3 * Copyright (C) 2009-2016 SonarSource SA
4 * mailto:contact AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.permission.ws.template;
22 import java.util.Collections;
23 import java.util.List;
24 import javax.annotation.Nullable;
25 import org.junit.Before;
26 import org.junit.Rule;
27 import org.junit.Test;
28 import org.sonar.api.config.MapSettings;
29 import org.sonar.api.web.UserRole;
30 import org.sonar.core.permission.GlobalPermissions;
31 import org.sonar.db.component.ComponentDto;
32 import org.sonar.db.organization.OrganizationDto;
33 import org.sonar.db.permission.PermissionQuery;
34 import org.sonar.db.permission.template.PermissionTemplateDto;
35 import org.sonar.db.user.GroupDto;
36 import org.sonar.db.user.UserDto;
37 import org.sonar.server.component.es.ProjectMeasuresIndexDefinition;
38 import org.sonar.server.es.EsTester;
39 import org.sonar.server.exceptions.BadRequestException;
40 import org.sonar.server.exceptions.ForbiddenException;
41 import org.sonar.server.exceptions.NotFoundException;
42 import org.sonar.server.issue.index.IssueIndexDefinition;
43 import org.sonar.server.permission.PermissionTemplateService;
44 import org.sonar.server.permission.index.PermissionIndexer;
45 import org.sonar.server.permission.index.PermissionIndexerTester;
46 import org.sonar.server.permission.ws.BasePermissionWsTest;
47 import org.sonar.server.ws.TestRequest;
48 import org.sonar.server.ws.TestResponse;
50 import static java.util.Collections.singletonList;
51 import static org.assertj.core.api.Assertions.assertThat;
52 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
53 import static org.sonar.db.component.ComponentTesting.newProjectDto;
54 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
55 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
56 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
57 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
59 public class ApplyTemplateActionTest extends BasePermissionWsTest<ApplyTemplateAction> {
62 public EsTester esTester = new EsTester(new IssueIndexDefinition(new MapSettings()), new ProjectMeasuresIndexDefinition(new MapSettings()));
64 private UserDto user1;
65 private UserDto user2;
66 private GroupDto group1;
67 private GroupDto group2;
68 private ComponentDto project;
69 private PermissionTemplateDto template1;
70 private PermissionTemplateDto template2;
72 private PermissionIndexerTester authorizationIndexerTester = new PermissionIndexerTester(esTester);
74 private PermissionIndexer permissionIndexer = new PermissionIndexer(db.getDbClient(), esTester.client());
77 protected ApplyTemplateAction buildWsAction() {
78 PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(), new MapSettings(), permissionIndexer, userSession);
79 return new ApplyTemplateAction(db.getDbClient(), userSession, permissionTemplateService, newPermissionWsSupport());
84 user1 = db.users().insertUser("user-login-1");
85 user2 = db.users().insertUser("user-login-2");
86 OrganizationDto defaultOrg = db.getDefaultOrganization();
87 group1 = db.users().insertGroup(defaultOrg, "group-name-1");
88 group2 = db.users().insertGroup(defaultOrg, "group-name-2");
91 template1 = insertTemplate();
92 addUserToTemplate(user1, template1, UserRole.CODEVIEWER);
93 addUserToTemplate(user2, template1, UserRole.ISSUE_ADMIN);
94 addGroupToTemplate(group1, template1, UserRole.ADMIN);
95 addGroupToTemplate(group2, template1, UserRole.USER);
97 template2 = insertTemplate();
98 addUserToTemplate(user1, template2, UserRole.USER);
99 addUserToTemplate(user2, template2, UserRole.USER);
100 addGroupToTemplate(group1, template2, UserRole.USER);
101 addGroupToTemplate(group2, template2, UserRole.USER);
103 project = db.components().insertComponent(newProjectDto("project-uuid-1"));
104 db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project);
105 db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project);
106 db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project);
107 db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
111 public void apply_template_with_project_uuid() throws Exception {
112 loginAsAdminOnDefaultOrganization();
114 newRequest(template1.getUuid(), project.uuid(), null);
116 assertTemplate1AppliedToProject();
120 public void apply_template_with_project_uuid_by_template_name() throws Exception {
121 loginAsAdminOnDefaultOrganization();
124 .setParam(PARAM_TEMPLATE_NAME, template1.getName().toUpperCase())
125 .setParam(PARAM_PROJECT_ID, project.uuid())
128 assertTemplate1AppliedToProject();
132 public void apply_template_with_project_key() throws Exception {
133 loginAsAdminOnDefaultOrganization();
135 newRequest(template1.getUuid(), null, project.key());
137 assertTemplate1AppliedToProject();
141 public void fail_when_unknown_template() throws Exception {
142 loginAsAdminOnDefaultOrganization();
144 expectedException.expect(NotFoundException.class);
145 expectedException.expectMessage("Permission template with id 'unknown-template-uuid' is not found");
147 newRequest("unknown-template-uuid", project.uuid(), null);
151 public void fail_when_unknown_project_uuid() throws Exception {
152 loginAsAdminOnDefaultOrganization();
154 expectedException.expect(NotFoundException.class);
155 expectedException.expectMessage("Project id 'unknown-project-uuid' not found");
157 newRequest(template1.getUuid(), "unknown-project-uuid", null);
161 public void fail_when_unknown_project_key() throws Exception {
162 loginAsAdminOnDefaultOrganization();
164 expectedException.expect(NotFoundException.class);
165 expectedException.expectMessage("Project key 'unknown-project-key' not found");
167 newRequest(template1.getUuid(), null, "unknown-project-key");
171 public void fail_when_template_is_not_provided() throws Exception {
172 loginAsAdminOnDefaultOrganization();
174 expectedException.expect(BadRequestException.class);
176 newRequest(null, project.uuid(), null);
180 public void fail_when_project_uuid_and_key_not_provided() throws Exception {
181 loginAsAdminOnDefaultOrganization();
183 expectedException.expect(BadRequestException.class);
184 expectedException.expectMessage("Project id or project key can be provided, not both.");
186 newRequest(template1.getUuid(), null, null);
190 public void fail_when_not_admin_of_organization() throws Exception {
191 userSession.login().addOrganizationPermission("otherOrg", SYSTEM_ADMIN);
193 expectedException.expect(ForbiddenException.class);
194 userSession.login().setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION);
196 newRequest(template1.getUuid(), project.uuid(), null);
199 private void assertTemplate1AppliedToProject() {
200 assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName());
201 assertThat(selectProjectPermissionGroups(project, UserRole.USER)).containsExactly(group2.getName());
202 assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty();
203 assertThat(selectProjectPermissionUsers(project, UserRole.CODEVIEWER)).containsExactly(user1.getId());
204 assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getId());
206 authorizationIndexerTester.verifyProjectExistsWithPermission(project.uuid(), singletonList(group2.getName()), Collections.emptyList());
209 private TestResponse newRequest(@Nullable String templateUuid, @Nullable String projectUuid, @Nullable String projectKey) throws Exception {
210 TestRequest request = newRequest();
211 if (templateUuid != null) {
212 request.setParam(PARAM_TEMPLATE_ID, templateUuid);
214 if (projectUuid != null) {
215 request.setParam(PARAM_PROJECT_ID, projectUuid);
217 if (projectKey != null) {
218 request.setParam(PARAM_PROJECT_KEY, projectKey);
221 return request.execute();
224 private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) {
225 db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), permissionTemplate.getId(), user.getId(), permission);
229 private void addGroupToTemplate(GroupDto group, PermissionTemplateDto permissionTemplate, String permission) {
230 db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplate.getId(), group.getId(), permission);
234 private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) {
235 PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponentUuid(project.uuid()).build();
236 return db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(db.getSession(), db.getDefaultOrganization().getUuid(), query);
239 private List<Long> selectProjectPermissionUsers(ComponentDto project, String permission) {
240 PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponentUuid(project.uuid()).build();
241 return db.getDbClient().userPermissionDao().selectUserIds(db.getSession(), db.getDefaultOrganization().getUuid(), query);
projects / sonarqube.git / blob