source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube, open source software quality management tool.
   3  * Copyright (C) 2008-2014 SonarSource
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * SonarQube is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * SonarQube is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20
  21 package org.sonar.server.permission;
  22
  23 import com.google.common.collect.Maps;
  24 import org.junit.After;
  25 import org.junit.Before;
  26 import org.junit.ClassRule;
  27 import org.junit.Test;
  28 import org.sonar.api.web.UserRole;
  29 import org.sonar.core.component.ComponentDto;
  30 import org.sonar.core.persistence.DbSession;
  31 import org.sonar.core.user.GroupDto;
  32 import org.sonar.core.user.RoleDao;
  33 import org.sonar.core.user.UserDto;
  34 import org.sonar.server.component.ComponentTesting;
  35 import org.sonar.server.db.DbClient;
  36 import org.sonar.server.es.EsClient;
  37 import org.sonar.server.issue.index.IssueIndexDefinition;
  38 import org.sonar.server.tester.ServerTester;
  39 import org.sonar.server.user.MockUserSession;
  40
  41 import javax.annotation.Nullable;
  42
  43 import java.util.Map;
  44
  45 import static org.fest.assertions.Assertions.assertThat;
  46
  47 /**
  48  * New tests should be added in order to be able to remove InternalPermissionServiceTest
  49  */
  50 public class InternalPermissionServiceMediumTest {
  51
  52   @ClassRule
  53   public static ServerTester tester = new ServerTester();
  54
  55   DbClient db;
  56   DbSession session;
  57   InternalPermissionService service;
  58
  59   ComponentDto project;
  60
  61   @Before
  62   public void setUp() throws Exception {
  63     tester.clearDbAndIndexes();
  64     db = tester.get(DbClient.class);
  65     session = db.openSession(false);
  66     service = tester.get(InternalPermissionService.class);
  67
  68     project = ComponentTesting.newProjectDto();
  69     db.componentDao().insert(session, project);
  70     session.commit();
  71   }
  72
  73   @After
  74   public void after() {
  75     session.close();
  76   }
  77
  78   @Test
  79   public void add_project_permission_to_user() throws Exception {
  80     // init
  81     MockUserSession.set().setLogin("admin").addProjectPermissions(UserRole.ADMIN, project.key());
  82     UserDto user = new UserDto().setLogin("john").setName("John");
  83     db.userDao().insert(session, user);
  84     session.commit();
  85     assertThat(tester.get(RoleDao.class).selectUserPermissions(session, user.getLogin(), project.getId())).isEmpty();
  86     assertThat(countIssueAuthorizationDocs()).isZero();
  87
  88     // add permission
  89     service.addPermission(params(user.getLogin(), null, project.key(), UserRole.USER));
  90     session.commit();
  91
  92     // Check db
  93     assertThat(tester.get(RoleDao.class).selectUserPermissions(session, user.getLogin(), project.getId())).hasSize(1);
  94
  95     // Check index of issue authorizations
  96     assertThat(countIssueAuthorizationDocs()).isEqualTo(1);
  97   }
  98
  99   @Test
 100   public void remove_project_permission_to_user() throws Exception {
 101     MockUserSession.set().setLogin("admin").addProjectPermissions(UserRole.ADMIN, project.key());
 102
 103     UserDto user1 = new UserDto().setLogin("user1").setName("User1");
 104     db.userDao().insert(session, user1);
 105
 106     UserDto user2 = new UserDto().setLogin("user2").setName("User2");
 107     db.userDao().insert(session, user2);
 108     session.commit();
 109
 110     service.addPermission(params(user1.getLogin(), null, project.key(), UserRole.USER));
 111     service.addPermission(params(user2.getLogin(), null, project.key(), UserRole.USER));
 112     service.removePermission(params(user1.getLogin(), null, project.key(), UserRole.USER));
 113     session.commit();
 114
 115     // Check in db
 116     assertThat(tester.get(RoleDao.class).selectUserPermissions(session, user1.getLogin(), project.getId())).isEmpty();
 117     assertThat(tester.get(RoleDao.class).selectUserPermissions(session, user2.getLogin(), project.getId())).hasSize(1);
 118
 119     // Check index of issue authorizations
 120     assertThat(countIssueAuthorizationDocs()).isEqualTo(1);
 121   }
 122
 123   @Test
 124   public void remove_all_component_user_permissions() throws Exception {
 125     MockUserSession.set().setLogin("admin").addProjectPermissions(UserRole.ADMIN, project.key());
 126
 127     UserDto user = new UserDto().setLogin("user1").setName("User1");
 128     db.userDao().insert(session, user);
 129     session.commit();
 130
 131     service.addPermission(params(user.getLogin(), null, project.key(), UserRole.USER));
 132     service.removePermission(params(user.getLogin(), null, project.key(), UserRole.USER));
 133     session.commit();
 134
 135     // Check in db
 136     assertThat(tester.get(RoleDao.class).selectUserPermissions(session, user.getLogin(), project.getId())).isEmpty();
 137
 138     // Check index of issue authorizations
 139     assertThat(countIssueAuthorizationDocs()).isEqualTo(0);
 140   }
 141
 142   @Test
 143   public void add_and_remove_permission_to_group() throws Exception {
 144     // init
 145     MockUserSession.set().setLogin("admin").addProjectPermissions(UserRole.ADMIN, project.key());
 146     GroupDto group = new GroupDto().setName("group1");
 147     db.groupDao().insert(session, group);
 148     session.commit();
 149     assertThat(tester.get(RoleDao.class).selectGroupPermissions(session, group.getName(), project.getId())).isEmpty();
 150
 151     // add permission
 152     PermissionChange change = new PermissionChange().setPermission(UserRole.USER).setGroup(group.getName()).setComponentKey(project.key());
 153     service.addPermission(change);
 154     session.commit();
 155
 156     // Check db
 157     assertThat(tester.get(RoleDao.class).selectGroupPermissions(session, group.getName(), project.getId())).hasSize(1);
 158
 159     // Check index of issue authorizations
 160     assertThat(countIssueAuthorizationDocs()).isEqualTo(1);
 161
 162     // remove permission
 163     service.removePermission(change);
 164     session.commit();
 165     assertThat(tester.get(RoleDao.class).selectGroupPermissions(session, group.getName(), project.getId())).hasSize(0);
 166     assertThat(countIssueAuthorizationDocs()).isEqualTo(0);
 167   }
 168
 169   private Map<String, Object> params(@Nullable String login, @Nullable String group, @Nullable String component, String permission) {
 170     Map<String, Object> params = Maps.newHashMap();
 171     params.put("user", login);
 172     params.put("group", group);
 173     params.put("component", component);
 174     params.put("permission", permission);
 175     return params;
 176   }
 177
 178   private long countIssueAuthorizationDocs() {
 179     return tester.get(EsClient.class).prepareCount(IssueIndexDefinition.INDEX).setTypes(IssueIndexDefinition.TYPE_AUTHORIZATION).get().getCount();
 180   }
 181 }