source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2022 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.almsettings.ws;
  21
  22 import org.assertj.core.groups.Tuple;
  23 import org.junit.Before;
  24 import org.junit.Rule;
  25 import org.junit.Test;
  26 import org.sonar.api.config.internal.Encryption;
  27 import org.sonar.api.resources.ResourceTypes;
  28 import org.sonar.api.server.ws.Change;
  29 import org.sonar.api.server.ws.WebService;
  30 import org.sonar.db.DbTester;
  31 import org.sonar.db.alm.setting.ALM;
  32 import org.sonar.db.alm.setting.AlmSettingDto;
  33 import org.sonar.db.user.UserDto;
  34 import org.sonar.server.almsettings.MultipleAlmFeatureProvider;
  35 import org.sonar.server.component.ComponentFinder;
  36 import org.sonar.server.exceptions.BadRequestException;
  37 import org.sonar.server.exceptions.ForbiddenException;
  38 import org.sonar.server.tester.UserSessionRule;
  39 import org.sonar.server.ws.TestRequest;
  40 import org.sonar.server.ws.WsActionTester;
  41
  42 import static org.assertj.core.api.Assertions.assertThat;
  43 import static org.assertj.core.api.Assertions.assertThatThrownBy;
  44 import static org.assertj.core.groups.Tuple.tuple;
  45 import static org.mockito.Mockito.mock;
  46 import static org.mockito.Mockito.when;
  47
  48 public class CreateGithubActionTest {
  49
  50   private static final String APP_ID = "12345";
  51
  52   @Rule
  53   public UserSessionRule userSession = UserSessionRule.standalone();
  54   @Rule
  55   public DbTester db = DbTester.create();
  56
  57   private final Encryption encryption = mock(Encryption.class);
  58   private final MultipleAlmFeatureProvider multipleAlmFeatureProvider = mock(MultipleAlmFeatureProvider.class);
  59
  60   private final WsActionTester ws = new WsActionTester(new CreateGithubAction(db.getDbClient(), userSession,
  61     new AlmSettingsSupport(db.getDbClient(), userSession, new ComponentFinder(db.getDbClient(), mock(ResourceTypes.class)),
  62       multipleAlmFeatureProvider)));
  63
  64   @Before
  65   public void setUp() {
  66     when(multipleAlmFeatureProvider.enabled()).thenReturn(false);
  67     UserDto user = db.users().insertUser();
  68     userSession.logIn(user).setSystemAdministrator();
  69   }
  70
  71   @Test
  72   public void create() {
  73     buildTestRequest().execute();
  74
  75     assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
  76       .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, AlmSettingDto::getAppId,
  77         s -> s.getDecryptedPrivateKey(encryption), AlmSettingDto::getClientId, s -> s.getDecryptedClientSecret(encryption), s -> s.getDecryptedWebhookSecret(encryption))
  78       .containsOnly(tuple("GitHub Server - Dev Team", "https://github.enterprise.com", APP_ID, "678910", "client_1234", "client_so_secret", null));
  79   }
  80
  81   private TestRequest buildTestRequest() {
  82     return ws.newRequest()
  83       .setParam("key", "GitHub Server - Dev Team")
  84       .setParam("url", "https://github.enterprise.com")
  85       .setParam("appId", APP_ID)
  86       .setParam("privateKey", "678910")
  87       .setParam("clientId", "client_1234")
  88       .setParam("clientSecret", "client_so_secret");
  89   }
  90
  91   @Test
  92   public void create_withWebhookSecret() {
  93     buildTestRequest().setParam("webhookSecret", "webhook_secret").execute();
  94
  95     assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
  96       .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, AlmSettingDto::getAppId,
  97         s -> s.getDecryptedPrivateKey(encryption), AlmSettingDto::getClientId, s -> s.getDecryptedClientSecret(encryption), s -> s.getDecryptedWebhookSecret(encryption))
  98       .containsOnly(tuple("GitHub Server - Dev Team", "https://github.enterprise.com", "12345", "678910", "client_1234", "client_so_secret", "webhook_secret"));
  99   }
 100
 101   @Test
 102   public void create_withEmptyWebhookSecret_shouldNotPersist() {
 103     buildTestRequest().setParam("webhookSecret", "").execute();
 104
 105     assertThat(db.getDbClient().almSettingDao().selectByAlmAndAppId(db.getSession(), ALM.GITHUB, APP_ID))
 106       .map(almSettingDto -> almSettingDto.getDecryptedWebhookSecret(encryption))
 107       .isEmpty();
 108   }
 109
 110   @Test
 111   public void remove_trailing_slash() {
 112
 113     buildTestRequest().setParam("url", "https://github.enterprise.com/").execute();
 114
 115     assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
 116       .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, AlmSettingDto::getAppId,
 117         s -> s.getDecryptedPrivateKey(encryption), AlmSettingDto::getClientId, s -> s.getDecryptedClientSecret(encryption))
 118       .containsOnly(tuple("GitHub Server - Dev Team", "https://github.enterprise.com", APP_ID, "678910", "client_1234", "client_so_secret"));
 119   }
 120
 121   @Test
 122   public void fail_when_key_is_already_used() {
 123     when(multipleAlmFeatureProvider.enabled()).thenReturn(true);
 124     AlmSettingDto gitHubAlmSetting = db.almSettings().insertGitHubAlmSetting();
 125
 126     TestRequest request = buildTestRequest().setParam("key", gitHubAlmSetting.getKey());
 127
 128     assertThatThrownBy(request::execute)
 129       .isInstanceOf(IllegalArgumentException.class)
 130       .hasMessageContaining(String.format("An ALM setting with key '%s' already exist", gitHubAlmSetting.getKey()));
 131   }
 132
 133   @Test
 134   public void fail_when_no_multiple_instance_allowed() {
 135     when(multipleAlmFeatureProvider.enabled()).thenReturn(false);
 136     db.almSettings().insertGitHubAlmSetting();
 137
 138     TestRequest request = buildTestRequest();
 139
 140     assertThatThrownBy(request::execute)
 141       .isInstanceOf(BadRequestException.class)
 142       .hasMessageContaining("A GITHUB setting is already defined");
 143   }
 144
 145   @Test
 146   public void fail_when_missing_administer_system_permission() {
 147     UserDto user = db.users().insertUser();
 148     userSession.logIn(user);
 149
 150     TestRequest request = buildTestRequest();
 151
 152     assertThatThrownBy(request::execute)
 153       .isInstanceOf(ForbiddenException.class);
 154   }
 155
 156   @Test
 157   public void definition() {
 158     WebService.Action def = ws.getDef();
 159
 160     assertThat(def.since()).isEqualTo("8.1");
 161     assertThat(def.isPost()).isTrue();
 162     assertThat(def.params())
 163       .extracting(WebService.Param::key, WebService.Param::isRequired)
 164       .containsExactlyInAnyOrder(
 165         tuple("key", true),
 166         tuple("url", true),
 167         tuple("appId", true),
 168         tuple("privateKey", true),
 169         tuple("clientId", true),
 170         tuple("clientSecret", true),
 171         tuple("webhookSecret", false));
 172   }
 173
 174   @Test
 175   public void definition_shouldHaveChangeLog() {
 176     assertThat(ws.getDef().changelog()).extracting(Change::getVersion, Change::getDescription).containsExactly(
 177       new Tuple("9.7", "Optional parameter 'webhookSecret' was added")
 178     );
 179   }
 180 }