source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws.template;
  21
  22 import static com.google.common.primitives.Longs.asList;
  23 import static org.assertj.core.api.Assertions.assertThat;
  24 import static org.mockito.Mockito.mock;
  25 import static org.mockito.Mockito.when;
  26 import static org.mockito.internal.util.collections.Sets.newSet;
  27 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
  28 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
  29 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
  30
  31 import java.util.Collections;
  32 import java.util.Date;
  33 import javax.annotation.Nullable;
  34 import org.junit.Before;
  35 import org.junit.Rule;
  36 import org.junit.Test;
  37 import org.junit.rules.ExpectedException;
  38 import org.sonar.api.resources.Qualifiers;
  39 import org.sonar.api.utils.System2;
  40 import org.sonar.api.web.UserRole;
  41 import org.sonar.core.permission.GlobalPermissions;
  42 import org.sonar.db.DbClient;
  43 import org.sonar.db.DbSession;
  44 import org.sonar.db.DbTester;
  45 import org.sonar.db.component.ResourceTypesRule;
  46 import org.sonar.db.permission.PermissionTemplateDto;
  47 import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
  48 import org.sonar.db.user.GroupDto;
  49 import org.sonar.db.user.GroupTesting;
  50 import org.sonar.db.user.UserDto;
  51 import org.sonar.db.user.UserTesting;
  52 import org.sonar.server.component.ComponentFinder;
  53 import org.sonar.server.exceptions.BadRequestException;
  54 import org.sonar.server.exceptions.ForbiddenException;
  55 import org.sonar.server.exceptions.NotFoundException;
  56 import org.sonar.server.exceptions.UnauthorizedException;
  57 import org.sonar.server.permission.ws.DeleteTemplateAction;
  58 import org.sonar.server.permission.ws.PermissionDependenciesFinder;
  59 import org.sonar.server.tester.UserSessionRule;
  60 import org.sonar.server.usergroups.ws.UserGroupFinder;
  61 import org.sonar.server.ws.TestRequest;
  62 import org.sonar.server.ws.TestResponse;
  63 import org.sonar.server.ws.WsActionTester;
  64
  65 public class DeleteTemplateActionTest {
  66
  67   static final String TEMPLATE_UUID = "permission-template-uuid";
  68
  69   @Rule
  70   public DbTester db = DbTester.create(System2.INSTANCE);
  71   @Rule
  72   public UserSessionRule userSession = UserSessionRule.standalone();
  73   @Rule
  74   public ExpectedException expectedException = ExpectedException.none();
  75   ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
  76
  77   WsActionTester ws;
  78   DbClient dbClient;
  79   DbSession dbSession;
  80   DefaultPermissionTemplateFinder defaultTemplatePermissionFinder;
  81
  82   PermissionTemplateDto permissionTemplate;
  83
  84   @Before
  85   public void setUp() {
  86     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  87
  88     dbClient = db.getDbClient();
  89     dbSession = db.getSession();
  90     defaultTemplatePermissionFinder = mock(DefaultPermissionTemplateFinder.class);
  91     when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(Collections.<String>emptySet());
  92     PermissionDependenciesFinder finder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
  93     ws = new WsActionTester(new DeleteTemplateAction(dbClient, userSession, finder, defaultTemplatePermissionFinder));
  94
  95     permissionTemplate = insertTemplateAndAssociatedPermissions(newPermissionTemplateDto().setUuid(TEMPLATE_UUID));
  96     PermissionTemplateDto permissionTemplateInDatabase = dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID);
  97     assertThat(permissionTemplateInDatabase.getUuid()).isEqualTo(TEMPLATE_UUID);
  98     assertThat(permissionTemplateInDatabase.getGroupsPermissions()).isNotEmpty();
  99     assertThat(permissionTemplateInDatabase.getUsersPermissions()).isNotEmpty();
 100   }
 101
 102   @Test
 103   public void delete_template_in_db() {
 104     TestResponse result = newRequest(TEMPLATE_UUID);
 105
 106     assertThat(result.getInput()).isEmpty();
 107     assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
 108   }
 109
 110   @Test
 111   public void delete_template_by_name_case_insensitive() {
 112     ws.newRequest()
 113       .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
 114       .execute();
 115     commit();
 116
 117     assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
 118   }
 119
 120   @Test
 121   public void fail_if_uuid_is_not_known() {
 122     expectedException.expect(NotFoundException.class);
 123
 124     newRequest("unknown-template-uuid");
 125   }
 126
 127   @Test
 128   public void fail_if_template_is_default() {
 129     expectedException.expect(BadRequestException.class);
 130     expectedException.expectMessage("It is not possible to delete a default template");
 131     when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(newSet(TEMPLATE_UUID));
 132
 133     newRequest(TEMPLATE_UUID);
 134   }
 135
 136   @Test
 137   public void fail_if_not_logged_in() {
 138     expectedException.expect(UnauthorizedException.class);
 139     userSession.anonymous();
 140
 141     newRequest(TEMPLATE_UUID);
 142   }
 143
 144   @Test
 145   public void fail_if_not_admin() {
 146     expectedException.expect(ForbiddenException.class);
 147     userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 148
 149     newRequest(TEMPLATE_UUID);
 150   }
 151
 152   @Test
 153   public void fail_if_uuid_is_not_provided() {
 154     expectedException.expect(BadRequestException.class);
 155
 156     newRequest(null);
 157   }
 158
 159   @Test
 160   public void delete_perm_tpl_characteristic_when_delete_template() throws Exception {
 161     dbClient.permissionTemplateCharacteristicDao().insert(dbSession, new PermissionTemplateCharacteristicDto()
 162       .setPermission(UserRole.USER)
 163       .setTemplateId(permissionTemplate.getId())
 164       .setWithProjectCreator(true)
 165       .setCreatedAt(new Date().getTime())
 166       .setUpdatedAt(new Date().getTime()));
 167     dbSession.commit();
 168     assertThat(dbClient.permissionTemplateCharacteristicDao().selectByTemplateIds(dbSession, asList(permissionTemplate.getId()))).hasSize(1);
 169
 170     newRequest(TEMPLATE_UUID);
 171
 172     assertThat(dbClient.permissionTemplateCharacteristicDao().selectByTemplateIds(dbSession, asList(permissionTemplate.getId()))).isEmpty();
 173   }
 174
 175   private PermissionTemplateDto insertTemplateAndAssociatedPermissions(PermissionTemplateDto template) {
 176     dbClient.permissionTemplateDao().insert(dbSession, template);
 177     UserDto user = dbClient.userDao().insert(dbSession, UserTesting.newUserDto().setActive(true));
 178     GroupDto group = dbClient.groupDao().insert(dbSession, GroupTesting.newGroupDto());
 179     dbClient.permissionTemplateDao().insertUserPermission(dbSession, template.getId(), user.getId(), UserRole.ADMIN);
 180     dbClient.permissionTemplateDao().insertGroupPermission(dbSession, template.getId(), group.getId(), UserRole.CODEVIEWER);
 181     commit();
 182
 183     return template;
 184   }
 185
 186   private void commit() {
 187     dbSession.commit();
 188   }
 189
 190   private TestResponse newRequest(@Nullable String id) {
 191     TestRequest request = ws.newRequest();
 192     if (id != null) {
 193       request.setParam(PARAM_TEMPLATE_ID, id);
 194     }
 195
 196     TestResponse result = executeRequest(request);
 197     commit();
 198     return result;
 199   }
 200
 201   private static TestResponse executeRequest(TestRequest request) {
 202     return request.execute();
 203   }
 204
 205 }