source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube, open source software quality management tool.
   3  * Copyright (C) 2008-2014 SonarSource
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * SonarQube is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * SonarQube is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20
  21 package org.sonar.server.permission.ws.template;
  22
  23 import com.google.common.base.Function;
  24 import java.util.List;
  25 import javax.annotation.Nonnull;
  26 import javax.annotation.Nullable;
  27 import org.junit.Before;
  28 import org.junit.Rule;
  29 import org.junit.Test;
  30 import org.junit.experimental.categories.Category;
  31 import org.junit.rules.ExpectedException;
  32 import org.sonar.api.utils.System2;
  33 import org.sonar.api.web.UserRole;
  34 import org.sonar.core.permission.GlobalPermissions;
  35 import org.sonar.db.DbClient;
  36 import org.sonar.db.DbSession;
  37 import org.sonar.db.DbTester;
  38 import org.sonar.db.permission.GroupWithPermissionDto;
  39 import org.sonar.db.permission.PermissionQuery;
  40 import org.sonar.db.permission.PermissionTemplateDto;
  41 import org.sonar.db.user.GroupDto;
  42 import org.sonar.server.component.ComponentFinder;
  43 import org.sonar.server.exceptions.BadRequestException;
  44 import org.sonar.server.exceptions.ForbiddenException;
  45 import org.sonar.server.exceptions.NotFoundException;
  46 import org.sonar.server.exceptions.UnauthorizedException;
  47 import org.sonar.server.permission.ws.PermissionDependenciesFinder;
  48 import org.sonar.server.permission.ws.WsPermissionParameters;
  49 import org.sonar.server.tester.UserSessionRule;
  50 import org.sonar.server.ws.TestRequest;
  51 import org.sonar.server.ws.WsActionTester;
  52 import org.sonar.test.DbTests;
  53
  54 import static com.google.common.collect.FluentIterable.from;
  55 import static org.assertj.core.api.Assertions.assertThat;
  56 import static org.sonar.api.security.DefaultGroups.ANYONE;
  57 import static org.sonar.api.web.UserRole.ADMIN;
  58 import static org.sonar.api.web.UserRole.CODEVIEWER;
  59 import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
  60 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
  61 import static org.sonar.db.user.GroupMembershipQuery.IN;
  62 import static org.sonar.db.user.GroupTesting.newGroupDto;
  63 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_GROUP_ID;
  64 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_GROUP_NAME;
  65 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_PERMISSION;
  66 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_TEMPLATE_UUID;
  67 import static org.sonar.server.permission.ws.WsPermissionParameters.PARAM_TEMPLATE_NAME;
  68
  69 @Category(DbTests.class)
  70 public class AddGroupToTemplateActionTest {
  71
  72   private static final String GROUP_NAME = "group-name";
  73   @Rule
  74   public DbTester db = DbTester.create(System2.INSTANCE);
  75   @Rule
  76   public ExpectedException expectedException = ExpectedException.none();
  77   @Rule
  78   public UserSessionRule userSession = UserSessionRule.standalone();
  79
  80   WsActionTester ws;
  81   DbClient dbClient;
  82   DbSession dbSession;
  83   GroupDto group;
  84   PermissionTemplateDto permissionTemplate;
  85
  86   @Before
  87   public void setUp() {
  88     dbClient = db.getDbClient();
  89     dbSession = db.getSession();
  90     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  91
  92     PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient));
  93     ws = new WsActionTester(new AddGroupToTemplateAction(dbClient, dependenciesFinder, userSession));
  94
  95     group = insertGroup(newGroupDto().setName(GROUP_NAME));
  96     permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
  97     commit();
  98   }
  99
 100   @Test
 101   public void add_group_to_template() {
 102     newRequest(GROUP_NAME, permissionTemplate.getUuid(), CODEVIEWER);
 103
 104     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(GROUP_NAME);
 105   }
 106
 107   @Test
 108   public void add_group_to_template_by_name() {
 109     ws.newRequest()
 110       .setParam(PARAM_GROUP_NAME, GROUP_NAME)
 111       .setParam(PARAM_PERMISSION, CODEVIEWER)
 112       .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
 113       .execute();
 114     commit();
 115
 116     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(GROUP_NAME);
 117   }
 118
 119   @Test
 120   public void add_with_group_id() {
 121     ws.newRequest()
 122       .setParam(PARAM_TEMPLATE_UUID, permissionTemplate.getUuid())
 123       .setParam(PARAM_PERMISSION, CODEVIEWER)
 124       .setParam(PARAM_GROUP_ID, String.valueOf(group.getId()))
 125       .execute();
 126
 127     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(GROUP_NAME);
 128   }
 129
 130   @Test
 131   public void does_not_add_a_group_twice() {
 132     newRequest(GROUP_NAME, permissionTemplate.getUuid(), ISSUE_ADMIN);
 133     newRequest(GROUP_NAME, permissionTemplate.getUuid(), ISSUE_ADMIN);
 134
 135     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), ISSUE_ADMIN)).containsExactly(GROUP_NAME);
 136   }
 137
 138   @Test
 139   public void add_anyone_group_to_template() {
 140     newRequest(ANYONE, permissionTemplate.getUuid(), CODEVIEWER);
 141
 142     assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(ANYONE);
 143   }
 144
 145   @Test
 146   public void fail_if_add_anyone_group_to_admin_permission() {
 147     expectedException.expect(BadRequestException.class);
 148     expectedException.expectMessage(String.format("It is not possible to add the '%s' permission to the '%s' group.", UserRole.ADMIN, ANYONE));
 149
 150     newRequest(ANYONE, permissionTemplate.getUuid(), ADMIN);
 151   }
 152
 153   @Test
 154   public void fail_if_not_a_project_permission() {
 155     expectedException.expect(BadRequestException.class);
 156
 157     newRequest(GROUP_NAME, permissionTemplate.getUuid(), GlobalPermissions.PREVIEW_EXECUTION);
 158   }
 159
 160   @Test
 161   public void fail_if_insufficient_privileges() {
 162     expectedException.expect(ForbiddenException.class);
 163     userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 164
 165     newRequest(GROUP_NAME, permissionTemplate.getUuid(), CODEVIEWER);
 166   }
 167
 168   @Test
 169   public void fail_if_not_logged_in() {
 170     expectedException.expect(UnauthorizedException.class);
 171     userSession.anonymous();
 172
 173     newRequest(GROUP_NAME, permissionTemplate.getUuid(), CODEVIEWER);
 174   }
 175
 176   @Test
 177   public void fail_if_group_params_missing() {
 178     expectedException.expect(BadRequestException.class);
 179
 180     newRequest(null, permissionTemplate.getUuid(), CODEVIEWER);
 181   }
 182
 183   @Test
 184   public void fail_if_permission_missing() {
 185     expectedException.expect(IllegalArgumentException.class);
 186
 187     newRequest(GROUP_NAME, permissionTemplate.getUuid(), null);
 188   }
 189
 190   @Test
 191   public void fail_if_template_uuid_and_name_missing() {
 192     expectedException.expect(BadRequestException.class);
 193
 194     newRequest(GROUP_NAME, null, CODEVIEWER);
 195   }
 196
 197   @Test
 198   public void fail_if_group_does_not_exist() {
 199     expectedException.expect(NotFoundException.class);
 200     expectedException.expectMessage("Group with name 'unknown-group-name' is not found");
 201
 202     newRequest("unknown-group-name", permissionTemplate.getUuid(), CODEVIEWER);
 203   }
 204
 205   @Test
 206   public void fail_if_template_key_does_not_exist() {
 207     expectedException.expect(NotFoundException.class);
 208     expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
 209
 210     newRequest(GROUP_NAME, "unknown-key", CODEVIEWER);
 211   }
 212
 213   private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) {
 214     TestRequest request = ws.newRequest();
 215     if (groupName != null) {
 216       request.setParam(WsPermissionParameters.PARAM_GROUP_NAME, groupName);
 217     }
 218     if (templateKey != null) {
 219       request.setParam(PARAM_TEMPLATE_UUID, templateKey);
 220     }
 221     if (permission != null) {
 222       request.setParam(WsPermissionParameters.PARAM_PERMISSION, permission);
 223     }
 224
 225     request.execute();
 226   }
 227
 228   private void commit() {
 229     dbSession.commit();
 230   }
 231
 232   private GroupDto insertGroup(GroupDto groupDto) {
 233     return dbClient.groupDao().insert(dbSession, groupDto);
 234   }
 235
 236   private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
 237     return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
 238   }
 239
 240   private List<String> getGroupNamesInTemplateAndPermission(long templateId, String permission) {
 241     PermissionQuery permissionQuery = PermissionQuery.builder().permission(permission).membership(IN).build();
 242     return from(dbClient.permissionTemplateDao()
 243       .selectGroups(dbSession, permissionQuery, templateId))
 244       .transform(GroupWithPermissionToGroupName.INSTANCE)
 245       .toList();
 246   }
 247
 248   private enum GroupWithPermissionToGroupName implements Function<GroupWithPermissionDto, String> {
 249     INSTANCE;
 250
 251     @Override
 252     public String apply(@Nonnull GroupWithPermissionDto groupWithPermission) {
 253       return groupWithPermission.getName();
 254     }
 255
 256   }
 257 }