source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube :: Server
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws;
  21
  22 import java.io.IOException;
  23 import javax.annotation.Nullable;
  24 import org.junit.Before;
  25 import org.junit.Rule;
  26 import org.junit.Test;
  27 import org.junit.experimental.categories.Category;
  28 import org.junit.rules.ExpectedException;
  29 import org.sonar.api.resources.Qualifiers;
  30 import org.sonar.api.utils.System2;
  31 import org.sonar.api.web.UserRole;
  32 import org.sonar.core.permission.GlobalPermissions;
  33 import org.sonar.db.DbClient;
  34 import org.sonar.db.DbSession;
  35 import org.sonar.db.DbTester;
  36 import org.sonar.db.component.ComponentDto;
  37 import org.sonar.db.component.ResourceTypesRule;
  38 import org.sonar.db.user.GroupDto;
  39 import org.sonar.db.user.GroupRoleDto;
  40 import org.sonar.db.user.UserDto;
  41 import org.sonar.db.user.UserRoleDto;
  42 import org.sonar.server.component.ComponentFinder;
  43 import org.sonar.server.exceptions.ForbiddenException;
  44 import org.sonar.server.exceptions.UnauthorizedException;
  45 import org.sonar.server.i18n.I18nRule;
  46 import org.sonar.server.tester.UserSessionRule;
  47 import org.sonar.server.usergroups.ws.UserGroupFinder;
  48 import org.sonar.server.ws.TestResponse;
  49 import org.sonar.server.ws.WsActionTester;
  50 import org.sonar.test.DbTests;
  51 import org.sonarqube.ws.MediaTypes;
  52 import org.sonarqube.ws.WsPermissions.SearchProjectPermissionsWsResponse;
  53
  54 import static org.assertj.core.api.Assertions.assertThat;
  55 import static org.sonar.api.server.ws.WebService.Param.PAGE;
  56 import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
  57 import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
  58 import static org.sonar.db.component.ComponentTesting.newDeveloper;
  59 import static org.sonar.db.component.ComponentTesting.newProjectCopy;
  60 import static org.sonar.db.component.ComponentTesting.newProjectDto;
  61 import static org.sonar.db.component.ComponentTesting.newView;
  62 import static org.sonar.db.user.GroupTesting.newGroupDto;
  63 import static org.sonar.db.user.UserTesting.newUserDto;
  64 import static org.sonar.test.JsonAssert.assertJson;
  65 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
  66 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
  67
  68 @Category(DbTests.class)
  69 public class SearchProjectPermissionsActionTest {
  70   @Rule
  71   public ExpectedException expectedException = ExpectedException.none();
  72   @Rule
  73   public UserSessionRule userSession = UserSessionRule.standalone();
  74   @Rule
  75   public DbTester db = DbTester.create(System2.INSTANCE);
  76
  77   WsActionTester ws;
  78   I18nRule i18n = new I18nRule();
  79   DbClient dbClient = db.getDbClient();
  80   DbSession dbSession = db.getSession();
  81   ResourceTypesRule resourceTypes = new ResourceTypesRule();
  82   SearchProjectPermissionsDataLoader dataLoader;
  83
  84   SearchProjectPermissionsAction underTest;
  85
  86   @Before
  87   public void setUp() {
  88     resourceTypes.setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
  89     ComponentFinder componentFinder = new ComponentFinder(dbClient);
  90     PermissionDependenciesFinder finder = new PermissionDependenciesFinder(dbClient, componentFinder, new UserGroupFinder(dbClient), resourceTypes);
  91     i18n.setProjectPermissions();
  92
  93     dataLoader = new SearchProjectPermissionsDataLoader(dbClient, finder, resourceTypes);
  94     underTest = new SearchProjectPermissionsAction(dbClient, userSession, i18n, resourceTypes, dataLoader);
  95
  96     ws = new WsActionTester(underTest);
  97
  98     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  99   }
 100
 101   @Test
 102   public void search_project_permissions() {
 103     UserDto user1 = insertUser(newUserDto());
 104     UserDto user2 = insertUser(newUserDto());
 105     UserDto user3 = insertUser(newUserDto());
 106
 107     ComponentDto jdk7 = insertJdk7();
 108     ComponentDto project2 = insertClang();
 109     ComponentDto dev = insertDeveloper();
 110     ComponentDto view = insertView();
 111     insertProjectInView(jdk7, view);
 112
 113     insertUserRole(UserRole.ISSUE_ADMIN, user1.getId(), jdk7.getId());
 114     insertUserRole(UserRole.ADMIN, user1.getId(), jdk7.getId());
 115     insertUserRole(UserRole.ADMIN, user2.getId(), jdk7.getId());
 116     insertUserRole(UserRole.ADMIN, user3.getId(), jdk7.getId());
 117     insertUserRole(UserRole.ISSUE_ADMIN, user1.getId(), project2.getId());
 118     insertUserRole(UserRole.ISSUE_ADMIN, user1.getId(), dev.getId());
 119     insertUserRole(UserRole.ISSUE_ADMIN, user1.getId(), view.getId());
 120     // global permission
 121     insertUserRole(GlobalPermissions.SYSTEM_ADMIN, user1.getId(), null);
 122
 123     GroupDto group1 = insertGroup(newGroupDto());
 124     GroupDto group2 = insertGroup(newGroupDto());
 125     GroupDto group3 = insertGroup(newGroupDto());
 126
 127     insertGroupRole(UserRole.ADMIN, jdk7.getId(), null);
 128     insertGroupRole(UserRole.ADMIN, jdk7.getId(), group1.getId());
 129     insertGroupRole(UserRole.ADMIN, jdk7.getId(), group2.getId());
 130     insertGroupRole(UserRole.ADMIN, jdk7.getId(), group3.getId());
 131     insertGroupRole(UserRole.ADMIN, dev.getId(), group2.getId());
 132     insertGroupRole(UserRole.ADMIN, view.getId(), group2.getId());
 133
 134     commit();
 135
 136     String result = ws.newRequest().execute().getInput();
 137
 138     assertJson(result).isSimilarTo(getClass().getResource("search_project_permissions-example.json"));
 139   }
 140
 141   @Test
 142   public void empty_result() {
 143     String result = ws.newRequest().execute().getInput();
 144
 145     assertJson(result).isSimilarTo(getClass().getResource("SearchProjectPermissionsActionTest/empty.json"));
 146   }
 147
 148   @Test
 149   public void search_project_permissions_with_project_permission() {
 150     userSession.login().addProjectUuidPermissions(UserRole.ADMIN, "project-uuid");
 151     insertComponent(newProjectDto("project-uuid"));
 152     commit();
 153
 154     String result = ws.newRequest()
 155       .setParam(PARAM_PROJECT_ID, "project-uuid")
 156       .execute().getInput();
 157
 158     assertThat(result).contains("project-uuid");
 159   }
 160
 161   @Test
 162   public void has_projects_ordered_by_name() {
 163     for (int i = 9; i >= 1; i--) {
 164       insertComponent(newProjectDto()
 165         .setName("project-name-" + i));
 166     }
 167     commit();
 168
 169     String result = ws.newRequest()
 170       .setParam(PAGE, "1")
 171       .setParam(PAGE_SIZE, "3")
 172       .execute().getInput();
 173
 174     assertThat(result)
 175       .contains("project-name-1", "project-name-2", "project-name-3")
 176       .doesNotContain("project-name-4");
 177   }
 178
 179   @Test
 180   public void search_by_query_on_name() {
 181     insertComponent(newProjectDto().setName("project-name"));
 182     insertComponent(newProjectDto().setName("another-name"));
 183     commit();
 184
 185     String result = ws.newRequest()
 186       .setParam(TEXT_QUERY, "project")
 187       .execute().getInput();
 188
 189     assertThat(result).contains("project-name")
 190       .doesNotContain("another-name");
 191   }
 192
 193   @Test
 194   public void search_by_query_on_key() {
 195     insertComponent(newProjectDto().setKey("project-key"));
 196     insertComponent(newProjectDto().setKey("another-key"));
 197     commit();
 198
 199     String result = ws.newRequest()
 200       .setParam(TEXT_QUERY, "project")
 201       .execute().getInput();
 202
 203     assertThat(result).contains("project-key")
 204       .doesNotContain("another-key");
 205   }
 206
 207   @Test
 208   public void handle_more_than_1000_projects() {
 209     for (int i = 1; i <= 1001; i++) {
 210       insertComponent(newProjectDto("project-uuid-" + i));
 211     }
 212     commit();
 213
 214     String result = ws.newRequest()
 215       .setParam(TEXT_QUERY, "project")
 216       .setParam(PAGE_SIZE, "1001")
 217       .execute().getInput();
 218
 219     assertThat(result).contains("project-uuid-1", "project-uuid-999", "project-uuid-1001");
 220   }
 221
 222   @Test
 223   public void result_depends_of_root_types() {
 224     resourceTypes.setRootQualifiers(Qualifiers.PROJECT);
 225     insertComponent(newView("view-uuid"));
 226     insertComponent(newDeveloper("developer-name"));
 227     insertComponent(newProjectDto("project-uuid"));
 228     commit();
 229     dataLoader = new SearchProjectPermissionsDataLoader(dbClient,
 230       new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes),
 231       resourceTypes);
 232     underTest = new SearchProjectPermissionsAction(dbClient, userSession, i18n, resourceTypes, dataLoader);
 233     ws = new WsActionTester(underTest);
 234
 235     String result = ws.newRequest().execute().getInput();
 236
 237     assertThat(result).contains("project-uuid")
 238       .doesNotContain("view-uuid")
 239       .doesNotContain("developer-name");
 240   }
 241
 242   @Test
 243   public void filter_by_qualifier() throws IOException {
 244     insertComponent(newView("view-uuid"));
 245     insertComponent(newDeveloper("developer-name"));
 246     insertComponent(newProjectDto("project-uuid"));
 247     commit();
 248
 249     TestResponse wsResponse = ws.newRequest()
 250       .setMediaType(MediaTypes.PROTOBUF)
 251       .setParam(PARAM_QUALIFIER, Qualifiers.PROJECT)
 252       .execute();
 253     SearchProjectPermissionsWsResponse result = SearchProjectPermissionsWsResponse.parseFrom(wsResponse.getInputStream());
 254
 255     assertThat(result.getProjectsList())
 256       .extracting("id")
 257       .contains("project-uuid")
 258       .doesNotContain("view-uuid")
 259       .doesNotContain("developer-name");
 260   }
 261
 262   @Test
 263   public void fail_if_not_logged_in() {
 264     expectedException.expect(UnauthorizedException.class);
 265     userSession.anonymous();
 266
 267     ws.newRequest().execute();
 268   }
 269
 270   @Test
 271   public void fail_if_not_admin() {
 272     expectedException.expect(ForbiddenException.class);
 273     userSession.login();
 274
 275     ws.newRequest().execute();
 276   }
 277
 278   private ComponentDto insertView() {
 279     return insertComponent(newView()
 280       .setUuid("752d8bfd-420c-4a83-a4e5-8ab19b13c8fc")
 281       .setName("Java")
 282       .setKey("Java"));
 283   }
 284
 285   private ComponentDto insertProjectInView(ComponentDto project, ComponentDto view) {
 286     return insertComponent(newProjectCopy("project-in-view-uuid", project, view));
 287   }
 288
 289   private ComponentDto insertDeveloper() {
 290     return insertComponent(newDeveloper("Simon Brandhof")
 291       .setUuid("4e607bf9-7ed0-484a-946d-d58ba7dab2fb")
 292       .setKey("simon-brandhof"));
 293   }
 294
 295   private ComponentDto insertClang() {
 296     return insertComponent(newProjectDto("project-uuid-2")
 297       .setName("Clang")
 298       .setKey("clang")
 299       .setUuid("ce4c03d6-430f-40a9-b777-ad877c00aa4d"));
 300   }
 301
 302   private ComponentDto insertJdk7() {
 303     return insertComponent(newProjectDto("project-uuid-1")
 304       .setName("JDK 7")
 305       .setKey("net.java.openjdk:jdk7")
 306       .setUuid("0bd7b1e7-91d6-439e-a607-4a3a9aad3c6a"));
 307   }
 308
 309   private UserDto insertUser(UserDto user) {
 310     return dbClient.userDao().insert(dbSession, user.setActive(true));
 311   }
 312
 313   private void insertUserRole(String permission, long userId, @Nullable Long resourceId) {
 314     dbClient.roleDao().insertUserRole(dbSession, new UserRoleDto()
 315       .setRole(permission)
 316       .setUserId(userId)
 317       .setResourceId(resourceId));
 318   }
 319
 320   private GroupDto insertGroup(GroupDto group) {
 321     return dbClient.groupDao().insert(dbSession, group);
 322   }
 323
 324   private void insertGroupRole(String permission, @Nullable Long resourceId, @Nullable Long groupId) {
 325     dbClient.roleDao().insertGroupRole(dbSession, new GroupRoleDto().setRole(permission).setResourceId(resourceId).setGroupId(groupId));
 326   }
 327
 328   private ComponentDto insertComponent(ComponentDto component) {
 329     dbClient.componentDao().insert(dbSession, component.setEnabled(true));
 330     return dbClient.componentDao().selectOrFailByUuid(dbSession, component.uuid());
 331   }
 332
 333   private void commit() {
 334     dbSession.commit();
 335   }
 336 }