, groupDto.getOrganizationUuid()); checkArgument(!defaultGroup.getId().equals(groupDto.getId()), "Default group '%s' cannot be used to perform this action", groupDto.getName()); }
private void checkNotTryingToDeleteLastAdminGroup(DbSession dbSession, GroupDto group) { int remaining = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroup(dbSession, group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId()); checkArgument(remaining > 0, "The last system admin group cannot be deleted"); }
private Collection<String> getGlobalPermissionsForGroup(GroupDto groupDto) { return getPermissions("organization_uuid = '" + groupDto.getOrganizationUuid() + "' and group_id = " + groupDto.getId() + " and resource_id is null"); }
/** * Ensure that there are still users with admin global permission if user is removed from the group. */ private void ensureLastAdminIsNotRemoved(DbSession dbSession, GroupDto group, UserDto user) { int remainingAdmins = dbClient.authorizationDao().countUsersWithGlobalPermissionExcludingGroupMember(dbSession, group.getOrganizationUuid(), OrganizationPermission.ADMINISTER.getKey(), group.getId(), user.getId()); checkRequest(remainingAdmins > 0, "The last administrator user cannot be removed"); }
@Test public void selectByName() { db.getDbClient().groupDao().insert(dbSession, aGroup); GroupDto group = underTest.selectByName(dbSession, AN_ORGANIZATION.getUuid(), aGroup.getName()).get(); assertThat(group.getId()).isNotNull(); assertThat(group.getOrganizationUuid()).isEqualTo(aGroup.getOrganizationUuid()); assertThat(group.getName()).isEqualTo(aGroup.getName()); assertThat(group.getDescription()).isEqualTo(aGroup.getDescription()); assertThat(group.getCreatedAt()).isEqualTo(new Date(NOW)); assertThat(group.getUpdatedAt()).isEqualTo(new Date(NOW)); }
private void addPermissionToGroup(DbSession dbSession, GroupDto group, OrganizationPermission permission) { dbClient.groupPermissionDao().insert( dbSession, new GroupPermissionDto() .setOrganizationUuid(group.getOrganizationUuid()) .setGroupId(group.getId()) .setRole(permission.getKey())); }
public List<String> selectGroupPermissions(GroupDto group, @Nullable ComponentDto project) { if (project == null) { return db.getDbClient().groupPermissionDao().selectGlobalPermissionsOfGroup(db.getSession(), group.getOrganizationUuid(), group.getId()); } return db.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(db.getSession(), group.getOrganizationUuid(), group.getId(), project.getId()); }
public GroupDto insertDefaultGroup(GroupDto dto) { String organizationUuid = dto.getOrganizationUuid(); db.getDbClient().organizationDao().getDefaultGroupId(db.getSession(), organizationUuid) .ifPresent(groupId -> { throw new IllegalArgumentException(format("Organization '%s' has already a default group", organizationUuid)); }); db.getDbClient().groupDao().insert(db.getSession(), dto); db.getDbClient().organizationDao().setDefaultGroupId(db.getSession(), organizationUuid, dto); db.commit(); return dto; }
public void deletePermissionFromGroup(GroupDto group, String permission) { db.getDbClient().groupPermissionDao().delete(db.getSession(), permission, group.getOrganizationUuid(), group.getId(), null); db.commit(); }
@Override public void handle(Request request, Response response) throws Exception { userSession.checkLoggedIn(); try (DbSession dbSession = dbClient.openSession(false)) { GroupDto group = support.findGroupDto(dbSession, request); userSession.checkPermission(OrganizationPermission.ADMINISTER, group.getOrganizationUuid()); support.checkGroupIsNotDefault(dbSession, group); String login = request.mandatoryParam(PARAM_LOGIN); UserDto user = getUser(dbSession, login); ensureLastAdminIsNotRemoved(dbSession, group, user); dbClient.userGroupDao().delete(dbSession, group.getId(), user.getId()); dbSession.commit(); response.noContent(); } }
@Test public void selectOrganizationUuidsOfUserWithGlobalPermission_returns_organizations_on_which_user_has_permission() { db.users().insertPermissionOnGroup(group1, SCAN); db.users().insertPermissionOnGroup(group2, QUALITY_GATE_ADMIN); db.users().insertMember(group1, user); db.users().insertMember(group2, user); Set<String> orgUuids = underTest.selectOrganizationUuidsOfUserWithGlobalPermission(dbSession, user.getId(), SCAN.getKey()); assertThat(orgUuids).containsExactly(group1.getOrganizationUuid()); }
public GroupPermissionDto insertPermissionOnGroup(GroupDto group, String permission) { GroupPermissionDto dto = new GroupPermissionDto() .setOrganizationUuid(group.getOrganizationUuid()) .setGroupId(group.getId()) .setRole(permission); db.getDbClient().groupPermissionDao().insert(db.getSession(), dto); db.commit(); return dto; }
@Test public void delete_global_permission_from_group_on_private_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPrivateProject(org); db.users().insertPermissionOnAnyone(org, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); underTest.delete(dbSession, "perm2", group1.getOrganizationUuid(), group1.getId(), null); dbSession.commit(); assertThatNoPermission("perm2"); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2); }
@Test public void delete_project_permission_from_group_on_private_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPrivateProject(org); db.users().insertPermissionOnAnyone(org, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); underTest.delete(dbSession, "perm3", group1.getOrganizationUuid(), group1.getId(), project1.getId()); dbSession.commit(); assertThatNoPermission("perm3"); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(2); }
private void unsafeInsertProjectPermissionOnGroup(ComponentDto component, GroupDto group, String permission) { GroupPermissionDto dto = new GroupPermissionDto() .setOrganizationUuid(group.getOrganizationUuid()) .setGroupId(group.getId()) .setRole(permission) .setResourceId(component.getId()); dbTester.getDbClient().groupPermissionDao().insert(dbTester.getSession(), dto); dbTester.commit(); }
@Test public void delete_global_permission_from_anyone_on_public_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPublicProject(org); db.users().insertPermissionOnAnyone(org, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); underTest.delete(dbSession, "perm1", group1.getOrganizationUuid(), null, null); dbSession.commit(); assertThatNoPermission("perm1"); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3); }
@Test public void delete_project_permission_from_group_on_public_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPublicProject(org); db.users().insertPermissionOnAnyone(org, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); underTest.delete(dbSession, "perm3", group1.getOrganizationUuid(), group1.getId(), project1.getId()); dbSession.commit(); assertThatNoPermission("perm3"); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3); }
@Test public void delete_global_permission_from_group_on_public_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPublicProject(org); db.users().insertPermissionOnAnyone(org, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); underTest.delete(dbSession, "perm2", group1.getOrganizationUuid(), group1.getId(), null); dbSession.commit(); assertThatNoPermission("perm2"); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3); }
@Test public void delete_project_permission_from_anybody_on_private_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPublicProject(org); db.users().insertPermissionOnAnyone(org, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); underTest.delete(dbSession, "perm4", group1.getOrganizationUuid(), null, project1.getId()); dbSession.commit(); assertThatNoPermission("perm4"); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3); }