3 * Copyright (C) 2009-2016 SonarSource SA
4 * mailto:contact AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.computation.task.projectanalysis.step;
22 import java.util.List;
24 import org.elasticsearch.search.SearchHit;
25 import org.junit.After;
26 import org.junit.Before;
27 import org.junit.Rule;
28 import org.junit.Test;
29 import org.sonar.api.config.MapSettings;
30 import org.sonar.api.config.Settings;
31 import org.sonar.api.security.DefaultGroups;
32 import org.sonar.api.utils.System2;
33 import org.sonar.api.web.UserRole;
34 import org.sonar.db.DbClient;
35 import org.sonar.db.DbSession;
36 import org.sonar.db.DbTester;
37 import org.sonar.db.component.ComponentDto;
38 import org.sonar.db.component.ComponentTesting;
39 import org.sonar.db.permission.PermissionRepository;
40 import org.sonar.db.permission.template.PermissionTemplateDto;
41 import org.sonar.server.component.es.ProjectMeasuresIndexDefinition;
42 import org.sonar.server.computation.task.projectanalysis.component.Component;
43 import org.sonar.server.computation.task.projectanalysis.component.MutableDbIdsRepositoryRule;
44 import org.sonar.server.computation.task.projectanalysis.component.ReportComponent;
45 import org.sonar.server.computation.task.projectanalysis.component.TreeRootHolderRule;
46 import org.sonar.server.computation.task.projectanalysis.component.ViewsComponent;
47 import org.sonar.server.computation.task.step.ComputationStep;
48 import org.sonar.server.es.EsTester;
49 import org.sonar.server.issue.index.IssueIndexDefinition;
50 import org.sonar.server.permission.index.PermissionIndexer;
51 import org.sonar.server.permission.index.PermissionIndexerTester;
53 import static java.util.Collections.emptyList;
54 import static java.util.Collections.singletonList;
55 import static org.assertj.core.api.Assertions.assertThat;
56 import static org.sonar.db.component.ComponentTesting.newView;
57 import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
58 import static org.sonar.server.computation.task.projectanalysis.component.Component.Type.PROJECT;
59 import static org.sonar.server.computation.task.projectanalysis.component.Component.Type.VIEW;
61 public class ApplyPermissionsStepTest extends BaseStepTest {
63 private static final String ROOT_KEY = "ROOT_KEY";
64 private static final String ROOT_UUID = "ROOT_UUID";
65 private static final long SOME_DATE = 1000L;
68 public EsTester esTester = new EsTester(new IssueIndexDefinition(new MapSettings()), new ProjectMeasuresIndexDefinition(new MapSettings()));
71 public DbTester dbTester = DbTester.create(System2.INSTANCE);
74 public TreeRootHolderRule treeRootHolder = new TreeRootHolderRule();
77 public MutableDbIdsRepositoryRule dbIdsRepository = MutableDbIdsRepositoryRule.create(treeRootHolder);
79 private PermissionIndexerTester authorizationIndexerTester = new PermissionIndexerTester(esTester);
81 private DbSession dbSession;
82 private DbClient dbClient = dbTester.getDbClient();
83 private Settings settings = new MapSettings();
84 private ApplyPermissionsStep step;
88 dbSession = dbClient.openSession(false);
89 step = new ApplyPermissionsStep(dbClient, dbIdsRepository, new PermissionIndexer(dbClient, esTester.client()), new PermissionRepository(dbClient, settings), treeRootHolder);
93 public void tearDown() {
98 public void grant_permission_on_new_project() {
99 ComponentDto projectDto = ComponentTesting.newProjectDto(ROOT_UUID).setKey(ROOT_KEY);
100 dbClient.componentDao().insert(dbSession, projectDto);
102 // Create a permission template containing browse permission for anonymous group
103 createDefaultPermissionTemplate(UserRole.USER);
105 Component project = ReportComponent.builder(PROJECT, 1).setUuid(ROOT_UUID).setKey(ROOT_KEY).build();
106 dbIdsRepository.setComponentId(project, projectDto.getId());
107 treeRootHolder.setRoot(project);
112 assertThat(dbClient.componentDao().selectOrFailByKey(dbSession, ROOT_KEY).getAuthorizationUpdatedAt()).isNotNull();
113 assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession,
114 dbTester.getDefaultOrganization().getUuid(), null, projectDto.getId())).containsOnly(UserRole.USER);
115 authorizationIndexerTester.verifyProjectExistsWithPermission(ROOT_UUID, singletonList(DefaultGroups.ANYONE), emptyList());
119 public void nothing_to_do_on_existing_project() {
120 ComponentDto projectDto = ComponentTesting.newProjectDto(ROOT_UUID).setKey(ROOT_KEY).setAuthorizationUpdatedAt(SOME_DATE);
121 dbTester.components().insertComponent(projectDto);
122 // Permissions are already set on the project
123 dbTester.users().insertProjectPermissionOnAnyone(UserRole.USER, projectDto);
127 Component project = ReportComponent.builder(PROJECT, 1).setUuid(ROOT_UUID).setKey(ROOT_KEY).build();
128 dbIdsRepository.setComponentId(project, projectDto.getId());
129 treeRootHolder.setRoot(project);
134 // Check that authorization updated at has not been changed -> Nothing has been done
135 assertThat(projectDto.getAuthorizationUpdatedAt()).isEqualTo(SOME_DATE);
139 public void grant_permission_on_new_view() {
140 ComponentDto viewDto = newView(ROOT_UUID).setKey(ROOT_KEY);
141 dbClient.componentDao().insert(dbSession, viewDto);
143 String permission = UserRole.USER;
144 // Create a permission template containing browse permission for anonymous group
145 createDefaultPermissionTemplate(permission);
147 Component project = ViewsComponent.builder(VIEW, ROOT_KEY).setUuid(ROOT_UUID).build();
148 dbIdsRepository.setComponentId(project, viewDto.getId());
149 treeRootHolder.setRoot(project);
154 assertThat(dbClient.componentDao().selectOrFailByKey(dbSession, ROOT_KEY).getAuthorizationUpdatedAt()).isNotNull();
155 assertThat(dbClient.groupPermissionDao().selectProjectPermissionsOfGroup(dbSession,
156 dbTester.getDefaultOrganization().getUuid(), null, viewDto.getId())).containsOnly(permission);
160 public void nothing_to_do_on_existing_view() {
161 ComponentDto viewDto = newView(ROOT_UUID).setKey(ROOT_KEY).setAuthorizationUpdatedAt(SOME_DATE);
162 dbTester.components().insertComponent(viewDto);
163 // Permissions are already set on the view
164 dbTester.users().insertProjectPermissionOnAnyone(UserRole.USER, viewDto);
166 Component project = ReportComponent.builder(PROJECT, 1).setUuid(ROOT_UUID).setKey(ROOT_KEY).build();
167 dbIdsRepository.setComponentId(project, viewDto.getId());
168 treeRootHolder.setRoot(project);
173 // Check that authorization updated at has not been changed -> Nothing has been done
174 assertThat(viewDto.getAuthorizationUpdatedAt()).isEqualTo(SOME_DATE);
177 private void createDefaultPermissionTemplate(String permission) {
178 PermissionTemplateDto defaultTemplate = newPermissionTemplateDto()
179 .setOrganizationUuid(dbTester.getDefaultOrganization().getUuid())
181 dbClient.permissionTemplateDao().insert(dbSession, defaultTemplate);
182 settings.setProperty("sonar.permission.template.default", defaultTemplate.getKee());
183 dbClient.permissionTemplateDao().insertGroupPermission(dbSession, defaultTemplate.getId(), null, permission);
188 protected ComputationStep step() {
projects / sonarqube.git / blob