source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2022 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.qualityprofile.ws;
  21
  22 import java.net.HttpURLConnection;
  23 import java.util.Collection;
  24 import org.junit.Before;
  25 import org.junit.Rule;
  26 import org.junit.Test;
  27 import org.mockito.ArgumentCaptor;
  28 import org.mockito.MockitoAnnotations;
  29 import org.sonar.api.rule.RuleKey;
  30 import org.sonar.api.server.ws.WebService;
  31 import org.sonar.db.DbClient;
  32 import org.sonar.db.DbSession;
  33 import org.sonar.db.DbTester;
  34 import org.sonar.db.permission.GlobalPermission;
  35 import org.sonar.db.qualityprofile.QProfileDto;
  36 import org.sonar.db.rule.RuleDefinitionDto;
  37 import org.sonar.db.rule.RuleTesting;
  38 import org.sonar.db.user.UserDto;
  39 import org.sonar.server.exceptions.BadRequestException;
  40 import org.sonar.server.exceptions.UnauthorizedException;
  41 import org.sonar.server.qualityprofile.QProfileRules;
  42 import org.sonar.server.tester.UserSessionRule;
  43 import org.sonar.server.ws.TestRequest;
  44 import org.sonar.server.ws.TestResponse;
  45 import org.sonar.server.ws.WsActionTester;
  46
  47 import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric;
  48 import static org.assertj.core.api.Assertions.assertThat;
  49 import static org.assertj.core.api.Assertions.assertThatThrownBy;
  50 import static org.mockito.ArgumentMatchers.any;
  51 import static org.mockito.ArgumentMatchers.anyCollection;
  52 import static org.mockito.Mockito.mock;
  53 import static org.mockito.Mockito.verify;
  54 import static org.sonar.server.platform.db.migration.def.VarcharColumnDef.UUID_SIZE;
  55 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_KEY;
  56 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_RULE;
  57
  58 public class DeactivateRuleActionTest {
  59   @Rule
  60   public DbTester db = DbTester.create();
  61   @Rule
  62   public UserSessionRule userSession = UserSessionRule.standalone();
  63
  64   private final ArgumentCaptor<Collection<String>> ruleUuidsCaptor = ArgumentCaptor.forClass(Collection.class);
  65   private final DbClient dbClient = db.getDbClient();
  66   private final QProfileRules qProfileRules = mock(QProfileRules.class);
  67   private final QProfileWsSupport wsSupport = new QProfileWsSupport(dbClient, userSession);
  68   private final DeactivateRuleAction underTest = new DeactivateRuleAction(dbClient, qProfileRules, userSession, wsSupport);
  69   private final WsActionTester ws = new WsActionTester(underTest);
  70
  71   @Before
  72   public void before() {
  73     MockitoAnnotations.initMocks(this);
  74   }
  75
  76   @Test
  77   public void definition() {
  78     WebService.Action definition = ws.getDef();
  79     assertThat(definition).isNotNull();
  80     assertThat(definition.isPost()).isTrue();
  81     assertThat(definition.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder("key", "rule");
  82   }
  83
  84   @Test
  85   public void deactivate_rule() {
  86     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
  87     QProfileDto qualityProfile = db.qualityProfiles().insert();
  88     RuleDefinitionDto rule = db.rules().insert(RuleTesting.randomRuleKey());
  89     TestRequest request = ws.newRequest()
  90       .setMethod("POST")
  91       .setParam(PARAM_RULE, rule.getKey().toString())
  92       .setParam(PARAM_KEY, qualityProfile.getKee());
  93
  94     TestResponse response = request.execute();
  95
  96     assertThat(response.getStatus()).isEqualTo(HttpURLConnection.HTTP_NO_CONTENT);
  97     ArgumentCaptor<QProfileDto> qProfileDtoCaptor = ArgumentCaptor.forClass(QProfileDto.class);
  98     verify(qProfileRules).deactivateAndCommit(any(DbSession.class), qProfileDtoCaptor.capture(), ruleUuidsCaptor.capture());
  99     assertThat(ruleUuidsCaptor.getValue()).containsExactly(rule.getUuid());
 100     assertThat(qProfileDtoCaptor.getValue().getKee()).isEqualTo(qualityProfile.getKee());
 101   }
 102
 103   @Test
 104   public void as_qprofile_editor() {
 105     UserDto user = db.users().insertUser();
 106     QProfileDto qualityProfile = db.qualityProfiles().insert();
 107     db.qualityProfiles().addUserPermission(qualityProfile, user);
 108     userSession.logIn(user);
 109     RuleKey ruleKey = RuleTesting.randomRuleKey();
 110     db.rules().insert(ruleKey);
 111
 112     ws.newRequest()
 113       .setMethod("POST")
 114       .setParam(PARAM_RULE, ruleKey.toString())
 115       .setParam(PARAM_KEY, qualityProfile.getKee())
 116       .execute();
 117
 118     verify(qProfileRules).deactivateAndCommit(any(DbSession.class), any(QProfileDto.class), anyCollection());
 119   }
 120
 121   @Test
 122   public void fail_if_not_logged_in() {
 123     TestRequest request = ws.newRequest()
 124       .setMethod("POST")
 125       .setParam(PARAM_RULE, RuleTesting.newRule().getKey().toString())
 126       .setParam(PARAM_KEY, randomAlphanumeric(UUID_SIZE));
 127
 128     assertThatThrownBy(request::execute)
 129       .isInstanceOf(UnauthorizedException.class);
 130   }
 131
 132   @Test
 133   public void fail_activate_external_rule() {
 134     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 135     QProfileDto qualityProfile = db.qualityProfiles().insert();
 136     RuleDefinitionDto rule = db.rules().insert(r -> r.setIsExternal(true));
 137
 138     TestRequest request = ws.newRequest()
 139       .setMethod("POST")
 140       .setParam(PARAM_RULE, rule.getKey().toString())
 141       .setParam(PARAM_KEY, qualityProfile.getKee());
 142
 143     assertThatThrownBy(() -> request.execute())
 144       .isInstanceOf(BadRequestException.class)
 145       .hasMessage(String.format("Operation forbidden for rule '%s' imported from an external rule engine.", rule.getKey()));
 146   }
 147
 148   @Test
 149   public void fail_deactivate_if_built_in_profile() {
 150     RuleDefinitionDto rule = db.rules().insert();
 151     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 152
 153     QProfileDto qualityProfile = db.qualityProfiles().insert(profile -> profile.setIsBuiltIn(true));
 154     TestRequest request = ws.newRequest()
 155       .setMethod("POST")
 156       .setParam(PARAM_RULE, rule.getKey().toString())
 157       .setParam(PARAM_KEY, qualityProfile.getKee());
 158
 159     assertThatThrownBy(request::execute)
 160       .isInstanceOf(BadRequestException.class);
 161   }
 162 }