]> source.dussan.org Git - sonarqube.git/blob
projects / sonarqube.git / blob
? search:


aa55361ae541b17f8631ebce9b87988862b93689
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2021 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.permission;
21
22 import java.util.List;
23 import javax.annotation.Nullable;
24 import org.junit.Rule;
25 import org.junit.Test;
26 import org.junit.rules.ExpectedException;
27 import org.sonar.api.web.UserRole;
28 import org.sonar.core.util.SequenceUuidFactory;
29 import org.sonar.db.DbSession;
30 import org.sonar.db.DbTester;
31 import org.sonar.db.component.ComponentDto;
32 import org.sonar.db.component.ResourceTypesRule;
33 import org.sonar.db.permission.template.PermissionTemplateDbTester;
34 import org.sonar.db.permission.template.PermissionTemplateDto;
35 import org.sonar.db.user.GroupDto;
36 import org.sonar.db.user.UserDto;
37 import org.sonar.server.es.ProjectIndexers;
38 import org.sonar.server.es.TestProjectIndexers;
39 import org.sonar.server.tester.UserSessionRule;
40
41 import static java.util.Collections.singletonList;
42 import static org.assertj.core.api.Assertions.assertThat;
43 import static org.sonar.api.resources.Qualifiers.APP;
44 import static org.sonar.api.resources.Qualifiers.PROJECT;
45 import static org.sonar.api.resources.Qualifiers.VIEW;
46 import static org.sonar.db.permission.GlobalPermission.ADMINISTER;
47 import static org.sonar.db.permission.GlobalPermission.PROVISION_PROJECTS;
48 import static org.sonar.db.permission.GlobalPermission.SCAN;
49
50 public class PermissionTemplateServiceTest {
51
52   @Rule
53   public ExpectedException throwable = ExpectedException.none();
54   @Rule
55   public DbTester dbTester = DbTester.create();
56
57   private final ResourceTypesRule resourceTypesRule = new ResourceTypesRule().setRootQualifiers(PROJECT, VIEW, APP);
58   private final DefaultTemplatesResolver defaultTemplatesResolver = new DefaultTemplatesResolverImpl(dbTester.getDbClient(), resourceTypesRule);
59   private final PermissionService permissionService = new PermissionServiceImpl(resourceTypesRule);
60   private final UserSessionRule userSession = UserSessionRule.standalone();
61   private final PermissionTemplateDbTester templateDb = dbTester.permissionTemplates();
62   private final DbSession session = dbTester.getSession();
63   private final ProjectIndexers projectIndexers = new TestProjectIndexers();
64   private final PermissionTemplateService underTest = new PermissionTemplateService(dbTester.getDbClient(), projectIndexers, userSession, defaultTemplatesResolver,
65     new SequenceUuidFactory());
66
67   @Test
68   public void apply_does_not_insert_permission_to_group_AnyOne_when_applying_template_on_private_project() {
69     ComponentDto privateProject = dbTester.components().insertPrivateProject();
70     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
71     dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1");
72
73     underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject));
74
75     assertThat(selectProjectPermissionsOfGroup(null, privateProject)).isEmpty();
76   }
77
78   @Test
79   public void apply_default_does_not_insert_permission_to_group_AnyOne_when_applying_template_on_private_project() {
80     ComponentDto privateProject = dbTester.components().insertPrivateProject();
81     UserDto creator = dbTester.users().insertUser();
82     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
83     dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1");
84     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
85
86     underTest.applyDefaultToNewComponent(session, privateProject, creator.getUuid());
87
88     assertThat(selectProjectPermissionsOfGroup(null, privateProject)).isEmpty();
89   }
90
91   @Test
92   public void apply_inserts_permissions_to_group_AnyOne_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() {
93     ComponentDto publicProject = dbTester.components().insertPublicProject();
94     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
95     permissionService.getAllProjectPermissions()
96       .forEach(perm -> dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, perm));
97     dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1");
98
99     underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject));
100
101     assertThat(selectProjectPermissionsOfGroup(null, publicProject))
102       .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
103   }
104
105   @Test
106   public void applyDefault_inserts_permissions_to_group_AnyOne_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() {
107     ComponentDto publicProject = dbTester.components().insertPublicProject();
108     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
109     permissionService.getAllProjectPermissions()
110       .forEach(perm -> dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, perm));
111     dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "p1");
112     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
113
114     underTest.applyDefaultToNewComponent(session, publicProject, null);
115
116     assertThat(selectProjectPermissionsOfGroup(null, publicProject))
117       .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
118   }
119
120   @Test
121   public void apply_inserts_any_permissions_to_group_when_applying_template_on_private_project() {
122     ComponentDto privateProject = dbTester.components().insertPrivateProject();
123     GroupDto group = dbTester.users().insertGroup();
124     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
125     permissionService.getAllProjectPermissions()
126       .forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm));
127     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, "p1");
128
129     underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject));
130
131     assertThat(selectProjectPermissionsOfGroup(group, privateProject))
132       .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
133   }
134
135   @Test
136   public void applyDefault_inserts_any_permissions_to_group_when_applying_template_on_private_project() {
137     GroupDto group = dbTester.users().insertGroup();
138     ComponentDto privateProject = dbTester.components().insertPrivateProject();
139     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
140     permissionService.getAllProjectPermissions()
141       .forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm));
142     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, "p1");
143     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
144
145     underTest.applyDefaultToNewComponent(session, privateProject, null);
146
147     assertThat(selectProjectPermissionsOfGroup(group, privateProject))
148       .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
149   }
150
151   @Test
152   public void apply_inserts_permissions_to_group_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() {
153     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
154     ComponentDto publicProject = dbTester.components().insertPublicProject();
155     GroupDto group = dbTester.users().insertGroup();
156     permissionService.getAllProjectPermissions()
157       .forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm));
158     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, "p1");
159
160     underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject));
161
162     assertThat(selectProjectPermissionsOfGroup(group, publicProject))
163       .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
164   }
165
166   @Test
167   public void applyDefault_inserts_permissions_to_group_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() {
168     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
169     ComponentDto publicProject = dbTester.components().insertPublicProject();
170     GroupDto group = dbTester.users().insertGroup();
171     permissionService.getAllProjectPermissions()
172       .forEach(perm -> dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, perm));
173     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, "p1");
174     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
175
176     underTest.applyDefaultToNewComponent(session, publicProject, null);
177
178     assertThat(selectProjectPermissionsOfGroup(group, publicProject))
179       .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
180   }
181
182   @Test
183   public void apply_inserts_permissions_to_user_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() {
184     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
185     ComponentDto publicProject = dbTester.components().insertPublicProject();
186     UserDto user = dbTester.users().insertUser();
187     permissionService.getAllProjectPermissions()
188       .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm));
189     dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, "p1");
190
191     underTest.applyAndCommit(session, permissionTemplate, singletonList(publicProject));
192
193     assertThat(selectProjectPermissionsOfUser(user, publicProject))
194       .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
195   }
196
197   @Test
198   public void applyDefault_inserts_permissions_to_user_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() {
199     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
200     ComponentDto publicProject = dbTester.components().insertPublicProject();
201     UserDto user = dbTester.users().insertUser();
202     permissionService.getAllProjectPermissions()
203       .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm));
204     dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, "p1");
205     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
206
207     underTest.applyDefaultToNewComponent(session, publicProject, null);
208
209     assertThat(selectProjectPermissionsOfUser(user, publicProject))
210       .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
211   }
212
213   @Test
214   public void apply_inserts_any_permissions_to_user_when_applying_template_on_private_project() {
215     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
216     ComponentDto privateProject = dbTester.components().insertPrivateProject();
217     UserDto user = dbTester.users().insertUser();
218     permissionService.getAllProjectPermissions()
219       .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm));
220     dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, "p1");
221
222     underTest.applyAndCommit(session, permissionTemplate, singletonList(privateProject));
223
224     assertThat(selectProjectPermissionsOfUser(user, privateProject))
225       .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
226   }
227
228   @Test
229   public void applyDefault_inserts_any_permissions_to_user_when_applying_template_on_private_project() {
230     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
231     ComponentDto privateProject = dbTester.components().insertPrivateProject();
232     UserDto user = dbTester.users().insertUser();
233     permissionService.getAllProjectPermissions()
234       .forEach(perm -> dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, perm));
235     dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, "p1");
236     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
237
238     underTest.applyDefaultToNewComponent(session, privateProject, null);
239
240     assertThat(selectProjectPermissionsOfUser(user, privateProject))
241       .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
242   }
243
244   @Test
245   public void applyDefault_inserts_permissions_to_ProjectCreator_but_USER_and_CODEVIEWER_when_applying_template_on_public_project() {
246     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
247     ComponentDto publicProject = dbTester.components().insertPublicProject();
248     UserDto user = dbTester.users().insertUser();
249     permissionService.getAllProjectPermissions()
250       .forEach(perm -> dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, perm));
251     dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, "p1");
252     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
253
254     underTest.applyDefaultToNewComponent(session, publicProject, user.getUuid());
255
256     assertThat(selectProjectPermissionsOfUser(user, publicProject))
257       .containsOnly("p1", UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
258   }
259
260   @Test
261   public void applyDefault_inserts_any_permissions_to_ProjectCreator_when_applying_template_on_private_project() {
262     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
263     ComponentDto privateProject = dbTester.components().insertPrivateProject();
264     UserDto user = dbTester.users().insertUser();
265     permissionService.getAllProjectPermissions()
266       .forEach(perm -> dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, perm));
267     dbTester.permissionTemplates().addProjectCreatorToTemplate(permissionTemplate, "p1");
268     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
269
270     underTest.applyDefaultToNewComponent(session, privateProject, user.getUuid());
271
272     assertThat(selectProjectPermissionsOfUser(user, privateProject))
273       .containsOnly("p1", UserRole.CODEVIEWER, UserRole.USER, UserRole.ADMIN, UserRole.ISSUE_ADMIN, UserRole.SECURITYHOTSPOT_ADMIN, SCAN.getKey());
274   }
275
276   @Test
277   public void apply_template_on_view() {
278     ComponentDto portfolio = dbTester.components().insertPrivatePortfolio();
279     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
280     GroupDto group = dbTester.users().insertGroup();
281     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, ADMINISTER.getKey());
282     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, PROVISION_PROJECTS.getKey());
283     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
284
285     underTest.applyDefaultToNewComponent(session, portfolio, null);
286
287     assertThat(selectProjectPermissionsOfGroup(group, portfolio))
288       .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey());
289   }
290
291   @Test
292   public void apply_default_template_on_application() {
293     ComponentDto view = dbTester.components().insertPublicApplication();
294     PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
295     PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
296     GroupDto group = dbTester.users().insertGroup();
297     dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, ADMINISTER.getKey());
298     dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, PROVISION_PROJECTS.getKey());
299     dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, null);
300
301     underTest.applyDefaultToNewComponent(session, view, null);
302
303     assertThat(selectProjectPermissionsOfGroup(group, view))
304       .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey());
305   }
306
307   @Test
308   public void apply_default_template_on_portfolio() {
309     ComponentDto view = dbTester.components().insertPublicPortfolio();
310     PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
311     PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
312     GroupDto group = dbTester.users().insertGroup();
313     dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, ADMINISTER.getKey());
314     dbTester.permissionTemplates().addGroupToTemplate(portPermissionTemplate, group, PROVISION_PROJECTS.getKey());
315     dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, portPermissionTemplate);
316
317     underTest.applyDefaultToNewComponent(session, view, null);
318
319     assertThat(selectProjectPermissionsOfGroup(group, view))
320       .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey());
321   }
322
323   @Test
324   public void apply_project_default_template_on_view_when_no_view_default_template() {
325     ComponentDto view = dbTester.components().insertPrivatePortfolio();
326     PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
327     GroupDto group = dbTester.users().insertGroup();
328     dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, PROVISION_PROJECTS.getKey());
329     dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null);
330
331     underTest.applyDefaultToNewComponent(session, view, null);
332
333     assertThat(selectProjectPermissionsOfGroup(group, view)).containsOnly(PROVISION_PROJECTS.getKey());
334   }
335
336   @Test
337   public void apply_template_on_applications() {
338     ComponentDto application = dbTester.components().insertPublicApplication();
339     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
340     GroupDto group = dbTester.users().insertGroup();
341     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, ADMINISTER.getKey());
342     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, group, PROVISION_PROJECTS.getKey());
343     dbTester.permissionTemplates().setDefaultTemplates(permissionTemplate, null, null);
344
345     underTest.applyDefaultToNewComponent(session, application, null);
346
347     assertThat(selectProjectPermissionsOfGroup(group, application))
348       .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey());
349   }
350
351   @Test
352   public void apply_default_view_template_on_application() {
353     ComponentDto application = dbTester.components().insertPublicApplication();
354     PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
355     PermissionTemplateDto appPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
356     PermissionTemplateDto portPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
357     GroupDto group = dbTester.users().insertGroup();
358     dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, ADMINISTER.getKey());
359     dbTester.permissionTemplates().addGroupToTemplate(appPermissionTemplate, group, PROVISION_PROJECTS.getKey());
360     dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, appPermissionTemplate, portPermissionTemplate);
361
362     underTest.applyDefaultToNewComponent(session, application, null);
363
364     assertThat(selectProjectPermissionsOfGroup(group, application))
365       .containsOnly(ADMINISTER.getKey(), PROVISION_PROJECTS.getKey());
366   }
367
368   @Test
369   public void apply_project_default_template_on_application_when_no_application_default_template() {
370     ComponentDto application = dbTester.components().insertPublicApplication();
371     PermissionTemplateDto projectPermissionTemplate = dbTester.permissionTemplates().insertTemplate();
372     GroupDto group = dbTester.users().insertGroup();
373     dbTester.permissionTemplates().addGroupToTemplate(projectPermissionTemplate, group, PROVISION_PROJECTS.getKey());
374     dbTester.permissionTemplates().setDefaultTemplates(projectPermissionTemplate, null, null);
375
376     underTest.applyDefaultToNewComponent(session, application, null);
377
378     assertThat(selectProjectPermissionsOfGroup(group, application)).containsOnly(PROVISION_PROJECTS.getKey());
379   }
380
381   @Test
382   public void apply_permission_template() {
383     UserDto user = dbTester.users().insertUser();
384     ComponentDto project = dbTester.components().insertPrivateProject();
385     GroupDto adminGroup = dbTester.users().insertGroup();
386     GroupDto userGroup = dbTester.users().insertGroup();
387     dbTester.users().insertPermissionOnGroup(adminGroup, "admin");
388     dbTester.users().insertPermissionOnGroup(userGroup, "user");
389     dbTester.users().insertPermissionOnUser(user, "admin");
390     PermissionTemplateDto permissionTemplate = dbTester.permissionTemplates().insertTemplate();
391     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, "admin");
392     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, adminGroup, "issueadmin");
393     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, "user");
394     dbTester.permissionTemplates().addGroupToTemplate(permissionTemplate, userGroup, "codeviewer");
395     dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "user");
396     dbTester.permissionTemplates().addAnyoneToTemplate(permissionTemplate, "codeviewer");
397     dbTester.permissionTemplates().addUserToTemplate(permissionTemplate, user, "admin");
398
399     assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).isEmpty();
400     assertThat(selectProjectPermissionsOfGroup(userGroup, project)).isEmpty();
401     assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty();
402     assertThat(selectProjectPermissionsOfUser(user, project)).isEmpty();
403
404     underTest.applyAndCommit(session, permissionTemplate, singletonList(project));
405
406     assertThat(selectProjectPermissionsOfGroup(adminGroup, project)).containsOnly("admin", "issueadmin");
407     assertThat(selectProjectPermissionsOfGroup(userGroup, project)).containsOnly("user", "codeviewer");
408     assertThat(selectProjectPermissionsOfGroup(null, project)).isEmpty();
409     assertThat(selectProjectPermissionsOfUser(user, project)).containsOnly("admin");
410   }
411
412   private List<String> selectProjectPermissionsOfGroup(@Nullable GroupDto groupDto, ComponentDto project) {
413     return dbTester.getDbClient().groupPermissionDao().selectProjectPermissionsOfGroup(session, groupDto != null ? groupDto.getUuid() : null, project.uuid());
414   }
415
416   private List<String> selectProjectPermissionsOfUser(UserDto userDto, ComponentDto project) {
417     return dbTester.getDbClient().userPermissionDao().selectProjectPermissionsOfUser(session,
418       userDto.getUuid(), project.uuid());
419   }
420
421   @Test
422   public void would_user_have_scan_permission_with_default_permission_template() {
423     GroupDto group = dbTester.users().insertGroup();
424     UserDto user = dbTester.users().insertUser();
425     dbTester.users().insertMember(group, user);
426     PermissionTemplateDto template = templateDb.insertTemplate();
427     dbTester.permissionTemplates().setDefaultTemplates(template, null, null);
428     templateDb.addProjectCreatorToTemplate(template.getUuid(), SCAN.getKey(), template.getName());
429     templateDb.addUserToTemplate(template.getUuid(), user.getUuid(), UserRole.USER, template.getName(), user.getLogin());
430     templateDb.addGroupToTemplate(template.getUuid(), group.getUuid(), UserRole.CODEVIEWER, template.getName(), group.getName());
431     templateDb.addGroupToTemplate(template.getUuid(), null, UserRole.ISSUE_ADMIN, template.getName(), null);
432
433     // authenticated user
434     checkWouldUserHaveScanPermission(user.getUuid(), true);
435
436     // anonymous user
437     checkWouldUserHaveScanPermission(null, false);
438   }
439
440   @Test
441   public void would_user_have_scan_permission_with_unknown_default_permission_template() {
442     dbTester.permissionTemplates().setDefaultTemplates("UNKNOWN_TEMPLATE_UUID", null, null);
443
444     checkWouldUserHaveScanPermission(null, false);
445   }
446
447   @Test
448   public void would_user_have_scan_permission_with_empty_template() {
449     PermissionTemplateDto template = templateDb.insertTemplate();
450     dbTester.permissionTemplates().setDefaultTemplates(template, null, null);
451
452     checkWouldUserHaveScanPermission(null, false);
453   }
454
455   private void checkWouldUserHaveScanPermission(@Nullable String userUuid, boolean expectedResult) {
456     assertThat(underTest.wouldUserHaveScanPermissionWithDefaultTemplate(session, userUuid, "PROJECT_KEY"))
457       .isEqualTo(expectedResult);
458   }
459
460 }
Continuous Inspection: https://github.com/SonarSource/sonarqube