]> source.dussan.org Git - sonarqube.git/blob
9df6be6c9547f301acb40d1517579698d1279c89
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2016 SonarSource SA
4  * mailto:contact AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.permission.ws.template;
21
22 import com.google.common.base.Function;
23 import java.util.List;
24 import javax.annotation.Nonnull;
25 import javax.annotation.Nullable;
26 import org.junit.Before;
27 import org.junit.Rule;
28 import org.junit.Test;
29 import org.junit.rules.ExpectedException;
30 import org.sonar.api.resources.Qualifiers;
31 import org.sonar.api.utils.System2;
32 import org.sonar.core.permission.GlobalPermissions;
33 import org.sonar.db.DbClient;
34 import org.sonar.db.DbSession;
35 import org.sonar.db.DbTester;
36 import org.sonar.db.component.ResourceTypesRule;
37 import org.sonar.db.permission.GroupWithPermissionDto;
38 import org.sonar.db.permission.OldPermissionQuery;
39 import org.sonar.db.permission.PermissionTemplateDto;
40 import org.sonar.db.user.GroupDto;
41 import org.sonar.server.component.ComponentFinder;
42 import org.sonar.server.exceptions.BadRequestException;
43 import org.sonar.server.exceptions.ForbiddenException;
44 import org.sonar.server.exceptions.NotFoundException;
45 import org.sonar.server.exceptions.UnauthorizedException;
46 import org.sonar.server.permission.ws.PermissionDependenciesFinder;
47 import org.sonar.server.tester.UserSessionRule;
48 import org.sonar.server.usergroups.ws.UserGroupFinder;
49 import org.sonar.server.ws.TestRequest;
50 import org.sonar.server.ws.WsActionTester;
51
52 import static com.google.common.collect.FluentIterable.from;
53 import static org.assertj.core.api.Assertions.assertThat;
54 import static org.sonar.api.security.DefaultGroups.ANYONE;
55 import static org.sonar.api.web.UserRole.CODEVIEWER;
56 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
57 import static org.sonar.db.user.GroupMembershipQuery.IN;
58 import static org.sonar.db.user.GroupTesting.newGroupDto;
59 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
60 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
61 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
62 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
63 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
64
65
66 public class RemoveGroupFromTemplateActionTest {
67
68   private static final String GROUP_NAME = "group-name";
69   private static final String PERMISSION = CODEVIEWER;
70   @Rule
71   public DbTester db = DbTester.create(System2.INSTANCE);
72   @Rule
73   public ExpectedException expectedException = ExpectedException.none();
74   @Rule
75   public UserSessionRule userSession = UserSessionRule.standalone();
76   ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
77
78   WsActionTester ws;
79   DbClient dbClient;
80   DbSession dbSession;
81   GroupDto group;
82   PermissionTemplateDto permissionTemplate;
83
84   @Before
85   public void setUp() {
86     dbClient = db.getDbClient();
87     dbSession = db.getSession();
88     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
89
90     PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
91     ws = new WsActionTester(new RemoveGroupFromTemplateAction(dbClient, dependenciesFinder, userSession));
92
93     group = insertGroup(newGroupDto().setName(GROUP_NAME));
94     permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
95     addGroupToPermissionTemplate(permissionTemplate.getId(), group.getId(), PERMISSION);
96     commit();
97   }
98
99   @Test
100   public void remove_group_from_template() {
101     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
102     commit();
103
104     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
105
106     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
107   }
108
109   @Test
110   public void remove_group_from_template_by_name_case_insensitive() {
111     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
112     commit();
113
114     ws.newRequest()
115       .setParam(PARAM_GROUP_NAME, GROUP_NAME)
116       .setParam(PARAM_PERMISSION, PERMISSION)
117       .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
118       .execute();
119     commit();
120
121     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
122   }
123
124   @Test
125   public void remove_group_with_group_id() {
126     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
127     commit();
128
129     ws.newRequest()
130       .setParam(PARAM_TEMPLATE_ID, permissionTemplate.getUuid())
131       .setParam(PARAM_PERMISSION, PERMISSION)
132       .setParam(PARAM_GROUP_ID, String.valueOf(group.getId()))
133       .execute();
134
135     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
136   }
137
138   @Test
139   public void remove_group_twice_without_error() {
140     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
141     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
142
143     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
144   }
145
146   @Test
147   public void remove_anyone_group_from_template() {
148     addGroupToPermissionTemplate(permissionTemplate.getId(), null, PERMISSION);
149     commit();
150
151     newRequest(ANYONE, permissionTemplate.getUuid(), PERMISSION);
152
153     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
154   }
155
156   @Test
157   public void fail_if_not_a_project_permission() {
158     expectedException.expect(BadRequestException.class);
159
160     newRequest(GROUP_NAME, permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
161   }
162
163   @Test
164   public void fail_if_insufficient_privileges() {
165     expectedException.expect(ForbiddenException.class);
166     userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
167
168     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
169   }
170
171   @Test
172   public void fail_if_not_logged_in() {
173     expectedException.expect(UnauthorizedException.class);
174     userSession.anonymous();
175
176     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
177   }
178
179   @Test
180   public void fail_if_group_params_missing() {
181     expectedException.expect(BadRequestException.class);
182
183     newRequest(null, permissionTemplate.getUuid(), PERMISSION);
184   }
185
186   @Test
187   public void fail_if_permission_missing() {
188     expectedException.expect(IllegalArgumentException.class);
189
190     newRequest(GROUP_NAME, permissionTemplate.getUuid(), null);
191   }
192
193   @Test
194   public void fail_if_template_missing() {
195     expectedException.expect(BadRequestException.class);
196
197     newRequest(GROUP_NAME, null, PERMISSION);
198   }
199
200   @Test
201   public void fail_if_group_does_not_exist() {
202     expectedException.expect(NotFoundException.class);
203     expectedException.expectMessage("Group with name 'unknown-group-name' is not found");
204
205     newRequest("unknown-group-name", permissionTemplate.getUuid(), PERMISSION);
206   }
207
208   @Test
209   public void fail_if_template_key_does_not_exist() {
210     expectedException.expect(NotFoundException.class);
211     expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
212
213     newRequest(GROUP_NAME, "unknown-key", PERMISSION);
214   }
215
216   private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) {
217     TestRequest request = ws.newRequest();
218     if (groupName != null) {
219       request.setParam(PARAM_GROUP_NAME, groupName);
220     }
221     if (templateKey != null) {
222       request.setParam(PARAM_TEMPLATE_ID, templateKey);
223     }
224     if (permission != null) {
225       request.setParam(PARAM_PERMISSION, permission);
226     }
227
228     request.execute();
229   }
230
231   private void commit() {
232     dbSession.commit();
233   }
234
235   private GroupDto insertGroup(GroupDto groupDto) {
236     return dbClient.groupDao().insert(dbSession, groupDto);
237   }
238
239   private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
240     return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
241   }
242
243   private void addGroupToPermissionTemplate(long permissionTemplateId, @Nullable Long groupId, String permission) {
244     dbClient.permissionTemplateDao().insertGroupPermission(dbSession, permissionTemplateId, groupId, permission);
245   }
246
247   private List<String> getGroupNamesInTemplateAndPermission(long templateId, String permission) {
248     OldPermissionQuery permissionQuery = OldPermissionQuery.builder().permission(permission).membership(IN).build();
249     return from(dbClient.permissionTemplateDao()
250       .selectGroups(dbSession, permissionQuery, templateId))
251       .transform(GroupWithPermissionToGroupName.INSTANCE)
252       .toList();
253   }
254
255   private enum GroupWithPermissionToGroupName implements Function<GroupWithPermissionDto, String> {
256     INSTANCE;
257
258     @Override
259     public String apply(@Nonnull GroupWithPermissionDto groupWithPermission) {
260       return groupWithPermission.getName();
261     }
262
263   }
264 }