]> source.dussan.org Git - sonarqube.git/blob
projects / sonarqube.git / blob
? search:


bf30a046b498a46a395ef6df7d50beda4a2e0fc1
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2020 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.qualityprofile.ws;
21
22 import org.junit.Rule;
23 import org.junit.Test;
24 import org.junit.rules.ExpectedException;
25 import org.sonar.api.resources.Languages;
26 import org.sonar.api.server.ws.WebService;
27 import org.sonar.core.util.UuidFactory;
28 import org.sonar.core.util.UuidFactoryFast;
29 import org.sonar.db.DbTester;
30 import org.sonar.db.permission.GlobalPermission;
31 import org.sonar.db.qualityprofile.QProfileDto;
32 import org.sonar.db.user.UserDto;
33 import org.sonar.server.exceptions.BadRequestException;
34 import org.sonar.server.exceptions.ForbiddenException;
35 import org.sonar.server.exceptions.NotFoundException;
36 import org.sonar.server.language.LanguageTesting;
37 import org.sonar.server.tester.UserSessionRule;
38 import org.sonar.server.ws.TestResponse;
39 import org.sonar.server.ws.WsActionTester;
40
41 import static java.lang.String.format;
42 import static org.assertj.core.api.Assertions.assertThat;
43 import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES;
44 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LANGUAGE;
45 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LOGIN;
46 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_QUALITY_PROFILE;
47
48 public class AddUserActionTest {
49
50   private static final String XOO = "xoo";
51   private static final Languages LANGUAGES = LanguageTesting.newLanguages(XOO);
52
53   @Rule
54   public ExpectedException expectedException = ExpectedException.none();
55   @Rule
56   public UserSessionRule userSession = UserSessionRule.standalone();
57   @Rule
58   public DbTester db = DbTester.create();
59
60   private final QProfileWsSupport wsSupport = new QProfileWsSupport(db.getDbClient(), userSession);
61   private final UuidFactory uuidFactory = UuidFactoryFast.getInstance();
62   private final WsActionTester ws = new WsActionTester(new AddUserAction(db.getDbClient(), uuidFactory, wsSupport, LANGUAGES));
63
64   @Test
65   public void test_definition() {
66     WebService.Action def = ws.getDef();
67     assertThat(def.key()).isEqualTo("add_user");
68     assertThat(def.isPost()).isTrue();
69     assertThat(def.isInternal()).isTrue();
70     assertThat(def.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder("qualityProfile", "language", "login");
71   }
72
73   @Test
74   public void add_user() {
75     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
76     UserDto user = db.users().insertUser();
77     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
78
79     TestResponse response = ws.newRequest()
80       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
81       .setParam(PARAM_LANGUAGE, XOO)
82       .setParam(PARAM_LOGIN, user.getLogin())
83       .execute();
84
85     assertThat(response.getStatus()).isEqualTo(204);
86     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isTrue();
87   }
88
89   @Test
90   public void does_nothing_when_user_can_already_edit_profile() {
91     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
92     UserDto user = db.users().insertUser();
93     db.qualityProfiles().addUserPermission(profile, user);
94     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isTrue();
95     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
96
97     ws.newRequest()
98       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
99       .setParam(PARAM_LANGUAGE, XOO)
100       .setParam(PARAM_LOGIN, user.getLogin())
101       .execute();
102
103     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isTrue();
104   }
105
106   @Test
107   public void qp_administers_can_add_user() {
108     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
109     UserDto user = db.users().insertUser();
110     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
111
112     ws.newRequest()
113       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
114       .setParam(PARAM_LANGUAGE, XOO)
115       .setParam(PARAM_LOGIN, user.getLogin())
116       .execute();
117
118     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isTrue();
119   }
120
121   @Test
122   public void qp_editors_can_add_user() {
123     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
124     UserDto user = db.users().insertUser();
125     UserDto userAllowedToEditProfile = db.users().insertUser();
126     db.qualityProfiles().addUserPermission(profile, userAllowedToEditProfile);
127     userSession.logIn(userAllowedToEditProfile);
128
129     ws.newRequest()
130       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
131       .setParam(PARAM_LANGUAGE, XOO)
132       .setParam(PARAM_LOGIN, user.getLogin())
133       .execute();
134
135     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isTrue();
136   }
137
138   @Test
139   public void uses_default_organization_when_no_organization() {
140     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
141     UserDto user = db.users().insertUser();
142     userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES);
143
144     ws.newRequest()
145       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
146       .setParam(PARAM_LANGUAGE, XOO)
147       .setParam(PARAM_LOGIN, user.getLogin())
148       .execute();
149
150     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isTrue();
151   }
152
153   @Test
154   public void fail_when_user_does_not_exist() {
155     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
156     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
157
158     expectedException.expect(NotFoundException.class);
159     expectedException.expectMessage("User with login 'unknown' is not found");
160
161     ws.newRequest()
162       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
163       .setParam(PARAM_LANGUAGE, XOO)
164       .setParam(PARAM_LOGIN, "unknown")
165       .execute();
166   }
167
168   @Test
169   public void fail_when_qprofile_does_not_exist() {
170     UserDto user = db.users().insertUser();
171     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
172
173     expectedException.expect(NotFoundException.class);
174     expectedException.expectMessage("Quality Profile for language 'xoo' and name 'unknown' does not exist");
175
176     ws.newRequest()
177       .setParam(PARAM_QUALITY_PROFILE, "unknown")
178       .setParam(PARAM_LANGUAGE, XOO)
179       .setParam(PARAM_LOGIN, user.getLogin())
180       .execute();
181   }
182
183   @Test
184   public void fail_when_wrong_language() {
185     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage("unknown"));
186     UserDto user = db.users().insertUser();
187     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
188
189     expectedException.expect(NotFoundException.class);
190     expectedException.expectMessage(format("Quality Profile for language 'xoo' and name '%s' does not exist", profile.getName()));
191     ws.newRequest()
192       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
193       .setParam(PARAM_LANGUAGE, XOO)
194       .setParam(PARAM_LOGIN, user.getLogin())
195       .execute();
196   }
197
198   @Test
199   public void fail_when_qp_is_built_in() {
200     UserDto user = db.users().insertUser();
201     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO).setIsBuiltIn(true));
202     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
203
204     expectedException.expect(BadRequestException.class);
205     expectedException.expectMessage(String.format("Operation forbidden for built-in Quality Profile '%s' with language 'xoo'", profile.getName()));
206
207     ws.newRequest()
208       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
209       .setParam(PARAM_LANGUAGE, XOO)
210       .setParam(PARAM_LOGIN, user.getLogin())
211       .execute();
212   }
213
214   @Test
215   public void fail_when_not_enough_permission() {
216     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
217     UserDto user = db.users().insertUser();
218     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_GATES);
219
220     expectedException.expect(ForbiddenException.class);
221
222     ws.newRequest()
223       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
224       .setParam(PARAM_LANGUAGE, XOO)
225       .setParam(PARAM_LOGIN, user.getLogin())
226       .execute();
227   }
228 }
Continuous Inspection: https://github.com/SonarSource/sonarqube