source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws.template;
  21
  22 import javax.annotation.Nullable;
  23 import org.junit.Before;
  24 import org.junit.Rule;
  25 import org.junit.Test;
  26 import org.junit.rules.ExpectedException;
  27 import org.sonar.api.utils.System2;
  28 import org.sonar.core.permission.GlobalPermissions;
  29 import org.sonar.db.DbClient;
  30 import org.sonar.db.DbSession;
  31 import org.sonar.db.DbTester;
  32 import org.sonar.db.permission.PermissionTemplateDto;
  33 import org.sonar.server.exceptions.BadRequestException;
  34 import org.sonar.server.exceptions.ForbiddenException;
  35 import org.sonar.server.exceptions.UnauthorizedException;
  36 import org.sonar.server.tester.UserSessionRule;
  37 import org.sonar.server.ws.TestRequest;
  38 import org.sonar.server.ws.TestResponse;
  39 import org.sonar.server.ws.WsActionTester;
  40
  41 import static org.assertj.core.api.Assertions.assertThat;
  42 import static org.mockito.Mockito.mock;
  43 import static org.mockito.Mockito.when;
  44 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
  45 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
  46 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME;
  47 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY_PATTERN;
  48 import static org.sonar.test.JsonAssert.assertJson;
  49
  50 public class CreateTemplateActionTest {
  51
  52   @Rule
  53   public DbTester db = DbTester.create(System2.INSTANCE);
  54   @Rule
  55   public UserSessionRule userSession = UserSessionRule.standalone();
  56   @Rule
  57   public ExpectedException expectedException = ExpectedException.none();
  58
  59   WsActionTester ws;
  60   DbClient dbClient;
  61   DbSession dbSession;
  62   System2 system = mock(System2.class);
  63
  64   @Before
  65   public void setUp() {
  66     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  67     when(system.now()).thenReturn(1440512328743L);
  68
  69     dbClient = db.getDbClient();
  70     dbSession = db.getSession();
  71     ws = new WsActionTester(new CreateTemplateAction(dbClient, userSession, system));
  72   }
  73
  74   @Test
  75   public void create_full_permission_template() {
  76     TestResponse result = newRequest("Finance", "Permissions for financially related projects", ".*\\.finance\\..*");
  77
  78     assertJson(result.getInput())
  79       .ignoreFields("id")
  80       .isSimilarTo(getClass().getResource("create_template-example.json"));
  81     PermissionTemplateDto finance = dbClient.permissionTemplateDao().selectByName(dbSession, "Finance");
  82     assertThat(finance.getName()).isEqualTo("Finance");
  83     assertThat(finance.getDescription()).isEqualTo("Permissions for financially related projects");
  84     assertThat(finance.getKeyPattern()).isEqualTo(".*\\.finance\\..*");
  85     assertThat(finance.getUuid()).isNotEmpty();
  86     assertThat(finance.getCreatedAt().getTime()).isEqualTo(1440512328743L);
  87     assertThat(finance.getUpdatedAt().getTime()).isEqualTo(1440512328743L);
  88   }
  89
  90   @Test
  91   public void create_minimalist_permission_template() {
  92     newRequest("Finance", null, null);
  93
  94     PermissionTemplateDto finance = dbClient.permissionTemplateDao().selectByName(dbSession, "Finance");
  95     assertThat(finance.getName()).isEqualTo("Finance");
  96     assertThat(finance.getDescription()).isNullOrEmpty();
  97     assertThat(finance.getKeyPattern()).isNullOrEmpty();
  98     assertThat(finance.getUuid()).isNotEmpty();
  99     assertThat(finance.getCreatedAt().getTime()).isEqualTo(1440512328743L);
 100     assertThat(finance.getUpdatedAt().getTime()).isEqualTo(1440512328743L);
 101   }
 102
 103   @Test
 104   public void fail_if_name_not_provided() {
 105     expectedException.expect(IllegalArgumentException.class);
 106
 107     newRequest(null, null, null);
 108   }
 109
 110   @Test
 111   public void fail_if_name_empty() {
 112     expectedException.expect(BadRequestException.class);
 113     expectedException.expectMessage("The template name must not be blank");
 114
 115     newRequest("", null, null);
 116   }
 117
 118   @Test
 119   public void fail_if_regexp_if_not_valid() {
 120     expectedException.expect(BadRequestException.class);
 121     expectedException.expectMessage("The 'projectKeyPattern' parameter must be a valid Java regular expression. '[azerty' was passed");
 122
 123     newRequest("Finance", null, "[azerty");
 124   }
 125
 126   @Test
 127   public void fail_if_name_already_exists_in_database_case_insensitive() {
 128     expectedException.expect(BadRequestException.class);
 129     expectedException.expectMessage("A template with the name 'Finance' already exists (case insensitive).");
 130     insertTemplate(newPermissionTemplateDto().setName("finance"));
 131     commit();
 132
 133     newRequest("Finance", null, null);
 134   }
 135
 136   @Test
 137   public void fail_if_not_logged_in() {
 138     expectedException.expect(UnauthorizedException.class);
 139     userSession.anonymous();
 140
 141     newRequest("Finance", null, null);
 142   }
 143
 144   @Test
 145   public void fail_if_not_admin() {
 146     expectedException.expect(ForbiddenException.class);
 147     userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 148
 149     newRequest("Finance", null, null);
 150   }
 151
 152   private PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {
 153     return dbClient.permissionTemplateDao().insert(dbSession, template);
 154   }
 155
 156   private void commit() {
 157     dbSession.commit();
 158   }
 159
 160   private TestResponse newRequest(@Nullable String name, @Nullable String description, @Nullable String projectPattern) {
 161     TestRequest request = ws.newRequest();
 162     if (name != null) {
 163       request.setParam(PARAM_NAME, name);
 164     }
 165     if (description != null) {
 166       request.setParam(PARAM_DESCRIPTION, description);
 167     }
 168     if (projectPattern != null) {
 169       request.setParam(PARAM_PROJECT_KEY_PATTERN, projectPattern);
 170     }
 171
 172     return request.execute();
 173   }
 174 }