source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2022 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.webhook.ws;
  21
  22 import org.junit.Before;
  23 import org.junit.Rule;
  24 import org.junit.Test;
  25 import org.sonar.api.server.ws.WebService;
  26 import org.sonar.api.utils.System2;
  27 import org.sonar.api.web.UserRole;
  28 import org.sonar.db.DbClient;
  29 import org.sonar.db.DbTester;
  30 import org.sonar.db.component.ComponentDto;
  31 import org.sonar.db.webhook.WebhookDeliveryDto;
  32 import org.sonar.server.component.ComponentFinder;
  33 import org.sonar.server.component.TestComponentFinder;
  34 import org.sonar.server.exceptions.ForbiddenException;
  35 import org.sonar.server.exceptions.NotFoundException;
  36 import org.sonar.server.exceptions.UnauthorizedException;
  37 import org.sonar.server.tester.UserSessionRule;
  38 import org.sonar.server.ws.WsActionTester;
  39 import org.sonarqube.ws.MediaTypes;
  40 import org.sonarqube.ws.Webhooks;
  41
  42 import static org.assertj.core.api.Assertions.assertThat;
  43 import static org.assertj.core.api.Assertions.assertThatThrownBy;
  44 import static org.sonar.db.webhook.WebhookDeliveryTesting.newDto;
  45 import static org.sonar.test.JsonAssert.assertJson;
  46
  47 public class WebhookDeliveryActionTest {
  48
  49   @Rule
  50   public UserSessionRule userSession = UserSessionRule.standalone();
  51
  52   @Rule
  53   public DbTester db = DbTester.create(System2.INSTANCE);
  54
  55   private DbClient dbClient = db.getDbClient();
  56   private WsActionTester ws;
  57   private ComponentDto project;
  58
  59   @Before
  60   public void setUp() {
  61     ComponentFinder componentFinder = TestComponentFinder.from(db);
  62     WebhookDeliveryAction underTest = new WebhookDeliveryAction(dbClient, userSession, componentFinder);
  63     ws = new WsActionTester(underTest);
  64     project = db.components().insertPrivateProject(c -> c.setDbKey("my-project"));
  65   }
  66
  67   @Test
  68   public void test_definition() {
  69     WebService.Action definition = ws.getDef();
  70     assertThat(definition.isPost()).isFalse();
  71     assertThat(definition.isInternal()).isFalse();
  72     assertThat(definition.responseExampleAsString()).isNotEmpty();
  73
  74     assertThat(definition.params()).hasSize(1);
  75     assertThat(definition.param("deliveryId").isRequired()).isTrue();
  76   }
  77
  78   @Test
  79   public void throw_UnauthorizedException_if_anonymous() {
  80     assertThatThrownBy(() -> ws.newRequest().execute())
  81       .isInstanceOf(UnauthorizedException.class);
  82   }
  83
  84   @Test
  85   public void return_404_if_delivery_does_not_exist() {
  86     userSession.logIn();
  87
  88     assertThatThrownBy(() -> ws.newRequest()
  89       .setMediaType(MediaTypes.PROTOBUF)
  90       .setParam("deliveryId", "does_not_exist")
  91       .execute())
  92       .isInstanceOf(NotFoundException.class);
  93   }
  94
  95   @Test
  96   public void load_the_delivery_of_example() {
  97     WebhookDeliveryDto dto = newDto()
  98       .setUuid("d1")
  99       .setComponentUuid(project.uuid())
 100       .setCeTaskUuid("task-1")
 101       .setName("Jenkins")
 102       .setUrl("http://jenkins")
 103       .setCreatedAt(1_500_000_000_000L)
 104       .setSuccess(true)
 105       .setDurationMs(10)
 106       .setHttpStatus(200)
 107       .setPayload("{\"status\"=\"SUCCESS\"}");
 108     dbClient.webhookDeliveryDao().insert(db.getSession(), dto);
 109     db.commit();
 110     userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
 111
 112     String json = ws.newRequest()
 113       .setParam("deliveryId", dto.getUuid())
 114       .execute()
 115       .getInput();
 116
 117     assertJson(json).isSimilarTo(ws.getDef().responseExampleAsString());
 118   }
 119
 120   @Test
 121   public void return_delivery_that_failed_to_be_sent() {
 122     WebhookDeliveryDto dto = newDto()
 123       .setComponentUuid(project.uuid())
 124       .setSuccess(false)
 125       .setHttpStatus(null)
 126       .setErrorStacktrace("IOException -> can not connect");
 127     dbClient.webhookDeliveryDao().insert(db.getSession(), dto);
 128     db.commit();
 129     userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
 130
 131     Webhooks.DeliveryWsResponse response = ws.newRequest()
 132       .setParam("deliveryId", dto.getUuid())
 133       .executeProtobuf(Webhooks.DeliveryWsResponse.class);
 134
 135     Webhooks.Delivery actual = response.getDelivery();
 136     assertThat(actual.hasHttpStatus()).isFalse();
 137     assertThat(actual.getErrorStacktrace()).isEqualTo(dto.getErrorStacktrace());
 138   }
 139
 140   @Test
 141   public void return_delivery_with_none_of_optional_fields() {
 142     WebhookDeliveryDto dto = newDto()
 143       .setComponentUuid(project.uuid())
 144       .setCeTaskUuid(null)
 145       .setHttpStatus(null)
 146       .setErrorStacktrace(null)
 147       .setAnalysisUuid(null);
 148     dbClient.webhookDeliveryDao().insert(db.getSession(), dto);
 149     db.commit();
 150     userSession.logIn().addProjectPermission(UserRole.ADMIN, project);
 151
 152     Webhooks.DeliveryWsResponse response = ws.newRequest()
 153       .setParam("deliveryId", dto.getUuid())
 154       .executeProtobuf(Webhooks.DeliveryWsResponse.class);
 155
 156     Webhooks.Delivery actual = response.getDelivery();
 157     assertThat(actual.hasHttpStatus()).isFalse();
 158     assertThat(actual.hasErrorStacktrace()).isFalse();
 159     assertThat(actual.hasCeTaskId()).isFalse();
 160   }
 161
 162   @Test
 163   public void throw_ForbiddenException_if_not_admin_of_project() {
 164     WebhookDeliveryDto dto = newDto()
 165       .setComponentUuid(project.uuid());
 166     dbClient.webhookDeliveryDao().insert(db.getSession(), dto);
 167     db.commit();
 168     userSession.logIn().addProjectPermission(UserRole.USER, project);
 169
 170     assertThatThrownBy(() -> ws.newRequest()
 171       .setMediaType(MediaTypes.PROTOBUF)
 172       .setParam("deliveryId", dto.getUuid())
 173       .execute())
 174       .isInstanceOf(ForbiddenException.class)
 175       .hasMessageContaining("Insufficient privileges");
 176   }
 177 }