2 * SonarQube, open source software quality management tool.
3 * Copyright (C) 2008-2014 SonarSource
4 * mailto:contact AT sonarsource DOT com
6 * SonarQube is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * SonarQube is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
21 package org.sonar.server.permission.ws;
23 import com.google.common.base.Function;
24 import java.util.List;
25 import javax.annotation.Nonnull;
26 import javax.annotation.Nullable;
27 import org.junit.Before;
28 import org.junit.Rule;
29 import org.junit.Test;
30 import org.junit.experimental.categories.Category;
31 import org.junit.rules.ExpectedException;
32 import org.sonar.api.utils.System2;
33 import org.sonar.core.permission.GlobalPermissions;
34 import org.sonar.db.DbClient;
35 import org.sonar.db.DbSession;
36 import org.sonar.db.DbTester;
37 import org.sonar.db.permission.PermissionQuery;
38 import org.sonar.db.permission.PermissionTemplateDto;
39 import org.sonar.db.permission.UserWithPermissionDto;
40 import org.sonar.db.user.UserDto;
41 import org.sonar.server.component.ComponentFinder;
42 import org.sonar.server.exceptions.BadRequestException;
43 import org.sonar.server.exceptions.ForbiddenException;
44 import org.sonar.server.exceptions.NotFoundException;
45 import org.sonar.server.exceptions.UnauthorizedException;
46 import org.sonar.server.tester.UserSessionRule;
47 import org.sonar.server.ws.TestRequest;
48 import org.sonar.server.ws.WsActionTester;
49 import org.sonar.test.DbTests;
51 import static com.google.common.collect.FluentIterable.from;
52 import static org.assertj.core.api.Assertions.assertThat;
53 import static org.sonar.api.web.UserRole.CODEVIEWER;
54 import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
55 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
56 import static org.sonar.db.user.GroupMembershipQuery.IN;
57 import static org.sonar.db.user.UserTesting.newUserDto;
58 import static org.sonar.server.permission.ws.Parameters.PARAM_PERMISSION;
59 import static org.sonar.server.permission.ws.Parameters.PARAM_TEMPLATE_NAME;
60 import static org.sonar.server.permission.ws.Parameters.PARAM_USER_LOGIN;
62 @Category(DbTests.class)
63 public class RemoveUserFromTemplateActionTest {
65 private static final String USER_LOGIN = "user-login";
66 private static final String DEFAULT_PERMISSION = CODEVIEWER;
68 public DbTester db = DbTester.create(System2.INSTANCE);
70 public ExpectedException expectedException = ExpectedException.none();
72 public UserSessionRule userSession = UserSessionRule.standalone();
78 PermissionTemplateDto permissionTemplate;
82 dbClient = db.getDbClient();
83 dbSession = db.getSession();
84 userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
86 PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient));
87 ws = new WsActionTester(new RemoveUserFromTemplateAction(dbClient, dependenciesFinder, userSession));
89 user = insertUser(newUserDto().setLogin(USER_LOGIN));
90 permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
91 addUserToTemplate(user, permissionTemplate, DEFAULT_PERMISSION);
96 public void remove_user_from_template() {
97 newRequest(USER_LOGIN, permissionTemplate.getKee(), DEFAULT_PERMISSION);
99 assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
103 public void remove_user_from_template_by_name_case_insensitive() {
105 .setParam(PARAM_USER_LOGIN, USER_LOGIN)
106 .setParam(PARAM_PERMISSION, DEFAULT_PERMISSION)
107 .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
111 assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
115 public void remove_user_from_template_twice_without_failing() {
116 newRequest(USER_LOGIN, permissionTemplate.getKee(), DEFAULT_PERMISSION);
117 newRequest(USER_LOGIN, permissionTemplate.getKee(), DEFAULT_PERMISSION);
119 assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
123 public void keep_user_permission_not_removed() {
124 addUserToTemplate(user, permissionTemplate, ISSUE_ADMIN);
127 newRequest(USER_LOGIN, permissionTemplate.getKee(), DEFAULT_PERMISSION);
129 assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
130 assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), ISSUE_ADMIN)).containsExactly(user.getLogin());
134 public void keep_other_users_when_one_user_removed() {
135 UserDto newUser = insertUser(newUserDto().setLogin("new-login"));
136 addUserToTemplate(newUser, permissionTemplate, DEFAULT_PERMISSION);
139 newRequest(USER_LOGIN, permissionTemplate.getKee(), DEFAULT_PERMISSION);
141 assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).containsExactly("new-login");
145 public void fail_if_not_a_project_permission() {
146 expectedException.expect(BadRequestException.class);
148 newRequest(USER_LOGIN, permissionTemplate.getKee(), GlobalPermissions.PREVIEW_EXECUTION);
152 public void fail_if_insufficient_privileges() {
153 expectedException.expect(ForbiddenException.class);
154 userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
156 newRequest(USER_LOGIN, permissionTemplate.getKee(), DEFAULT_PERMISSION);
160 public void fail_if_not_logged_in() {
161 expectedException.expect(UnauthorizedException.class);
162 userSession.anonymous();
164 newRequest(USER_LOGIN, permissionTemplate.getKee(), DEFAULT_PERMISSION);
168 public void fail_if_user_missing() {
169 expectedException.expect(IllegalArgumentException.class);
171 newRequest(null, permissionTemplate.getKee(), DEFAULT_PERMISSION);
175 public void fail_if_permission_missing() {
176 expectedException.expect(IllegalArgumentException.class);
178 newRequest(USER_LOGIN, permissionTemplate.getKee(), null);
182 public void fail_if_template_missing() {
183 expectedException.expect(BadRequestException.class);
185 newRequest(USER_LOGIN, null, DEFAULT_PERMISSION);
189 public void fail_if_user_does_not_exist() {
190 expectedException.expect(NotFoundException.class);
191 expectedException.expectMessage("User with login 'unknown-login' is not found");
193 newRequest("unknown-login", permissionTemplate.getKee(), DEFAULT_PERMISSION);
197 public void fail_if_template_key_does_not_exist() {
198 expectedException.expect(NotFoundException.class);
199 expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
201 newRequest(USER_LOGIN, "unknown-key", DEFAULT_PERMISSION);
204 private void newRequest(@Nullable String userLogin, @Nullable String templateKey, @Nullable String permission) {
205 TestRequest request = ws.newRequest();
206 if (userLogin != null) {
207 request.setParam(PARAM_USER_LOGIN, userLogin);
209 if (templateKey != null) {
210 request.setParam(Parameters.PARAM_TEMPLATE_ID, templateKey);
212 if (permission != null) {
213 request.setParam(Parameters.PARAM_PERMISSION, permission);
219 private void commit() {
223 private UserDto insertUser(UserDto userDto) {
224 return dbClient.userDao().insert(dbSession, userDto.setActive(true));
227 private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
228 return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
231 private List<String> getLoginsInTemplateAndPermission(long templateId, String permission) {
232 PermissionQuery permissionQuery = PermissionQuery.builder().permission(permission).membership(IN).build();
233 return from(dbClient.permissionTemplateDao()
234 .selectUsers(dbSession, permissionQuery, templateId, 0, Integer.MAX_VALUE))
235 .transform(UserWithPermissionToUserLogin.INSTANCE)
239 private enum UserWithPermissionToUserLogin implements Function<UserWithPermissionDto, String> {
243 public String apply(@Nonnull UserWithPermissionDto userWithPermission) {
244 return userWithPermission.getLogin();
249 private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) {
250 dbClient.permissionTemplateDao().insertUserPermission(dbSession, permissionTemplate.getId(), user.getId(), permission);