source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube, open source software quality management tool.
   3  * Copyright (C) 2008-2014 SonarSource
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * SonarQube is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * SonarQube is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20
  21 package org.sonar.server.permission.ws.template;
  22
  23 import java.util.Collections;
  24 import javax.annotation.Nullable;
  25 import org.junit.Before;
  26 import org.junit.Rule;
  27 import org.junit.Test;
  28 import org.junit.rules.ExpectedException;
  29 import org.sonar.api.utils.System2;
  30 import org.sonar.api.web.UserRole;
  31 import org.sonar.core.permission.GlobalPermissions;
  32 import org.sonar.db.DbClient;
  33 import org.sonar.db.DbSession;
  34 import org.sonar.db.DbTester;
  35 import org.sonar.db.permission.PermissionTemplateDto;
  36 import org.sonar.db.user.GroupDto;
  37 import org.sonar.db.user.GroupTesting;
  38 import org.sonar.db.user.UserDto;
  39 import org.sonar.db.user.UserTesting;
  40 import org.sonar.server.component.ComponentFinder;
  41 import org.sonar.server.exceptions.BadRequestException;
  42 import org.sonar.server.exceptions.ForbiddenException;
  43 import org.sonar.server.exceptions.NotFoundException;
  44 import org.sonar.server.exceptions.UnauthorizedException;
  45 import org.sonar.server.permission.ws.DeleteTemplateAction;
  46 import org.sonar.server.permission.ws.PermissionDependenciesFinder;
  47 import org.sonar.server.tester.UserSessionRule;
  48 import org.sonar.server.ws.TestRequest;
  49 import org.sonar.server.ws.TestResponse;
  50 import org.sonar.server.ws.WsActionTester;
  51
  52 import static org.assertj.core.api.Assertions.assertThat;
  53 import static org.mockito.Mockito.mock;
  54 import static org.mockito.Mockito.when;
  55 import static org.mockito.internal.util.collections.Sets.newSet;
  56 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
  57 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_TEMPLATE_UUID;
  58 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_TEMPLATE_NAME;
  59
  60 public class DeleteTemplateActionTest {
  61
  62   static final String TEMPLATE_UUID = "permission-template-uuid";
  63
  64   @Rule
  65   public DbTester db = DbTester.create(System2.INSTANCE);
  66   @Rule
  67   public UserSessionRule userSession = UserSessionRule.standalone();
  68   @Rule
  69   public ExpectedException expectedException = ExpectedException.none();
  70
  71   WsActionTester ws;
  72   DbClient dbClient;
  73   DbSession dbSession;
  74   DefaultPermissionTemplateFinder defaultTemplatePermissionFinder;
  75
  76   PermissionTemplateDto permissionTemplate;
  77
  78   @Before
  79   public void setUp() {
  80     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  81
  82     dbClient = db.getDbClient();
  83     dbSession = db.getSession();
  84     defaultTemplatePermissionFinder = mock(DefaultPermissionTemplateFinder.class);
  85     when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(Collections.<String>emptySet());
  86     PermissionDependenciesFinder finder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient));
  87     ws = new WsActionTester(new DeleteTemplateAction(dbClient, userSession, finder, defaultTemplatePermissionFinder));
  88
  89     permissionTemplate = insertTemplateAndAssociatedPermissions(newPermissionTemplateDto().setUuid(TEMPLATE_UUID));
  90     PermissionTemplateDto permissionTemplateInDatabase = dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID);
  91     assertThat(permissionTemplateInDatabase.getUuid()).isEqualTo(TEMPLATE_UUID);
  92     assertThat(permissionTemplateInDatabase.getGroupsPermissions()).isNotEmpty();
  93     assertThat(permissionTemplateInDatabase.getUsersPermissions()).isNotEmpty();
  94   }
  95
  96   @Test
  97   public void delete_template_in_db() {
  98     TestResponse result = newRequest(TEMPLATE_UUID);
  99
 100     assertThat(result.getInput()).isEmpty();
 101     assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
 102   }
 103
 104   @Test
 105   public void delete_template_by_name_case_insensitive() {
 106     ws.newRequest()
 107       .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
 108       .execute();
 109     commit();
 110
 111     assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
 112   }
 113
 114   @Test
 115   public void fail_if_uuid_is_not_known() {
 116     expectedException.expect(NotFoundException.class);
 117
 118     newRequest("unknown-template-uuid");
 119   }
 120
 121   @Test
 122   public void fail_if_template_is_default() {
 123     expectedException.expect(BadRequestException.class);
 124     expectedException.expectMessage("It is not possible to delete a default template");
 125     when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(newSet(TEMPLATE_UUID));
 126
 127     newRequest(TEMPLATE_UUID);
 128   }
 129
 130   @Test
 131   public void fail_if_not_logged_in() {
 132     expectedException.expect(UnauthorizedException.class);
 133     userSession.anonymous();
 134
 135     newRequest(TEMPLATE_UUID);
 136   }
 137
 138   @Test
 139   public void fail_if_not_admin() {
 140     expectedException.expect(ForbiddenException.class);
 141     userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 142
 143     newRequest(TEMPLATE_UUID);
 144   }
 145
 146   @Test
 147   public void fail_if_uuid_is_not_provided() {
 148     expectedException.expect(BadRequestException.class);
 149
 150     newRequest(null);
 151   }
 152
 153   private PermissionTemplateDto insertTemplateAndAssociatedPermissions(PermissionTemplateDto template) {
 154     dbClient.permissionTemplateDao().insert(dbSession, template);
 155     UserDto user = dbClient.userDao().insert(dbSession, UserTesting.newUserDto().setActive(true));
 156     GroupDto group = dbClient.groupDao().insert(dbSession, GroupTesting.newGroupDto());
 157     dbClient.permissionTemplateDao().insertUserPermission(dbSession, template.getId(), user.getId(), UserRole.ADMIN);
 158     dbClient.permissionTemplateDao().insertGroupPermission(dbSession, template.getId(), group.getId(), UserRole.CODEVIEWER);
 159     commit();
 160
 161     return template;
 162   }
 163
 164   private void commit() {
 165     dbSession.commit();
 166   }
 167
 168   private TestResponse newRequest(@Nullable String id) {
 169     TestRequest request = ws.newRequest();
 170     if (id != null) {
 171       request.setParam(PARAM_TEMPLATE_UUID, id);
 172     }
 173
 174     TestResponse result = executeRequest(request);
 175     commit();
 176     return result;
 177   }
 178
 179   private static TestResponse executeRequest(TestRequest request) {
 180     return request.execute();
 181   }
 182
 183 }