]> source.dussan.org Git - sonarqube.git/blob
projects / sonarqube.git / blob
? search:


711683b1055a01784b4f5cbf38db27033be13b57
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2023 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.common.github.permissions;
21
22 import java.util.List;
23 import java.util.Map;
24 import java.util.Set;
25 import org.junit.Rule;
26 import org.junit.Test;
27 import org.sonar.core.util.SequenceUuidFactory;
28 import org.sonar.core.util.UuidFactory;
29 import org.sonar.db.DbSession;
30 import org.sonar.db.DbTester;
31 import org.sonar.db.audit.AuditPersister;
32 import org.sonar.db.provisioning.GithubPermissionsMappingDao;
33 import org.sonar.db.provisioning.GithubPermissionsMappingDto;
34 import org.sonar.server.common.permission.Operation;
35
36 import static org.assertj.core.api.Assertions.assertThat;
37 import static org.mockito.Mockito.mock;
38 import static org.sonar.server.common.github.permissions.GithubPermissionsMappingService.ADMIN_GITHUB_ROLE;
39 import static org.sonar.server.common.github.permissions.GithubPermissionsMappingService.MAINTAIN_GITHUB_ROLE;
40 import static org.sonar.server.common.github.permissions.GithubPermissionsMappingService.READ_GITHUB_ROLE;
41 import static org.sonar.server.common.github.permissions.GithubPermissionsMappingService.TRIAGE_GITHUB_ROLE;
42 import static org.sonar.server.common.github.permissions.GithubPermissionsMappingService.WRITE_GITHUB_ROLE;
43
44 public class GithubPermissionsMappingServiceIT {
45
46   private static final SonarqubePermissions NO_SQ_PERMISSIONS = new SonarqubePermissions(false, false, false, false, false, false);
47   @Rule
48   public DbTester db = DbTester.create();
49   private final DbSession dbSession = db.getSession();
50
51   private final AuditPersister auditPersister = mock();
52   private final GithubPermissionsMappingDao githubPermissionsMappingDao = new GithubPermissionsMappingDao(auditPersister);
53
54   private final UuidFactory uuidFactory = new SequenceUuidFactory();
55
56   private final GithubPermissionsMappingService underTest = new GithubPermissionsMappingService(db.getDbClient(), githubPermissionsMappingDao, uuidFactory);
57
58   @Test
59   public void getPermissionsMapping_whenMappingNotDefined_returnMappingEntirelyFalse() {
60     List<GithubPermissionsMapping> actualPermissionsMapping = underTest.getPermissionsMapping();
61
62     List<GithubPermissionsMapping> expectedPermissionsMapping = List.of(
63       new GithubPermissionsMapping(READ_GITHUB_ROLE, NO_SQ_PERMISSIONS),
64       new GithubPermissionsMapping(TRIAGE_GITHUB_ROLE, NO_SQ_PERMISSIONS),
65       new GithubPermissionsMapping(WRITE_GITHUB_ROLE, NO_SQ_PERMISSIONS),
66       new GithubPermissionsMapping(MAINTAIN_GITHUB_ROLE, NO_SQ_PERMISSIONS),
67       new GithubPermissionsMapping(ADMIN_GITHUB_ROLE, NO_SQ_PERMISSIONS));
68
69     assertThat(actualPermissionsMapping).containsAll(expectedPermissionsMapping);
70   }
71
72   @Test
73   public void getPermissionsMapping_whenMappingDefined_returnMapping() {
74     Map<String, Set<String>> githubRolesToSqPermissions = Map.of(
75       READ_GITHUB_ROLE, Set.of("user", "codeviewer"),
76       WRITE_GITHUB_ROLE, Set.of("user", "codeviewer", "issueadmin", "securityhotspotadmin", "admin", "scan"));
77     persistGithubPermissionsMapping(githubRolesToSqPermissions);
78
79     List<GithubPermissionsMapping> actualPermissionsMapping = underTest.getPermissionsMapping();
80
81     List<GithubPermissionsMapping> expectedPermissionsMapping = List.of(
82       new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(true, true, false, false, false, false)),
83       new GithubPermissionsMapping(TRIAGE_GITHUB_ROLE, NO_SQ_PERMISSIONS),
84       new GithubPermissionsMapping(WRITE_GITHUB_ROLE, new SonarqubePermissions(true, true, true, true, true, true)),
85       new GithubPermissionsMapping(MAINTAIN_GITHUB_ROLE, NO_SQ_PERMISSIONS),
86       new GithubPermissionsMapping(ADMIN_GITHUB_ROLE, NO_SQ_PERMISSIONS));
87
88     assertThat(actualPermissionsMapping).containsAll(expectedPermissionsMapping);
89   }
90
91   private void persistGithubPermissionsMapping(Map<String, Set<String>> githubRolesToSonarqubePermissions) {
92     for (Map.Entry<String, Set<String>> githubRoleToSonarqubePermissions : githubRolesToSonarqubePermissions.entrySet()) {
93       String githubRole = githubRoleToSonarqubePermissions.getKey();
94       githubRoleToSonarqubePermissions.getValue()
95         .forEach(permission -> githubPermissionsMappingDao.insert(
96           dbSession,
97           new GithubPermissionsMappingDto("uuid_" + githubRole + "_" + permission, githubRole, permission)));
98     }
99     dbSession.commit();
100   }
101
102   @Test
103   public void updatePermissionsMappings_shouldAddAndRemovePermissions() {
104     Map<String, Set<String>> githubRolesToSqPermissions = Map.of(READ_GITHUB_ROLE, Set.of("user", "codeviewer"));
105     persistGithubPermissionsMapping(githubRolesToSqPermissions);
106
107     PermissionMappingChange permToAdd1 = new PermissionMappingChange(READ_GITHUB_ROLE, "issueadmin", Operation.ADD);
108     PermissionMappingChange permToAdd2 = new PermissionMappingChange(READ_GITHUB_ROLE, "scan", Operation.ADD);
109     PermissionMappingChange permToRemove1 = new PermissionMappingChange(READ_GITHUB_ROLE, "user", Operation.REMOVE);
110     PermissionMappingChange permToRemove2 = new PermissionMappingChange(READ_GITHUB_ROLE, "codeviewer", Operation.REMOVE);
111
112     underTest.updatePermissionsMappings(Set.of(permToAdd1, permToAdd2, permToRemove1, permToRemove2));
113
114     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
115
116     GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(false, false, true, false, false, true));
117     assertThat(updatedPermissionsMapping).isEqualTo(expectedPermissionsMapping);
118   }
119
120   @Test
121   public void updatePermissionsMappings_whenRemovingNonExistingPermission_isNoOp() {
122     PermissionMappingChange permToRemove1 = new PermissionMappingChange(READ_GITHUB_ROLE, "user", Operation.REMOVE);
123
124     underTest.updatePermissionsMappings(Set.of(permToRemove1));
125
126     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
127
128     GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, NO_SQ_PERMISSIONS);
129     assertThat(updatedPermissionsMapping).isEqualTo(expectedPermissionsMapping);
130   }
131
132   @Test
133   public void updatePermissionsMappings_whenAddingAlreadyExistingPermission_isNoOp() {
134     Map<String, Set<String>> githubRolesToSqPermissions = Map.of(READ_GITHUB_ROLE, Set.of("user", "codeviewer"));
135     persistGithubPermissionsMapping(githubRolesToSqPermissions);
136     PermissionMappingChange permToAdd1 = new PermissionMappingChange(READ_GITHUB_ROLE, "user", Operation.ADD);
137
138     underTest.updatePermissionsMappings(Set.of(permToAdd1));
139
140     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
141
142     GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(true, true, false, false, false, false));
143     assertThat(updatedPermissionsMapping).isEqualTo(expectedPermissionsMapping);
144   }
145
146   @Test
147   public void updatePermissionsMappings_handlesUpdatesForDifferentRoles() {
148     PermissionMappingChange permToAdd1 = new PermissionMappingChange(READ_GITHUB_ROLE, "user", Operation.ADD);
149     PermissionMappingChange permToAdd2 = new PermissionMappingChange(WRITE_GITHUB_ROLE, "user", Operation.ADD);
150
151     underTest.updatePermissionsMappings(Set.of(permToAdd1, permToAdd2));
152
153     SonarqubePermissions userOnlySqPermission = new SonarqubePermissions(true, false, false, false, false, false);
154
155     GithubPermissionsMapping updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
156     assertThat(updatedPermissionsMapping).isEqualTo(new GithubPermissionsMapping(READ_GITHUB_ROLE, userOnlySqPermission));
157
158     updatedPermissionsMapping = underTest.getPermissionsMappingForGithubRole(WRITE_GITHUB_ROLE);
159     assertThat(updatedPermissionsMapping).isEqualTo(new GithubPermissionsMapping(WRITE_GITHUB_ROLE, userOnlySqPermission));
160   }
161
162   @Test
163   public void getPermissionsMappingForGithubRole_shouldReturnMappingOnlyForRole() {
164     Map<String, Set<String>> githubRolesToSqPermissions = Map.of(
165       READ_GITHUB_ROLE, Set.of("user", "codeviewer"),
166       WRITE_GITHUB_ROLE, Set.of("user", "codeviewer", "issueadmin", "securityhotspotadmin", "admin", "scan"));
167     persistGithubPermissionsMapping(githubRolesToSqPermissions);
168
169     GithubPermissionsMapping actualPermissionsMapping = underTest.getPermissionsMappingForGithubRole(READ_GITHUB_ROLE);
170
171     GithubPermissionsMapping expectedPermissionsMapping = new GithubPermissionsMapping(READ_GITHUB_ROLE, new SonarqubePermissions(true, true, false, false, false, false));
172
173     assertThat(actualPermissionsMapping).isEqualTo(expectedPermissionsMapping);
174   }
175
176 }
Continuous Inspection: https://github.com/SonarSource/sonarqube