3 * Copyright (C) 2009-2019 SonarSource SA
4 * mailto:info AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.server.permission.ws.template;
22 import java.util.List;
23 import javax.annotation.Nullable;
24 import org.junit.Before;
25 import org.junit.Rule;
26 import org.junit.Test;
27 import org.sonar.api.web.UserRole;
28 import org.sonar.db.component.ComponentDto;
29 import org.sonar.db.permission.PermissionQuery;
30 import org.sonar.db.permission.template.PermissionTemplateDto;
31 import org.sonar.db.user.GroupDto;
32 import org.sonar.db.user.UserDto;
33 import org.sonar.server.es.TestProjectIndexers;
34 import org.sonar.server.exceptions.BadRequestException;
35 import org.sonar.server.exceptions.ForbiddenException;
36 import org.sonar.server.exceptions.NotFoundException;
37 import org.sonar.server.permission.DefaultTemplatesResolverRule;
38 import org.sonar.server.permission.PermissionTemplateService;
39 import org.sonar.server.permission.ws.BasePermissionWsTest;
40 import org.sonar.server.ws.TestRequest;
41 import org.sonar.server.ws.TestResponse;
43 import static org.assertj.core.api.Assertions.assertThat;
44 import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;
45 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
46 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
47 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
48 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
50 public class ApplyTemplateActionTest extends BasePermissionWsTest<ApplyTemplateAction> {
53 public DefaultTemplatesResolverRule defaultTemplatesResolver = DefaultTemplatesResolverRule.withoutGovernance();
54 private UserDto user1;
55 private UserDto user2;
56 private GroupDto group1;
57 private GroupDto group2;
58 private ComponentDto project;
59 private PermissionTemplateDto template1;
60 private PermissionTemplateDto template2;
62 private PermissionTemplateService permissionTemplateService = new PermissionTemplateService(db.getDbClient(),
63 new TestProjectIndexers(), userSession, defaultTemplatesResolver);
66 protected ApplyTemplateAction buildWsAction() {
67 return new ApplyTemplateAction(db.getDbClient(), userSession, permissionTemplateService, newPermissionWsSupport());
72 user1 = db.users().insertUser();
73 db.organizations().addMember(db.getDefaultOrganization(), user1);
74 user2 = db.users().insertUser();
75 db.organizations().addMember(db.getDefaultOrganization(), user2);
76 group1 = db.users().insertGroup();
77 group2 = db.users().insertGroup();
80 template1 = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());
81 addUserToTemplate(user1, template1, UserRole.CODEVIEWER);
82 addUserToTemplate(user2, template1, UserRole.ISSUE_ADMIN);
83 addGroupToTemplate(group1, template1, UserRole.ADMIN);
84 addGroupToTemplate(group2, template1, UserRole.USER);
86 template2 = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());
87 addUserToTemplate(user1, template2, UserRole.USER);
88 addUserToTemplate(user2, template2, UserRole.USER);
89 addGroupToTemplate(group1, template2, UserRole.USER);
90 addGroupToTemplate(group2, template2, UserRole.USER);
92 project = db.components().insertPrivateProject();
93 db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project);
94 db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project);
95 db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project);
96 db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
100 public void apply_template_with_project_uuid() {
101 loginAsAdmin(db.getDefaultOrganization());
103 newRequest(template1.getUuid(), project.uuid(), null);
105 assertTemplate1AppliedToProject();
109 public void apply_template_with_project_uuid_by_template_name() {
110 loginAsAdmin(db.getDefaultOrganization());
113 .setParam(PARAM_TEMPLATE_NAME, template1.getName().toUpperCase())
114 .setParam(PARAM_PROJECT_ID, project.uuid())
117 assertTemplate1AppliedToProject();
121 public void apply_template_with_project_key() {
122 loginAsAdmin(db.getDefaultOrganization());
124 newRequest(template1.getUuid(), null, project.getDbKey());
126 assertTemplate1AppliedToProject();
130 public void fail_when_unknown_template() {
131 loginAsAdmin(db.getDefaultOrganization());
133 expectedException.expect(NotFoundException.class);
134 expectedException.expectMessage("Permission template with id 'unknown-template-uuid' is not found");
136 newRequest("unknown-template-uuid", project.uuid(), null);
140 public void fail_when_unknown_project_uuid() {
141 loginAsAdmin(db.getDefaultOrganization());
143 expectedException.expect(NotFoundException.class);
144 expectedException.expectMessage("Project id 'unknown-project-uuid' not found");
146 newRequest(template1.getUuid(), "unknown-project-uuid", null);
150 public void fail_when_unknown_project_key() {
151 loginAsAdmin(db.getDefaultOrganization());
153 expectedException.expect(NotFoundException.class);
154 expectedException.expectMessage("Project key 'unknown-project-key' not found");
156 newRequest(template1.getUuid(), null, "unknown-project-key");
160 public void fail_when_template_is_not_provided() {
161 loginAsAdmin(db.getDefaultOrganization());
163 expectedException.expect(BadRequestException.class);
165 newRequest(null, project.uuid(), null);
169 public void fail_when_project_uuid_and_key_not_provided() {
170 loginAsAdmin(db.getDefaultOrganization());
172 expectedException.expect(BadRequestException.class);
173 expectedException.expectMessage("Project id or project key can be provided, not both.");
175 newRequest(template1.getUuid(), null, null);
179 public void fail_when_not_admin_of_organization() {
180 userSession.logIn().addPermission(ADMINISTER, "otherOrg");
182 expectedException.expect(ForbiddenException.class);
184 newRequest(template1.getUuid(), project.uuid(), null);
187 private void assertTemplate1AppliedToProject() {
188 assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName());
189 assertThat(selectProjectPermissionGroups(project, UserRole.USER)).containsExactly(group2.getName());
190 assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty();
191 assertThat(selectProjectPermissionUsers(project, UserRole.CODEVIEWER)).containsExactly(user1.getId());
192 assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getId());
195 private TestResponse newRequest(@Nullable String templateUuid, @Nullable String projectUuid, @Nullable String projectKey) {
196 TestRequest request = newRequest();
197 if (templateUuid != null) {
198 request.setParam(PARAM_TEMPLATE_ID, templateUuid);
200 if (projectUuid != null) {
201 request.setParam(PARAM_PROJECT_ID, projectUuid);
203 if (projectKey != null) {
204 request.setParam(PARAM_PROJECT_KEY, projectKey);
207 return request.execute();
210 private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) {
211 db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), permissionTemplate.getId(), user.getId(), permission);
215 private void addGroupToTemplate(GroupDto group, PermissionTemplateDto permissionTemplate, String permission) {
216 db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplate.getId(), group.getId(), permission);
220 private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) {
221 PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(project.getOrganizationUuid()).setPermission(permission).setComponentUuid(project.uuid()).build();
222 return db.getDbClient().groupPermissionDao().selectGroupNamesByQuery(db.getSession(), query);
225 private List<Integer> selectProjectPermissionUsers(ComponentDto project, String permission) {
226 PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(project.getOrganizationUuid()).setPermission(permission).setComponentUuid(project.uuid()).build();
227 return db.getDbClient().userPermissionDao().selectUserIdsByQuery(db.getSession(), query);