]> source.dussan.org Git - sonarqube.git/blob
projects / sonarqube.git / blob
? search:


c51d018274914185de473156567ec8b67fa1a7ca
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2020 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.qualityprofile.ws;
21
22 import org.junit.Rule;
23 import org.junit.Test;
24 import org.junit.rules.ExpectedException;
25 import org.sonar.api.resources.Languages;
26 import org.sonar.api.server.ws.WebService;
27 import org.sonar.db.DbTester;
28 import org.sonar.db.permission.GlobalPermission;
29 import org.sonar.db.qualityprofile.QProfileDto;
30 import org.sonar.db.user.UserDto;
31 import org.sonar.server.exceptions.BadRequestException;
32 import org.sonar.server.exceptions.ForbiddenException;
33 import org.sonar.server.exceptions.NotFoundException;
34 import org.sonar.server.language.LanguageTesting;
35 import org.sonar.server.tester.UserSessionRule;
36 import org.sonar.server.ws.TestResponse;
37 import org.sonar.server.ws.WsActionTester;
38
39 import static java.lang.String.format;
40 import static org.assertj.core.api.Assertions.assertThat;
41 import static org.sonar.db.permission.GlobalPermission.ADMINISTER_QUALITY_PROFILES;
42 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LANGUAGE;
43 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_LOGIN;
44 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_QUALITY_PROFILE;
45
46 public class RemoveUserActionTest {
47
48   private static final String XOO = "xoo";
49   private static final Languages LANGUAGES = LanguageTesting.newLanguages(XOO);
50
51   @Rule
52   public ExpectedException expectedException = ExpectedException.none();
53   @Rule
54   public UserSessionRule userSession = UserSessionRule.standalone();
55   @Rule
56   public DbTester db = DbTester.create();
57
58   private final QProfileWsSupport wsSupport = new QProfileWsSupport(db.getDbClient(), userSession);
59   private final WsActionTester ws = new WsActionTester(new RemoveUserAction(db.getDbClient(), wsSupport, LANGUAGES));
60
61   @Test
62   public void test_definition() {
63     WebService.Action def = ws.getDef();
64     assertThat(def.key()).isEqualTo("remove_user");
65     assertThat(def.isPost()).isTrue();
66     assertThat(def.isInternal()).isTrue();
67     assertThat(def.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder("qualityProfile", "language", "login");
68   }
69
70   @Test
71   public void remove_user() {
72     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
73     UserDto user = db.users().insertUser();
74     db.qualityProfiles().addUserPermission(profile, user);
75     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
76
77     TestResponse response = ws.newRequest()
78       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
79       .setParam(PARAM_LANGUAGE, XOO)
80       .setParam(PARAM_LOGIN, user.getLogin())
81       .execute();
82
83     assertThat(response.getStatus()).isEqualTo(204);
84     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isFalse();
85   }
86
87   @Test
88   public void does_nothing_when_user_cannot_edit_profile() {
89     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
90     UserDto user = db.users().insertUser();
91     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isFalse();
92     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
93
94     ws.newRequest()
95       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
96       .setParam(PARAM_LANGUAGE, XOO)
97       .setParam(PARAM_LOGIN, user.getLogin())
98       .execute();
99
100     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isFalse();
101   }
102
103   @Test
104   public void qp_administers_can_remove_user() {
105     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
106     UserDto user = db.users().insertUser();
107     db.qualityProfiles().addUserPermission(profile, user);
108     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
109
110     ws.newRequest()
111       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
112       .setParam(PARAM_LANGUAGE, XOO)
113       .setParam(PARAM_LOGIN, user.getLogin())
114       .execute();
115
116     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isFalse();
117   }
118
119   @Test
120   public void qp_editors_can_remove_user() {
121     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
122     UserDto user = db.users().insertUser();
123     db.qualityProfiles().addUserPermission(profile, user);
124     UserDto userAllowedToEditProfile = db.users().insertUser();
125     db.qualityProfiles().addUserPermission(profile, userAllowedToEditProfile);
126     userSession.logIn(userAllowedToEditProfile);
127
128     ws.newRequest()
129       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
130       .setParam(PARAM_LANGUAGE, XOO)
131       .setParam(PARAM_LOGIN, user.getLogin())
132       .execute();
133
134     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isFalse();
135   }
136
137   @Test
138   public void uses_default_organization_when_no_organization() {
139     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
140     UserDto user = db.users().insertUser();
141     db.qualityProfiles().addUserPermission(profile, user);
142     userSession.logIn().addPermission(ADMINISTER_QUALITY_PROFILES);
143
144     ws.newRequest()
145       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
146       .setParam(PARAM_LANGUAGE, XOO)
147       .setParam(PARAM_LOGIN, user.getLogin())
148       .execute();
149
150     assertThat(db.getDbClient().qProfileEditUsersDao().exists(db.getSession(), profile, user)).isFalse();
151   }
152
153   @Test
154   public void fail_when_user_does_not_exist() {
155     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
156     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
157
158     expectedException.expect(NotFoundException.class);
159     expectedException.expectMessage("User with login 'unknown' is not found");
160
161     ws.newRequest()
162       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
163       .setParam(PARAM_LANGUAGE, XOO)
164       .setParam(PARAM_LOGIN, "unknown")
165       .execute();
166   }
167
168   @Test
169   public void fail_when_qprofile_does_not_exist() {
170     UserDto user = db.users().insertUser();
171     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
172
173     expectedException.expect(NotFoundException.class);
174     expectedException.expectMessage("Quality Profile for language 'xoo' and name 'unknown' does not exist");
175
176     ws.newRequest()
177       .setParam(PARAM_QUALITY_PROFILE, "unknown")
178       .setParam(PARAM_LANGUAGE, XOO)
179       .setParam(PARAM_LOGIN, user.getLogin())
180       .execute();
181   }
182
183   @Test
184   public void fail_when_wrong_language() {
185     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage("unknown"));
186     UserDto user = db.users().insertUser();
187     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
188
189     expectedException.expect(NotFoundException.class);
190     expectedException.expectMessage(format("Quality Profile for language 'xoo' and name '%s' does not exist", profile.getName()));
191
192     ws.newRequest()
193       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
194       .setParam(PARAM_LANGUAGE, XOO)
195       .setParam(PARAM_LOGIN, user.getLogin())
196       .execute();
197   }
198
199   @Test
200   public void fail_when_qp_is_built_in() {
201     UserDto user = db.users().insertUser();
202     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO).setIsBuiltIn(true));
203     userSession.logIn().addPermission(GlobalPermission.ADMINISTER_QUALITY_PROFILES);
204     expectedException.expect(BadRequestException.class);
205     expectedException.expectMessage(String.format("Operation forbidden for built-in Quality Profile '%s' with language 'xoo'", profile.getName()));
206
207     ws.newRequest()
208       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
209       .setParam(PARAM_LANGUAGE, XOO)
210       .setParam(PARAM_LOGIN, user.getLogin())
211       .execute();
212   }
213
214   @Test
215   public void fail_when_not_enough_permission() {
216     QProfileDto profile = db.qualityProfiles().insert(p -> p.setLanguage(XOO));
217     UserDto user = db.users().insertUser();
218     userSession.logIn(db.users().insertUser()).addPermission(GlobalPermission.ADMINISTER_QUALITY_GATES);
219
220     expectedException.expect(ForbiddenException.class);
221
222     ws.newRequest()
223       .setParam(PARAM_QUALITY_PROFILE, profile.getName())
224       .setParam(PARAM_LANGUAGE, XOO)
225       .setParam(PARAM_LOGIN, user.getLogin())
226       .execute();
227   }
228 }
Continuous Inspection: https://github.com/SonarSource/sonarqube