source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws.template;
  21
  22 import com.google.common.base.Function;
  23 import java.util.List;
  24 import javax.annotation.Nonnull;
  25 import javax.annotation.Nullable;
  26 import org.junit.Before;
  27 import org.junit.Rule;
  28 import org.junit.Test;
  29 import org.junit.rules.ExpectedException;
  30 import org.sonar.api.resources.Qualifiers;
  31 import org.sonar.api.utils.System2;
  32 import org.sonar.core.permission.GlobalPermissions;
  33 import org.sonar.db.DbClient;
  34 import org.sonar.db.DbSession;
  35 import org.sonar.db.DbTester;
  36 import org.sonar.db.component.ResourceTypesRule;
  37 import org.sonar.db.permission.GroupWithPermissionDto;
  38 import org.sonar.db.permission.PermissionQuery;
  39 import org.sonar.db.permission.PermissionTemplateDto;
  40 import org.sonar.db.user.GroupDto;
  41 import org.sonar.server.component.ComponentFinder;
  42 import org.sonar.server.exceptions.BadRequestException;
  43 import org.sonar.server.exceptions.ForbiddenException;
  44 import org.sonar.server.exceptions.NotFoundException;
  45 import org.sonar.server.exceptions.UnauthorizedException;
  46 import org.sonar.server.permission.ws.PermissionDependenciesFinder;
  47 import org.sonar.server.tester.UserSessionRule;
  48 import org.sonar.server.usergroups.ws.UserGroupFinder;
  49 import org.sonar.server.ws.TestRequest;
  50 import org.sonar.server.ws.WsActionTester;
  51
  52 import static com.google.common.collect.FluentIterable.from;
  53 import static org.assertj.core.api.Assertions.assertThat;
  54 import static org.sonar.api.security.DefaultGroups.ANYONE;
  55 import static org.sonar.api.web.UserRole.CODEVIEWER;
  56 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
  57 import static org.sonar.db.user.GroupMembershipQuery.IN;
  58 import static org.sonar.db.user.GroupTesting.newGroupDto;
  59 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
  60 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
  61 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
  62 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
  63 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
  64
  65
  66 public class RemoveGroupFromTemplateActionTest {
  67
  68   private static final String GROUP_NAME = "group-name";
  69   private static final String PERMISSION = CODEVIEWER;
  70   @Rule
  71   public DbTester db = DbTester.create(System2.INSTANCE);
  72   @Rule
  73   public ExpectedException expectedException = ExpectedException.none();
  74   @Rule
  75   public UserSessionRule userSession = UserSessionRule.standalone();
  76   ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
  77
  78   WsActionTester ws;
  79   DbClient dbClient;
  80   DbSession dbSession;
  81   GroupDto group;
  82   PermissionTemplateDto permissionTemplate;
  83
  84   @Before
  85   public void setUp() {
  86     dbClient = db.getDbClient();
  87     dbSession = db.getSession();
  88     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  89
  90     PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
  91     ws = new WsActionTester(new RemoveGroupFromTemplateAction(dbClient, dependenciesFinder, userSession));
  92
  93     group = insertGroup(newGroupDto().setName(GROUP_NAME));
  94     permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
  95     addGroupToPermissionTemplate(permissionTemplate.getId(), group.getId(), PERMISSION);
  96     commit();
  97   }
  98
  99   @Test
 100   public void remove_group_from_template() {
 101     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 102     commit();
 103
 104     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
 105
 106     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 107   }
 108
 109   @Test
 110   public void remove_group_from_template_by_name_case_insensitive() {
 111     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 112     commit();
 113
 114     ws.newRequest()
 115       .setParam(PARAM_GROUP_NAME, GROUP_NAME)
 116       .setParam(PARAM_PERMISSION, PERMISSION)
 117       .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
 118       .execute();
 119     commit();
 120
 121     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 122   }
 123
 124   @Test
 125   public void remove_group_with_group_id() {
 126     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 127     commit();
 128
 129     ws.newRequest()
 130       .setParam(PARAM_TEMPLATE_ID, permissionTemplate.getUuid())
 131       .setParam(PARAM_PERMISSION, PERMISSION)
 132       .setParam(PARAM_GROUP_ID, String.valueOf(group.getId()))
 133       .execute();
 134
 135     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 136   }
 137
 138   @Test
 139   public void remove_group_twice_without_error() {
 140     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
 141     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
 142
 143     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
 144   }
 145
 146   @Test
 147   public void remove_anyone_group_from_template() {
 148     addGroupToPermissionTemplate(permissionTemplate.getId(), null, PERMISSION);
 149     commit();
 150
 151     newRequest(ANYONE, permissionTemplate.getUuid(), PERMISSION);
 152
 153     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
 154   }
 155
 156   @Test
 157   public void fail_if_not_a_project_permission() {
 158     expectedException.expect(BadRequestException.class);
 159
 160     newRequest(GROUP_NAME, permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
 161   }
 162
 163   @Test
 164   public void fail_if_insufficient_privileges() {
 165     expectedException.expect(ForbiddenException.class);
 166     userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 167
 168     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
 169   }
 170
 171   @Test
 172   public void fail_if_not_logged_in() {
 173     expectedException.expect(UnauthorizedException.class);
 174     userSession.anonymous();
 175
 176     newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
 177   }
 178
 179   @Test
 180   public void fail_if_group_params_missing() {
 181     expectedException.expect(BadRequestException.class);
 182
 183     newRequest(null, permissionTemplate.getUuid(), PERMISSION);
 184   }
 185
 186   @Test
 187   public void fail_if_permission_missing() {
 188     expectedException.expect(IllegalArgumentException.class);
 189
 190     newRequest(GROUP_NAME, permissionTemplate.getUuid(), null);
 191   }
 192
 193   @Test
 194   public void fail_if_template_missing() {
 195     expectedException.expect(BadRequestException.class);
 196
 197     newRequest(GROUP_NAME, null, PERMISSION);
 198   }
 199
 200   @Test
 201   public void fail_if_group_does_not_exist() {
 202     expectedException.expect(NotFoundException.class);
 203     expectedException.expectMessage("Group with name 'unknown-group-name' is not found");
 204
 205     newRequest("unknown-group-name", permissionTemplate.getUuid(), PERMISSION);
 206   }
 207
 208   @Test
 209   public void fail_if_template_key_does_not_exist() {
 210     expectedException.expect(NotFoundException.class);
 211     expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
 212
 213     newRequest(GROUP_NAME, "unknown-key", PERMISSION);
 214   }
 215
 216   private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) {
 217     TestRequest request = ws.newRequest();
 218     if (groupName != null) {
 219       request.setParam(PARAM_GROUP_NAME, groupName);
 220     }
 221     if (templateKey != null) {
 222       request.setParam(PARAM_TEMPLATE_ID, templateKey);
 223     }
 224     if (permission != null) {
 225       request.setParam(PARAM_PERMISSION, permission);
 226     }
 227
 228     request.execute();
 229   }
 230
 231   private void commit() {
 232     dbSession.commit();
 233   }
 234
 235   private GroupDto insertGroup(GroupDto groupDto) {
 236     return dbClient.groupDao().insert(dbSession, groupDto);
 237   }
 238
 239   private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
 240     return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
 241   }
 242
 243   private void addGroupToPermissionTemplate(long permissionTemplateId, @Nullable Long groupId, String permission) {
 244     dbClient.permissionTemplateDao().insertGroupPermission(dbSession, permissionTemplateId, groupId, permission);
 245   }
 246
 247   private List<String> getGroupNamesInTemplateAndPermission(long templateId, String permission) {
 248     PermissionQuery permissionQuery = PermissionQuery.builder().permission(permission).membership(IN).build();
 249     return from(dbClient.permissionTemplateDao()
 250       .selectGroups(dbSession, permissionQuery, templateId))
 251       .transform(GroupWithPermissionToGroupName.INSTANCE)
 252       .toList();
 253   }
 254
 255   private enum GroupWithPermissionToGroupName implements Function<GroupWithPermissionDto, String> {
 256     INSTANCE;
 257
 258     @Override
 259     public String apply(@Nonnull GroupWithPermissionDto groupWithPermission) {
 260       return groupWithPermission.getName();
 261     }
 262
 263   }
 264 }