3 * Copyright (C) 2009-2023 SonarSource SA
4 * mailto:info AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.permission.index;
22 import com.tngtech.java.junit.dataprovider.DataProvider;
23 import com.tngtech.java.junit.dataprovider.DataProviderRunner;
24 import com.tngtech.java.junit.dataprovider.UseDataProvider;
25 import java.util.List;
26 import java.util.Random;
27 import java.util.stream.IntStream;
28 import org.junit.Test;
29 import org.junit.runner.RunWith;
30 import org.sonar.server.es.Index;
31 import org.sonar.server.es.IndexType;
33 import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic;
34 import static org.assertj.core.api.Assertions.assertThat;
35 import static org.assertj.core.api.Assertions.assertThatThrownBy;
36 import static org.assertj.core.api.Fail.fail;
38 @RunWith(DataProviderRunner.class)
39 public class AuthorizationDocTest {
42 public void idOf_returns_argument_with_a_prefix() {
43 String s = randomAlphabetic(12);
45 assertThat(AuthorizationDoc.idOf(s)).isEqualTo("auth_" + s);
49 public void idOf_fails_with_NPE_if_argument_is_null() {
50 assertThatThrownBy(() -> AuthorizationDoc.idOf(null))
51 .isInstanceOf(NullPointerException.class)
52 .hasMessage("projectUuid can't be null");
56 public void projectUuidOf_fails_with_NPE_if_argument_is_null() {
57 assertThatThrownBy(() -> AuthorizationDoc.entityUuidOf(null))
58 .isInstanceOf(NullPointerException.class);
62 public void projectUuidOf_returns_substring_if_starts_with_id_prefix() {
63 assertThat(AuthorizationDoc.entityUuidOf("auth_")).isEmpty();
65 String id = randomAlphabetic(1 + new Random().nextInt(10));
66 assertThat(AuthorizationDoc.entityUuidOf("auth_" + id)).isEqualTo(id);
70 public void projectUuidOf_returns_argument_if_does_not_starts_with_id_prefix() {
71 String id = randomAlphabetic(1 + new Random().nextInt(10));
72 assertThat(AuthorizationDoc.entityUuidOf(id)).isEqualTo(id);
73 assertThat(AuthorizationDoc.entityUuidOf("")).isEmpty();
77 public void getId_fails_with_NPE_if_IndexPermissions_has_null_projectUuid() {
78 IndexPermissions dto = new IndexPermissions(null, null);
79 IndexType.IndexMainType mainType = IndexType.main(Index.simple("foo"), "bar");
80 AuthorizationDoc underTest = AuthorizationDoc.fromDto(mainType, dto);
82 assertThatThrownBy(() -> underTest.getId())
83 .isInstanceOf(NullPointerException.class)
84 .hasMessage("projectUuid can't be null");
88 @UseDataProvider("dtos")
89 public void getId_returns_projectUuid_with_a_prefix(IndexPermissions dto) {
90 AuthorizationDoc underTest = AuthorizationDoc.fromDto(IndexType.main(Index.simple("foo"), "bar"), dto);
92 assertThat(underTest.getId()).isEqualTo("auth_" + dto.getEntityUuid());
96 @UseDataProvider("dtos")
97 public void getRouting_returns_projectUuid(IndexPermissions dto) {
98 AuthorizationDoc underTest = AuthorizationDoc.fromDto(IndexType.main(Index.simple("foo"), "bar"), dto);
100 assertThat(underTest.getRouting()).contains(dto.getEntityUuid());
104 public void fromDto_of_allowAnyone_is_false_and_no_user_nor_group() {
105 IndexPermissions underTest = new IndexPermissions(randomAlphabetic(3), randomAlphabetic(4));
107 AuthorizationDoc doc = AuthorizationDoc.fromDto(IndexType.main(Index.simple("foo"), "bar"), underTest);
109 boolean auth_allowAnyone = doc.getField("auth_allowAnyone");
110 assertThat(auth_allowAnyone).isFalse();
111 List<Integer> userIds = doc.getField("auth_userIds");
112 assertThat(userIds).isEmpty();
113 List<Integer> groupIds = doc.getField("auth_groupIds");
114 assertThat(groupIds).isEmpty();
118 public void fromDto_defines_userIds_and_groupIds_if_allowAnyone_is_false() {
119 IndexPermissions underTest = new IndexPermissions(randomAlphabetic(3), randomAlphabetic(4));
120 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(String::valueOf).forEach(underTest::addUserUuid);
121 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(Integer::toString).forEach(underTest::addGroupUuid);
123 AuthorizationDoc doc = AuthorizationDoc.fromDto(IndexType.main(Index.simple("foo"), "bar"), underTest);
125 boolean auth_allowAnyone = doc.getField("auth_allowAnyone");
126 assertThat(auth_allowAnyone).isFalse();
127 List<String> userUuids = doc.getField("auth_userIds");
128 assertThat(userUuids).isEqualTo(underTest.getUserUuids());
129 List<String> groupUuids = doc.getField("auth_groupIds");
130 assertThat(groupUuids).isEqualTo(underTest.getGroupUuids());
134 public void fromDto_ignores_userIds_and_groupUuids_if_allowAnyone_is_true() {
135 IndexPermissions underTest = new IndexPermissions(randomAlphabetic(3), randomAlphabetic(4));
136 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(String::valueOf).forEach(underTest::addUserUuid);
137 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(Integer::toString).forEach(underTest::addGroupUuid);
138 underTest.allowAnyone();
140 AuthorizationDoc doc = AuthorizationDoc.fromDto(IndexType.main(Index.simple("foo"), "bar"), underTest);
142 boolean auth_allowAnyone = doc.getField("auth_allowAnyone");
143 assertThat(auth_allowAnyone).isTrue();
145 doc.getField("auth_userIds");
146 fail("should have thrown IllegalStateException");
147 } catch (IllegalStateException e) {
148 assertThat(e).hasMessage("Field auth_userIds not specified in query options");
151 doc.getField("auth_groupUuids");
152 fail("should have thrown IllegalStateException");
153 } catch (IllegalStateException e) {
154 assertThat(e).hasMessage("Field auth_groupUuids not specified in query options");
159 public static Object[][] dtos() {
160 IndexPermissions allowAnyone = new IndexPermissions(randomAlphabetic(3), randomAlphabetic(4));
161 allowAnyone.allowAnyone();
162 IndexPermissions someUserIds = new IndexPermissions(randomAlphabetic(3), randomAlphabetic(4));
163 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(String::valueOf).forEach(someUserIds::addUserUuid);
164 IndexPermissions someGroupUuids = new IndexPermissions(randomAlphabetic(3), randomAlphabetic(4));
165 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(Integer::toString).forEach(someGroupUuids::addGroupUuid);
166 IndexPermissions someGroupUuidAndUserIs = new IndexPermissions(randomAlphabetic(3), randomAlphabetic(4));
167 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(String::valueOf).forEach(someGroupUuidAndUserIs::addUserUuid);
168 IntStream.range(0, 1 + new Random().nextInt(5)).mapToObj(Integer::toString).forEach(someGroupUuidAndUserIs::addGroupUuid);
169 return new Object[][] {
173 {someGroupUuidAndUserIs}