3 * Copyright (C) 2009-2023 SonarSource SA
4 * mailto:info AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.permission.ws.template;
22 import java.util.List;
23 import javax.annotation.Nullable;
24 import org.junit.Before;
25 import org.junit.Test;
26 import org.sonar.api.resources.Qualifiers;
27 import org.sonar.api.resources.ResourceTypes;
28 import org.sonar.core.permission.GlobalPermissions;
29 import org.sonar.db.component.ResourceTypesRule;
30 import org.sonar.db.permission.PermissionQuery;
31 import org.sonar.db.permission.template.PermissionTemplateDto;
32 import org.sonar.db.user.UserDto;
33 import org.sonar.server.exceptions.BadRequestException;
34 import org.sonar.server.exceptions.ForbiddenException;
35 import org.sonar.server.exceptions.NotFoundException;
36 import org.sonar.server.exceptions.UnauthorizedException;
37 import org.sonar.server.permission.PermissionService;
38 import org.sonar.server.permission.PermissionServiceImpl;
39 import org.sonar.server.permission.RequestValidator;
40 import org.sonar.server.permission.ws.BasePermissionWsTest;
41 import org.sonar.server.permission.ws.WsParameters;
42 import org.sonar.server.ws.TestRequest;
44 import static org.assertj.core.api.Assertions.assertThat;
45 import static org.assertj.core.api.Assertions.assertThatThrownBy;
46 import static org.sonar.api.web.UserRole.CODEVIEWER;
47 import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
48 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
49 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
50 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
51 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
53 public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<RemoveUserFromTemplateAction> {
55 private static final String DEFAULT_PERMISSION = CODEVIEWER;
58 private PermissionTemplateDto template;
59 private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
60 private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
61 private WsParameters wsParameters = new WsParameters(permissionService);
62 private RequestValidator requestValidator = new RequestValidator(permissionService);
65 protected RemoveUserFromTemplateAction buildWsAction() {
66 return new RemoveUserFromTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession, wsParameters, requestValidator);
71 user = db.users().insertUser("user-login");
72 template = db.permissionTemplates().insertTemplate();
73 addUserToTemplate(user, template, DEFAULT_PERMISSION);
77 public void remove_user_from_template() {
79 newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
81 assertThat(getLoginsInTemplateAndPermission(template, DEFAULT_PERMISSION)).isEmpty();
85 public void remove_user_from_template_by_name_case_insensitive() {
88 .setParam(PARAM_USER_LOGIN, user.getLogin())
89 .setParam(PARAM_PERMISSION, DEFAULT_PERMISSION)
90 .setParam(PARAM_TEMPLATE_NAME, template.getName().toUpperCase())
93 assertThat(getLoginsInTemplateAndPermission(template, DEFAULT_PERMISSION)).isEmpty();
97 public void remove_user_from_template_twice_without_failing() {
99 newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
100 newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
102 assertThat(getLoginsInTemplateAndPermission(template, DEFAULT_PERMISSION)).isEmpty();
106 public void keep_user_permission_not_removed() {
107 addUserToTemplate(user, template, ISSUE_ADMIN);
110 newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
112 assertThat(getLoginsInTemplateAndPermission(template, DEFAULT_PERMISSION)).isEmpty();
113 assertThat(getLoginsInTemplateAndPermission(template, ISSUE_ADMIN)).containsExactly(user.getLogin());
117 public void keep_other_users_when_one_user_removed() {
118 UserDto newUser = db.users().insertUser("new-login");
119 addUserToTemplate(newUser, template, DEFAULT_PERMISSION);
122 newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
124 assertThat(getLoginsInTemplateAndPermission(template, DEFAULT_PERMISSION)).containsExactly("new-login");
128 public void fail_if_not_a_project_permission() {
131 assertThatThrownBy(() -> {
132 newRequest(user.getLogin(), template.getUuid(), GlobalPermissions.PROVISIONING);
134 .isInstanceOf(IllegalArgumentException.class);
138 public void fail_if_insufficient_privileges() {
141 assertThatThrownBy(() -> {
142 newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
144 .isInstanceOf(ForbiddenException.class);
148 public void fail_if_not_logged_in() {
149 userSession.anonymous();
151 assertThatThrownBy(() -> {
152 newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
154 .isInstanceOf(UnauthorizedException.class);
158 public void fail_if_user_missing() {
161 assertThatThrownBy(() -> {
162 newRequest(null, template.getUuid(), DEFAULT_PERMISSION);
164 .isInstanceOf(IllegalArgumentException.class);
168 public void fail_if_permission_missing() {
171 assertThatThrownBy(() -> {
172 newRequest(user.getLogin(), template.getUuid(), null);
174 .isInstanceOf(IllegalArgumentException.class);
178 public void fail_if_template_missing() {
181 assertThatThrownBy(() -> {
182 newRequest(user.getLogin(), null, DEFAULT_PERMISSION);
184 .isInstanceOf(BadRequestException.class);
188 public void fail_if_user_does_not_exist() {
191 assertThatThrownBy(() -> newRequest("unknown-login", template.getUuid(), DEFAULT_PERMISSION))
192 .isInstanceOf(NotFoundException.class)
193 .hasMessageContaining("User with login 'unknown-login' is not found");
197 public void fail_if_template_key_does_not_exist() {
200 assertThatThrownBy(() -> {
201 newRequest(user.getLogin(), "unknown-key", DEFAULT_PERMISSION);
203 .isInstanceOf(NotFoundException.class)
204 .hasMessage("Permission template with id 'unknown-key' is not found");
207 private void newRequest(@Nullable String userLogin, @Nullable String templateKey, @Nullable String permission) {
208 TestRequest request = newRequest();
209 if (userLogin != null) {
210 request.setParam(PARAM_USER_LOGIN, userLogin);
212 if (templateKey != null) {
213 request.setParam(PARAM_TEMPLATE_ID, templateKey);
215 if (permission != null) {
216 request.setParam(PARAM_PERMISSION, permission);
222 private List<String> getLoginsInTemplateAndPermission(PermissionTemplateDto template, String permission) {
223 PermissionQuery permissionQuery = PermissionQuery.builder().setPermission(permission).build();
224 return db.getDbClient().permissionTemplateDao()
225 .selectUserLoginsByQueryAndTemplate(db.getSession(), permissionQuery, template.getUuid());
228 private void addUserToTemplate(UserDto user, PermissionTemplateDto template, String permission) {
229 db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), template.getUuid(), user.getUuid(), permission,
230 template.getName(), user.getLogin());
projects / sonarqube.git / blob