import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
import static org.sonar.server.permission.ws.ProjectWsRef.newWsProjectRef;
import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
.setProjectId(request.param(PARAM_PROJECT_ID))
.setProjectKey(request.param(PARAM_PROJECT_KEY))
.setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setTemplateName(request.param(PARAM_TEMPLATE_NAME));
+ .setTemplateName(request.param(PARAM_TEMPLATE_NAME))
+ .setOrganization(request.param(PARAM_ORGANIZATION));
}
@Override
.setName(request.mandatoryParam(PARAM_NAME))
.setDescription(request.param(PARAM_DESCRIPTION))
.setProjectKeyPattern(request.param(PARAM_PROJECT_KEY_PATTERN))
- .setOrganizationKey(request.param(PARAM_ORGANIZATION));
+ .setOrganization(request.param(PARAM_ORGANIZATION));
}
private static CreateTemplateWsResponse buildResponse(PermissionTemplateDto permissionTemplateDto) {
private CreateTemplateWsResponse doHandle(CreateTemplateWsRequest request) {
try (DbSession dbSession = dbClient.openSession(false)) {
- OrganizationDto org = wsSupport.findOrganization(dbSession, request.getOrganizationKey());
+ OrganizationDto org = wsSupport.findOrganization(dbSession, request.getOrganization());
checkGlobalAdmin(userSession, org.getUuid());
validateTemplateNameForCreation(dbSession, org, request.getName());
public class AddGroupWsRequest {
private String permission;
private String groupId;
- private String organizationKey;
+ private String organization;
private String groupName;
private String projectId;
private String projectKey;
}
@CheckForNull
- public String getOrganizationKey() {
- return organizationKey;
+ public String getOrganization() {
+ return organization;
}
- public AddGroupWsRequest setOrganizationKey(@Nullable String s) {
- this.organizationKey = s;
+ public AddGroupWsRequest setOrganization(@Nullable String s) {
+ this.organization = s;
return this;
}
private String description;
private String name;
private String projectKeyPattern;
- private String organizationKey;
+ private String organization;
@CheckForNull
public String getDescription() {
}
@CheckForNull
- public String getOrganizationKey() {
- return organizationKey;
+ public String getOrganization() {
+ return organization;
}
- public CreateTemplateWsRequest setOrganizationKey(@Nullable String s) {
- this.organizationKey = s;
+ public CreateTemplateWsRequest setOrganization(@Nullable String s) {
+ this.organization = s;
return this;
}
}
public void addGroup(AddGroupWsRequest request) {
call(new PostRequest(path("add_group"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_PROJECT_ID, request.getProjectId())
.setParam(PARAM_PROJECT_KEY, request.getProjectKey())
public void addUserToTemplate(AddUserToTemplateWsRequest request) {
call(new PostRequest(path("add_user_to_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_USER_LOGIN, request.getLogin())
.setParam(PARAM_TEMPLATE_ID, request.getTemplateId())
public void addProjectCreatorToTemplate(AddProjectCreatorToTemplateWsRequest request) {
call(new PostRequest(path("add_project_creator_to_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_TEMPLATE_ID, request.getTemplateId())
.setParam(PARAM_TEMPLATE_NAME, request.getTemplateName()));
public void applyTemplate(ApplyTemplateWsRequest request) {
call(new PostRequest(path("apply_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PROJECT_ID, request.getProjectId())
.setParam(PARAM_PROJECT_KEY, request.getProjectKey())
.setParam(PARAM_TEMPLATE_ID, request.getTemplateId())
public void bulkApplyTemplate(BulkApplyTemplateWsRequest request) {
call(new PostRequest(path("bulk_apply_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_TEMPLATE_ID, request.getTemplateId())
.setParam(PARAM_TEMPLATE_NAME, request.getTemplateName())
.setParam("q", request.getQuery())
public CreateTemplateWsResponse createTemplate(CreateTemplateWsRequest request) {
PostRequest post = new PostRequest(path("create_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_NAME, request.getName())
.setParam(PARAM_DESCRIPTION, request.getDescription())
.setParam(PARAM_PROJECT_KEY_PATTERN, request.getProjectKeyPattern());
public void deleteTemplate(DeleteTemplateWsRequest request) {
call(new PostRequest(path("delete_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_TEMPLATE_ID, request.getTemplateId())
.setParam(PARAM_TEMPLATE_NAME, request.getTemplateName()));
}
public void removeGroup(RemoveGroupWsRequest request) {
call(new PostRequest(path("remove_group"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_GROUP_ID, request.getGroupId())
.setParam(PARAM_GROUP_NAME, request.getGroupName())
public void removeGroupFromTemplate(RemoveGroupFromTemplateWsRequest request) {
call(new PostRequest(path("remove_group_from_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_GROUP_ID, request.getGroupId())
.setParam(PARAM_GROUP_NAME, request.getGroupName())
public void removeProjectCreatorFromTemplate(RemoveProjectCreatorFromTemplateWsRequest request) {
call(
new PostRequest(path("remove_project_creator_from_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_TEMPLATE_ID, request.getTemplateId())
.setParam(PARAM_TEMPLATE_NAME, request.getTemplateName()));
public void removeUserFromTemplate(RemoveUserFromTemplateWsRequest request) {
call(new PostRequest(path("remove_user_from_template"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_USER_LOGIN, request.getLogin())
.setParam(PARAM_TEMPLATE_ID, request.getTemplateId())
public UsersWsResponse users(UsersWsRequest request) {
return call(new GetRequest(path("users"))
+ .setParam(PARAM_ORGANIZATION, request.getOrganization())
.setParam(PARAM_PERMISSION, request.getPermission())
.setParam(PARAM_PROJECT_ID, request.getProjectId())
.setParam(PARAM_PROJECT_KEY, request.getProjectKey())
import static java.util.Objects.requireNonNull;
public class RemoveGroupFromTemplateWsRequest {
+ private String organization;
private String permission;
private String groupId;
private String groupName;
return this;
}
+ @CheckForNull
+ public String getOrganization() {
+ return organization;
+ }
+
+ public RemoveGroupFromTemplateWsRequest setOrganization(@Nullable String s) {
+ this.organization = s;
+ return this;
+ }
+
@CheckForNull
public String getGroupId() {
return groupId;
import javax.annotation.Nullable;
public class RemoveGroupWsRequest {
+ private String organization;
private String groupId;
private String groupName;
private String permission;
private String projectId;
private String projectKey;
+ @CheckForNull
+ public String getOrganization() {
+ return organization;
+ }
+
+ public RemoveGroupWsRequest setOrganization(@Nullable String s) {
+ this.organization = s;
+ return this;
+ }
+
@CheckForNull
public String getGroupId() {
return groupId;
import javax.annotation.Nullable;
public class UsersWsRequest {
+ private String organization;
private String permission;
private String projectId;
private String projectKey;
private Integer page;
private Integer pageSize;
+ @CheckForNull
+ public String getOrganization() {
+ return organization;
+ }
+
+ public UsersWsRequest setOrganization(@Nullable String s) {
+ this.organization = s;
+ return this;
+ }
+
@CheckForNull
public String getPermission() {
return permission;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
public class PermissionsServiceTest {
+ private static final String ORGANIZATION_VALUE = "organization value";
private static final String PERMISSION_VALUE = "permission value";
private static final String PROJECT_ID_VALUE = "project id value";
private static final String PROJECT_KEY_VALUE = "project key value";
@Test
public void addGroup_does_POST_on_Ws_add_group() {
underTest.addGroup(new AddGroupWsRequest()
+ .setOrganization(ORGANIZATION_VALUE)
.setPermission(PERMISSION_VALUE)
.setProjectId(PROJECT_ID_VALUE)
.setProjectKey(PROJECT_KEY_VALUE)
PostRequest postRequest = serviceTester.getPostRequest();
serviceTester.assertThat(postRequest)
.hasPath("add_group")
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.hasParam(PARAM_PERMISSION, PERMISSION_VALUE)
.hasParam(PARAM_PROJECT_ID, PROJECT_ID_VALUE)
.hasParam(PARAM_PROJECT_KEY, PROJECT_KEY_VALUE)
.setPermission(PERMISSION_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
public void addUser_does_POST_on_Ws_add_user() {
underTest.addUser(new AddUserWsRequest()
.setLogin(LOGIN_VALUE)
+ .setOrganization(ORGANIZATION_VALUE)
.setPermission(PERMISSION_VALUE)
.setProjectId(PROJECT_ID_VALUE)
.setProjectKey(PROJECT_KEY_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
serviceTester.assertThat(postRequest)
.hasPath("add_user")
.hasParam(PARAM_USER_LOGIN, LOGIN_VALUE)
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.hasParam(PARAM_PERMISSION, PERMISSION_VALUE)
.hasParam(PARAM_PROJECT_ID, PROJECT_ID_VALUE)
.hasParam(PARAM_PROJECT_KEY, PROJECT_KEY_VALUE)
@Test
public void addUserToTemplate_does_POST_on_Ws_add_user_to_template() {
underTest.addUserToTemplate(new AddUserToTemplateWsRequest()
+ .setOrganization(ORGANIZATION_VALUE)
.setPermission(PERMISSION_VALUE)
.setLogin(LOGIN_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
serviceTester.assertThat(postRequest)
.hasPath("add_user_to_template")
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.hasParam(PARAM_PERMISSION, PERMISSION_VALUE)
.hasParam(PARAM_USER_LOGIN, LOGIN_VALUE)
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
@Test
public void applyTemplate_does_POST_on_Ws_apply_template() {
underTest.applyTemplate(new ApplyTemplateWsRequest()
+ .setOrganization(ORGANIZATION_VALUE)
.setProjectId(PROJECT_ID_VALUE)
.setProjectKey(PROJECT_KEY_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
serviceTester.assertThat(postRequest)
.hasPath("apply_template")
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.hasParam(PARAM_PROJECT_ID, PROJECT_ID_VALUE)
.hasParam(PARAM_PROJECT_KEY, PROJECT_KEY_VALUE)
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
@Test
public void bulk_apply_template() {
underTest.bulkApplyTemplate(new BulkApplyTemplateWsRequest()
+ .setOrganization(ORGANIZATION_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
.setQualifier(QUALIFIER_VALUE)
PostRequest postRequest = serviceTester.getPostRequest();
serviceTester.assertThat(postRequest)
.hasPath("bulk_apply_template")
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
.hasParam(PARAM_TEMPLATE_NAME, TEMPLATE_NAME_VALUE)
.hasParam("q", QUERY_VALUE)
@Test
public void createTemplate_does_POST_on_Ws_create_template() {
underTest.createTemplate(new CreateTemplateWsRequest()
+ .setOrganization(ORGANIZATION_VALUE)
.setName(NAME_VALUE)
.setDescription(DESCRIPTION_VALUE)
.setProjectKeyPattern(PROJECT_KEY_PATTERN_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isSameAs(WsPermissions.CreateTemplateWsResponse.parser());
PostRequest postRequest = serviceTester.getPostRequest();
serviceTester.assertThat(postRequest)
.hasPath("create_template")
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.hasParam(PARAM_NAME, NAME_VALUE)
.hasParam(PARAM_DESCRIPTION, DESCRIPTION_VALUE)
.hasParam(PARAM_PROJECT_KEY_PATTERN, PROJECT_KEY_PATTERN_VALUE)
underTest.deleteTemplate(new DeleteTemplateWsRequest()
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
- );
+ .setOrganization(ORGANIZATION_VALUE)
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
.hasPath("delete_template")
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
.hasParam(PARAM_TEMPLATE_NAME, TEMPLATE_NAME_VALUE)
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.andNoOtherParam();
}
.setGroupName(GROUP_NAME_VALUE)
.setProjectId(PROJECT_ID_VALUE)
.setProjectKey(PROJECT_KEY_VALUE)
- );
+ .setOrganization(ORGANIZATION_VALUE)
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
.hasParam(PARAM_GROUP_NAME, GROUP_NAME_VALUE)
.hasParam(PARAM_PROJECT_ID, PROJECT_ID_VALUE)
.hasParam(PARAM_PROJECT_KEY, PROJECT_KEY_VALUE)
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.andNoOtherParam();
}
.setGroupName(GROUP_NAME_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
- );
+ .setOrganization(ORGANIZATION_VALUE)
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
.hasParam(PARAM_GROUP_NAME, GROUP_NAME_VALUE)
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
.hasParam(PARAM_TEMPLATE_NAME, TEMPLATE_NAME_VALUE)
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.andNoOtherParam();
}
.setLogin(LOGIN_VALUE)
.setProjectId(PROJECT_ID_VALUE)
.setProjectKey(PROJECT_KEY_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
.setLogin(LOGIN_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
- );
+ .setOrganization(ORGANIZATION_VALUE)
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
.hasParam(PARAM_USER_LOGIN, LOGIN_VALUE)
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
.hasParam(PARAM_TEMPLATE_NAME, TEMPLATE_NAME_VALUE)
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.andNoOtherParam();
}
.setPage(PAGE_VALUE)
.setPageSize(PAGE_SIZE_VALUE)
.setQuery(QUERY_VALUE)
- );
+ );
assertThat(serviceTester.getGetParser()).isSameAs(WsPermissions.SearchProjectPermissionsWsResponse.parser());
GetRequest getRequest = serviceTester.getGetRequest();
public void searchTemplates_does_GET_on_Ws_search_templates() {
underTest.searchTemplates(new SearchTemplatesWsRequest()
.setQuery(QUERY_VALUE)
- );
+ );
assertThat(serviceTester.getGetParser()).isSameAs(WsPermissions.SearchTemplatesWsResponse.parser());
GetRequest getRequest = serviceTester.getGetRequest();
.setQualifier(QUALIFIER_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isNull();
PostRequest postRequest = serviceTester.getPostRequest();
.setId(TEMPLATE_ID_VALUE)
.setName(TEMPLATE_NAME_VALUE)
.setProjectKeyPattern(PROJECT_KEY_PATTERN_VALUE)
- );
+ );
assertThat(serviceTester.getPostParser()).isSameAs(WsPermissions.UpdateTemplateWsResponse.parser());
PostRequest postRequest = serviceTester.getPostRequest();
.setPermission(PERMISSION_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
+ .setOrganization(ORGANIZATION_VALUE)
.build());
assertThat(serviceTester.getPostParser()).isNull();
.hasParam(PARAM_PERMISSION, PERMISSION_VALUE)
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
.hasParam(PARAM_TEMPLATE_NAME, TEMPLATE_NAME_VALUE)
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.andNoOtherParam();
}
.setPermission(PERMISSION_VALUE)
.setTemplateId(TEMPLATE_ID_VALUE)
.setTemplateName(TEMPLATE_NAME_VALUE)
+ .setOrganization(ORGANIZATION_VALUE)
.build());
assertThat(serviceTester.getPostParser()).isNull();
.hasParam(PARAM_PERMISSION, PERMISSION_VALUE)
.hasParam(PARAM_TEMPLATE_ID, TEMPLATE_ID_VALUE)
.hasParam(PARAM_TEMPLATE_NAME, TEMPLATE_NAME_VALUE)
+ .hasParam(PARAM_ORGANIZATION, ORGANIZATION_VALUE)
.andNoOtherParam();
}
}
package org.sonarqube.tests;
import com.sonar.orchestrator.Orchestrator;
-import org.sonarqube.tests.projectAdministration.ProjectVisibilityTest;
+import org.sonarqube.tests.projectAdministration.ProjectVisibilityPageTest;
import org.sonarqube.tests.user.UsersPageTest;
import org.sonarqube.tests.authorisation.ExecuteAnalysisPermissionTest;
import org.sonarqube.tests.authorisation.IssuePermissionTest;
@Suite.SuiteClasses({
// administration
UsersPageTest.class,
- ProjectVisibilityTest.class,
+ ProjectVisibilityPageTest.class,
// project administration
ProjectBulkDeletionPageTest.class,
ProjectAdministrationTest.class,
import org.junit.ClassRule;
import org.junit.runner.RunWith;
import org.junit.runners.Suite;
+import org.sonarqube.tests.authorisation.PermissionTemplateTest;
import org.sonarqube.tests.issue.IssueTagsTest;
import org.sonarqube.tests.issue.OrganizationIssueAssignTest;
import org.sonarqube.tests.organization.BillingTest;
RulesWsTest.class,
ProjectDeletionTest.class,
ProjectProvisioningTest.class,
- ProjectKeyUpdateTest.class
+ ProjectKeyUpdateTest.class,
+ PermissionTemplateTest.class
})
public class Category6Suite {
return user;
}
+ @SafeVarargs
+ public final User generateMember(Organizations.Organization organization, Consumer<CreateRequest.Builder>... populators) {
+ User user = generate(populators);
+ session.wsClient().organizations().addMember(organization.getKey(), user.getLogin());
+ return user;
+ }
+
public UsersService service() {
return session.wsClient().users();
}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2017 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonarqube.tests.authorisation;
+
+import com.sonar.orchestrator.Orchestrator;
+import java.util.Optional;
+import org.junit.After;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.rules.DisableOnDebug;
+import org.junit.rules.TestRule;
+import org.junit.rules.Timeout;
+import org.sonarqube.tests.Category6Suite;
+import org.sonarqube.tests.Tester;
+import org.sonarqube.ws.Organizations.Organization;
+import org.sonarqube.ws.WsPermissions;
+import org.sonarqube.ws.WsProjects.CreateWsResponse.Project;
+import org.sonarqube.ws.WsUsers;
+import org.sonarqube.ws.client.WsClient;
+import org.sonarqube.ws.client.component.SearchProjectsRequest;
+import org.sonarqube.ws.client.permission.AddUserToTemplateWsRequest;
+import org.sonarqube.ws.client.permission.ApplyTemplateWsRequest;
+import org.sonarqube.ws.client.permission.CreateTemplateWsRequest;
+import org.sonarqube.ws.client.permission.PermissionsService;
+import org.sonarqube.ws.client.permission.UsersWsRequest;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+public class PermissionTemplateTest {
+ @ClassRule
+ public static final Orchestrator orchestrator = Category6Suite.ORCHESTRATOR;
+
+ @Rule
+ public TestRule safeguard = new DisableOnDebug(Timeout.seconds(300));
+ @Rule
+ public Tester tester = new Tester(orchestrator)
+ .setElasticsearchHttpPort(Category6Suite.SEARCH_HTTP_PORT);
+
+ @After
+ public void tearDown() throws Exception {
+ unlockWritesOnProjectIndices();
+ }
+
+ @Test
+ public void apply_permission_template_on_project() {
+ Organization organization = tester.organizations().generate();
+ Project project = tester.projects().generate(organization, p -> p.setVisibility("private"));
+ WsUsers.CreateWsResponse.User user = tester.users().generateMember(organization);
+ WsUsers.CreateWsResponse.User anotherUser = tester.users().generateMember(organization);
+
+ assertThatUserDoesNotHavePermission(user, organization, project);
+ assertThatUserDoesNotHavePermission(anotherUser, organization, project);
+ assertThat(userHasAccessToIndexedProject(user, organization, project)).isTrue();
+ assertThat(userHasAccessToIndexedProject(anotherUser, organization, project)).isTrue();
+
+ // create permission template that gives read permission to "user"
+ createAndApplyTemplate(organization, project, user);
+
+ assertThatUserHasPermission(user, organization, project);
+ assertThatUserDoesNotHavePermission(anotherUser, organization, project);
+ assertThat(userHasAccessToIndexedProject(user, organization, project)).isTrue();
+ assertThat(userHasAccessToIndexedProject(anotherUser, organization, project)).isFalse();
+ }
+
+ @Test
+ public void indexing_errors_are_recovered_when_applying_permission_template_on_project() throws Exception {
+ Organization organization = tester.organizations().generate();
+ Project project = tester.projects().generate(organization, p -> p.setVisibility("private"));
+ WsUsers.CreateWsResponse.User user = tester.users().generateMember(organization);
+ WsUsers.CreateWsResponse.User anotherUser = tester.users().generateMember(organization);
+
+ lockWritesOnProjectIndices();
+
+ createAndApplyTemplate(organization, project, user);
+
+ assertThatUserHasPermission(user, organization, project);
+ assertThatUserDoesNotHavePermission(anotherUser, organization, project);
+ assertThat(userHasAccessToIndexedProject(user, organization, project)).isTrue();
+ // inconsistent, should be false. Waiting for ES to be updated.
+ assertThat(userHasAccessToIndexedProject(user, organization, project)).isTrue();
+
+ unlockWritesOnProjectIndices();
+
+ boolean recovered = false;
+ while (!recovered) {
+ Thread.sleep(1_000L);
+ recovered = !userHasAccessToIndexedProject(anotherUser, organization, project);
+ }
+ }
+
+ private void lockWritesOnProjectIndices() throws Exception {
+ tester.elasticsearch().lockWrites("issues");
+ tester.elasticsearch().lockWrites("projectmeasures");
+ tester.elasticsearch().lockWrites("components");
+ }
+
+ private void unlockWritesOnProjectIndices() throws Exception {
+ tester.elasticsearch().unlockWrites("issues");
+ tester.elasticsearch().unlockWrites("projectmeasures");
+ tester.elasticsearch().unlockWrites("components");
+ }
+
+ /**
+ * Gives the read access only to the specified user. All other users and groups
+ * loose their ability to see the project.
+ */
+ private void createAndApplyTemplate(Organization organization, Project project, WsUsers.CreateWsResponse.User user) {
+ String templateName = "For user";
+ PermissionsService service = tester.wsClient().permissions();
+ service.createTemplate(new CreateTemplateWsRequest()
+ .setOrganization(organization.getKey())
+ .setName(templateName)
+ .setDescription("Give admin permissions to single user"));
+ service.addUserToTemplate(new AddUserToTemplateWsRequest()
+ .setOrganization(organization.getKey())
+ .setLogin(user.getLogin())
+ .setPermission("user")
+ .setTemplateName(templateName));
+ service.applyTemplate(new ApplyTemplateWsRequest()
+ .setOrganization(organization.getKey())
+ .setProjectKey(project.getKey())
+ .setTemplateName(templateName));
+ }
+
+ private void assertThatUserHasPermission(WsUsers.CreateWsResponse.User user, Organization organization, Project project) {
+ assertThat(hasAdminPermission(user, organization, project)).isTrue();
+ }
+
+ private void assertThatUserDoesNotHavePermission(WsUsers.CreateWsResponse.User user, Organization organization, Project project) {
+ assertThat(hasAdminPermission(user, organization, project)).isFalse();
+ }
+
+ private boolean userHasAccessToIndexedProject(WsUsers.CreateWsResponse.User user, Organization organization, Project project) {
+ SearchProjectsRequest request = SearchProjectsRequest.builder().setOrganization(organization.getKey()).build();
+ WsClient userSession = tester.as(user.getLogin()).wsClient();
+ return userSession.components().searchProjects(request)
+ .getComponentsList().stream()
+ .anyMatch(c -> c.getKey().equals(project.getKey()));
+ }
+
+ private boolean hasAdminPermission(WsUsers.CreateWsResponse.User user, Organization organization, Project project) {
+ UsersWsRequest request = new UsersWsRequest()
+ .setOrganization(organization.getKey())
+ .setProjectKey(project.getKey())
+ .setPermission("user");
+ WsPermissions.UsersWsResponse response = tester.wsClient().permissions().users(request);
+ Optional<WsPermissions.User> found = response.getUsersList().stream()
+ .filter(u -> user.getLogin().equals(u.getLogin()))
+ .findFirst();
+ return found.isPresent();
+ }
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2017 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonarqube.tests.projectAdministration;
+
+import com.sonar.orchestrator.Orchestrator;
+import com.sonar.orchestrator.build.SonarScanner;
+import org.sonarqube.tests.Category1Suite;
+import java.sql.SQLException;
+import org.junit.Before;
+import org.junit.ClassRule;
+import org.junit.Rule;
+import org.junit.Test;
+import org.sonarqube.ws.WsComponents;
+import org.sonarqube.ws.client.component.SearchProjectsRequest;
+import org.sonarqube.ws.client.permission.RemoveGroupWsRequest;
+import org.sonarqube.ws.client.project.UpdateVisibilityRequest;
+import org.sonarqube.pageobjects.Navigation;
+import org.sonarqube.pageobjects.ProjectsManagementPage;
+import util.user.UserRule;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static util.ItUtils.newAdminWsClient;
+import static util.ItUtils.projectDir;
+
+public class ProjectVisibilityPageTest {
+
+ @ClassRule
+ public static Orchestrator orchestrator = Category1Suite.ORCHESTRATOR;
+
+ @Rule
+ public UserRule userRule = UserRule.from(orchestrator);
+
+ private Navigation nav = Navigation.create(orchestrator);
+
+ private String adminUser;
+
+ @Before
+ public void initData() throws SQLException {
+ orchestrator.resetData();
+ adminUser = userRule.createAdminUser();
+ }
+
+ @Test
+ public void return_all_projects_even_when_no_permission() throws Exception {
+ orchestrator.executeBuild(SonarScanner.create(projectDir("shared/xoo-sample")).setProperties("sonar.projectKey", "sample1"));
+ orchestrator.executeBuild(SonarScanner.create(projectDir("shared/xoo-sample")).setProperties("sonar.projectKey", "sample2"));
+ newAdminWsClient(orchestrator).projects().updateVisibility(UpdateVisibilityRequest.builder().setProject("sample2").setVisibility("private").build());
+ // Remove 'Admin' permission for admin group on project 2 -> No one can access or admin this project, expect System Admin
+ newAdminWsClient(orchestrator).permissions().removeGroup(new RemoveGroupWsRequest().setProjectKey("sample2").setGroupName("sonar-administrators").setPermission("admin"));
+
+ nav.logIn().submitCredentials(adminUser).openProjectsManagement()
+ .shouldHaveProject("sample1")
+ .shouldHaveProject("sample2");
+ }
+
+ @Test
+ public void create_public_project() {
+ createProjectAndVerify("public");
+ }
+
+ @Test
+ public void create_private_project() {
+ createProjectAndVerify("private");
+ }
+
+ private void createProjectAndVerify(String visibility) {
+ ProjectsManagementPage page = nav.logIn().submitCredentials(adminUser, adminUser).openProjectsManagement();
+ page
+ .shouldHaveProjectsCount(0)
+ .createProject("foo", "foo", visibility)
+ .shouldHaveProjectsCount(1);
+
+ WsComponents.SearchProjectsWsResponse response = newAdminWsClient(orchestrator).components().searchProjects(
+ SearchProjectsRequest.builder().build());
+ assertThat(response.getComponentsCount()).isEqualTo(1);
+ assertThat(response.getComponents(0).getKey()).isEqualTo("foo");
+ assertThat(response.getComponents(0).getName()).isEqualTo("foo");
+ assertThat(response.getComponents(0).getVisibility()).isEqualTo(visibility);
+ }
+
+}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2017 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonarqube.tests.projectAdministration;
-
-import com.sonar.orchestrator.Orchestrator;
-import com.sonar.orchestrator.build.SonarScanner;
-import org.sonarqube.tests.Category1Suite;
-import java.sql.SQLException;
-import org.junit.Before;
-import org.junit.ClassRule;
-import org.junit.Rule;
-import org.junit.Test;
-import org.sonarqube.ws.WsComponents;
-import org.sonarqube.ws.client.component.SearchProjectsRequest;
-import org.sonarqube.ws.client.permission.RemoveGroupWsRequest;
-import org.sonarqube.ws.client.project.UpdateVisibilityRequest;
-import org.sonarqube.pageobjects.Navigation;
-import org.sonarqube.pageobjects.ProjectsManagementPage;
-import util.user.UserRule;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static util.ItUtils.newAdminWsClient;
-import static util.ItUtils.projectDir;
-
-public class ProjectVisibilityTest {
-
- @ClassRule
- public static Orchestrator orchestrator = Category1Suite.ORCHESTRATOR;
-
- @Rule
- public UserRule userRule = UserRule.from(orchestrator);
-
- private Navigation nav = Navigation.create(orchestrator);
-
- private String adminUser;
-
- @Before
- public void initData() throws SQLException {
- orchestrator.resetData();
- adminUser = userRule.createAdminUser();
- }
-
- @Test
- public void return_all_projects_even_when_no_permission() throws Exception {
- orchestrator.executeBuild(SonarScanner.create(projectDir("shared/xoo-sample")).setProperties("sonar.projectKey", "sample1"));
- orchestrator.executeBuild(SonarScanner.create(projectDir("shared/xoo-sample")).setProperties("sonar.projectKey", "sample2"));
- newAdminWsClient(orchestrator).projects().updateVisibility(UpdateVisibilityRequest.builder().setProject("sample2").setVisibility("private").build());
- // Remove 'Admin' permission for admin group on project 2 -> No one can access or admin this project, expect System Admin
- newAdminWsClient(orchestrator).permissions().removeGroup(new RemoveGroupWsRequest().setProjectKey("sample2").setGroupName("sonar-administrators").setPermission("admin"));
-
- nav.logIn().submitCredentials(adminUser).openProjectsManagement()
- .shouldHaveProject("sample1")
- .shouldHaveProject("sample2");
- }
-
- @Test
- public void create_public_project() {
- createProjectAndVerify("public");
- }
-
- @Test
- public void create_private_project() {
- createProjectAndVerify("private");
- }
-
- private void createProjectAndVerify(String visibility) {
- ProjectsManagementPage page = nav.logIn().submitCredentials(adminUser, adminUser).openProjectsManagement();
- page
- .shouldHaveProjectsCount(0)
- .createProject("foo", "foo", visibility)
- .shouldHaveProjectsCount(1);
-
- WsComponents.SearchProjectsWsResponse response = newAdminWsClient(orchestrator).components().searchProjects(
- SearchProjectsRequest.builder().build());
- assertThat(response.getComponentsCount()).isEqualTo(1);
- assertThat(response.getComponents(0).getKey()).isEqualTo("foo");
- assertThat(response.getComponents(0).getName()).isEqualTo("foo");
- assertThat(response.getComponents(0).getVisibility()).isEqualTo(visibility);
- }
-
-}
projects / sonarqube.git / commitdiff