source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws.template;
  21
  22 import java.util.Arrays;
  23 import javax.annotation.Nullable;
  24 import org.junit.Before;
  25 import org.junit.Rule;
  26 import org.junit.Test;
  27 import org.junit.rules.ExpectedException;
  28 import org.sonar.api.resources.Qualifiers;
  29 import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;
  30 import org.sonar.api.web.UserRole;
  31 import org.sonar.db.DbClient;
  32 import org.sonar.db.DbTester;
  33 import org.sonar.db.component.ResourceTypesRule;
  34 import org.sonar.db.organization.OrganizationDto;
  35 import org.sonar.db.permission.template.PermissionTemplateDto;
  36 import org.sonar.db.permission.template.PermissionTemplateTesting;
  37 import org.sonar.db.user.GroupDto;
  38 import org.sonar.db.user.GroupTesting;
  39 import org.sonar.db.user.UserDto;
  40 import org.sonar.db.user.UserTesting;
  41 import org.sonar.server.component.ComponentFinder;
  42 import org.sonar.server.exceptions.BadRequestException;
  43 import org.sonar.server.exceptions.ForbiddenException;
  44 import org.sonar.server.exceptions.NotFoundException;
  45 import org.sonar.server.exceptions.UnauthorizedException;
  46 import org.sonar.server.organization.TestDefaultOrganizationProvider;
  47 import org.sonar.server.permission.ws.PermissionWsSupport;
  48 import org.sonar.server.tester.UserSessionRule;
  49 import org.sonar.server.usergroups.ws.GroupWsSupport;
  50 import org.sonar.server.ws.TestRequest;
  51 import org.sonar.server.ws.TestResponse;
  52 import org.sonar.server.ws.WsActionTester;
  53
  54 import static org.assertj.core.api.Assertions.assertThat;
  55 import static org.assertj.core.api.Assertions.fail;
  56 import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;
  57 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION_KEY;
  58 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
  59 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
  60
  61 public class DeleteTemplateActionTest {
  62
  63   @Rule
  64   public DbTester db = DbTester.create(new AlwaysIncreasingSystem2());
  65   @Rule
  66   public ExpectedException expectedException = ExpectedException.none();
  67
  68   private UserSessionRule userSession = UserSessionRule.standalone();
  69   private DbClient dbClient = db.getDbClient();
  70   private final ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);
  71   private final ResourceTypesRule resourceTypesWithViews = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW);
  72   private DefaultTemplatesResolver defaultTemplatesResolver = new DefaultTemplatesResolverImpl(resourceTypes);
  73   private DefaultTemplatesResolver defaultTemplatesResolverWithViews = new DefaultTemplatesResolverImpl(resourceTypesWithViews);
  74
  75   private WsActionTester underTestWithoutViews;
  76   private WsActionTester underTestWithViews;
  77
  78   @Before
  79   public void setUp() throws Exception {
  80     GroupWsSupport groupWsSupport = new GroupWsSupport(dbClient, TestDefaultOrganizationProvider.from(db));
  81     this.underTestWithoutViews = new WsActionTester(new DeleteTemplateAction(dbClient, userSession,
  82       new PermissionWsSupport(dbClient, new ComponentFinder(dbClient), groupWsSupport, resourceTypes),
  83       defaultTemplatesResolver));
  84     this.underTestWithViews = new WsActionTester(new DeleteTemplateAction(dbClient, userSession,
  85       new PermissionWsSupport(dbClient, new ComponentFinder(dbClient), groupWsSupport, resourceTypesWithViews),
  86       defaultTemplatesResolverWithViews));
  87   }
  88
  89   @Test
  90   public void delete_template_in_db() throws Exception {
  91     runOnAllUnderTests((underTest) -> {
  92       OrganizationDto organization = db.organizations().insert();
  93       PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
  94       db.organizations().setDefaultTemplates(organization, "foo", "bar");
  95       loginAsAdmin(organization);
  96
  97       TestResponse result = newRequestByUuid(underTest, template.getUuid());
  98
  99       assertThat(result.getInput()).isEmpty();
 100       assertTemplateDoesNotExist(template);
 101     });
 102   }
 103
 104   @Test
 105   public void delete_template_by_name_case_insensitive() throws Exception {
 106     runOnAllUnderTests((underTest) -> {
 107       OrganizationDto organization = db.organizations().insert();
 108       db.organizations().setDefaultTemplates(organization, "project def template uuid", "view def template uuid");
 109       PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 110       loginAsAdmin(organization);
 111       newRequestByName(underTest, organization, template);
 112
 113       assertTemplateDoesNotExist(template);
 114     });
 115   }
 116
 117   @Test
 118   public void delete_template_by_name_returns_empty_when_no_organization_is_provided_and_templates_does_not_belong_to_default_organization() throws Exception {
 119     OrganizationDto organization = db.organizations().insert();
 120     db.organizations().setDefaultTemplates(organization, "project def template uuid", "view def template uuid");
 121     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 122     loginAsAdmin(organization);
 123
 124     runOnAllUnderTests((underTest) -> {
 125       try {
 126         newRequestByName(underTest, null, template);
 127         fail("NotFoundException should have been raised");
 128       } catch (NotFoundException e) {
 129         assertThat(e).hasMessage("Permission template with name '" + template.getName() + "' is not found (case insensitive)");
 130       }
 131     });
 132   }
 133
 134   @Test
 135   public void delete_template_by_name_returns_empty_when_wrong_organization_is_provided() throws Exception {
 136     OrganizationDto organization = db.organizations().insert();
 137     db.organizations().setDefaultTemplates(organization, "project def template uuid", "view def template uuid");
 138     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 139     OrganizationDto otherOrganization = db.organizations().insert();
 140     loginAsAdmin(organization);
 141
 142     runOnAllUnderTests((underTest) -> {
 143       try {
 144         newRequestByName(underTest, otherOrganization, template);
 145         fail("NotFoundException should have been raised");
 146       } catch (NotFoundException e) {
 147         assertThat(e).hasMessage("Permission template with name '" + template.getName() + "' is not found (case insensitive)");
 148       }
 149     });
 150   }
 151
 152   @Test
 153   public void fail_if_uuid_is_not_known_without_views() throws Exception {
 154     userSession.logIn();
 155
 156     expectedException.expect(NotFoundException.class);
 157
 158     newRequestByUuid(underTestWithoutViews, "unknown-template-uuid");
 159   }
 160
 161   @Test
 162   public void fail_if_uuid_is_not_known_with_views() throws Exception {
 163     userSession.logIn();
 164
 165     expectedException.expect(NotFoundException.class);
 166
 167     newRequestByUuid(underTestWithViews, "unknown-template-uuid");
 168   }
 169
 170   @Test
 171   public void fail_to_delete_by_uuid_if_template_is_default_template_for_project_without_views() throws Exception {
 172     fail_to_delete_by_uuid_if_template_is_default_template_for_project(this.underTestWithoutViews);
 173   }
 174
 175   @Test
 176   public void fail_to_delete_by_uuid_if_template_is_default_template_for_project_with_views() throws Exception {
 177     fail_to_delete_by_uuid_if_template_is_default_template_for_project(this.underTestWithViews);
 178   }
 179
 180   private void fail_to_delete_by_uuid_if_template_is_default_template_for_project(WsActionTester underTest) throws Exception {
 181     OrganizationDto organization = db.organizations().insert();
 182     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 183     db.organizations().setDefaultTemplates(organization, template.getUuid(), "view def template uuid");
 184     loginAsAdmin(organization);
 185
 186     expectedException.expect(BadRequestException.class);
 187     expectedException.expectMessage("It is not possible to delete the default permission template for projects");
 188
 189     newRequestByUuid(underTest, template.getUuid());
 190   }
 191
 192   @Test
 193   public void fail_to_delete_by_name_if_template_is_default_template_for_project_without_views() throws Exception {
 194     fail_to_delete_by_name_if_template_is_default_template_for_project(this.underTestWithoutViews);
 195   }
 196
 197   @Test
 198   public void fail_to_delete_by_name_if_template_is_default_template_for_project_with_views() throws Exception {
 199     fail_to_delete_by_name_if_template_is_default_template_for_project(this.underTestWithViews);
 200   }
 201
 202   private void fail_to_delete_by_name_if_template_is_default_template_for_project(WsActionTester underTest) throws Exception {
 203     OrganizationDto organization = db.organizations().insert();
 204     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 205     db.organizations().setDefaultTemplates(organization, template.getUuid(), "view def template uuid");
 206     loginAsAdmin(organization);
 207
 208     expectedException.expect(BadRequestException.class);
 209     expectedException.expectMessage("It is not possible to delete the default permission template for projects");
 210
 211     newRequestByName(underTest, organization.getKey(), template.getName());
 212   }
 213
 214   @Test
 215   public void fail_to_delete_by_uuid_if_template_is_default_template_for_view_with_views() throws Exception {
 216     OrganizationDto organization = db.organizations().insert();
 217     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 218     db.organizations().setDefaultTemplates(organization, "project def template uuid", template.getUuid());
 219     loginAsAdmin(organization);
 220
 221     expectedException.expect(BadRequestException.class);
 222     expectedException.expectMessage("It is not possible to delete the default permission template for views");
 223
 224     newRequestByUuid(this.underTestWithViews, template.getUuid());
 225   }
 226
 227   @Test
 228   public void default_template_for_views_can_be_deleted_by_uuid_if_views_is_not_installed_and_default_template_for_views_is_reset() throws Exception {
 229     OrganizationDto organization = db.organizations().insert();
 230     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 231     db.organizations().setDefaultTemplates(organization, "project def template uuid", template.getUuid());
 232     loginAsAdmin(organization);
 233
 234     newRequestByUuid(this.underTestWithoutViews, template.getUuid());
 235
 236     assertTemplateDoesNotExist(template);
 237
 238     assertThat(db.getDbClient().organizationDao().getDefaultTemplates(db.getSession(), organization.getUuid())
 239       .get().getViewUuid())
 240         .isNull();
 241   }
 242
 243   @Test
 244   public void fail_to_delete_by_uuid_if_not_logged_in_without_views() throws Exception {
 245     expectedException.expect(UnauthorizedException.class);
 246
 247     newRequestByUuid(underTestWithoutViews, "uuid");
 248   }
 249
 250   @Test
 251   public void fail_to_delete_by_uuid_if_not_logged_in_with_views() throws Exception {
 252     expectedException.expect(UnauthorizedException.class);
 253
 254     newRequestByUuid(underTestWithViews, "uuid");
 255   }
 256
 257   @Test
 258   public void fail_to_delete_by_name_if_not_logged_in_without_views() throws Exception {
 259     expectedException.expect(UnauthorizedException.class);
 260
 261     newRequestByName(underTestWithoutViews, "whatever", "name");
 262   }
 263
 264   @Test
 265   public void fail_to_delete_by_name_if_not_logged_in_with_views() throws Exception {
 266     expectedException.expect(UnauthorizedException.class);
 267
 268     newRequestByName(underTestWithViews, "whatever", "name");
 269   }
 270
 271   @Test
 272   public void fail_to_delete_by_uuid_if_not_admin_without_views() throws Exception {
 273     OrganizationDto organization = db.organizations().insert();
 274     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 275     userSession.logIn();
 276
 277     expectedException.expect(ForbiddenException.class);
 278
 279     newRequestByUuid(underTestWithoutViews, template.getUuid());
 280   }
 281
 282   @Test
 283   public void fail_to_delete_by_uuid_if_not_admin_with_views() throws Exception {
 284     OrganizationDto organization = db.organizations().insert();
 285     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);
 286     userSession.logIn();
 287
 288     expectedException.expect(ForbiddenException.class);
 289
 290     newRequestByUuid(underTestWithViews, template.getUuid());
 291   }
 292
 293   @Test
 294   public void fail_to_delete_by_name_if_not_admin_without_views() throws Exception {
 295     OrganizationDto organization = db.organizations().insert();
 296     PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);
 297     userSession.logIn();
 298
 299     expectedException.expect(ForbiddenException.class);
 300
 301     newRequestByName(underTestWithoutViews, organization.getKey(), template.getName());
 302   }
 303
 304   @Test
 305   public void fail_to_delete_by_name_if_not_admin_with_views() throws Exception {
 306     OrganizationDto organization = db.organizations().insert();
 307     PermissionTemplateDto template = db.permissionTemplates().insertTemplate(PermissionTemplateTesting.newPermissionTemplateDto()
 308       .setOrganizationUuid(organization.getUuid())
 309       .setName("the name"));
 310     userSession.logIn();
 311
 312     expectedException.expect(ForbiddenException.class);
 313
 314     newRequestByName(underTestWithViews, organization, template);
 315   }
 316
 317   @Test
 318   public void fail_if_neither_uuid_nor_name_is_provided_without_views() throws Exception {
 319     userSession.logIn();
 320
 321     expectedException.expect(BadRequestException.class);
 322
 323     newRequestByUuid(underTestWithoutViews, null);
 324   }
 325
 326   @Test
 327   public void fail_if_neither_uuid_nor_name_is_provided_with_views() throws Exception {
 328     userSession.logIn();
 329
 330     expectedException.expect(BadRequestException.class);
 331
 332     newRequestByUuid(underTestWithViews, null);
 333   }
 334
 335   @Test
 336   public void fail_if_both_uuid_and_name_are_provided_without_views() throws Exception {
 337     userSession.logIn();
 338
 339     expectedException.expect(BadRequestException.class);
 340
 341     underTestWithoutViews.newRequest().setMethod("POST")
 342       .setParam(PARAM_TEMPLATE_ID, "uuid")
 343       .setParam(PARAM_TEMPLATE_NAME, "name")
 344       .execute();
 345   }
 346
 347   @Test
 348   public void fail_if_both_uuid_and_name_are_provided_with_views() throws Exception {
 349     userSession.logIn();
 350
 351     expectedException.expect(BadRequestException.class);
 352
 353     underTestWithViews.newRequest().setMethod("POST")
 354       .setParam(PARAM_TEMPLATE_ID, "uuid")
 355       .setParam(PARAM_TEMPLATE_NAME, "name")
 356       .execute();
 357   }
 358
 359   // @Test
 360   // public void delete_perm_tpl_characteristic_when_delete_template() throws Exception {
 361   // db.getDbClient().permissionTemplateCharacteristicDao().insert(db.getSession(), new PermissionTemplateCharacteristicDto()
 362   // .setPermission(UserRole.USER)
 363   // .setTemplateId(template.getId())
 364   // .setWithProjectCreator(true)
 365   // .setCreatedAt(new Date().getTime())
 366   // .setUpdatedAt(new Date().getTime()));
 367   // db.commit();
 368   //
 369   // newRequest(template.getUuid());
 370   //
 371   // assertThat(db.getDbClient().permissionTemplateCharacteristicDao().selectByTemplateIds(db.getSession(),
 372   // asList(template.getId()))).isEmpty();
 373   // }
 374
 375   private UserSessionRule loginAsAdmin(OrganizationDto organization) {
 376     return userSession.logIn().addOrganizationPermission(organization.getUuid(), SYSTEM_ADMIN);
 377   }
 378
 379   private void runOnAllUnderTests(ConsumerWithException<WsActionTester> consumer) throws Exception {
 380     for (WsActionTester underTest : Arrays.asList(underTestWithoutViews, underTestWithViews)) {
 381       consumer.accept(underTest);
 382     }
 383   }
 384
 385   private interface ConsumerWithException<T> {
 386     void accept(T e) throws Exception;
 387   }
 388
 389   private PermissionTemplateDto insertTemplateAndAssociatedPermissions(OrganizationDto organization) {
 390     PermissionTemplateDto dto = db.permissionTemplates().insertTemplate(organization);
 391     UserDto user = db.getDbClient().userDao().insert(db.getSession(), UserTesting.newUserDto().setActive(true));
 392     GroupDto group = db.getDbClient().groupDao().insert(db.getSession(), GroupTesting.newGroupDto());
 393     db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), dto.getId(), user.getId(), UserRole.ADMIN);
 394     db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), dto.getId(), group.getId(), UserRole.CODEVIEWER);
 395     db.commit();
 396     return dto;
 397   }
 398
 399   private TestResponse newRequestByUuid(WsActionTester actionTester, @Nullable String id) throws Exception {
 400     TestRequest request = actionTester.newRequest().setMethod("POST");
 401     if (id != null) {
 402       request.setParam(PARAM_TEMPLATE_ID, id);
 403     }
 404     return request.execute();
 405   }
 406
 407   private TestResponse newRequestByName(WsActionTester actionTester, @Nullable OrganizationDto organizationDto, @Nullable PermissionTemplateDto permissionTemplateDto)
 408     throws Exception {
 409     return newRequestByName(
 410       actionTester,
 411       organizationDto == null ? null : organizationDto.getKey(),
 412       permissionTemplateDto == null ? null : permissionTemplateDto.getName());
 413   }
 414
 415   private TestResponse newRequestByName(WsActionTester actionTester, @Nullable String organizationKey, @Nullable String name) throws Exception {
 416     TestRequest request = actionTester.newRequest().setMethod("POST");
 417     if (organizationKey != null) {
 418       request.setParam(PARAM_ORGANIZATION_KEY, organizationKey);
 419     }
 420     if (name != null) {
 421       request.setParam(PARAM_TEMPLATE_NAME, name);
 422     }
 423
 424     return request.execute();
 425   }
 426
 427   private void assertTemplateDoesNotExist(PermissionTemplateDto template) {
 428     assertThat(db.getDbClient().permissionTemplateDao().selectByUuid(db.getSession(), template.getUuid())).isNull();
 429   }
 430
 431 }