]> source.dussan.org Git - sonarqube.git/blob
projects / sonarqube.git / blob
? search:


f6938b9172f24cc4734cce495ab186b8e1e9ffcb
[sonarqube.git] /
1 /*
2  * SonarQube, open source software quality management tool.
3  * Copyright (C) 2008-2014 SonarSource
4  * mailto:contact AT sonarsource DOT com
5  *
6  * SonarQube is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 3 of the License, or (at your option) any later version.
10  *
11  * SonarQube is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public License
17  * along with this program; if not, write to the Free Software Foundation,
18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19  */
20
21 package org.sonar.server.permission;
22
23 import com.google.common.collect.ImmutableMap;
24 import com.google.common.collect.Lists;
25 import org.junit.Before;
26 import org.junit.Rule;
27 import org.junit.Test;
28 import org.junit.rules.ExpectedException;
29 import org.junit.runner.RunWith;
30 import org.mockito.Mock;
31 import org.mockito.runners.MockitoJUnitRunner;
32 import org.sonar.api.web.UserRole;
33 import org.sonar.core.permission.GlobalPermissions;
34 import org.sonar.core.permission.PermissionQuery;
35 import org.sonar.core.permission.PermissionTemplateDao;
36 import org.sonar.core.permission.PermissionTemplateDto;
37 import org.sonar.core.permission.PermissionTemplateGroupDto;
38 import org.sonar.core.permission.PermissionTemplateUserDto;
39 import org.sonar.core.persistence.DbSession;
40 import org.sonar.core.persistence.MyBatis;
41 import org.sonar.core.properties.PropertiesDao;
42 import org.sonar.core.user.GroupDto;
43 import org.sonar.core.user.UserDao;
44 import org.sonar.core.user.UserDto;
45 import org.sonar.server.exceptions.BadRequestException;
46 import org.sonar.server.user.MockUserSession;
47
48 import java.util.List;
49
50 import static org.assertj.core.api.Assertions.assertThat;
51 import static org.mockito.Mockito.*;
52
53 @RunWith(MockitoJUnitRunner.class)
54 public class InternalPermissionTemplateServiceTest {
55
56   private static final String DEFAULT_KEY = "my_template";
57   private static final String DEFAULT_DESC = "my description";
58   private static final String DEFAULT_PATTERN = "com.foo.(.*)";
59   private static final String DEFAULT_PERMISSION = UserRole.USER;
60   private static final PermissionTemplateDto DEFAULT_TEMPLATE =
61     new PermissionTemplateDto().setId(1L).setName(DEFAULT_KEY).setDescription(DEFAULT_DESC).setKeyPattern(DEFAULT_PATTERN);
62
63   @Mock
64   PermissionTemplateDao permissionTemplateDao;
65
66   @Mock
67   UserDao userDao;
68
69   @Mock
70   PermissionFinder finder;
71
72   @Mock
73   PropertiesDao propertiesDao;
74
75   @Mock
76   DbSession session;
77
78   InternalPermissionTemplateService service;
79
80   @Rule
81   public ExpectedException expected = ExpectedException.none();
82
83   @Before
84   public void setUp() {
85     MockUserSession.set().setLogin("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
86
87     MyBatis myBatis = mock(MyBatis.class);
88     when(myBatis.openSession(false)).thenReturn(session);
89     service = new InternalPermissionTemplateService(myBatis, permissionTemplateDao, userDao, finder);
90   }
91
92   @Test
93   public void find_users_with_permission_template() throws Exception {
94     service.findUsersWithPermissionTemplate(ImmutableMap.<String, Object>of(
95       "permission", "user",
96       "template", "my_template",
97       "selected", "all"));
98     verify(finder).findUsersWithPermissionTemplate(any(PermissionQuery.class));
99   }
100
101   @Test
102   public void find_groups_with_permission_template() throws Exception {
103     service.findGroupsWithPermissionTemplate(ImmutableMap.<String, Object>of(
104       "permission", "user",
105       "template", "my_template",
106       "selected", "all"));
107
108     verify(finder).findGroupsWithPermissionTemplate(any(PermissionQuery.class));
109   }
110
111   @Test
112   public void should_create_permission_template() throws Exception {
113     when(permissionTemplateDao.createPermissionTemplate(DEFAULT_KEY, DEFAULT_DESC, DEFAULT_PATTERN)).thenReturn(DEFAULT_TEMPLATE);
114
115     PermissionTemplate permissionTemplate = service.createPermissionTemplate(DEFAULT_KEY, DEFAULT_DESC, DEFAULT_PATTERN);
116
117     assertThat(permissionTemplate.getId()).isEqualTo(1L);
118     assertThat(permissionTemplate.getName()).isEqualTo(DEFAULT_KEY);
119     assertThat(permissionTemplate.getDescription()).isEqualTo(DEFAULT_DESC);
120     assertThat(permissionTemplate.getKeyPattern()).isEqualTo(DEFAULT_PATTERN);
121   }
122
123   @Test
124   public void should_enforce_unique_template_name() throws Exception {
125     expected.expect(BadRequestException.class);
126     expected.expectMessage("A template with that name already exists");
127
128     when(permissionTemplateDao.selectAllPermissionTemplates()).thenReturn(Lists.newArrayList(DEFAULT_TEMPLATE));
129
130     service.createPermissionTemplate(DEFAULT_KEY, DEFAULT_DESC, null);
131   }
132
133   @Test
134   public void should_reject_empty_name_on_creation() throws Exception {
135     expected.expect(BadRequestException.class);
136     expected.expectMessage("Name can't be blank");
137
138     service.createPermissionTemplate("", DEFAULT_DESC, null);
139   }
140
141   @Test
142   public void should_reject_invalid_key_pattern_on_creation() throws Exception {
143     expected.expect(BadRequestException.class);
144     expected.expectMessage("Invalid pattern: [azerty. Should be a valid Java regular expression.");
145
146     service.createPermissionTemplate(DEFAULT_KEY, DEFAULT_DESC, "[azerty");
147   }
148
149   @Test
150   public void should_delete_permission_template() throws Exception {
151     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
152
153     service.deletePermissionTemplate(1L);
154
155     verify(permissionTemplateDao, times(1)).deletePermissionTemplate(1L);
156   }
157
158   @Test
159   public void should_retrieve_permission_template() throws Exception {
160
161     List<PermissionTemplateUserDto> usersPermissions = Lists.newArrayList(
162       buildUserPermission("user_scan", GlobalPermissions.SCAN_EXECUTION),
163       buildUserPermission("user_dry_run", GlobalPermissions.DRY_RUN_EXECUTION),
164       buildUserPermission("user_scan_and_dry_run", GlobalPermissions.SCAN_EXECUTION),
165       buildUserPermission("user_scan_and_dry_run", GlobalPermissions.DRY_RUN_EXECUTION)
166       );
167
168     List<PermissionTemplateGroupDto> groupsPermissions = Lists.newArrayList(
169       buildGroupPermission("admin_group", GlobalPermissions.SYSTEM_ADMIN),
170       buildGroupPermission("scan_group", GlobalPermissions.SCAN_EXECUTION),
171       buildGroupPermission(null, GlobalPermissions.DRY_RUN_EXECUTION)
172       );
173
174     PermissionTemplateDto permissionTemplateDto = new PermissionTemplateDto()
175       .setId(1L)
176       .setName("my template")
177       .setDescription("my description")
178       .setUsersPermissions(usersPermissions)
179       .setGroupsByPermission(groupsPermissions);
180
181     when(permissionTemplateDao.selectPermissionTemplate("my template")).thenReturn(permissionTemplateDto);
182
183     PermissionTemplate permissionTemplate = service.selectPermissionTemplate("my template");
184
185     assertThat(permissionTemplate.getUsersForPermission(GlobalPermissions.DASHBOARD_SHARING)).isEmpty();
186     assertThat(permissionTemplate.getUsersForPermission(GlobalPermissions.SCAN_EXECUTION)).extracting("userName").containsOnly("user_scan", "user_scan_and_dry_run");
187     assertThat(permissionTemplate.getUsersForPermission(GlobalPermissions.DRY_RUN_EXECUTION)).extracting("userName").containsOnly("user_dry_run", "user_scan_and_dry_run");
188     assertThat(permissionTemplate.getGroupsForPermission(GlobalPermissions.DASHBOARD_SHARING)).isEmpty();
189     assertThat(permissionTemplate.getGroupsForPermission(GlobalPermissions.SCAN_EXECUTION)).extracting("groupName").containsOnly("scan_group");
190     assertThat(permissionTemplate.getGroupsForPermission(GlobalPermissions.SYSTEM_ADMIN)).extracting("groupName").containsOnly("admin_group");
191   }
192
193   @Test
194   public void should_retrieve_all_permission_templates() throws Exception {
195     PermissionTemplateDto template1 =
196       new PermissionTemplateDto().setId(1L).setName("template1").setDescription("template1");
197     PermissionTemplateDto template2 =
198       new PermissionTemplateDto().setId(2L).setName("template2").setDescription("template2");
199     when(permissionTemplateDao.selectAllPermissionTemplates()).thenReturn(Lists.newArrayList(template1, template2));
200
201     List<PermissionTemplate> templates = service.selectAllPermissionTemplates();
202
203     assertThat(templates).hasSize(2);
204     assertThat(templates).extracting("id").containsOnly(1L, 2L);
205     assertThat(templates).extracting("name").containsOnly("template1", "template2");
206     assertThat(templates).extracting("description").containsOnly("template1", "template2");
207   }
208
209   @Test
210   public void should_retrieve_all_permission_templates_from_project() throws Exception {
211     MockUserSession.set().setLogin("admin").addProjectPermissions(UserRole.ADMIN, "org.sample.Sample");
212
213     PermissionTemplateDto template1 =
214       new PermissionTemplateDto().setId(1L).setName("template1").setDescription("template1");
215     PermissionTemplateDto template2 =
216       new PermissionTemplateDto().setId(2L).setName("template2").setDescription("template2");
217     when(permissionTemplateDao.selectAllPermissionTemplates()).thenReturn(Lists.newArrayList(template1, template2));
218
219     List<PermissionTemplate> templates = service.selectAllPermissionTemplates("org.sample.Sample");
220
221     assertThat(templates).hasSize(2);
222     assertThat(templates).extracting("id").containsOnly(1L, 2L);
223     assertThat(templates).extracting("name").containsOnly("template1", "template2");
224     assertThat(templates).extracting("description").containsOnly("template1", "template2");
225   }
226
227   @Test
228   public void should_update_permission_template() throws Exception {
229
230     service.updatePermissionTemplate(1L, "new_name", "new_description", null);
231
232     verify(permissionTemplateDao).updatePermissionTemplate(1L, "new_name", "new_description", null);
233   }
234
235   @Test
236   public void should_validate_template_name_on_update_if_applicable() throws Exception {
237     expected.expect(BadRequestException.class);
238     expected.expectMessage("A template with that name already exists");
239
240     PermissionTemplateDto template1 =
241       new PermissionTemplateDto().setId(1L).setName("template1").setDescription("template1");
242     PermissionTemplateDto template2 =
243       new PermissionTemplateDto().setId(2L).setName("template2").setDescription("template2");
244     when(permissionTemplateDao.selectAllPermissionTemplates()).thenReturn(Lists.newArrayList(template1, template2));
245
246     service.updatePermissionTemplate(1L, "template2", "template1", null);
247   }
248
249   @Test
250   public void should_validate_template_key_pattern_on_update_if_applicable() throws Exception {
251     expected.expect(BadRequestException.class);
252     expected.expectMessage("Invalid pattern: [azerty. Should be a valid Java regular expression.");
253
254     PermissionTemplateDto template1 = new PermissionTemplateDto().setId(1L).setName("template1").setDescription("template1");
255     when(permissionTemplateDao.selectAllPermissionTemplates()).thenReturn(Lists.newArrayList(template1));
256
257     service.updatePermissionTemplate(1L, "template1", "template1", "[azerty");
258   }
259
260   @Test
261   public void should_skip_name_validation_where_not_applicable() throws Exception {
262     PermissionTemplateDto template1 =
263       new PermissionTemplateDto().setId(1L).setName("template1").setDescription("template1");
264     PermissionTemplateDto template2 =
265       new PermissionTemplateDto().setId(2L).setName("template2").setDescription("template2");
266     when(permissionTemplateDao.selectAllPermissionTemplates()).thenReturn(Lists.newArrayList(template1, template2));
267
268     service.updatePermissionTemplate(1L, "template1", "new_description", null);
269
270     verify(permissionTemplateDao).updatePermissionTemplate(1L, "template1", "new_description", null);
271   }
272
273   @Test
274   public void should_add_user_permission() throws Exception {
275     UserDto userDto = new UserDto().setId(1L).setLogin("user").setName("user");
276     when(userDao.selectActiveUserByLogin("user")).thenReturn(userDto);
277     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
278
279     service.addUserPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "user");
280
281     verify(permissionTemplateDao, times(1)).addUserPermission(1L, 1L, DEFAULT_PERMISSION);
282   }
283
284   @Test
285   public void should_validate_provided_user_login() throws Exception {
286     expected.expect(BadRequestException.class);
287     expected.expectMessage("Unknown user:");
288
289     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
290     when(userDao.selectActiveUserByLogin("unknown")).thenReturn(null);
291
292     service.addUserPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "unknown");
293   }
294
295   @Test
296   public void should_remove_user_permission() throws Exception {
297     UserDto userDto = new UserDto().setId(1L).setLogin("user").setName("user");
298     when(userDao.selectActiveUserByLogin("user")).thenReturn(userDto);
299     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
300
301     service.removeUserPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "user");
302
303     verify(permissionTemplateDao, times(1)).removeUserPermission(1L, 1L, DEFAULT_PERMISSION);
304   }
305
306   @Test
307   public void should_add_group_permission() throws Exception {
308     GroupDto groupDto = new GroupDto().setId(1L).setName("group");
309     when(userDao.selectGroupByName("group")).thenReturn(groupDto);
310     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
311
312     service.addGroupPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "group");
313
314     verify(permissionTemplateDao, times(1)).addGroupPermission(1L, 1L, DEFAULT_PERMISSION);
315   }
316
317   @Test
318   public void should_validate_provided_group_name() throws Exception {
319     expected.expect(BadRequestException.class);
320     expected.expectMessage("Unknown group:");
321
322     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
323     when(userDao.selectGroupByName("unknown")).thenReturn(null);
324
325     service.addGroupPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "unknown");
326   }
327
328   @Test
329   public void should_remove_group_permission() throws Exception {
330     GroupDto groupDto = new GroupDto().setId(1L).setName("group");
331     when(userDao.selectGroupByName("group")).thenReturn(groupDto);
332     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
333
334     service.removeGroupPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "group");
335
336     verify(permissionTemplateDao, times(1)).removeGroupPermission(1L, 1L, DEFAULT_PERMISSION);
337   }
338
339   @Test
340   public void should_add_permission_to_anyone_group() throws Exception {
341     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
342
343     service.addGroupPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "Anyone");
344
345     verify(permissionTemplateDao).addGroupPermission(1L, null, DEFAULT_PERMISSION);
346     verifyZeroInteractions(userDao);
347   }
348
349   @Test
350   public void should_remove_permission_from_anyone_group() throws Exception {
351     when(permissionTemplateDao.selectTemplateByKey(DEFAULT_KEY)).thenReturn(DEFAULT_TEMPLATE);
352
353     service.removeGroupPermission(DEFAULT_KEY, DEFAULT_PERMISSION, "Anyone");
354
355     verify(permissionTemplateDao).removeGroupPermission(1L, null, DEFAULT_PERMISSION);
356     verifyZeroInteractions(userDao);
357   }
358
359   @Test
360   public void should_remove_group_from_templates() throws Exception {
361     GroupDto groupDto = new GroupDto().setId(1L).setName("group");
362     when(userDao.selectGroupByName("group", session)).thenReturn(groupDto);
363
364     service.removeGroupFromTemplates("group");
365
366     verify(permissionTemplateDao).removeByGroup(eq(1L), eq(session));
367   }
368
369   private PermissionTemplateUserDto buildUserPermission(String userName, String permission) {
370     return new PermissionTemplateUserDto().setUserName(userName).setPermission(permission);
371   }
372
373   private PermissionTemplateGroupDto buildGroupPermission(String groupName, String permission) {
374     return new PermissionTemplateGroupDto().setGroupName(groupName).setPermission(permission);
375   }
376 }
Continuous Inspection: https://github.com/SonarSource/sonarqube