source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube, open source software quality management tool.
   3  * Copyright (C) 2008-2014 SonarSource
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * SonarQube is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * SonarQube is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20
  21 package org.sonar.server.permission.ws;
  22
  23 import com.google.common.base.Function;
  24 import java.util.List;
  25 import javax.annotation.Nonnull;
  26 import javax.annotation.Nullable;
  27 import org.junit.Before;
  28 import org.junit.Rule;
  29 import org.junit.Test;
  30 import org.junit.experimental.categories.Category;
  31 import org.junit.rules.ExpectedException;
  32 import org.sonar.api.utils.System2;
  33 import org.sonar.core.permission.GlobalPermissions;
  34 import org.sonar.db.DbClient;
  35 import org.sonar.db.DbSession;
  36 import org.sonar.db.DbTester;
  37 import org.sonar.db.permission.GroupWithPermissionDto;
  38 import org.sonar.db.permission.PermissionQuery;
  39 import org.sonar.db.permission.PermissionTemplateDto;
  40 import org.sonar.db.user.GroupDto;
  41 import org.sonar.server.component.ComponentFinder;
  42 import org.sonar.server.exceptions.BadRequestException;
  43 import org.sonar.server.exceptions.ForbiddenException;
  44 import org.sonar.server.exceptions.NotFoundException;
  45 import org.sonar.server.exceptions.UnauthorizedException;
  46 import org.sonar.server.tester.UserSessionRule;
  47 import org.sonar.server.ws.TestRequest;
  48 import org.sonar.server.ws.WsActionTester;
  49 import org.sonar.test.DbTests;
  50
  51 import static com.google.common.collect.FluentIterable.from;
  52 import static org.assertj.core.api.Assertions.assertThat;
  53 import static org.sonar.api.security.DefaultGroups.ANYONE;
  54 import static org.sonar.api.web.UserRole.CODEVIEWER;
  55 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
  56 import static org.sonar.db.user.GroupMembershipQuery.IN;
  57 import static org.sonar.db.user.GroupTesting.newGroupDto;
  58 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_GROUP_ID;
  59 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_GROUP_NAME;
  60 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_PERMISSION;
  61 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_TEMPLATE_ID;
  62 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_TEMPLATE_NAME;
  63
  64 @Category(DbTests.class)
  65 public class RemoveGroupFromTemplateActionTest {
  66
  67   private static final String GROUP_NAME = "group-name";
  68   private static final String PERMISSION = CODEVIEWER;
  69   @Rule
  70   public DbTester db = DbTester.create(System2.INSTANCE);
  71   @Rule
  72   public ExpectedException expectedException = ExpectedException.none();
  73   @Rule
  74   public UserSessionRule userSession = UserSessionRule.standalone();
  75
  76   WsActionTester ws;
  77   DbClient dbClient;
  78   DbSession dbSession;
  79   GroupDto group;
  80   PermissionTemplateDto permissionTemplate;
  81
  82   @Before
  83   public void setUp() {
  84     dbClient = db.getDbClient();
  85     dbSession = db.getSession();
  86     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  87
  88     PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient));
  89     ws = new WsActionTester(new RemoveGroupFromTemplateAction(dbClient, dependenciesFinder, userSession));
  90
  91     group = insertGroup(newGroupDto().setName(GROUP_NAME));
  92     permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
  93     addGroupToPermissionTemplate(permissionTemplate.getId(), group.getId(), PERMISSION);
  94     commit();
  95   }
  96
  97   @Test
  98   public void remove_group_from_template() {
  99     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 100     commit();
 101
 102     newRequest(GROUP_NAME, permissionTemplate.getKee(), PERMISSION);
 103
 104     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 105   }
 106
 107   @Test
 108   public void remove_group_from_template_by_name_case_insensitive() {
 109     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 110     commit();
 111
 112     ws.newRequest()
 113       .setParam(PARAM_GROUP_NAME, GROUP_NAME)
 114       .setParam(PARAM_PERMISSION, PERMISSION)
 115       .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
 116       .execute();
 117     commit();
 118
 119     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 120   }
 121
 122   @Test
 123   public void remove_group_with_group_id() {
 124     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 125     commit();
 126
 127     ws.newRequest()
 128       .setParam(PARAM_TEMPLATE_ID, permissionTemplate.getKee())
 129       .setParam(PARAM_PERMISSION, PERMISSION)
 130       .setParam(PARAM_GROUP_ID, String.valueOf(group.getId()))
 131       .execute();
 132
 133     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 134   }
 135
 136   @Test
 137   public void remove_group_twice_without_error() {
 138     newRequest(GROUP_NAME, permissionTemplate.getKee(), PERMISSION);
 139     newRequest(GROUP_NAME, permissionTemplate.getKee(), PERMISSION);
 140
 141     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 142   }
 143
 144   @Test
 145   public void remove_anyone_group_from_template() {
 146     addGroupToPermissionTemplate(permissionTemplate.getId(), null, PERMISSION);
 147     commit();
 148
 149     newRequest(ANYONE, permissionTemplate.getKee(), PERMISSION);
 150
 151     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 152   }
 153
 154   @Test
 155   public void fail_if_not_a_project_permission() {
 156     expectedException.expect(BadRequestException.class);
 157
 158     newRequest(GROUP_NAME, permissionTemplate.getKee(), GlobalPermissions.PREVIEW_EXECUTION);
 159   }
 160
 161   @Test
 162   public void fail_if_insufficient_privileges() {
 163     expectedException.expect(ForbiddenException.class);
 164     userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 165
 166     newRequest(GROUP_NAME, permissionTemplate.getKee(), PERMISSION);
 167   }
 168
 169   @Test
 170   public void fail_if_not_logged_in() {
 171     expectedException.expect(UnauthorizedException.class);
 172     userSession.anonymous();
 173
 174     newRequest(GROUP_NAME, permissionTemplate.getKee(), PERMISSION);
 175   }
 176
 177   @Test
 178   public void fail_if_group_params_missing() {
 179     expectedException.expect(BadRequestException.class);
 180
 181     newRequest(null, permissionTemplate.getKee(), PERMISSION);
 182   }
 183
 184   @Test
 185   public void fail_if_permission_missing() {
 186     expectedException.expect(IllegalArgumentException.class);
 187
 188     newRequest(GROUP_NAME, permissionTemplate.getKee(), null);
 189   }
 190
 191   @Test
 192   public void fail_if_template_missing() {
 193     expectedException.expect(BadRequestException.class);
 194
 195     newRequest(GROUP_NAME, null, PERMISSION);
 196   }
 197
 198   @Test
 199   public void fail_if_group_does_not_exist() {
 200     expectedException.expect(NotFoundException.class);
 201     expectedException.expectMessage("Group with name 'unknown-group-name' is not found");
 202
 203     newRequest("unknown-group-name", permissionTemplate.getKee(), PERMISSION);
 204   }
 205
 206   @Test
 207   public void fail_if_template_key_does_not_exist() {
 208     expectedException.expect(NotFoundException.class);
 209     expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
 210
 211     newRequest(GROUP_NAME, "unknown-key", PERMISSION);
 212   }
 213
 214   private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) {
 215     TestRequest request = ws.newRequest();
 216     if (groupName != null) {
 217       request.setParam(WsPermissionParameters.PARAM_GROUP_NAME, groupName);
 218     }
 219     if (templateKey != null) {
 220       request.setParam(PARAM_TEMPLATE_ID, templateKey);
 221     }
 222     if (permission != null) {
 223       request.setParam(WsPermissionParameters.PARAM_PERMISSION, permission);
 224     }
 225
 226     request.execute();
 227   }
 228
 229   private void commit() {
 230     dbSession.commit();
 231   }
 232
 233   private GroupDto insertGroup(GroupDto groupDto) {
 234     return dbClient.groupDao().insert(dbSession, groupDto);
 235   }
 236
 237   private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
 238     return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
 239   }
 240
 241   private void addGroupToPermissionTemplate(long permissionTemplateId, @Nullable Long groupId, String permission) {
 242     dbClient.permissionTemplateDao().insertGroupPermission(dbSession, permissionTemplateId, groupId, permission);
 243   }
 244
 245   private List<String> getGroupNamesInTemplateAndPermission(long templateId, String permission) {
 246     PermissionQuery permissionQuery = PermissionQuery.builder().permission(permission).membership(IN).build();
 247     return from(dbClient.permissionTemplateDao()
 248       .selectGroups(dbSession, permissionQuery, templateId))
 249       .transform(GroupWithPermissionToGroupName.INSTANCE)
 250       .toList();
 251   }
 252
 253   private enum GroupWithPermissionToGroupName implements Function<GroupWithPermissionDto, String> {
 254     INSTANCE;
 255
 256     @Override
 257     public String apply(@Nonnull GroupWithPermissionDto groupWithPermission) {
 258       return groupWithPermission.getName();
 259     }
 260
 261   }
 262 }