]> source.dussan.org Git - sonarqube.git/blob
3f05e83859bccc96a3c04074782efb1eeebc6211
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2024 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.qualityprofile.ws;
21
22 import java.net.HttpURLConnection;
23 import java.util.Collection;
24 import org.junit.Before;
25 import org.junit.Rule;
26 import org.junit.Test;
27 import org.mockito.ArgumentCaptor;
28 import org.mockito.MockitoAnnotations;
29 import org.sonar.api.rule.RuleKey;
30 import org.sonar.api.server.ws.WebService;
31 import org.sonar.db.DbClient;
32 import org.sonar.db.DbSession;
33 import org.sonar.db.DbTester;
34 import org.sonar.db.permission.GlobalPermission;
35 import org.sonar.db.qualityprofile.QProfileDto;
36 import org.sonar.db.rule.RuleDto;
37 import org.sonar.db.rule.RuleTesting;
38 import org.sonar.db.user.UserDto;
39 import org.sonar.server.exceptions.BadRequestException;
40 import org.sonar.server.exceptions.UnauthorizedException;
41 import org.sonar.server.qualityprofile.QProfileRules;
42 import org.sonar.server.tester.UserSessionRule;
43 import org.sonar.server.ws.TestRequest;
44 import org.sonar.server.ws.TestResponse;
45 import org.sonar.server.ws.WsActionTester;
46
47 import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric;
48 import static org.assertj.core.api.Assertions.assertThat;
49 import static org.assertj.core.api.Assertions.assertThatThrownBy;
50 import static org.mockito.ArgumentMatchers.any;
51 import static org.mockito.ArgumentMatchers.anyCollection;
52 import static org.mockito.Mockito.mock;
53 import static org.mockito.Mockito.verify;
54 import static org.sonar.server.platform.db.migration.def.VarcharColumnDef.UUID_SIZE;
55 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_KEY;
56 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_RULE;
57
58 public class DeactivateRuleActionIT {
59   @Rule
60   public DbTester db = DbTester.create();
61   @Rule
62   public UserSessionRule userSession = UserSessionRule.standalone();
63
64   private final ArgumentCaptor<Collection<String>> ruleUuidsCaptor = ArgumentCaptor.forClass(Collection.class);
65   private final DbClient dbClient = db.getDbClient();
66   private final QProfileRules qProfileRules = mock(QProfileRules.class);
67   private final QProfileWsSupport wsSupport = new QProfileWsSupport(dbClient, userSession);
68   private final DeactivateRuleAction underTest = new DeactivateRuleAction(dbClient, qProfileRules, userSession, wsSupport);
69   private final WsActionTester ws = new WsActionTester(underTest);
70
71   @Before
72   public void before() {
73     MockitoAnnotations.initMocks(this);
74   }
75
76   @Test
77   public void definition() {
78     WebService.Action definition = ws.getDef();
79     assertThat(definition).isNotNull();
80     assertThat(definition.isPost()).isTrue();
81     assertThat(definition.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder("key", "rule");
82   }
83
84   @Test
85   public void deactivate_rule() {
86     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
87     QProfileDto qualityProfile = db.qualityProfiles().insert();
88     RuleDto rule = db.rules().insert(RuleTesting.randomRuleKey());
89     TestRequest request = ws.newRequest()
90       .setMethod("POST")
91       .setParam(PARAM_RULE, rule.getKey().toString())
92       .setParam(PARAM_KEY, qualityProfile.getKee());
93
94     TestResponse response = request.execute();
95
96     assertThat(response.getStatus()).isEqualTo(HttpURLConnection.HTTP_NO_CONTENT);
97     ArgumentCaptor<QProfileDto> qProfileDtoCaptor = ArgumentCaptor.forClass(QProfileDto.class);
98     verify(qProfileRules).deactivateAndCommit(any(DbSession.class), qProfileDtoCaptor.capture(), ruleUuidsCaptor.capture());
99     assertThat(ruleUuidsCaptor.getValue()).containsExactly(rule.getUuid());
100     assertThat(qProfileDtoCaptor.getValue().getKee()).isEqualTo(qualityProfile.getKee());
101   }
102
103   @Test
104   public void as_qprofile_editor() {
105     UserDto user = db.users().insertUser();
106     QProfileDto qualityProfile = db.qualityProfiles().insert();
107     db.qualityProfiles().addUserPermission(qualityProfile, user);
108     userSession.logIn(user);
109     RuleKey ruleKey = RuleTesting.randomRuleKey();
110     db.rules().insert(ruleKey);
111
112     ws.newRequest()
113       .setMethod("POST")
114       .setParam(PARAM_RULE, ruleKey.toString())
115       .setParam(PARAM_KEY, qualityProfile.getKee())
116       .execute();
117
118     verify(qProfileRules).deactivateAndCommit(any(DbSession.class), any(QProfileDto.class), anyCollection());
119   }
120
121   @Test
122   public void fail_if_not_logged_in() {
123     TestRequest request = ws.newRequest()
124       .setMethod("POST")
125       .setParam(PARAM_RULE, RuleTesting.newRule().getKey().toString())
126       .setParam(PARAM_KEY, randomAlphanumeric(UUID_SIZE));
127
128     assertThatThrownBy(request::execute)
129       .isInstanceOf(UnauthorizedException.class);
130   }
131
132   @Test
133   public void fail_activate_external_rule() {
134     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
135     QProfileDto qualityProfile = db.qualityProfiles().insert();
136     RuleDto rule = db.rules().insert(r -> r.setIsExternal(true));
137
138     TestRequest request = ws.newRequest()
139       .setMethod("POST")
140       .setParam(PARAM_RULE, rule.getKey().toString())
141       .setParam(PARAM_KEY, qualityProfile.getKee());
142
143     assertThatThrownBy(() -> request.execute())
144       .isInstanceOf(BadRequestException.class)
145       .hasMessage(String.format("Operation forbidden for rule '%s' imported from an external rule engine.", rule.getKey()));
146   }
147
148   @Test
149   public void fail_deactivate_if_built_in_profile() {
150     RuleDto rule = db.rules().insert();
151     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
152
153     QProfileDto qualityProfile = db.qualityProfiles().insert(profile -> profile.setIsBuiltIn(true));
154     TestRequest request = ws.newRequest()
155       .setMethod("POST")
156       .setParam(PARAM_RULE, rule.getKey().toString())
157       .setParam(PARAM_KEY, qualityProfile.getKee());
158
159     assertThatThrownBy(request::execute)
160       .isInstanceOf(BadRequestException.class);
161   }
162 }