]> source.dussan.org Git - sonarqube.git/blob
1011572417e451bcd1dfc2a830d95e80a2c676d2
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2017 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.permission.ws.template;
21
22 import java.util.List;
23 import org.junit.Before;
24 import org.junit.Test;
25 import org.sonar.api.server.ws.WebService.Param;
26 import org.sonar.api.web.UserRole;
27 import org.sonar.db.component.ComponentDto;
28 import org.sonar.db.component.ComponentTesting;
29 import org.sonar.db.organization.OrganizationDto;
30 import org.sonar.db.permission.PermissionQuery;
31 import org.sonar.db.permission.template.PermissionTemplateDto;
32 import org.sonar.db.user.GroupDto;
33 import org.sonar.db.user.UserDto;
34 import org.sonar.server.exceptions.BadRequestException;
35 import org.sonar.server.exceptions.NotFoundException;
36 import org.sonar.server.i18n.I18nRule;
37 import org.sonar.server.permission.PermissionTemplateService;
38 import org.sonar.server.permission.index.PermissionIndexer;
39 import org.sonar.server.permission.ws.BasePermissionWsTest;
40
41 import static org.assertj.core.api.Assertions.assertThat;
42 import static org.mockito.Mockito.mock;
43 import static org.sonar.db.component.ComponentTesting.newView;
44 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
45 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
46 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
47 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
48
49 public class BulkApplyTemplateActionTest extends BasePermissionWsTest<BulkApplyTemplateAction> {
50
51   @org.junit.Rule
52   public DefaultTemplatesResolverRule defaultTemplatesResolver = DefaultTemplatesResolverRule.withoutGovernance();
53
54   private UserDto user1;
55   private UserDto user2;
56   private GroupDto group1;
57   private GroupDto group2;
58   private OrganizationDto organization;
59   private PermissionTemplateDto template1;
60   private PermissionTemplateDto template2;
61   private PermissionIndexer issuePermissionIndexer = mock(PermissionIndexer.class);
62
63   @Override
64   protected BulkApplyTemplateAction buildWsAction() {
65     PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(),
66       issuePermissionIndexer, userSession, defaultTemplatesResolver);
67     return new BulkApplyTemplateAction(db.getDbClient(), userSession, permissionTemplateService, newPermissionWsSupport(), new I18nRule(), newRootResourceTypes());
68   }
69
70   @Before
71   public void setUp() {
72     organization = db.organizations().insert();
73
74     user1 = db.users().insertUser();
75     user2 = db.users().insertUser();
76     group1 = db.users().insertGroup(organization);
77     group2 = db.users().insertGroup(organization);
78
79     db.organizations().addMember(organization, user1);
80     db.organizations().addMember(organization, user2);
81
82     // template 1 for org 1
83     template1 = db.permissionTemplates().insertTemplate(organization);
84     addUserToTemplate(user1, template1, UserRole.CODEVIEWER);
85     addUserToTemplate(user2, template1, UserRole.ISSUE_ADMIN);
86     addGroupToTemplate(group1, template1, UserRole.ADMIN);
87     addGroupToTemplate(group2, template1, UserRole.USER);
88     // template 2
89     template2 = db.permissionTemplates().insertTemplate(organization);
90     addUserToTemplate(user1, template2, UserRole.USER);
91     addUserToTemplate(user2, template2, UserRole.USER);
92     addGroupToTemplate(group1, template2, UserRole.USER);
93     addGroupToTemplate(group2, template2, UserRole.USER);
94   }
95
96   @Test
97   public void bulk_apply_template_by_template_uuid() throws Exception {
98     // this project should not be applied the template
99     OrganizationDto otherOrganization = db.organizations().insert();
100     db.components().insertPrivateProject(otherOrganization);
101
102     ComponentDto privateProject = db.components().insertPrivateProject(organization);
103     ComponentDto publicProject = db.components().insertPublicProject(organization);
104     ComponentDto view = db.components().insertView(organization);
105     loginAsAdmin(organization);
106
107     newRequest().setParam(PARAM_TEMPLATE_ID, template1.getUuid()).execute();
108
109     assertTemplate1AppliedToPrivateProject(privateProject);
110     assertTemplate1AppliedToPublicProject(publicProject);
111     assertTemplate1AppliedToPublicProject(view);
112   }
113
114   @Test
115   public void request_throws_NotFoundException_if_template_with_specified_name_does_not_exist_in_specified_organization() throws Exception {
116     OrganizationDto otherOrganization = db.organizations().insert();
117     loginAsAdmin(otherOrganization);
118
119     expectedException.expect(NotFoundException.class);
120     expectedException.expectMessage("Permission template with name '" + template1.getName()
121       + "' is not found (case insensitive) in organization with key '" + otherOrganization.getKey() + "'");
122
123     newRequest()
124       .setParam(PARAM_ORGANIZATION, otherOrganization.getKey())
125       .setParam(PARAM_TEMPLATE_NAME, template1.getName())
126       .execute();
127   }
128
129   @Test
130   public void bulk_apply_template_by_template_name() throws Exception {
131     ComponentDto privateProject = db.components().insertPrivateProject(organization);
132     ComponentDto publicProject = db.components().insertPublicProject(organization);
133     loginAsAdmin(organization);
134
135     newRequest()
136       .setParam(PARAM_ORGANIZATION, organization.getKey())
137       .setParam(PARAM_TEMPLATE_NAME, template1.getName())
138       .execute();
139
140     assertTemplate1AppliedToPrivateProject(privateProject);
141     assertTemplate1AppliedToPublicProject(publicProject);
142   }
143
144   @Test
145   public void apply_template_by_qualifier() throws Exception {
146     ComponentDto publicProject = db.components().insertPublicProject(organization);
147     ComponentDto privateProject = db.components().insertPrivateProject(organization);
148     ComponentDto view = db.components().insertComponent(newView(organization));
149     loginAsAdmin(organization);
150
151     newRequest()
152       .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
153       .setParam(PARAM_QUALIFIER, privateProject.qualifier()).execute();
154
155     assertTemplate1AppliedToPrivateProject(privateProject);
156     assertTemplate1AppliedToPublicProject(publicProject);
157     assertNoPermissionOnProject(view);
158   }
159
160   @Test
161   public void apply_template_by_query_on_name_and_key_public_project() throws Exception {
162     ComponentDto publicProjectFoundByKey = ComponentTesting.newPublicProjectDto(organization).setKey("sonar");
163     db.components().insertProjectAndSnapshot(publicProjectFoundByKey);
164     ComponentDto publicProjectFoundByName = ComponentTesting.newPublicProjectDto(organization).setName("name-sonar-name");
165     db.components().insertProjectAndSnapshot(publicProjectFoundByName);
166     // match must be exact on key
167     ComponentDto projectUntouched = ComponentTesting.newPublicProjectDto(organization).setKey("new-sonar").setName("project-name");
168     db.components().insertProjectAndSnapshot(projectUntouched);
169     loginAsAdmin(organization);
170
171     newRequest()
172       .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
173       .setParam(Param.TEXT_QUERY, "sonar")
174       .execute();
175
176     assertTemplate1AppliedToPublicProject(publicProjectFoundByKey);
177     assertTemplate1AppliedToPublicProject(publicProjectFoundByName);
178     assertNoPermissionOnProject(projectUntouched);
179   }
180
181   @Test
182   public void apply_template_by_query_on_name_and_key() throws Exception {
183     ComponentDto privateProjectFoundByKey = ComponentTesting.newPrivateProjectDto(organization).setKey("sonar");
184     db.components().insertProjectAndSnapshot(privateProjectFoundByKey);
185     ComponentDto privateProjectFoundByName = ComponentTesting.newPrivateProjectDto(organization).setName("name-sonar-name");
186     db.components().insertProjectAndSnapshot(privateProjectFoundByName);
187     // match must be exact on key
188     ComponentDto projectUntouched = ComponentTesting.newPublicProjectDto(organization).setKey("new-sonar").setName("project-name");
189     db.components().insertProjectAndSnapshot(projectUntouched);
190     loginAsAdmin(organization);
191
192     newRequest()
193       .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
194       .setParam(Param.TEXT_QUERY, "sonar")
195       .execute();
196
197     assertTemplate1AppliedToPrivateProject(privateProjectFoundByKey);
198     assertTemplate1AppliedToPrivateProject(privateProjectFoundByName);
199     assertNoPermissionOnProject(projectUntouched);
200   }
201
202   @Test
203   public void fail_if_no_template_parameter() throws Exception {
204     loginAsAdmin(db.getDefaultOrganization());
205
206     expectedException.expect(BadRequestException.class);
207     expectedException.expectMessage("Template name or template id must be provided, not both.");
208
209     newRequest().execute();
210   }
211
212   @Test
213   public void fail_if_template_name_is_incorrect() throws Exception {
214     loginAsAdmin(db.getDefaultOrganization());
215
216     expectedException.expect(NotFoundException.class);
217     expectedException.expectMessage("Permission template with id 'unknown-template-uuid' is not found");
218
219     newRequest().setParam(PARAM_TEMPLATE_ID, "unknown-template-uuid").execute();
220   }
221
222   private void assertTemplate1AppliedToPublicProject(ComponentDto project) throws Exception {
223     assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName());
224     assertThat(selectProjectPermissionGroups(project, UserRole.USER)).isEmpty();
225     assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty();
226     assertThat(selectProjectPermissionUsers(project, UserRole.CODEVIEWER)).isEmpty();
227     assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getId());
228   }
229
230   private void assertTemplate1AppliedToPrivateProject(ComponentDto project) throws Exception {
231     assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName());
232     assertThat(selectProjectPermissionGroups(project, UserRole.USER)).containsExactly(group2.getName());
233     assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty();
234     assertThat(selectProjectPermissionUsers(project, UserRole.CODEVIEWER)).containsExactly(user1.getId());
235     assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getId());
236   }
237
238   private void assertNoPermissionOnProject(ComponentDto project) throws Exception {
239     assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).isEmpty();
240     assertThat(selectProjectPermissionGroups(project, UserRole.CODEVIEWER)).isEmpty();
241     assertThat(selectProjectPermissionGroups(project, UserRole.ISSUE_ADMIN)).isEmpty();
242     assertThat(selectProjectPermissionGroups(project, UserRole.USER)).isEmpty();
243     assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty();
244     assertThat(selectProjectPermissionUsers(project, UserRole.CODEVIEWER)).isEmpty();
245     assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).isEmpty();
246     assertThat(selectProjectPermissionUsers(project, UserRole.USER)).isEmpty();
247   }
248
249   private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) {
250     db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), permissionTemplate.getId(), user.getId(), permission);
251     db.commit();
252   }
253
254   private void addGroupToTemplate(GroupDto group, PermissionTemplateDto permissionTemplate, String permission) {
255     db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplate.getId(), group.getId(), permission);
256     db.commit();
257   }
258
259   private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) {
260     PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(project.getOrganizationUuid()).setPermission(permission).setComponentUuid(project.uuid()).build();
261     return db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(db.getSession(), query);
262   }
263
264   private List<Integer> selectProjectPermissionUsers(ComponentDto project, String permission) {
265     PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(project.getOrganizationUuid()).setPermission(permission).setComponentUuid(project.uuid()).build();
266     return db.getDbClient().userPermissionDao().selectUserIdsByQuery(db.getSession(), query);
267   }
268 }