public UserDto insertAdminByUserPermission(OrganizationDto org) { UserDto user = insertUser(); insertPermissionOnUser(org, user, ADMINISTER); return user; }
/** * Grant permission on default organization */ public UserPermissionDto insertPermissionOnUser(UserDto user, OrganizationPermission permission) { return insertPermissionOnUser(db.getDefaultOrganization(), user, permission); }
@Test public void selectOrganizationUuidsOfUserWithGlobalPermission_returns_empty_set_if_user_does_not_exist() { // another user db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES); Set<String> orgUuids = underTest.selectOrganizationUuidsOfUserWithGlobalPermission(dbSession, MISSING_ID, SYSTEM_ADMIN); assertThat(orgUuids).isEmpty(); }
private void addAdmin(OrganizationDto org) { UserDto admin = db.users().insertUser(); db.users().insertPermissionOnUser(org, admin, SYSTEM_ADMIN); }
@Test public void send_email_to_quality_profile_administrator() { UserDto profileAdmin = dbTester.users().insertUser(); dbTester.users().insertPermissionOnUser(profileAdmin, OrganizationPermission.ADMINISTER_QUALITY_PROFILES); underTest.dispatch(mock(Notification.class), context); verify(context).addUser(profileAdmin.getLogin(), channel); }
@Test public void isSystemAdministrator_returns_true_if_org_feature_is_disabled_and_user_is_administrator_of_default_organization() { organizationFlags.setEnabled(false); UserDto user = db.users().insertUser(); db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN); UserSession session = newUserSession(user); assertThat(session.isSystemAdministrator()).isTrue(); }
@Test public void isSystemAdministrator_returns_false_if_org_feature_is_enabled_and_user_is_administrator_of_default_organization() { organizationFlags.setEnabled(true); UserDto user = db.users().insertUser(); db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, SYSTEM_ADMIN); UserSession session = newUserSession(user); assertThat(session.isSystemAdministrator()).isFalse(); }
@Test public void isSystemAdministrator_returns_false_if_org_feature_is_disabled_and_user_is_not_administrator_of_default_organization() { organizationFlags.setEnabled(true); UserDto user = db.users().insertUser(); db.users().insertPermissionOnUser(db.getDefaultOrganization(), user, PROVISIONING); UserSession session = newUserSession(user); assertThat(session.isSystemAdministrator()).isFalse(); }
@Test public void test_hasPermission_on_organization_for_logged_in_user() { OrganizationDto org = db.organizations().insert(); ComponentDto project = db.components().insertPrivateProject(org); UserDto user = db.users().insertUser(); db.users().insertPermissionOnUser(org, user, PROVISION_PROJECTS); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); UserSession session = newUserSession(user); assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue(); assertThat(session.hasPermission(ADMINISTER, org.getUuid())).isFalse(); assertThat(session.hasPermission(PROVISION_PROJECTS, "another-org")).isFalse(); }
@Test public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_exist() { OrganizationDto organization = db.organizations().insert(); UserDto user = insertUser(organization); db.users().insertPermissionOnUser(organization, user, SCAN); int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, 124L, SCAN.getKey()); assertThat(deletedCount).isEqualTo(0); assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid())).containsOnly(SCAN.getKey()); }
@Test public void remove_permission_from_user() { db.users().insertPermissionOnUser(user, PROVISION_PROJECTS); db.users().insertPermissionOnUser(user, ADMINISTER_QUALITY_GATES); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PERMISSION, QUALITY_GATE_ADMIN) .execute(); assertThat(db.users().selectPermissionsOfUser(user, db.getDefaultOrganization())).containsOnly(PROVISION_PROJECTS); }
@Test public void do_nothing_when_adding_global_permission_that_already_exists() { db.users().insertPermissionOnUser(org1, user1, ADMINISTER_QUALITY_GATES); UserPermissionChange change = new UserPermissionChange(ADD, org1.getUuid(), QUALITY_GATE_ADMIN, null, UserId.from(user1), permissionService); apply(change); assertThat(db.users().selectPermissionsOfUser(user1, org1)).containsOnly(ADMINISTER_QUALITY_GATES); }
@Test public void selectQualityProfileAdministratorLogins_return_users_with_quality_profile_administrator_permission() { OrganizationDto organization1 = db.organizations().insert(); UserDto user1 = db.users().insertUser(); db.users().insertPermissionOnUser(organization1, user1, ADMINISTER_QUALITY_PROFILES); OrganizationDto organization2 = db.organizations().insert(); UserDto user2 = db.users().insertUser(); db.users().insertPermissionOnUser(organization2, user2, ADMINISTER_QUALITY_PROFILES); List<String> logins = underTest.selectQualityProfileAdministratorLogins(dbSession); assertThat(logins).containsExactlyInAnyOrder(user1.getLogin(), user2.getLogin()); }
/** * Anonymous user only benefits from the permissions granted to * "Anyone" */ @Test public void selectOrganizationPermissions_for_anonymous_user() { db.users().insertPermissionOnAnyone(organization, "perm1"); // ignored permissions db.users().insertPermissionOnUser(organization, user, "ignored"); db.users().insertPermissionOnGroup(group1, "ignored"); Set<String> permissions = underTest.selectOrganizationPermissionsOfAnonymous(dbSession, organization.getUuid()); assertThat(permissions).containsOnly("perm1"); }
private void insertUsersHavingGlobalPermissions() { UserDto user1 = db.users().insertUser(newUserDto("login-1", "name-1", "email-1")); db.organizations().addMember(db.getDefaultOrganization(), user1); UserDto user2 = db.users().insertUser(newUserDto("login-2", "name-2", "email-2")); db.organizations().addMember(db.getDefaultOrganization(), user2); UserDto user3 = db.users().insertUser(newUserDto("login-3", "name-3", "email-3")); db.organizations().addMember(db.getDefaultOrganization(), user3); db.users().insertPermissionOnUser(user1, SCAN); db.users().insertPermissionOnUser(user2, SCAN); db.users().insertPermissionOnUser(user3, ADMINISTER); }
@Test public void deleteProjectPermissionOfAnyUser_has_no_effect_if_specified_component_does_not_have_specified_permission() { OrganizationDto organization = db.organizations().insert(); UserDto user = insertUser(organization); db.users().insertPermissionOnUser(organization, user, SCAN); ComponentDto project = randomPublicOrPrivateProject(organization); db.users().insertProjectPermissionOnUser(user, SCAN.getKey(), project); int deletedCount = underTest.deleteProjectPermissionOfAnyUser(dbSession, project.getId(), "p1"); assertThat(deletedCount).isEqualTo(0); assertThat(underTest.selectGlobalPermissionsOfUser(dbSession, user.getId(), organization.getUuid())).containsOnly(SCAN.getKey()); assertThat(underTest.selectProjectPermissionsOfUser(dbSession, user.getId(), project.getId())).containsOnly(SCAN.getKey()); }
@Test public void remove_admin_user_if_still_other_admins() { db.users().insertPermissionOnUser(org1, user1, ADMINISTER); GroupDto admins = db.users().insertGroup(org1, "admins"); db.users().insertMember(admins, user2); db.users().insertPermissionOnGroup(admins, ADMINISTER); UserPermissionChange change = new UserPermissionChange(REMOVE, org1.getUuid(), ADMINISTER.getKey(), null, UserId.from(user1), permissionService); underTest.apply(db.getSession(), change); assertThat(db.users().selectPermissionsOfUser(user1, org1)).isEmpty(); }
@Test public void fail_to_remove_admin_global_permission_if_no_more_admins() { db.users().insertPermissionOnUser(org1, user1, SYSTEM_ADMIN); expectedException.expect(BadRequestException.class); expectedException.expectMessage("Last user with permission 'admin'. Permission cannot be removed."); UserPermissionChange change = new UserPermissionChange(REMOVE, org1.getUuid(), SYSTEM_ADMIN, null, UserId.from(user1), permissionService); underTest.apply(db.getSession(), change); }
@Test public void checkPermission_succeeds_when_user_has_the_specified_permission_on_organization() { OrganizationDto org = db.organizations().insert(); UserDto root = db.users().insertUser(); root = db.users().makeRoot(root); db.users().insertPermissionOnUser(org, root, PROVISIONING); newUserSession(root).checkPermission(PROVISION_PROJECTS, org); }
@Test public void fail_to_remove_admin_permission_if_last_admin() { db.users().insertPermissionOnUser(user, ADMINISTER); loginAsAdmin(db.getDefaultOrganization()); expectedException.expect(BadRequestException.class); expectedException.expectMessage("Last user with permission 'admin'. Permission cannot be removed."); newRequest() .setParam(PARAM_USER_LOGIN, user.getLogin()) .setParam(PARAM_PERMISSION, ADMIN) .execute(); }