source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2016 SonarSource SA
   4  * mailto:contact AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.permission.ws.template;
  21
  22 import java.util.Collections;
  23 import javax.annotation.Nullable;
  24 import org.junit.Before;
  25 import org.junit.Rule;
  26 import org.junit.Test;
  27 import org.junit.rules.ExpectedException;
  28 import org.sonar.api.resources.Qualifiers;
  29 import org.sonar.api.utils.System2;
  30 import org.sonar.api.web.UserRole;
  31 import org.sonar.core.permission.GlobalPermissions;
  32 import org.sonar.db.DbClient;
  33 import org.sonar.db.DbSession;
  34 import org.sonar.db.DbTester;
  35 import org.sonar.db.component.ResourceTypesRule;
  36 import org.sonar.db.permission.PermissionTemplateDto;
  37 import org.sonar.db.user.GroupDto;
  38 import org.sonar.db.user.GroupTesting;
  39 import org.sonar.db.user.UserDto;
  40 import org.sonar.db.user.UserTesting;
  41 import org.sonar.server.component.ComponentFinder;
  42 import org.sonar.server.exceptions.BadRequestException;
  43 import org.sonar.server.exceptions.ForbiddenException;
  44 import org.sonar.server.exceptions.NotFoundException;
  45 import org.sonar.server.exceptions.UnauthorizedException;
  46 import org.sonar.server.permission.ws.DeleteTemplateAction;
  47 import org.sonar.server.permission.ws.PermissionDependenciesFinder;
  48 import org.sonar.server.tester.UserSessionRule;
  49 import org.sonar.server.usergroups.ws.UserGroupFinder;
  50 import org.sonar.server.ws.TestRequest;
  51 import org.sonar.server.ws.TestResponse;
  52 import org.sonar.server.ws.WsActionTester;
  53
  54 import static org.assertj.core.api.Assertions.assertThat;
  55 import static org.mockito.Mockito.mock;
  56 import static org.mockito.Mockito.when;
  57 import static org.mockito.internal.util.collections.Sets.newSet;
  58 import static org.sonar.db.permission.PermissionTemplateTesting.newPermissionTemplateDto;
  59 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
  60 import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
  61
  62 public class DeleteTemplateActionTest {
  63
  64   static final String TEMPLATE_UUID = "permission-template-uuid";
  65
  66   @Rule
  67   public DbTester db = DbTester.create(System2.INSTANCE);
  68   @Rule
  69   public UserSessionRule userSession = UserSessionRule.standalone();
  70   @Rule
  71   public ExpectedException expectedException = ExpectedException.none();
  72   ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
  73
  74   WsActionTester ws;
  75   DbClient dbClient;
  76   DbSession dbSession;
  77   DefaultPermissionTemplateFinder defaultTemplatePermissionFinder;
  78
  79   PermissionTemplateDto permissionTemplate;
  80
  81   @Before
  82   public void setUp() {
  83     userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
  84
  85     dbClient = db.getDbClient();
  86     dbSession = db.getSession();
  87     defaultTemplatePermissionFinder = mock(DefaultPermissionTemplateFinder.class);
  88     when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(Collections.<String>emptySet());
  89     PermissionDependenciesFinder finder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
  90     ws = new WsActionTester(new DeleteTemplateAction(dbClient, userSession, finder, defaultTemplatePermissionFinder));
  91
  92     permissionTemplate = insertTemplateAndAssociatedPermissions(newPermissionTemplateDto().setUuid(TEMPLATE_UUID));
  93     PermissionTemplateDto permissionTemplateInDatabase = dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID);
  94     assertThat(permissionTemplateInDatabase.getUuid()).isEqualTo(TEMPLATE_UUID);
  95     assertThat(permissionTemplateInDatabase.getGroupsPermissions()).isNotEmpty();
  96     assertThat(permissionTemplateInDatabase.getUsersPermissions()).isNotEmpty();
  97   }
  98
  99   @Test
 100   public void delete_template_in_db() {
 101     TestResponse result = newRequest(TEMPLATE_UUID);
 102
 103     assertThat(result.getInput()).isEmpty();
 104     assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
 105   }
 106
 107   @Test
 108   public void delete_template_by_name_case_insensitive() {
 109     ws.newRequest()
 110       .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
 111       .execute();
 112     commit();
 113
 114     assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
 115   }
 116
 117   @Test
 118   public void fail_if_uuid_is_not_known() {
 119     expectedException.expect(NotFoundException.class);
 120
 121     newRequest("unknown-template-uuid");
 122   }
 123
 124   @Test
 125   public void fail_if_template_is_default() {
 126     expectedException.expect(BadRequestException.class);
 127     expectedException.expectMessage("It is not possible to delete a default template");
 128     when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(newSet(TEMPLATE_UUID));
 129
 130     newRequest(TEMPLATE_UUID);
 131   }
 132
 133   @Test
 134   public void fail_if_not_logged_in() {
 135     expectedException.expect(UnauthorizedException.class);
 136     userSession.anonymous();
 137
 138     newRequest(TEMPLATE_UUID);
 139   }
 140
 141   @Test
 142   public void fail_if_not_admin() {
 143     expectedException.expect(ForbiddenException.class);
 144     userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
 145
 146     newRequest(TEMPLATE_UUID);
 147   }
 148
 149   @Test
 150   public void fail_if_uuid_is_not_provided() {
 151     expectedException.expect(BadRequestException.class);
 152
 153     newRequest(null);
 154   }
 155
 156   private PermissionTemplateDto insertTemplateAndAssociatedPermissions(PermissionTemplateDto template) {
 157     dbClient.permissionTemplateDao().insert(dbSession, template);
 158     UserDto user = dbClient.userDao().insert(dbSession, UserTesting.newUserDto().setActive(true));
 159     GroupDto group = dbClient.groupDao().insert(dbSession, GroupTesting.newGroupDto());
 160     dbClient.permissionTemplateDao().insertUserPermission(dbSession, template.getId(), user.getId(), UserRole.ADMIN);
 161     dbClient.permissionTemplateDao().insertGroupPermission(dbSession, template.getId(), group.getId(), UserRole.CODEVIEWER);
 162     commit();
 163
 164     return template;
 165   }
 166
 167   private void commit() {
 168     dbSession.commit();
 169   }
 170
 171   private TestResponse newRequest(@Nullable String id) {
 172     TestRequest request = ws.newRequest();
 173     if (id != null) {
 174       request.setParam(PARAM_TEMPLATE_ID, id);
 175     }
 176
 177     TestResponse result = executeRequest(request);
 178     commit();
 179     return result;
 180   }
 181
 182   private static TestResponse executeRequest(TestRequest request) {
 183     return request.execute();
 184   }
 185
 186 }