source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2022 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.qualityprofile.ws;
  21
  22 import java.net.HttpURLConnection;
  23 import org.junit.Rule;
  24 import org.junit.Test;
  25 import org.mockito.Mockito;
  26 import org.sonar.api.resources.Languages;
  27 import org.sonar.api.resources.Qualifiers;
  28 import org.sonar.api.server.ws.WebService;
  29 import org.sonar.api.web.UserRole;
  30 import org.sonar.db.DbClient;
  31 import org.sonar.db.DbTester;
  32 import org.sonar.db.component.ComponentDto;
  33 import org.sonar.db.component.ResourceTypesRule;
  34 import org.sonar.db.permission.GlobalPermission;
  35 import org.sonar.db.project.ProjectDto;
  36 import org.sonar.db.qualityprofile.QProfileDto;
  37 import org.sonar.db.user.UserDto;
  38 import org.sonar.server.component.ComponentFinder;
  39 import org.sonar.server.exceptions.ForbiddenException;
  40 import org.sonar.server.exceptions.NotFoundException;
  41 import org.sonar.server.exceptions.UnauthorizedException;
  42 import org.sonar.server.language.LanguageTesting;
  43 import org.sonar.server.pushapi.qualityprofile.QualityProfileChangeEventService;
  44 import org.sonar.server.tester.UserSessionRule;
  45 import org.sonar.server.ws.TestRequest;
  46 import org.sonar.server.ws.TestResponse;
  47 import org.sonar.server.ws.WsActionTester;
  48
  49 import static java.lang.String.format;
  50 import static org.assertj.core.api.Assertions.assertThat;
  51 import static org.assertj.core.api.Assertions.assertThatThrownBy;
  52 import static org.mockito.Mockito.verify;
  53 import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES;
  54
  55 public class RemoveProjectActionTest {
  56   private static final String LANGUAGE_1 = "xoo";
  57   private static final String LANGUAGE_2 = "foo";
  58
  59   @Rule
  60   public DbTester db = DbTester.create();
  61   @Rule
  62   public UserSessionRule userSession = UserSessionRule.standalone();
  63
  64   private final DbClient dbClient = db.getDbClient();
  65   private final Languages languages = LanguageTesting.newLanguages(LANGUAGE_1, LANGUAGE_2);
  66   private final QProfileWsSupport wsSupport = new QProfileWsSupport(dbClient, userSession);
  67
  68   private final QualityProfileChangeEventService qualityProfileChangeEventService = Mockito.mock(QualityProfileChangeEventService.class);
  69   private final RemoveProjectAction underTest = new RemoveProjectAction(dbClient, userSession, languages,
  70     new ComponentFinder(dbClient, new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT)), wsSupport, qualityProfileChangeEventService);
  71   private final WsActionTester ws = new WsActionTester(underTest);
  72
  73   @Test
  74   public void definition() {
  75     WebService.Action definition = ws.getDef();
  76
  77     assertThat(definition.since()).isEqualTo("5.2");
  78     assertThat(definition.isPost()).isTrue();
  79     assertThat(definition.key()).isEqualTo("remove_project");
  80
  81     assertThat(definition.params()).extracting(WebService.Param::key).containsOnly("qualityProfile", "project", "language");
  82     WebService.Param languageParam = definition.param("language");
  83     assertThat(languageParam.possibleValues()).containsOnly(LANGUAGE_1, LANGUAGE_2);
  84     assertThat(languageParam.exampleValue()).isNull();
  85     assertThat(languageParam.deprecatedSince()).isNullOrEmpty();
  86     WebService.Param profileName = definition.param("qualityProfile");
  87     assertThat(profileName.deprecatedSince()).isNullOrEmpty();
  88   }
  89
  90   @Test
  91   public void remove_profile_from_project() {
  92     logInAsProfileAdmin();
  93
  94     ProjectDto project = db.components().insertPrivateProjectDto();
  95     QProfileDto profileLang1 = db.qualityProfiles().insert(p -> p.setLanguage(LANGUAGE_1));
  96     QProfileDto profileLang2 = db.qualityProfiles().insert(p -> p.setLanguage(LANGUAGE_2));
  97     db.qualityProfiles().associateWithProject(project, profileLang1);
  98     db.qualityProfiles().associateWithProject(project, profileLang2);
  99
 100     TestResponse response = call(project, profileLang1);
 101     assertThat(response.getStatus()).isEqualTo(HttpURLConnection.HTTP_NO_CONTENT);
 102
 103     assertProjectIsNotAssociatedToProfile(project, profileLang1);
 104     assertProjectIsAssociatedToProfile(project, profileLang2);
 105     verify(qualityProfileChangeEventService).publishRuleActivationToSonarLintClients(project, null, profileLang1);
 106   }
 107
 108   @Test
 109   public void removal_does_not_fail_if_profile_is_not_associated_to_project() {
 110     logInAsProfileAdmin();
 111
 112     ProjectDto project = db.components().insertPrivateProjectDto();
 113     QProfileDto profile = db.qualityProfiles().insert(qp -> qp.setLanguage("xoo"));
 114
 115     TestResponse response = call(project, profile);
 116     assertThat(response.getStatus()).isEqualTo(HttpURLConnection.HTTP_NO_CONTENT);
 117
 118     assertProjectIsNotAssociatedToProfile(project, profile);
 119     verify(qualityProfileChangeEventService).publishRuleActivationToSonarLintClients(project, null, profile);
 120   }
 121
 122   @Test
 123   public void project_administrator_can_remove_profile() {
 124     ProjectDto project = db.components().insertPrivateProjectDto();
 125     QProfileDto profile = db.qualityProfiles().insert(qp -> qp.setLanguage("xoo"));
 126     db.qualityProfiles().associateWithProject(project, profile);
 127     userSession.logIn(db.users().insertUser()).addProjectPermission(UserRole.ADMIN, project);
 128
 129     call(project, profile);
 130
 131     assertProjectIsNotAssociatedToProfile(project, profile);
 132     verify(qualityProfileChangeEventService).publishRuleActivationToSonarLintClients(project, null, profile);
 133   }
 134
 135   @Test
 136   public void as_qprofile_editor_and_global_admin() {
 137     ProjectDto project = db.components().insertPrivateProjectDto();
 138     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(LANGUAGE_1));
 139     db.qualityProfiles().associateWithProject(project, profile);
 140     UserDto user = db.users().insertUser();
 141     db.qualityProfiles().addUserPermission(profile, user);
 142     userSession.logIn(user).addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 143
 144     call(project, profile);
 145
 146     assertProjectIsNotAssociatedToProfile(project, profile);
 147     verify(qualityProfileChangeEventService).publishRuleActivationToSonarLintClients(project, null, profile);
 148   }
 149
 150   @Test
 151   public void as_qprofile_editor_fail_if_not_project_nor_global_admin() {
 152     ProjectDto project = db.components().insertPrivateProjectDto();
 153     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(LANGUAGE_1));
 154     db.qualityProfiles().associateWithProject(project, profile);
 155     UserDto user = db.users().insertUser();
 156     db.qualityProfiles().addUserPermission(profile, user);
 157     userSession.logIn(user);
 158
 159     assertThatThrownBy(() -> call(project, profile))
 160       .isInstanceOf(ForbiddenException.class)
 161       .hasMessage("Insufficient privileges");
 162   }
 163
 164   @Test
 165   public void fail_if_not_enough_permissions() {
 166     userSession.logIn(db.users().insertUser());
 167     ProjectDto project = db.components().insertPrivateProjectDto();
 168     QProfileDto profile = db.qualityProfiles().insert(qp -> qp.setLanguage("xoo"));
 169
 170     assertThatThrownBy(() -> call(project, profile))
 171       .isInstanceOf(ForbiddenException.class)
 172       .hasMessage("Insufficient privileges");
 173   }
 174
 175   @Test
 176   public void fail_if_not_logged_in() {
 177     userSession.anonymous();
 178     ProjectDto project = db.components().insertPrivateProjectDto();
 179     QProfileDto profile = db.qualityProfiles().insert();
 180
 181     assertThatThrownBy(() -> call(project, profile))
 182       .isInstanceOf(UnauthorizedException.class)
 183       .hasMessage("Authentication is required");
 184   }
 185
 186   @Test
 187   public void fail_if_project_does_not_exist() {
 188     logInAsProfileAdmin();
 189     QProfileDto profile = db.qualityProfiles().insert();
 190
 191     assertThatThrownBy(() -> {
 192       ws.newRequest()
 193         .setParam("project", "unknown")
 194         .setParam("profileKey", profile.getKee())
 195         .execute();
 196     })
 197       .isInstanceOf(NotFoundException.class)
 198       .hasMessage("Project 'unknown' not found");
 199   }
 200
 201   @Test
 202   public void fail_if_profile_does_not_exist() {
 203     logInAsProfileAdmin();
 204     ComponentDto project = db.components().insertPrivateProject();
 205
 206     assertThatThrownBy(() -> {
 207       ws.newRequest()
 208         .setParam("project", project.getKey())
 209         .setParam("language", "xoo")
 210         .setParam("qualityProfile", "unknown")
 211         .execute();
 212     })
 213       .isInstanceOf(NotFoundException.class)
 214       .hasMessage("Quality Profile for language 'xoo' and name 'unknown' does not exist");
 215   }
 216
 217   @Test
 218   public void fail_when_using_branch_db_key() {
 219     ComponentDto project = db.components().insertPublicProject();
 220     userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
 221     ComponentDto branch = db.components().insertProjectBranch(project);
 222     QProfileDto profile = db.qualityProfiles().insert();
 223
 224     assertThatThrownBy(() -> {
 225       ws.newRequest()
 226         .setParam("project", branch.getKey())
 227         .setParam("language", profile.getLanguage())
 228         .setParam("qualityProfile", profile.getName())
 229         .execute();
 230     })
 231       .isInstanceOf(NotFoundException.class)
 232       .hasMessage(format("Project '%s' not found", branch.getKey()));
 233   }
 234
 235   private void assertProjectIsAssociatedToProfile(ProjectDto project, QProfileDto profile) {
 236     QProfileDto loaded = dbClient.qualityProfileDao().selectAssociatedToProjectAndLanguage(db.getSession(), project, profile.getLanguage());
 237     assertThat(loaded.getKee()).isEqualTo(profile.getKee());
 238   }
 239
 240   private void assertProjectIsNotAssociatedToProfile(ProjectDto project, QProfileDto profile) {
 241     QProfileDto loaded = dbClient.qualityProfileDao().selectAssociatedToProjectAndLanguage(db.getSession(), project, profile.getLanguage());
 242     assertThat(loaded == null || !loaded.getKee().equals(profile.getKee())).isTrue();
 243   }
 244
 245   private void logInAsProfileAdmin() {
 246     userSession.logIn(db.users().insertUser()).addPermission(ADMINISTER_QUALITY_PROFILES);
 247   }
 248
 249   private TestResponse call(ProjectDto project, QProfileDto qualityProfile) {
 250     TestRequest request = ws.newRequest()
 251       .setParam("project", project.getKey())
 252       .setParam("language", qualityProfile.getLanguage())
 253       .setParam("qualityProfile", qualityProfile.getName());
 254     return request.execute();
 255   }
 256 }