]> source.dussan.org Git - sonarqube.git/blob
projects / sonarqube.git / blob
? search:


de5d33114f5f6633c40e3b0bff1bc1b0fc92d06e
[sonarqube.git] /
1 /*
2  * SonarQube
3  * Copyright (C) 2009-2020 SonarSource SA
4  * mailto:info AT sonarsource DOT com
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * This program is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20 package org.sonar.server.qualityprofile.ws;
21
22 import java.net.HttpURLConnection;
23 import java.util.Collection;
24 import org.junit.Before;
25 import org.junit.Rule;
26 import org.junit.Test;
27 import org.junit.rules.ExpectedException;
28 import org.mockito.ArgumentCaptor;
29 import org.mockito.Captor;
30 import org.mockito.MockitoAnnotations;
31 import org.sonar.api.rule.RuleKey;
32 import org.sonar.api.server.ws.WebService;
33 import org.sonar.db.DbClient;
34 import org.sonar.db.DbSession;
35 import org.sonar.db.DbTester;
36 import org.sonar.db.organization.OrganizationDto;
37 import org.sonar.db.permission.OrganizationPermission;
38 import org.sonar.db.qualityprofile.QProfileDto;
39 import org.sonar.db.rule.RuleDefinitionDto;
40 import org.sonar.db.rule.RuleTesting;
41 import org.sonar.db.user.UserDto;
42 import org.sonar.server.exceptions.BadRequestException;
43 import org.sonar.server.exceptions.ForbiddenException;
44 import org.sonar.server.exceptions.UnauthorizedException;
45 import org.sonar.server.organization.TestDefaultOrganizationProvider;
46 import org.sonar.server.qualityprofile.QProfileRules;
47 import org.sonar.server.tester.UserSessionRule;
48 import org.sonar.server.ws.TestRequest;
49 import org.sonar.server.ws.TestResponse;
50 import org.sonar.server.ws.WsActionTester;
51
52 import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric;
53 import static org.assertj.core.api.Assertions.assertThat;
54 import static org.mockito.ArgumentMatchers.any;
55 import static org.mockito.ArgumentMatchers.anyCollection;
56 import static org.mockito.Mockito.mock;
57 import static org.mockito.Mockito.verify;
58 import static org.sonar.server.platform.db.migration.def.VarcharColumnDef.UUID_SIZE;
59 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_KEY;
60 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_ORGANIZATION;
61 import static org.sonarqube.ws.client.qualityprofile.QualityProfileWsParameters.PARAM_RULE;
62
63 public class DeactivateRuleActionTest {
64   @Rule
65   public DbTester db = DbTester.create();
66   @Rule
67   public UserSessionRule userSession = UserSessionRule.standalone();
68   @Rule
69   public ExpectedException expectedException = ExpectedException.none();
70   @Captor
71   public ArgumentCaptor<Collection<Integer>> ruleIdsCaptor;
72
73   private DbClient dbClient = db.getDbClient();
74   private QProfileRules qProfileRules = mock(QProfileRules.class);
75   private QProfileWsSupport wsSupport = new QProfileWsSupport(dbClient, userSession, TestDefaultOrganizationProvider.from(db));
76   private DeactivateRuleAction underTest = new DeactivateRuleAction(dbClient, qProfileRules, userSession, wsSupport);
77   private WsActionTester ws = new WsActionTester(underTest);
78   private OrganizationDto defaultOrganization;
79   private OrganizationDto organization;
80
81   @Before
82   public void before() {
83     MockitoAnnotations.initMocks(this);
84     defaultOrganization = db.getDefaultOrganization();
85     organization = db.organizations().insert();
86   }
87
88   @Test
89   public void definition() {
90     WebService.Action definition = ws.getDef();
91     assertThat(definition).isNotNull();
92     assertThat(definition.isPost()).isTrue();
93     assertThat(definition.params()).extracting(WebService.Param::key).containsExactlyInAnyOrder("key", "rule");
94   }
95
96   @Test
97   public void deactivate_rule_in_default_organization() {
98     userSession.logIn(db.users().insertUser()).addPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, defaultOrganization);
99     QProfileDto qualityProfile = db.qualityProfiles().insert(defaultOrganization);
100     RuleDefinitionDto rule = db.rules().insert(RuleTesting.randomRuleKey());
101     TestRequest request = ws.newRequest()
102       .setMethod("POST")
103       .setParam(PARAM_RULE, rule.getKey().toString())
104       .setParam(PARAM_KEY, qualityProfile.getKee());
105
106     TestResponse response = request.execute();
107
108     assertThat(response.getStatus()).isEqualTo(HttpURLConnection.HTTP_NO_CONTENT);
109     ArgumentCaptor<QProfileDto> qProfileDtoCaptor = ArgumentCaptor.forClass(QProfileDto.class);
110     verify(qProfileRules).deactivateAndCommit(any(DbSession.class), qProfileDtoCaptor.capture(), ruleIdsCaptor.capture());
111     assertThat(ruleIdsCaptor.getValue()).containsExactly(rule.getId());
112     assertThat(qProfileDtoCaptor.getValue().getKee()).isEqualTo(qualityProfile.getKee());
113   }
114
115   @Test
116   public void deactivate_rule_in_specific_organization() {
117     userSession.logIn(db.users().insertUser()).addPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, organization);
118     QProfileDto qualityProfile = db.qualityProfiles().insert(organization);
119     RuleDefinitionDto rule = db.rules().insert(RuleTesting.randomRuleKey());
120     TestRequest request = ws.newRequest()
121       .setMethod("POST")
122       .setParam("organization", organization.getKey())
123       .setParam(PARAM_RULE, rule.getKey().toString())
124       .setParam(PARAM_KEY, qualityProfile.getKee());
125
126     TestResponse response = request.execute();
127
128     assertThat(response.getStatus()).isEqualTo(HttpURLConnection.HTTP_NO_CONTENT);
129     ArgumentCaptor<QProfileDto> qProfileDtoCaptor = ArgumentCaptor.forClass(QProfileDto.class);
130     verify(qProfileRules).deactivateAndCommit(any(DbSession.class), qProfileDtoCaptor.capture(), ruleIdsCaptor.capture());
131     assertThat(ruleIdsCaptor.getValue()).containsExactly(rule.getId());
132     assertThat(qProfileDtoCaptor.getValue().getKee()).isEqualTo(qualityProfile.getKee());
133   }
134
135   @Test
136   public void as_qprofile_editor() {
137     UserDto user = db.users().insertUser();
138     QProfileDto qualityProfile = db.qualityProfiles().insert(organization);
139     db.qualityProfiles().addUserPermission(qualityProfile, user);
140     userSession.logIn(user);
141     RuleKey ruleKey = RuleTesting.randomRuleKey();
142     db.rules().insert(ruleKey);
143
144     ws.newRequest()
145       .setMethod("POST")
146       .setParam(PARAM_ORGANIZATION, organization.getKey())
147       .setParam(PARAM_RULE, ruleKey.toString())
148       .setParam(PARAM_KEY, qualityProfile.getKee())
149       .execute();
150
151     verify(qProfileRules).deactivateAndCommit(any(DbSession.class), any(QProfileDto.class), anyCollection());
152   }
153
154   @Test
155   public void fail_if_not_logged_in() {
156     TestRequest request = ws.newRequest()
157       .setMethod("POST")
158       .setParam(PARAM_RULE, RuleTesting.newRule().getKey().toString())
159       .setParam(PARAM_KEY, randomAlphanumeric(UUID_SIZE));
160
161     expectedException.expect(UnauthorizedException.class);
162
163     request.execute();
164   }
165
166   @Test
167   public void fail_if_not_organization_quality_profile_administrator() {
168     RuleDefinitionDto rule = db.rules().insert();
169     userSession.logIn(db.users().insertUser()).addPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, defaultOrganization);
170     QProfileDto qualityProfile = db.qualityProfiles().insert(organization);
171     TestRequest request = ws.newRequest()
172       .setMethod("POST")
173       .setParam(PARAM_RULE, rule.getKey().toString())
174       .setParam(PARAM_KEY, qualityProfile.getKee());
175
176     expectedException.expect(ForbiddenException.class);
177
178     request.execute();
179   }
180
181   @Test
182   public void fail_activate_external_rule() {
183     userSession.logIn(db.users().insertUser()).addPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, defaultOrganization);
184     QProfileDto qualityProfile = db.qualityProfiles().insert(defaultOrganization);
185     RuleDefinitionDto rule = db.rules().insert(r -> r.setIsExternal(true));
186
187     TestRequest request = ws.newRequest()
188       .setMethod("POST")
189       .setParam(PARAM_RULE, rule.getKey().toString())
190       .setParam(PARAM_KEY, qualityProfile.getKee());
191
192     expectedException.expect(BadRequestException.class);
193     expectedException.expectMessage(String.format("Operation forbidden for rule '%s' imported from an external rule engine.", rule.getKey()));
194
195     request.execute();
196   }
197
198   @Test
199   public void fail_deactivate_if_built_in_profile() {
200     RuleDefinitionDto rule = db.rules().insert();
201     userSession.logIn(db.users().insertUser()).addPermission(OrganizationPermission.ADMINISTER_QUALITY_PROFILES, defaultOrganization);
202
203     QProfileDto qualityProfile = db.qualityProfiles().insert(defaultOrganization, profile -> profile.setIsBuiltIn(true));
204     TestRequest request = ws.newRequest()
205       .setMethod("POST")
206       .setParam(PARAM_RULE, rule.getKey().toString())
207       .setParam(PARAM_KEY, qualityProfile.getKee());
208
209     expectedException.expect(BadRequestException.class);
210
211     request.execute();
212   }
213 }
Continuous Inspection: https://github.com/SonarSource/sonarqube