source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2020 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.qualityprofile.ws;
  21
  22 import org.junit.Rule;
  23 import org.junit.Test;
  24 import org.junit.rules.ExpectedException;
  25 import org.sonar.api.resources.Languages;
  26 import org.sonar.api.server.ws.WebService;
  27 import org.sonar.core.util.UuidFactory;
  28 import org.sonar.core.util.UuidFactoryFast;
  29 import org.sonar.db.DbTester;
  30 import org.sonar.db.permission.GlobalPermission;
  31 import org.sonar.db.qualityprofile.QProfileDto;
  32 import org.sonar.db.user.GroupDto;
  33 import org.sonar.db.user.UserDto;
  34 import org.sonar.server.exceptions.BadRequestException;
  35 import org.sonar.server.exceptions.ForbiddenException;
  36 import org.sonar.server.exceptions.NotFoundException;
  37 import org.sonar.server.language.LanguageTesting;
  38 import org.sonar.server.tester.UserSessionRule;
  39 import org.sonar.server.ws.TestResponse;
  40 import org.sonar.server.ws.WsActionTester;
  41
  42 import static java.lang.String.format;
  43 import static org.assertj.core.api.Assertions.assertThat;
  44 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_GROUP;
  45 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LANGUAGE;
  46 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_QUALITY_PROFILE;
  47
  48 public class AddGroupActionTest {
  49
  50   private static final String XOO = "xoo";
  51   private static final Languages LANGUAGES = LanguageTesting.newLanguages(XOO);
  52
  53   @Rule
  54   public ExpectedException expectedException = ExpectedException.none();
  55   @Rule
  56   public UserSessionRule userSession = UserSessionRule.standalone();
  57   @Rule
  58   public DbTester db = DbTester.create();
  59
  60   private final QProfileWsSupport wsSupport = new QProfileWsSupport(db.getDbClient(), userSession);
  61   private UuidFactory uuidFactory = UuidFactoryFast.getInstance();
  62
  63   private WsActionTester ws = new WsActionTester(new AddGroupAction(db.getDbClient(), uuidFactory, wsSupport, LANGUAGES));
  64
  65   @Test
  66   public void test_definition() {
  67     WebService.Action def = ws.getDef();
  68     assertThat(def.key()).isEqualTo("add_group");
  69     assertThat(def.isPost()).isTrue();
  70     assertThat(def.isInternal()).isTrue();
  71     assertThat(def.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder("qualityProfile", "language", "group");
  72   }
  73
  74   @Test
  75   public void add_group() {
  76     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
  77     GroupDto group = db.users().insertGroup();
  78     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
  79
  80     TestResponse response = ws.newRequest()
  81       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
  82       .setParam(PARAM_LANGUAGE, XOO)
  83       .setParam(PARAM_GROUP, group.getName())
  84       .execute();
  85
  86     assertThat(response.getStatus()).isEqualTo(204);
  87     assertThat(db.getDbClient().qProfileEditGroupsDao().exists(db.getSession(), profile, group)).isTrue();
  88   }
  89
  90   @Test
  91   public void does_nothing_when_group_can_already_edit_profile() {
  92     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
  93     GroupDto group = db.users().insertGroup();
  94     db.qualityProfiles().addGroupPermission(profile, group);
  95     assertThat(db.getDbClient().qProfileEditGroupsDao().exists(db.getSession(), profile, group)).isTrue();
  96     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
  97
  98     ws.newRequest()
  99       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 100       .setParam(PARAM_LANGUAGE, XOO)
 101       .setParam(PARAM_GROUP, group.getName())
 102       .execute();
 103
 104     assertThat(db.getDbClient().qProfileEditGroupsDao().exists(db.getSession(), profile, group)).isTrue();
 105   }
 106
 107   @Test
 108   public void qp_administers_can_add_group() {
 109     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
 110     GroupDto group = db.users().insertGroup();
 111     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 112
 113     ws.newRequest()
 114       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 115       .setParam(PARAM_LANGUAGE, XOO)
 116       .setParam(PARAM_GROUP, group.getName())
 117       .execute();
 118
 119     assertThat(db.getDbClient().qProfileEditGroupsDao().exists(db.getSession(), profile, group)).isTrue();
 120   }
 121
 122   @Test
 123   public void can_add_group_with_user_edit_permission() {
 124     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
 125     GroupDto group = db.users().insertGroup();
 126     UserDto userAllowedToEditProfile = db.users().insertUser();
 127     db.qualityProfiles().addUserPermission(profile, userAllowedToEditProfile);
 128     userSession.logIn(userAllowedToEditProfile);
 129
 130     ws.newRequest()
 131       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 132       .setParam(PARAM_LANGUAGE, XOO)
 133       .setParam(PARAM_GROUP, group.getName())
 134       .execute();
 135
 136     assertThat(db.getDbClient().qProfileEditGroupsDao().exists(db.getSession(), profile, group)).isTrue();
 137   }
 138
 139   @Test
 140   public void can_add_group_with_group_edit_permission() {
 141     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
 142     GroupDto group = db.users().insertGroup();
 143     UserDto userAllowedToEditProfile = db.users().insertUser();
 144     db.qualityProfiles().addGroupPermission(profile, group);
 145     userSession.logIn(userAllowedToEditProfile).setGroups(group);
 146
 147     ws.newRequest()
 148       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 149       .setParam(PARAM_LANGUAGE, XOO)
 150       .setParam(PARAM_GROUP, group.getName())
 151       .execute();
 152
 153     assertThat(db.getDbClient().qProfileEditGroupsDao().exists(db.getSession(), profile, group)).isTrue();
 154   }
 155
 156   @Test
 157   public void uses_default_organization_when_no_organization() {
 158     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
 159     GroupDto group = db.users().insertGroup();
 160     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 161
 162     ws.newRequest()
 163       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 164       .setParam(PARAM_LANGUAGE, XOO)
 165       .setParam(PARAM_GROUP, group.getName())
 166       .execute();
 167
 168     assertThat(db.getDbClient().qProfileEditGroupsDao().exists(db.getSession(), profile, group)).isTrue();
 169   }
 170
 171   @Test
 172   public void fail_when_group_does_not_exist() {
 173     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
 174     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 175
 176     expectedException.expect(NotFoundException.class);
 177     expectedException.expectMessage("No group with name 'unknown'");
 178
 179     ws.newRequest()
 180       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 181       .setParam(PARAM_LANGUAGE, XOO)
 182       .setParam(PARAM_GROUP, "unknown")
 183       .execute();
 184   }
 185
 186   @Test
 187   public void fail_when_qprofile_does_not_exist() {
 188     GroupDto group = db.users().insertGroup();
 189     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 190
 191     expectedException.expect(NotFoundException.class);
 192     expectedException.expectMessage("Quality Profile for language 'xoo' and name 'unknown' does not exist");
 193
 194     ws.newRequest()
 195       .setParam(PARAM_QUALITY_PROFILE, "unknown")
 196       .setParam(PARAM_LANGUAGE, XOO)
 197       .setParam(PARAM_GROUP, group.getName())
 198       .execute();
 199   }
 200
 201   @Test
 202   public void fail_when_wrong_language() {
 203     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage("unknown"));
 204     UserDto user = db.users().insertUser();
 205     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 206
 207     expectedException.expect(NotFoundException.class);
 208     expectedException.expectMessage(format("Quality Profile for language 'xoo' and name '%s' does not exist", profile.getName()));
 209
 210     ws.newRequest()
 211       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 212       .setParam(PARAM_LANGUAGE, XOO)
 213       .setParam(PARAM_GROUP, user.getLogin())
 214       .execute();
 215   }
 216
 217   @Test
 218   public void fail_when_qp_is_built_in() {
 219     UserDto user = db.users().insertUser();
 220     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO).setIsBuiltIn(true));
 221     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
 222
 223     expectedException.expect(BadRequestException.class);
 224     expectedException.expectMessage(String.format("Operation forbidden for built-in Quality Profile '%s' with language 'xoo'", profile.getName()));
 225
 226     ws.newRequest()
 227       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 228       .setParam(PARAM_LANGUAGE, XOO)
 229       .setParam(PARAM_GROUP, user.getLogin())
 230       .execute();
 231   }
 232
 233   @Test
 234   public void fail_when_not_enough_permission() {
 235     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
 236     UserDto user = db.users().insertUser();
 237     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_GATES);
 238
 239     expectedException.expect(ForbiddenException.class);
 240
 241     ws.newRequest()
 242       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
 243       .setParam(PARAM_LANGUAGE, XOO)
 244       .setParam(PARAM_GROUP, user.getLogin())
 245       .execute();
 246   }
 247 }