source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2023 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws.template;
  21
  22 import java.util.Optional;
  23 import org.junit.Before;
  24 import org.junit.Test;
  25 import org.sonar.api.resources.Qualifiers;
  26 import org.sonar.api.resources.ResourceTypes;
  27 import org.sonar.api.utils.System2;
  28 import org.sonar.api.web.UserRole;
  29 import org.sonar.core.util.Uuids;
  30 import org.sonar.db.component.ResourceTypesRule;
  31 import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
  32 import org.sonar.db.permission.template.PermissionTemplateDto;
  33 import org.sonar.server.exceptions.ForbiddenException;
  34 import org.sonar.server.exceptions.NotFoundException;
  35 import org.sonar.server.permission.PermissionService;
  36 import org.sonar.server.permission.PermissionServiceImpl;
  37 import org.sonar.server.permission.RequestValidator;
  38 import org.sonar.server.permission.ws.BasePermissionWsTest;
  39 import org.sonar.server.permission.ws.WsParameters;
  40
  41 import static org.assertj.core.api.Assertions.assertThat;
  42 import static org.assertj.core.api.Assertions.assertThatThrownBy;
  43 import static org.mockito.Mockito.spy;
  44 import static org.mockito.Mockito.when;
  45 import static org.sonar.core.permission.GlobalPermissions.QUALITY_GATE_ADMIN;
  46 import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_GATES;
  47 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
  48 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
  49 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
  50
  51 public class AddProjectCreatorToTemplateActionTest extends BasePermissionWsTest<AddProjectCreatorToTemplateAction> {
  52
  53   private System2 system = spy(System2.INSTANCE);
  54   private PermissionTemplateDto template;
  55   private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
  56   private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);
  57   private WsParameters wsParameters = new WsParameters(permissionService);
  58   private RequestValidator requestValidator = new RequestValidator(permissionService);
  59
  60   @Override
  61   protected AddProjectCreatorToTemplateAction buildWsAction() {
  62     return new AddProjectCreatorToTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession, system, wsParameters, requestValidator);
  63   }
  64
  65   @Before
  66   public void setUp() {
  67     template = db.permissionTemplates().insertTemplate();
  68     when(system.now()).thenReturn(2_000_000_000L);
  69   }
  70
  71   @Test
  72   public void insert_row_when_no_template_permission() {
  73     loginAsAdmin();
  74
  75     newRequest()
  76       .setParam(PARAM_PERMISSION, UserRole.ADMIN)
  77       .setParam(PARAM_TEMPLATE_ID, template.getUuid())
  78       .execute();
  79
  80     assertThatProjectCreatorIsPresentFor(UserRole.ADMIN, template.getUuid());
  81   }
  82
  83   @Test
  84   public void update_row_when_existing_template_permission() {
  85     loginAsAdmin();
  86     PermissionTemplateCharacteristicDto characteristic = db.getDbClient().permissionTemplateCharacteristicDao().insert(db.getSession(),
  87       new PermissionTemplateCharacteristicDto()
  88         .setUuid(Uuids.createFast())
  89         .setTemplateUuid(template.getUuid())
  90         .setPermission(UserRole.USER)
  91         .setWithProjectCreator(false)
  92         .setCreatedAt(1_000_000_000L)
  93         .setUpdatedAt(1_000_000_000L),
  94       template.getName());
  95     db.commit();
  96     when(system.now()).thenReturn(3_000_000_000L);
  97
  98     newRequest()
  99       .setParam(PARAM_PERMISSION, UserRole.USER)
 100       .setParam(PARAM_TEMPLATE_NAME, template.getName())
 101       .execute();
 102
 103     assertThatProjectCreatorIsPresentFor(UserRole.USER, template.getUuid());
 104     PermissionTemplateCharacteristicDto reloaded = reload(characteristic);
 105     assertThat(reloaded.getCreatedAt()).isEqualTo(1_000_000_000L);
 106     assertThat(reloaded.getUpdatedAt()).isEqualTo(3_000_000_000L);
 107   }
 108
 109   @Test
 110   public void fail_when_template_does_not_exist() {
 111     loginAsAdmin();
 112
 113     assertThatThrownBy(() -> {
 114       newRequest()
 115         .setParam(PARAM_PERMISSION, UserRole.ADMIN)
 116         .setParam(PARAM_TEMPLATE_ID, "42")
 117         .execute();
 118     })
 119       .isInstanceOf(NotFoundException.class);
 120   }
 121
 122   @Test
 123   public void fail_if_permission_is_not_a_project_permission() {
 124     loginAsAdmin();
 125
 126     assertThatThrownBy(() -> {
 127       newRequest()
 128         .setParam(PARAM_PERMISSION, QUALITY_GATE_ADMIN)
 129         .setParam(PARAM_TEMPLATE_ID, template.getUuid())
 130         .execute();
 131     })
 132       .isInstanceOf(IllegalArgumentException.class);
 133   }
 134
 135   @Test
 136   public void fail_if_not_admin() {
 137     userSession.logIn().addPermission(ADMINISTER_QUALITY_GATES);
 138
 139     assertThatThrownBy(() -> {
 140       newRequest()
 141         .setParam(PARAM_PERMISSION, UserRole.ADMIN)
 142         .setParam(PARAM_TEMPLATE_ID, template.getUuid())
 143         .execute();
 144     })
 145       .isInstanceOf(ForbiddenException.class);
 146   }
 147
 148   private void assertThatProjectCreatorIsPresentFor(String permission, String templateUuid) {
 149     Optional<PermissionTemplateCharacteristicDto> templatePermission = db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(),
 150       permission,
 151       templateUuid);
 152     assertThat(templatePermission).isPresent();
 153     assertThat(templatePermission.get().getWithProjectCreator()).isTrue();
 154   }
 155
 156   private PermissionTemplateCharacteristicDto reload(PermissionTemplateCharacteristicDto characteristic) {
 157     return db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(), characteristic.getPermission(), characteristic.getTemplateUuid())
 158       .get();
 159   }
 160 }