3 * Copyright (C) 2009-2024 SonarSource SA
4 * mailto:info AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.qualityprofile.ws;
22 import org.junit.Rule;
23 import org.junit.Test;
24 import org.sonar.api.server.ws.WebService;
25 import org.sonar.db.DbClient;
26 import org.sonar.db.DbTester;
27 import org.sonar.db.qualityprofile.QProfileDto;
28 import org.sonar.db.user.GroupDto;
29 import org.sonar.db.user.UserDto;
30 import org.sonar.server.exceptions.BadRequestException;
31 import org.sonar.server.exceptions.ForbiddenException;
32 import org.sonar.server.exceptions.UnauthorizedException;
33 import org.sonar.server.qualityprofile.QProfileRules;
34 import org.sonar.server.rule.ws.RuleQueryFactory;
35 import org.sonar.server.tester.UserSessionRule;
36 import org.sonar.server.ws.TestRequest;
37 import org.sonar.server.ws.WsActionTester;
39 import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric;
40 import static org.assertj.core.api.Assertions.assertThat;
41 import static org.assertj.core.api.Assertions.assertThatThrownBy;
42 import static org.mockito.ArgumentMatchers.any;
43 import static org.mockito.Mockito.RETURNS_DEEP_STUBS;
44 import static org.mockito.Mockito.mock;
45 import static org.mockito.Mockito.verify;
46 import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES;
47 import static org.sonar.db.permission.GlobalPermission.SCAN;
48 import static org.sonar.server.platform.db.migration.def.VarcharColumnDef.UUID_SIZE;
49 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_TARGET_KEY;
51 public class DeactivateRulesActionIT {
54 public DbTester db = DbTester.create();
56 public UserSessionRule userSession = UserSessionRule.standalone();
58 private DbClient dbClient = db.getDbClient();
59 private QProfileRules qProfileRules = mock(QProfileRules.class, RETURNS_DEEP_STUBS);
60 private final QProfileWsSupport wsSupport = new QProfileWsSupport(dbClient, userSession);
61 private RuleQueryFactory ruleQueryFactory = mock(RuleQueryFactory.class, RETURNS_DEEP_STUBS);
62 private DeactivateRulesAction underTest = new DeactivateRulesAction(ruleQueryFactory, userSession, qProfileRules, wsSupport, dbClient);
63 private WsActionTester ws = new WsActionTester(underTest);
66 public void definition() {
67 WebService.Action definition = ws.getDef();
68 assertThat(definition).isNotNull();
69 assertThat(definition.isPost()).isTrue();
70 assertThat(definition.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder(
94 "sonarsourceSecurity",
95 "cleanCodeAttributeCategories",
96 "impactSoftwareQualities",
101 public void as_global_admin() {
102 UserDto user = db.users().insertUser();
103 QProfileDto qualityProfile = db.qualityProfiles().insert();
104 userSession.logIn(user).addPermission(ADMINISTER_QUALITY_PROFILES);
108 .setParam(PARAM_TARGET_KEY, qualityProfile.getKee())
111 verify(qProfileRules).bulkDeactivateAndCommit(any(), any(), any());
115 public void as_qprofile_editor() {
116 UserDto user = db.users().insertUser();
117 GroupDto group = db.users().insertGroup();
118 QProfileDto qualityProfile = db.qualityProfiles().insert();
119 db.qualityProfiles().addGroupPermission(qualityProfile, group);
120 userSession.logIn(user).setGroups(group);
124 .setParam(PARAM_TARGET_KEY, qualityProfile.getKee())
127 verify(qProfileRules).bulkDeactivateAndCommit(any(), any(), any());
131 public void fail_if_not_logged_in() {
132 TestRequest request = ws.newRequest()
134 .setParam(PARAM_TARGET_KEY, randomAlphanumeric(UUID_SIZE));
136 assertThatThrownBy(request::execute)
137 .isInstanceOf(UnauthorizedException.class);
141 public void fail_if_built_in_profile() {
142 userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES);
143 QProfileDto qualityProfile = db.qualityProfiles().insert(p -> p.setIsBuiltIn(true));
144 TestRequest request = ws.newRequest()
146 .setParam(PARAM_TARGET_KEY, qualityProfile.getKee());
148 assertThatThrownBy(request::execute)
149 .isInstanceOf(BadRequestException.class);
153 public void fail_if_not_quality_profile_administrator() {
154 userSession.logIn(db.users().insertUser()).addPermission(SCAN);
155 QProfileDto qualityProfile = db.qualityProfiles().insert();
156 TestRequest request = ws.newRequest()
158 .setParam(PARAM_TARGET_KEY, qualityProfile.getKee());
160 assertThatThrownBy(request::execute)
161 .isInstanceOf(ForbiddenException.class);