source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws.template;
  21
  22 import java.util.Optional;
  23 import org.junit.Before;
  24 import org.junit.Test;
  25 import org.sonar.api.utils.System2;
  26 import org.sonar.api.web.UserRole;
  27 import org.sonar.core.permission.GlobalPermissions;
  28 import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
  29 import org.sonar.db.permission.template.PermissionTemplateDto;
  30 import org.sonar.server.exceptions.ForbiddenException;
  31 import org.sonar.server.exceptions.NotFoundException;
  32 import org.sonar.server.exceptions.UnauthorizedException;
  33 import org.sonar.server.permission.ws.BasePermissionWsTest;
  34 import org.sonar.server.ws.WsTester;
  35
  36 import static org.assertj.core.api.Assertions.assertThat;
  37 import static org.mockito.Mockito.mock;
  38 import static org.mockito.Mockito.when;
  39 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
  40 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
  41 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
  42 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
  43
  44 public class RemoveProjectCreatorFromTemplateActionTest extends BasePermissionWsTest<RemoveProjectCreatorFromTemplateAction> {
  45
  46   private static final String ACTION = "remove_project_creator_from_template";
  47
  48   private System2 system = mock(System2.class);
  49   private PermissionTemplateDto template;
  50
  51   @Override
  52   protected RemoveProjectCreatorFromTemplateAction buildWsAction() {
  53     return new RemoveProjectCreatorFromTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession, system);
  54   }
  55
  56   @Before
  57   public void setUp() {
  58     loginAsAdminOnDefaultOrganization();
  59     when(system.now()).thenReturn(2_000_000_000L);
  60     template = insertTemplate();
  61   }
  62
  63   @Test
  64   public void update_template_permission() throws Exception {
  65     PermissionTemplateCharacteristicDto characteristic = db.getDbClient().permissionTemplateCharacteristicDao().insert(db.getSession(),
  66       new PermissionTemplateCharacteristicDto()
  67         .setTemplateId(template.getId())
  68         .setPermission(UserRole.USER)
  69         .setWithProjectCreator(false)
  70         .setCreatedAt(1_000_000_000L)
  71         .setUpdatedAt(1_000_000_000L));
  72     db.commit();
  73     when(system.now()).thenReturn(3_000_000_000L);
  74
  75     newRequest()
  76       .setParam(PARAM_PERMISSION, UserRole.USER)
  77       .setParam(PARAM_TEMPLATE_NAME, template.getName())
  78       .execute();
  79
  80     assertWithoutProjectCreatorFor(UserRole.USER);
  81     PermissionTemplateCharacteristicDto reloaded = reload(characteristic);
  82     assertThat(reloaded.getCreatedAt()).isEqualTo(1_000_000_000L);
  83     assertThat(reloaded.getUpdatedAt()).isEqualTo(3_000_000_000L);
  84   }
  85
  86   @Test
  87   public void do_not_fail_when_no_template_permission() throws Exception {
  88     newRequest()
  89       .setParam(PARAM_PERMISSION, UserRole.ADMIN)
  90       .setParam(PARAM_TEMPLATE_ID, template.getUuid())
  91       .execute();
  92
  93     assertNoTemplatePermissionFor(UserRole.ADMIN);
  94   }
  95
  96   @Test
  97   public void fail_when_template_does_not_exist() throws Exception {
  98     expectedException.expect(NotFoundException.class);
  99
 100     newRequest()
 101       .setParam(PARAM_PERMISSION, UserRole.ADMIN)
 102       .setParam(PARAM_TEMPLATE_ID, "42")
 103       .execute();
 104   }
 105
 106   @Test
 107   public void fail_if_permission_is_not_a_project_permission() throws Exception {
 108     expectedException.expect(IllegalArgumentException.class);
 109
 110     newRequest()
 111       .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN)
 112       .setParam(PARAM_TEMPLATE_ID, template.getUuid())
 113       .execute();
 114   }
 115
 116   @Test
 117   public void fail_if_not_authenticated() throws Exception {
 118     expectedException.expect(UnauthorizedException.class);
 119     userSession.anonymous();
 120
 121     newRequest()
 122       .setParam(PARAM_PERMISSION, UserRole.ADMIN)
 123       .setParam(PARAM_TEMPLATE_ID, template.getUuid())
 124       .execute();
 125   }
 126
 127   @Test
 128   public void fail_if_insufficient_privileges() throws Exception {
 129     expectedException.expect(ForbiddenException.class);
 130     userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN);
 131
 132     newRequest()
 133       .setParam(PARAM_PERMISSION, UserRole.ADMIN)
 134       .setParam(PARAM_TEMPLATE_ID, template.getUuid())
 135       .execute();
 136   }
 137
 138   private void assertWithoutProjectCreatorFor(String permission) {
 139     Optional<PermissionTemplateCharacteristicDto> templatePermission = db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(),
 140       permission, template.getId());
 141     assertThat(templatePermission).isPresent();
 142     assertThat(templatePermission.get().getWithProjectCreator()).isFalse();
 143   }
 144
 145   private void assertNoTemplatePermissionFor(String permission) {
 146     Optional<PermissionTemplateCharacteristicDto> templatePermission = db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(),
 147       permission, template.getId());
 148     assertThat(templatePermission).isNotPresent();
 149   }
 150
 151   private WsTester.TestRequest newRequest() {
 152     return wsTester.newPostRequest(CONTROLLER, ACTION);
 153   }
 154
 155   private PermissionTemplateCharacteristicDto reload(PermissionTemplateCharacteristicDto characteristic) {
 156     return db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(), characteristic.getPermission(), characteristic.getTemplateId())
 157       .get();
 158   }
 159 }