source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2023 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.authentication;
  21
  22 import java.util.Set;
  23 import org.junit.Before;
  24 import org.junit.Rule;
  25 import org.junit.Test;
  26 import org.mockito.stubbing.Answer;
  27 import org.sonar.db.DbTester;
  28 import org.sonar.db.user.GroupDto;
  29 import org.sonar.db.user.UserDto;
  30 import org.sonar.server.notification.email.EmailNotificationChannel;
  31
  32 import static java.util.Collections.singletonList;
  33 import static org.assertj.core.api.Assertions.assertThat;
  34 import static org.mockito.ArgumentMatchers.anySet;
  35 import static org.mockito.Mockito.mock;
  36 import static org.mockito.Mockito.verify;
  37 import static org.mockito.Mockito.verifyNoMoreInteractions;
  38 import static org.mockito.Mockito.when;
  39 import static org.sonar.db.permission.GlobalPermission.ADMINISTER;
  40
  41 public class DefaultAdminCredentialsVerifierNotificationHandlerTest {
  42
  43   @Rule
  44   public DbTester db = DbTester.create();
  45
  46   private EmailNotificationChannel emailNotificationChannel = mock(EmailNotificationChannel.class);
  47
  48   private DefaultAdminCredentialsVerifierNotificationHandler underTest = new DefaultAdminCredentialsVerifierNotificationHandler(db.getDbClient(),
  49     emailNotificationChannel);
  50
  51   @Before
  52   public void setUp() {
  53     when(emailNotificationChannel.deliverAll(anySet()))
  54       .then((Answer<Integer>) invocationOnMock -> ((Set<EmailNotificationChannel.EmailDeliveryRequest>) invocationOnMock.getArguments()[0]).size());
  55   }
  56
  57   @Test
  58   public void deliver_to_all_admins_having_emails() {
  59     when(emailNotificationChannel.isActivated()).thenReturn(true);
  60     DefaultAdminCredentialsVerifierNotification detectActiveAdminAccountWithDefaultCredentialNotification = mock(DefaultAdminCredentialsVerifierNotification.class);
  61     // Users granted admin permission directly
  62     UserDto admin1 = db.users().insertUser(u -> u.setEmail("admin1"));
  63     UserDto adminWithNoEmail = db.users().insertUser(u -> u.setEmail(null));
  64     db.users().insertPermissionOnUser(admin1, ADMINISTER);
  65     db.users().insertPermissionOnUser(adminWithNoEmail, ADMINISTER);
  66     // User granted admin permission by group membership
  67     UserDto admin2 = db.users().insertUser(u -> u.setEmail("admin2"));
  68     GroupDto adminGroup = db.users().insertGroup();
  69     db.users().insertPermissionOnGroup(adminGroup, ADMINISTER);
  70     db.users().insertMember(adminGroup, admin2);
  71     db.users().insertUser(u -> u.setEmail("otherUser"));
  72
  73     int deliver = underTest.deliver(singletonList(detectActiveAdminAccountWithDefaultCredentialNotification));
  74
  75     // Only 2 admins have there email defined
  76     assertThat(deliver).isEqualTo(2);
  77     verify(emailNotificationChannel).isActivated();
  78     verify(emailNotificationChannel).deliverAll(anySet());
  79     verifyNoMoreInteractions(detectActiveAdminAccountWithDefaultCredentialNotification);
  80   }
  81
  82   @Test
  83   public void deliver_to_no_one_when_no_admins() {
  84     when(emailNotificationChannel.isActivated()).thenReturn(true);
  85     DefaultAdminCredentialsVerifierNotification detectActiveAdminAccountWithDefaultCredentialNotification = mock(DefaultAdminCredentialsVerifierNotification.class);
  86     db.users().insertUser(u -> u.setEmail("otherUser"));
  87
  88     int deliver = underTest.deliver(singletonList(detectActiveAdminAccountWithDefaultCredentialNotification));
  89
  90     assertThat(deliver).isZero();
  91     verify(emailNotificationChannel).isActivated();
  92     verifyNoMoreInteractions(emailNotificationChannel);
  93     verifyNoMoreInteractions(detectActiveAdminAccountWithDefaultCredentialNotification);
  94   }
  95
  96   @Test
  97   public void do_nothing_if_emailNotificationChannel_is_disabled() {
  98     when(emailNotificationChannel.isActivated()).thenReturn(false);
  99     DefaultAdminCredentialsVerifierNotification detectActiveAdminAccountWithDefaultCredentialNotification = mock(
 100       DefaultAdminCredentialsVerifierNotification.class);
 101
 102     int deliver = underTest.deliver(singletonList(detectActiveAdminAccountWithDefaultCredentialNotification));
 103
 104     assertThat(deliver).isZero();
 105     verify(emailNotificationChannel).isActivated();
 106     verifyNoMoreInteractions(emailNotificationChannel);
 107     verifyNoMoreInteractions(detectActiveAdminAccountWithDefaultCredentialNotification);
 108   }
 109
 110   @Test
 111   public void getMetadata_returns_empty() {
 112     assertThat(underTest.getMetadata()).isEmpty();
 113   }
 114
 115   @Test
 116   public void getNotificationClass() {
 117     assertThat(underTest.getNotificationClass()).isEqualTo(DefaultAdminCredentialsVerifierNotification.class);
 118   }
 119
 120 }