chore(team-org-roles): remove usage of hybrid cloud helpers (#65831)

getsentry · Feb 26, 2024 · a73e250 · a73e250
1 parent 36bcc22
commit a73e250
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 64 deletions.
diff --git a/src/sentry/services/hybrid_cloud/access/impl.py b/src/sentry/services/hybrid_cloud/access/impl.py
@@ -1,5 +1,3 @@
-from django.db.models import Q
-
 from sentry import roles
 from sentry.models.authidentity import AuthIdentity
 from sentry.models.authidentityreplica import AuthIdentityReplica
@@ -85,21 +83,20 @@ def can_override_sso_as_owner(
         """If an owner is trying to gain access, allow bypassing SSO if there are no
         other owners with SSO enabled.
         """
+        # get member role
+        try:
+            member_role = OrganizationMemberMapping.objects.get(
+                organizationmember_id=member.id, organization_id=member.organization_id
+            ).role
+        except OrganizationMemberMapping.DoesNotExist:
+            return False
 
-        # Get more org role related data into control to reduce this inter silo rpc stuff....
-        org_roles = self.get_all_org_roles(
-            member_id=member.id, organization_id=member.organization_id
-        )
-        if roles.get_top_dog().id not in org_roles:
+        if member_role != roles.get_top_dog().id:
             return False
 
-        all_top_dogs_from_teams = self.get_top_dog_team_member_ids(
-            organization_id=member.organization_id
-        )
         user_ids = (
             OrganizationMemberMapping.objects.filter(
-                Q(organizationmember_id__in=all_top_dogs_from_teams)
-                | Q(role=roles.get_top_dog().id),
+                role=roles.get_top_dog().id,
                 organization_id=member.organization_id,
                 user__is_active=True,
             )
@@ -160,18 +157,20 @@ def get_auth_identity_for_user(
     def can_override_sso_as_owner(
         self, auth_provider: RpcAuthProvider, member: RpcOrganizationMemberSummary
     ) -> bool:
-        org_roles = self.get_all_org_roles(
-            member_id=member.id, organization_id=member.organization_id
-        )
-        if roles.get_top_dog().id not in org_roles:
+        # get member role
+        try:
+            member_role = OrganizationMember.objects.get(
+                id=member.id, organization_id=member.organization_id
+            ).role
+        except OrganizationMember.DoesNotExist:
+            return False
+
+        if member_role != roles.get_top_dog().id:
             return False
 
-        all_top_dogs_from_teams = self.get_top_dog_team_member_ids(
-            organization_id=member.organization_id
-        )
         user_ids = (
             OrganizationMember.objects.filter(
-                Q(id__in=all_top_dogs_from_teams) | Q(role=roles.get_top_dog().id),
+                role=roles.get_top_dog().id,
                 organization_id=member.organization_id,
                 user_is_active=True,
             )

diff --git a/tests/sentry/hybridcloud/test_organization.py b/tests/sentry/hybridcloud/test_organization.py
@@ -1,5 +1,5 @@
 import itertools
-from collections.abc import Callable, Sequence
+from collections.abc import Callable
 from typing import Any
 
 import pytest
@@ -10,7 +10,6 @@
 from sentry.models.project import Project
 from sentry.models.team import Team, TeamStatus
 from sentry.models.user import User
-from sentry.services.hybrid_cloud.access.service import access_service
 from sentry.services.hybrid_cloud.organization import (
     RpcOrganization,
     RpcOrganizationMember,
@@ -58,24 +57,10 @@ def basic_filled_out_org() -> tuple[Organization, list[User]]:
     return org, [owner, other_user]
 
 
-def org_with_owner_team() -> tuple[Organization, Sequence[User]]:
-    org, users = basic_filled_out_org()
-    other_user = Factories.create_user()
-    users.append(other_user)
-    Factories.create_team(org, members=[users[1], other_user], org_role="owner")
-    Factories.create_team(org, members=[users[1]], org_role="manager")
-
-    return org, users
-
-
 def parameterize_with_orgs(f: Callable):
     return pytest.mark.parametrize("org_factory", [pytest.param(basic_filled_out_org)])(f)
 
 
-def parameterize_with_orgs_with_owner_team(f: Callable):
-    return pytest.mark.parametrize("org_factory", [pytest.param(org_with_owner_team)])(f)
-
-
 def find_ordering(list_of_things: list[Any], e: Any) -> int:
     try:
         return list_of_things.index(e)
@@ -238,34 +223,6 @@ def test_idempotency(org_factory: Callable[[], tuple[Organization, list[User]]])
             assert_organization_member_equals(OrganizationMember.objects.get(id=member.id), member)
 
 
-@django_db_all(transaction=True)
-@all_silo_test
-@parameterize_with_orgs_with_owner_team
-def test_get_all_org_roles(org_factory: Callable[[], tuple[Organization, list[User]]]):
-    _, orm_users = org_factory()
-    with assume_test_silo_mode(SiloMode.REGION):
-        member = OrganizationMember.objects.get(user_id=orm_users[1].id)
-
-    all_org_roles = ["owner", "member", "manager"]
-    service_org_roles = access_service.get_all_org_roles(
-        organization_id=member.organization_id, member_id=member.id
-    )
-    assert set(all_org_roles) == set(service_org_roles)
-
-
-@django_db_all(transaction=True)
-@all_silo_test
-@parameterize_with_orgs_with_owner_team
-def test_get_top_dog_team_member_ids(org_factory: Callable[[], tuple[Organization, list[User]]]):
-    orm_org, orm_users = org_factory()
-    with assume_test_silo_mode(SiloMode.REGION):
-        members = [OrganizationMember.objects.get(user_id=user.id) for user in orm_users]
-
-    all_top_dogs = [members[1].id, members[2].id]
-    service_top_dogs = access_service.get_top_dog_team_member_ids(organization_id=orm_org.id)
-    assert set(all_top_dogs) == set(service_top_dogs)
-
-
 @django_db_all(transaction=True)
 @all_silo_test
 def test_options():