source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2019 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.qualityprofile.ws;
  21
  22 import org.junit.Before;
  23 import org.junit.Rule;
  24 import org.junit.Test;
  25 import org.junit.rules.ExpectedException;
  26 import org.mockito.Mockito;
  27 import org.sonar.api.server.ws.WebService;
  28 import org.sonar.db.DbClient;
  29 import org.sonar.db.DbTester;
  30 import org.sonar.db.organization.OrganizationDto;
  31 import org.sonar.db.qualityprofile.QProfileDto;
  32 import org.sonar.db.user.GroupDto;
  33 import org.sonar.db.user.UserDto;
  34 import org.sonar.server.exceptions.BadRequestException;
  35 import org.sonar.server.exceptions.ForbiddenException;
  36 import org.sonar.server.exceptions.UnauthorizedException;
  37 import org.sonar.server.organization.TestDefaultOrganizationProvider;
  38 import org.sonar.server.qualityprofile.QProfileRules;
  39 import org.sonar.server.rule.ws.RuleQueryFactory;
  40 import org.sonar.server.tester.UserSessionRule;
  41 import org.sonar.server.ws.TestRequest;
  42 import org.sonar.server.ws.WsActionTester;
  43
  44 import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric;
  45 import static org.assertj.core.api.Assertions.assertThat;
  46 import static org.mockito.ArgumentMatchers.any;
  47 import static org.mockito.Mockito.mock;
  48 import static org.mockito.Mockito.verify;
  49 import static org.sonar.db.permission.OrganizationPermission.ADMINISTER_QUALITY_PROFILES;
  50 import static org.sonar.server.platform.db.migration.def.VarcharColumnDef.UUID_SIZE;
  51 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_ORGANIZATION;
  52 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_TARGET_KEY;
  53
  54 public class ActivateRulesActionTest {
  55
  56   @Rule
  57   public DbTester db = DbTester.create();
  58   @Rule
  59   public UserSessionRule userSession = UserSessionRule.standalone();
  60   @Rule
  61   public ExpectedException expectedException = ExpectedException.none();
  62
  63   private DbClient dbClient = db.getDbClient();
  64   private QProfileWsSupport wsSupport = new QProfileWsSupport(dbClient, userSession, TestDefaultOrganizationProvider.from(db));
  65   private RuleQueryFactory ruleQueryFactory = mock(RuleQueryFactory.class, Mockito.RETURNS_MOCKS);
  66
  67   private QProfileRules qProfileRules = mock(QProfileRules.class, Mockito.RETURNS_DEEP_STUBS);
  68   private WsActionTester ws = new WsActionTester(new ActivateRulesAction(ruleQueryFactory, userSession, qProfileRules, wsSupport, dbClient));
  69
  70   private OrganizationDto defaultOrganization;
  71   private OrganizationDto organization;
  72
  73   @Before
  74   public void before() {
  75     defaultOrganization = db.getDefaultOrganization();
  76     organization = db.organizations().insert();
  77   }
  78
  79   @Test
  80   public void define_bulk_activate_rule_action() {
  81     WebService.Action definition = ws.getDef();
  82     assertThat(definition).isNotNull();
  83     assertThat(definition.isPost()).isTrue();
  84     assertThat(definition.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder(
  85       "types",
  86       "template_key",
  87       "languages",
  88       "is_template",
  89       "inheritance",
  90       "qprofile",
  91       "compareToProfile",
  92       "targetSeverity",
  93       "tags",
  94       "asc",
  95       "q",
  96       "active_severities",
  97       "s",
  98       "repositories",
  99       "targetKey",
 100       "statuses",
 101       "rule_key",
 102       "available_since",
 103       "activation",
 104       "severities",
 105       "organization",
 106       "cwe",
 107       "owaspTop10",
 108       "sansTop25",
 109       "sonarsourceSecurity");
 110     WebService.Param targetProfile = definition.param("targetKey");
 111     assertThat(targetProfile.deprecatedKey()).isEqualTo("profile_key");
 112     WebService.Param targetSeverity = definition.param("targetSeverity");
 113     assertThat(targetSeverity.deprecatedKey()).isEqualTo("activation_severity");
 114   }
 115
 116   @Test
 117   public void as_global_qprofile_admin() {
 118     userSession.logIn(db.users().insertUser()).addPermission(ADMINISTER_QUALITY_PROFILES, organization);
 119     QProfileDto qualityProfile = db.qualityProfiles().insert(organization);
 120
 121     ws.newRequest()
 122       .setMethod("POST")
 123       .setParam(PARAM_ORGANIZATION, organization.getKey())
 124       .setParam(PARAM_TARGET_KEY, qualityProfile.getKee())
 125       .execute();
 126
 127     verify(qProfileRules).bulkActivateAndCommit(any(), any(), any(), any());
 128   }
 129
 130   @Test
 131   public void as_qprofile_editor() {
 132     UserDto user = db.users().insertUser();
 133     GroupDto group = db.users().insertGroup(organization);
 134     QProfileDto qualityProfile = db.qualityProfiles().insert(organization);
 135     db.organizations().addMember(organization, user);
 136     db.qualityProfiles().addGroupPermission(qualityProfile, group);
 137     userSession.logIn(user).setGroups(group);
 138
 139     ws.newRequest()
 140       .setMethod("POST")
 141       .setParam(PARAM_ORGANIZATION, organization.getKey())
 142       .setParam(PARAM_TARGET_KEY, qualityProfile.getKee())
 143       .execute();
 144
 145     verify(qProfileRules).bulkActivateAndCommit(any(), any(), any(), any());
 146   }
 147
 148   @Test
 149   public void fail_if_not_logged_in() {
 150     TestRequest request = ws.newRequest()
 151       .setMethod("POST")
 152       .setParam(PARAM_TARGET_KEY, randomAlphanumeric(UUID_SIZE));
 153
 154     expectedException.expect(UnauthorizedException.class);
 155
 156     request.execute();
 157   }
 158
 159   @Test
 160   public void fail_if_built_in_profile() {
 161     userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES, defaultOrganization);
 162     QProfileDto qualityProfile = db.qualityProfiles().insert(defaultOrganization, p -> p.setIsBuiltIn(true));
 163     TestRequest request = ws.newRequest()
 164       .setMethod("POST")
 165       .setParam(PARAM_TARGET_KEY, qualityProfile.getKee());
 166
 167     expectedException.expect(BadRequestException.class);
 168
 169     request.execute();
 170   }
 171
 172   @Test
 173   public void fail_if_not_enough_permission() {
 174     userSession.logIn(db.users().insertUser());
 175     QProfileDto qualityProfile = db.qualityProfiles().insert(organization);
 176
 177     expectedException.expect(ForbiddenException.class);
 178
 179     ws.newRequest()
 180       .setMethod("POST")
 181       .setParam(PARAM_TARGET_KEY, qualityProfile.getKee())
 182       .execute();
 183   }
 184 }