*/
package org.sonar.server.permission;
-import java.util.Date;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-
import static java.lang.String.format;
public class DefaultPermissionTemplates {
public static final String DEFAULT_TEMPLATE_PROPERTY = "sonar.permission.template.default";
- public static final PermissionTemplateDto DEFAULT_TEMPLATE = new PermissionTemplateDto()
- .setName("Default template")
- .setUuid("default_template")
- .setDescription("This permission template will be used as default when no other permission configuration is available")
- .setCreatedAt(new Date())
- .setUpdatedAt(new Date());
+ public static final String DEFAULT_TEMPLATE_KEY = "default_template";
private static final String DEFAULT_ROOT_QUALIFIER_TEMPLATE_PATTERN = "sonar.permission.template.%s.default";
private DefaultPermissionTemplates() {
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.permission.ws;
-
-import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
-import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
-import static org.sonar.server.permission.ws.WsTemplateRef.newTemplateRef;
-import static org.sonar.server.ws.WsUtils.checkRequest;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-
-import java.util.Set;
-import org.sonar.api.server.ws.Request;
-import org.sonar.api.server.ws.Response;
-import org.sonar.api.server.ws.WebService;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.server.permission.ws.template.DefaultPermissionTemplateFinder;
-import org.sonar.server.user.UserSession;
-import org.sonarqube.ws.client.permission.DeleteTemplateWsRequest;
-
-public class DeleteTemplateAction implements PermissionsWsAction {
- private final DbClient dbClient;
- private final UserSession userSession;
- private final PermissionDependenciesFinder finder;
- private final DefaultPermissionTemplateFinder defaultPermissionTemplateFinder;
-
- public DeleteTemplateAction(DbClient dbClient, UserSession userSession, PermissionDependenciesFinder finder, DefaultPermissionTemplateFinder defaultPermissionTemplateFinder) {
- this.dbClient = dbClient;
- this.userSession = userSession;
- this.finder = finder;
- this.defaultPermissionTemplateFinder = defaultPermissionTemplateFinder;
- }
-
- @Override
- public void define(WebService.NewController context) {
- WebService.NewAction action = context.createAction("delete_template")
- .setDescription("Delete a permission template.<br />" +
- "It requires administration permissions to access.")
- .setSince("5.2")
- .setPost(true)
- .setHandler(this);
-
- createTemplateParameters(action);
- }
-
- @Override
- public void handle(Request request, Response response) throws Exception {
- checkGlobalAdminUser(userSession);
- doHandle(toDeleteTemplateWsRequest(request));
- response.noContent();
- }
-
- private void doHandle(DeleteTemplateWsRequest request) {
- DbSession dbSession = dbClient.openSession(false);
- try {
- PermissionTemplateDto template = finder.getTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
- checkTemplateUuidIsNotDefault(template.getUuid());
- dbClient.permissionTemplateDao().deleteById(dbSession, template.getId());
- dbSession.commit();
- } finally {
- dbClient.closeSession(dbSession);
- }
- }
-
- private static DeleteTemplateWsRequest toDeleteTemplateWsRequest(Request request) {
- return new DeleteTemplateWsRequest()
- .setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setTemplateName(request.param(PARAM_TEMPLATE_NAME));
- }
-
- private void checkTemplateUuidIsNotDefault(String key) {
- Set<String> defaultTemplateUuids = defaultPermissionTemplateFinder.getDefaultTemplateUuids();
- checkRequest(!defaultTemplateUuids.contains(key), "It is not possible to delete a default template");
- }
-}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.permission.ws;
-
-import com.google.common.collect.Multimap;
-import com.google.common.collect.Ordering;
-import com.google.common.collect.TreeMultimap;
-import java.util.List;
-import java.util.stream.Collectors;
-import org.sonar.api.security.DefaultGroups;
-import org.sonar.api.server.ws.Request;
-import org.sonar.api.server.ws.Response;
-import org.sonar.api.server.ws.WebService;
-import org.sonar.api.utils.Paging;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.permission.PermissionQuery;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.permission.template.PermissionTemplateGroupDto;
-import org.sonar.db.user.GroupDto;
-import org.sonar.server.user.UserSession;
-import org.sonarqube.ws.WsPermissions;
-
-import static org.sonar.api.server.ws.WebService.Param.PAGE;
-import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
-import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
-import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
-import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE;
-import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH;
-import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
-import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPermission;
-import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
-import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
-import static org.sonar.server.ws.WsUtils.writeProtobuf;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
-
-public class TemplateGroupsAction implements PermissionsWsAction {
- private final DbClient dbClient;
- private final UserSession userSession;
- private final PermissionDependenciesFinder dependenciesFinder;
-
- public TemplateGroupsAction(DbClient dbClient, UserSession userSession, PermissionDependenciesFinder dependenciesFinder) {
- this.dbClient = dbClient;
- this.userSession = userSession;
- this.dependenciesFinder = dependenciesFinder;
- }
-
- @Override
- public void define(WebService.NewController context) {
- WebService.NewAction action = context.createAction("template_groups")
- .setSince("5.2")
- .setInternal(true)
- .setDescription("Lists the groups with their permission as individual groups rather than through user affiliation on the chosen template.<br />" +
- "This service defaults to all groups, but can be limited to groups with a specific permission by providing the desired permission.<br>" +
- "It requires administration permissions to access.")
- .addPagingParams(DEFAULT_PAGE_SIZE, RESULTS_MAX_SIZE)
- .setResponseExample(getClass().getResource("template_groups-example.json"))
- .setHandler(this);
-
- action.createParam(TEXT_QUERY)
- .setDescription("Limit search to group names that contain the supplied string. Must have at least %d characters.<br/>" +
- "When this parameter is not set, only group having at least one permission are returned.", SEARCH_QUERY_MIN_LENGTH)
- .setExampleValue("eri");
-
- createProjectPermissionParameter(action);
- createTemplateParameters(action);
- }
-
- @Override
- public void handle(Request wsRequest, Response wsResponse) throws Exception {
- checkGlobalAdminUser(userSession);
- DbSession dbSession = dbClient.openSession(false);
- try {
- WsTemplateRef templateRef = WsTemplateRef.fromRequest(wsRequest);
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, templateRef);
-
- PermissionQuery query = buildPermissionQuery(wsRequest);
- int total = dbClient.permissionTemplateDao().countGroupNamesByQueryAndTemplate(dbSession, query, template.getId());
- Paging paging = Paging.forPageIndex(wsRequest.mandatoryParamAsInt(PAGE)).withPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE)).andTotal(total);
- List<GroupDto> groups = findGroups(dbSession, query, template);
- List<PermissionTemplateGroupDto> groupPermissions = findGroupPermissions(dbSession, groups, template);
- WsPermissions.WsGroupsResponse groupsResponse = buildResponse(groups, groupPermissions, paging);
- writeProtobuf(groupsResponse, wsRequest, wsResponse);
- } finally {
- dbClient.closeSession(dbSession);
- }
- }
-
- private static PermissionQuery buildPermissionQuery(Request request) {
- String textQuery = request.param(TEXT_QUERY);
- String permission = request.param(PARAM_PERMISSION);
- PermissionQuery.Builder permissionQuery = PermissionQuery.builder()
- .setPermission(permission != null ? validateProjectPermission(permission) : null)
- .setPageIndex(request.mandatoryParamAsInt(PAGE))
- .setPageSize(request.mandatoryParamAsInt(PAGE_SIZE))
- .setSearchQuery(textQuery);
- if (textQuery == null) {
- permissionQuery.withAtLeastOnePermission();
- }
- return permissionQuery.build();
- }
-
- private static WsPermissions.WsGroupsResponse buildResponse(List<GroupDto> groups, List<PermissionTemplateGroupDto> groupPermissions, Paging paging) {
- Multimap<Long, String> permissionsByGroupId = TreeMultimap.create();
- groupPermissions.forEach(groupPermission -> permissionsByGroupId.put(groupPermission.getGroupId(), groupPermission.getPermission()));
- WsPermissions.WsGroupsResponse.Builder response = WsPermissions.WsGroupsResponse.newBuilder();
-
- groups.forEach(group -> {
- WsPermissions.Group.Builder wsGroup = response.addGroupsBuilder()
- .setName(group.getName());
- if (group.getId() != 0L) {
- wsGroup.setId(String.valueOf(group.getId()));
- }
- if (group.getDescription() != null) {
- wsGroup.setDescription(group.getDescription());
- }
- wsGroup.addAllPermissions(permissionsByGroupId.get(group.getId()));
- });
-
- response.getPagingBuilder()
- .setPageIndex(paging.pageIndex())
- .setPageSize(paging.pageSize())
- .setTotal(paging.total());
- return response.build();
- }
-
- private List<GroupDto> findGroups(DbSession dbSession, PermissionQuery dbQuery, PermissionTemplateDto template) {
- List<String> orderedNames = dbClient.permissionTemplateDao().selectGroupNamesByQueryAndTemplate(dbSession, dbQuery, template.getId());
- List<GroupDto> groups = dbClient.groupDao().selectByNames(dbSession, orderedNames);
- if (orderedNames.contains(DefaultGroups.ANYONE)) {
- groups.add(0, new GroupDto().setId(0L).setName(DefaultGroups.ANYONE));
- }
- return Ordering.explicit(orderedNames).onResultOf(GroupDto::getName).immutableSortedCopy(groups);
- }
-
- private List<PermissionTemplateGroupDto> findGroupPermissions(DbSession dbSession, List<GroupDto> groups, PermissionTemplateDto template) {
- List<String> names = groups.stream().map(GroupDto::getName).collect(Collectors.toList());
- return dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateIdAndGroupNames(dbSession, template.getId(), names);
- }
-}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.permission.ws;
-
-import com.google.common.collect.Multimap;
-import com.google.common.collect.Ordering;
-import com.google.common.collect.TreeMultimap;
-import java.util.List;
-import java.util.stream.Collectors;
-import org.sonar.api.server.ws.Request;
-import org.sonar.api.server.ws.Response;
-import org.sonar.api.server.ws.WebService;
-import org.sonar.api.server.ws.WebService.Param;
-import org.sonar.api.utils.Paging;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.permission.PermissionQuery;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.permission.template.PermissionTemplateUserDto;
-import org.sonar.db.user.UserDto;
-import org.sonar.server.user.UserSession;
-import org.sonarqube.ws.WsPermissions;
-import org.sonarqube.ws.WsPermissions.UsersWsResponse;
-
-import static org.sonar.api.server.ws.WebService.Param.PAGE;
-import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
-import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
-import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
-import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE;
-import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH;
-import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
-import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPermission;
-import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
-import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
-import static org.sonar.server.ws.WsUtils.writeProtobuf;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
-
-public class TemplateUsersAction implements PermissionsWsAction {
-
- private final DbClient dbClient;
- private final UserSession userSession;
- private final PermissionDependenciesFinder dependenciesFinder;
-
- public TemplateUsersAction(DbClient dbClient, UserSession userSession, PermissionDependenciesFinder dependenciesFinder) {
- this.dbClient = dbClient;
- this.userSession = userSession;
- this.dependenciesFinder = dependenciesFinder;
- }
-
- @Override
- public void define(WebService.NewController context) {
- WebService.NewAction action = context
- .createAction("template_users")
- .setSince("5.2")
- .setDescription("Lists the users with their permission as individual users rather than through group affiliation on the chosen template. <br />" +
- "This service defaults to all users, but can be limited to users with a specific permission by providing the desired permission.<br>" +
- "It requires administration permissions to access.<br />")
- .addPagingParams(DEFAULT_PAGE_SIZE, RESULTS_MAX_SIZE)
- .setInternal(true)
- .setResponseExample(getClass().getResource("template_users-example.json"))
- .setHandler(this);
-
- action.createParam(Param.TEXT_QUERY)
- .setDescription("Limit search to user names that contain the supplied string. Must have at least %d characters.<br/>" +
- "When this parameter is not set, only users having at least one permission are returned.", SEARCH_QUERY_MIN_LENGTH)
- .setExampleValue("eri");
- createProjectPermissionParameter(action).setRequired(false);
- createTemplateParameters(action);
- }
-
- @Override
- public void handle(Request wsRequest, Response wsResponse) throws Exception {
- checkGlobalAdminUser(userSession);
- DbSession dbSession = dbClient.openSession(false);
- try {
- WsTemplateRef templateRef = WsTemplateRef.fromRequest(wsRequest);
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, templateRef);
-
- PermissionQuery query = buildQuery(wsRequest, template);
- int total = dbClient.permissionTemplateDao().countUserLoginsByQueryAndTemplate(dbSession, query, template.getId());
- Paging paging = Paging.forPageIndex(wsRequest.mandatoryParamAsInt(PAGE)).withPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE)).andTotal(total);
- List<UserDto> users = findUsers(dbSession, query, template);
- List<PermissionTemplateUserDto> permissionTemplateUsers = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateIdAndUserLogins(dbSession, template.getId(),
- users.stream().map(UserDto::getLogin).collect(Collectors.toList()));
- WsPermissions.UsersWsResponse templateUsersResponse = buildResponse(users, permissionTemplateUsers, paging);
- writeProtobuf(templateUsersResponse, wsRequest, wsResponse);
- } finally {
- dbClient.closeSession(dbSession);
- }
- }
-
- private static PermissionQuery buildQuery(Request wsRequest, PermissionTemplateDto template) {
- String textQuery = wsRequest.param(TEXT_QUERY);
- String permission = wsRequest.param(PARAM_PERMISSION);
- PermissionQuery.Builder query = PermissionQuery.builder()
- .setTemplate(template.getUuid())
- .setPermission(permission != null ? validateProjectPermission(permission) : null)
- .setPageIndex(wsRequest.mandatoryParamAsInt(PAGE))
- .setPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE))
- .setSearchQuery(textQuery);
- if (textQuery == null) {
- query.withAtLeastOnePermission();
- }
- return query.build();
- }
-
- private static WsPermissions.UsersWsResponse buildResponse(List<UserDto> users, List<PermissionTemplateUserDto> permissionTemplateUsers, Paging paging) {
- Multimap<Long, String> permissionsByUserId = TreeMultimap.create();
- permissionTemplateUsers.forEach(userPermission -> permissionsByUserId.put(userPermission.getUserId(), userPermission.getPermission()));
-
- UsersWsResponse.Builder responseBuilder = UsersWsResponse.newBuilder();
- users.forEach(user -> {
- WsPermissions.User.Builder userResponse = responseBuilder.addUsersBuilder()
- .setLogin(user.getLogin())
- .addAllPermissions(permissionsByUserId.get(user.getId()));
- if (user.getEmail() != null) {
- userResponse.setEmail(user.getEmail());
- }
- if (user.getName() != null) {
- userResponse.setName(user.getName());
- }
- });
- responseBuilder.getPagingBuilder()
- .setPageIndex(paging.pageIndex())
- .setPageSize(paging.pageSize())
- .setTotal(paging.total())
- .build();
- return responseBuilder.build();
- }
-
- private List<UserDto> findUsers(DbSession dbSession, PermissionQuery query, PermissionTemplateDto template) {
- List<String> orderedLogins = dbClient.permissionTemplateDao().selectUserLoginsByQueryAndTemplate(dbSession, query, template.getId());
- return Ordering.explicit(orderedLogins).onResultOf(UserDto::getLogin).immutableSortedCopy(dbClient.userDao().selectByLogins(dbSession, orderedLogins));
- }
-
-}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.permission.ws;
-
-import javax.annotation.CheckForNull;
-import javax.annotation.Nullable;
-import org.sonar.api.server.ws.Request;
-
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-import static org.sonar.server.ws.WsUtils.checkRequest;
-
-/**
- * Template from a WS request. Guaranties the template id or the template name is provided, not both.
- */
-public class WsTemplateRef {
-
- private final String uuid;
- private final String name;
-
- private WsTemplateRef(@Nullable String uuid, @Nullable String name) {
- checkRequest(uuid != null ^ name != null, "Template name or template id must be provided, not both.");
-
- this.uuid = uuid;
- this.name = name;
- }
-
- public static WsTemplateRef fromRequest(Request wsRequest) {
- String uuid = wsRequest.param(PARAM_TEMPLATE_ID);
- String name = wsRequest.param(PARAM_TEMPLATE_NAME);
-
- return new WsTemplateRef(uuid, name);
- }
-
- public static WsTemplateRef newTemplateRef(@Nullable String uuid, @Nullable String name) {
- return new WsTemplateRef(uuid, name);
- }
-
- @CheckForNull
- public String uuid() {
- return this.uuid;
- }
-
- @CheckForNull
- public String name() {
- return this.name;
- }
-}
*/
package org.sonar.server.permission.ws.template;
-import javax.annotation.Nullable;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
+import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
-import org.sonar.db.permission.OldPermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.GroupDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.user.UserSession;
-import org.sonar.server.usergroups.ws.WsGroupRef;
-import org.sonarqube.ws.client.permission.AddGroupToTemplateWsRequest;
+import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
-import static org.sonar.api.security.DefaultGroups.ANYONE;
-import static org.sonar.db.user.GroupMembershipQuery.IN;
+import static java.lang.String.format;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
-import static org.sonar.server.permission.ws.PermissionRequestValidator.validateNotAnyoneAndAdminPermission;
-import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPermission;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createGroupIdParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createGroupNameParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
-import static org.sonar.server.permission.ws.WsTemplateRef.newTemplateRef;
-import static org.sonar.server.usergroups.ws.WsGroupRef.newWsGroupRef;
+import static org.sonar.server.permission.ws.template.WsTemplateRef.fromRequest;
+import static org.sonar.server.ws.WsUtils.checkRequest;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
public class AddGroupToTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
- private final PermissionDependenciesFinder dependenciesFinder;
+ private final PermissionWsSupport support;
private final UserSession userSession;
- public AddGroupToTemplateAction(DbClient dbClient, PermissionDependenciesFinder dependenciesFinder, UserSession userSession) {
+ public AddGroupToTemplateAction(DbClient dbClient, PermissionWsSupport support, UserSession userSession) {
this.dbClient = dbClient;
- this.dependenciesFinder = dependenciesFinder;
+ this.support = support;
this.userSession = userSession;
}
}
@Override
- public void handle(Request wsRequest, Response wsResponse) {
+ public void handle(Request request, Response response) {
checkGlobalAdminUser(userSession);
- doHandle(toAddGroupToTemplateWsRequest(wsRequest));
- wsResponse.noContent();
- }
- private void doHandle(AddGroupToTemplateWsRequest wsRequest) {
- String permission = wsRequest.getPermission();
- Long requestGroupId = wsRequest.getGroupId() == null ? null : Long.valueOf(wsRequest.getGroupId());
- WsGroupRef group = newWsGroupRef(requestGroupId, wsRequest.getGroupName());
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ String permission = request.mandatoryParam(PARAM_PERMISSION);
+ GroupIdOrAnyone groupId = support.findGroup(dbSession, request);
+ checkRequest(!GlobalPermissions.SYSTEM_ADMIN.equals(permission) || !groupId.isAnyone(),
+ format("It is not possible to add the '%s' permission to the group 'Anyone'.", permission));
- DbSession dbSession = dbClient.openSession(false);
- try {
- validateProjectPermission(permission);
- validateNotAnyoneAndAdminPermission(permission, group.name());
+ PermissionTemplateDto template = support.findTemplate(dbSession, fromRequest(request));
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, newTemplateRef(wsRequest.getTemplateId(), wsRequest.getTemplateName()));
- GroupDto groupDto = dependenciesFinder.getGroup(dbSession, group);
-
- if (!groupAlreadyAdded(dbSession, template.getId(), groupDto, permission)) {
- Long groupId = groupDto == null ? null : groupDto.getId();
- dbClient.permissionTemplateDao().insertGroupPermission(dbSession, template.getId(), groupId, permission);
+ if (!groupAlreadyAdded(dbSession, template.getId(), permission, groupId)) {
+ dbClient.permissionTemplateDao().insertGroupPermission(dbSession, template.getId(), groupId.getId(), permission);
+ dbSession.commit();
}
- } finally {
- dbClient.closeSession(dbSession);
}
+ response.noContent();
}
- private boolean groupAlreadyAdded(DbSession dbSession, long templateId, @Nullable GroupDto group, String permission) {
- String groupName = group == null ? ANYONE : group.getName();
- OldPermissionQuery permissionQuery = OldPermissionQuery.builder().membership(IN).permission(permission).build();
- return dbClient.permissionTemplateDao().hasGroup(dbSession, permissionQuery, templateId, groupName);
- }
-
- private static AddGroupToTemplateWsRequest toAddGroupToTemplateWsRequest(Request request) {
- return new AddGroupToTemplateWsRequest()
- .setPermission(request.mandatoryParam(PARAM_PERMISSION))
- .setGroupId(request.param(PARAM_GROUP_ID))
- .setGroupName(request.param(PARAM_GROUP_NAME))
- .setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setTemplateName(request.param(PARAM_TEMPLATE_NAME));
+ private boolean groupAlreadyAdded(DbSession dbSession, long templateId, String permission, GroupIdOrAnyone group) {
+ return dbClient.permissionTemplateDao().hasGroupsWithPermission(dbSession, templateId, permission, group.getId());
}
}
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
-import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
-import org.sonar.server.permission.ws.WsTemplateRef;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.permission.AddProjectCreatorToTemplateWsRequest;
public class AddProjectCreatorToTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
- private final PermissionDependenciesFinder dependenciesFinder;
+ private final PermissionWsSupport wsSupport;
private final UserSession userSession;
private final System2 system;
- public AddProjectCreatorToTemplateAction(DbClient dbClient, PermissionDependenciesFinder dependenciesFinder, UserSession userSession, System2 system) {
+ public AddProjectCreatorToTemplateAction(DbClient dbClient, PermissionWsSupport wsSupport, UserSession userSession, System2 system) {
this.dbClient = dbClient;
- this.dependenciesFinder = dependenciesFinder;
+ this.wsSupport = wsSupport;
this.userSession = userSession;
this.system = system;
}
}
private void doHandle(AddProjectCreatorToTemplateWsRequest request) {
- DbSession dbSession = dbClient.openSession(false);
- try {
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, WsTemplateRef.newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ PermissionTemplateDto template = wsSupport.findTemplate(dbSession, WsTemplateRef.newTemplateRef(request.getTemplateId(), request.getTemplateName()));
Optional<PermissionTemplateCharacteristicDto> templatePermission = dbClient.permissionTemplateCharacteristicDao()
.selectByPermissionAndTemplateId(dbSession, request.getPermission(), template.getId());
if (templatePermission.isPresent()) {
} else {
addTemplatePermission(dbSession, request, template);
}
- } finally {
- dbClient.closeSession(dbSession);
}
}
import org.sonar.db.DbSession;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.UserDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.UserId;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.permission.AddUserToTemplateWsRequest;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
-import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPermission;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createUserLoginParameter;
-import static org.sonar.server.permission.ws.WsTemplateRef.newTemplateRef;
+import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
public class AddUserToTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
- private final PermissionDependenciesFinder dependenciesFinder;
+ private final PermissionWsSupport wsSupport;
private final UserSession userSession;
- public AddUserToTemplateAction(DbClient dbClient, PermissionDependenciesFinder dependenciesFinder, UserSession userSession) {
+ public AddUserToTemplateAction(DbClient dbClient, PermissionWsSupport wsSupport, UserSession userSession) {
this.dbClient = dbClient;
- this.dependenciesFinder = dependenciesFinder;
+ this.wsSupport = wsSupport;
this.userSession = userSession;
}
private void doHandle(AddUserToTemplateWsRequest request) {
String permission = request.getPermission();
- final String userLogin = request.getLogin();
+ String userLogin = request.getLogin();
- DbSession dbSession = dbClient.openSession(false);
- try {
- validateProjectPermission(permission);
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
- UserDto user = dependenciesFinder.getUser(dbSession, userLogin);
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+ UserId user = wsSupport.findUser(dbSession, userLogin);
if (!isUserAlreadyAdded(dbSession, template.getId(), userLogin, permission)) {
dbClient.permissionTemplateDao().insertUserPermission(dbSession, template.getId(), user.getId(), permission);
+ dbSession.commit();
}
- } finally {
- dbClient.closeSession(dbSession);
}
}
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.permission.ApplyPermissionTemplateQuery;
import org.sonar.server.permission.PermissionService;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonarqube.ws.client.permission.ApplyTemplateWsRequest;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectParameters;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
import static org.sonar.server.permission.ws.WsProjectRef.newWsProjectRef;
-import static org.sonar.server.permission.ws.WsTemplateRef.newTemplateRef;
+import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
public class ApplyTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
private final PermissionService permissionService;
- private final PermissionDependenciesFinder finder;
+ private final PermissionWsSupport wsSupport;
- public ApplyTemplateAction(DbClient dbClient, PermissionService permissionService, PermissionDependenciesFinder finder) {
+ public ApplyTemplateAction(DbClient dbClient, PermissionService permissionService, PermissionWsSupport wsSupport) {
this.dbClient = dbClient;
this.permissionService = permissionService;
- this.finder = finder;
+ this.wsSupport = wsSupport;
}
@Override
}
private void doHandle(ApplyTemplateWsRequest request) {
- DbSession dbSession = dbClient.openSession(false);
- try {
- PermissionTemplateDto template = finder.getTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
- ComponentDto project = finder.getRootComponentOrModule(dbSession, newWsProjectRef(request.getProjectId(), request.getProjectKey()));
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+ ComponentDto project = wsSupport.getRootComponentOrModule(dbSession, newWsProjectRef(request.getProjectId(), request.getProjectKey()));
ApplyPermissionTemplateQuery query = ApplyPermissionTemplateQuery.create(
template.getUuid(),
singletonList(project.key()));
- permissionService.applyPermissionTemplate(query);
- } finally {
- dbClient.closeSession(dbSession);
+ permissionService.applyPermissionTemplate(dbSession, query);
}
}
package org.sonar.server.permission.ws.template;
-import static org.sonar.server.component.ResourceTypeFunctions.RESOURCE_TYPE_TO_QUALIFIER;
-import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
-import static org.sonar.server.permission.ws.WsTemplateRef.newTemplateRef;
-import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
-import static org.sonar.server.ws.WsParameterBuilder.createRootQualifierParameter;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-
import com.google.common.collect.Collections2;
import com.google.common.collect.Lists;
import java.util.List;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.permission.ApplyPermissionTemplateQuery;
import org.sonar.server.permission.PermissionService;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonarqube.ws.client.permission.BulkApplyTemplateWsRequest;
+import static org.sonar.server.component.ResourceTypeFunctions.RESOURCE_TYPE_TO_QUALIFIER;
+import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
+import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
+import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
+import static org.sonar.server.ws.WsParameterBuilder.createRootQualifierParameter;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
+
public class BulkApplyTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
private final PermissionService permissionService;
- private final PermissionDependenciesFinder finder;
+ private final PermissionWsSupport wsSupport;
private final I18n i18n;
private final ResourceTypes resourceTypes;
- public BulkApplyTemplateAction(DbClient dbClient, PermissionService permissionService, PermissionDependenciesFinder finder, I18n i18n,
+ public BulkApplyTemplateAction(DbClient dbClient, PermissionService permissionService, PermissionWsSupport wsSupport, I18n i18n,
ResourceTypes resourceTypes) {
this.dbClient = dbClient;
this.permissionService = permissionService;
- this.finder = finder;
+ this.wsSupport = wsSupport;
this.i18n = i18n;
this.resourceTypes = resourceTypes;
}
}
private void doHandle(BulkApplyTemplateWsRequest request) {
- DbSession dbSession = dbClient.openSession(false);
- try {
- PermissionTemplateDto template = finder.getTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ PermissionTemplateDto template = wsSupport.findTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
ComponentQuery componentQuery = ComponentQuery.builder()
.setNameOrKeyQuery(request.getQuery())
.setQualifiers(qualifiers(request.getQualifier()))
template.getUuid(),
Lists.transform(rootComponents, ComponentDtoFunctions.toKey()));
permissionService.applyPermissionTemplate(dbSession, query);
- } finally {
- dbClient.closeSession(dbSession);
}
}
*/
package org.sonar.server.permission.ws.template;
+import java.util.Date;
import org.sonar.api.server.ws.Request;
import org.sonar.api.server.ws.Response;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.System2;
+import org.sonar.core.util.Uuids;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
+import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsPermissions.CreateTemplateWsResponse;
import static org.sonar.server.permission.ws.PermissionRequestValidator.MSG_TEMPLATE_WITH_SAME_NAME;
import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPattern;
import static org.sonar.server.permission.ws.PermissionRequestValidator.validateTemplateNameFormat;
+import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createOrganizationParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateDescriptionParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateProjectKeyPatternParameter;
-import static org.sonar.server.permission.ws.template.PermissionTemplateDtoBuilder.create;
import static org.sonar.server.permission.ws.template.PermissionTemplateDtoToPermissionTemplateResponse.toPermissionTemplateResponse;
import static org.sonar.server.ws.WsUtils.checkRequest;
import static org.sonar.server.ws.WsUtils.writeProtobuf;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION_KEY;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY_PATTERN;
public class CreateTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
private final UserSession userSession;
private final System2 system;
+ private final PermissionWsSupport wsSupport;
- public CreateTemplateAction(DbClient dbClient, UserSession userSession, System2 system) {
+ public CreateTemplateAction(DbClient dbClient, UserSession userSession, System2 system, PermissionWsSupport wsSupport) {
this.dbClient = dbClient;
this.userSession = userSession;
this.system = system;
+ this.wsSupport = wsSupport;
}
@Override
createTemplateProjectKeyPatternParameter(action);
createTemplateDescriptionParameter(action);
+ createOrganizationParameter(action);
}
@Override
}
private CreateTemplateWsResponse doHandle(CreateTemplateWsRequest request) {
- String name = request.getName();
- String description = request.getDescription();
- String projectPattern = request.getProjectKeyPattern();
- DbSession dbSession = dbClient.openSession(false);
- try {
+ try (DbSession dbSession = dbClient.openSession(false)) {
checkGlobalAdminUser(userSession);
- validateTemplateNameForCreation(dbSession, name);
- validateProjectPattern(projectPattern);
+ validateTemplateNameForCreation(dbSession, request.getName());
+ validateProjectPattern(request.getProjectKeyPattern());
- PermissionTemplateDto permissionTemplate = insertTemplate(dbSession, name, description, projectPattern);
+ PermissionTemplateDto permissionTemplate = insertTemplate(dbSession, request);
return buildResponse(permissionTemplate);
- } finally {
- dbClient.closeSession(dbSession);
}
}
return new CreateTemplateWsRequest()
.setName(request.mandatoryParam(PARAM_NAME))
.setDescription(request.param(PARAM_DESCRIPTION))
- .setProjectKeyPattern(request.param(PARAM_PROJECT_KEY_PATTERN));
+ .setProjectKeyPattern(request.param(PARAM_PROJECT_KEY_PATTERN))
+ .setOrganizationKey(request.param(PARAM_ORGANIZATION_KEY));
}
private void validateTemplateNameForCreation(DbSession dbSession, String name) {
checkRequest(permissionTemplateWithSameName == null, format(MSG_TEMPLATE_WITH_SAME_NAME, name));
}
- private PermissionTemplateDto insertTemplate(DbSession dbSession, String name, String description, String projectPattern) {
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, create(system)
- .setName(name)
- .setDescription(description)
- .setProjectKeyPattern(projectPattern)
- .toDto());
+ private PermissionTemplateDto insertTemplate(DbSession dbSession, CreateTemplateWsRequest request) {
+ OrganizationDto org = wsSupport.findOrganization(dbSession, request.getOrganizationKey());
+ Date now = new Date(system.now());
+ PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, new PermissionTemplateDto()
+ .setUuid(Uuids.create())
+ .setOrganizationUuid(org.getUuid())
+ .setName(request.getName())
+ .setDescription(request.getDescription())
+ .setKeyPattern(request.getProjectKeyPattern())
+ .setCreatedAt(now)
+ .setUpdatedAt(now));
dbSession.commit();
return template;
}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.permission.ws.template;
+
+import java.util.Set;
+import org.sonar.api.server.ws.Request;
+import org.sonar.api.server.ws.Response;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.db.DbClient;
+import org.sonar.db.DbSession;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.server.permission.ws.PermissionWsSupport;
+import org.sonar.server.permission.ws.PermissionsWsAction;
+import org.sonar.server.user.UserSession;
+import org.sonarqube.ws.client.permission.DeleteTemplateWsRequest;
+
+import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
+import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
+import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
+import static org.sonar.server.ws.WsUtils.checkRequest;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
+
+// TODO move to package "template"
+public class DeleteTemplateAction implements PermissionsWsAction {
+ private final DbClient dbClient;
+ private final UserSession userSession;
+ private final PermissionWsSupport finder;
+ private final DefaultPermissionTemplateFinder defaultPermissionTemplateFinder;
+
+ public DeleteTemplateAction(DbClient dbClient, UserSession userSession, PermissionWsSupport support, DefaultPermissionTemplateFinder defaultPermissionTemplateFinder) {
+ this.dbClient = dbClient;
+ this.userSession = userSession;
+ this.finder = support;
+ this.defaultPermissionTemplateFinder = defaultPermissionTemplateFinder;
+ }
+
+ @Override
+ public void define(WebService.NewController context) {
+ WebService.NewAction action = context.createAction("delete_template")
+ .setDescription("Delete a permission template.<br />" +
+ "It requires administration permissions to access.")
+ .setSince("5.2")
+ .setPost(true)
+ .setHandler(this);
+
+ createTemplateParameters(action);
+ }
+
+ @Override
+ public void handle(Request request, Response response) throws Exception {
+ checkGlobalAdminUser(userSession);
+ doHandle(toDeleteTemplateWsRequest(request));
+ response.noContent();
+ }
+
+ private void doHandle(DeleteTemplateWsRequest request) {
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ PermissionTemplateDto template = finder.findTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+ checkTemplateUuidIsNotDefault(template.getUuid());
+ dbClient.permissionTemplateDao().deleteById(dbSession, template.getId());
+ dbSession.commit();
+ }
+ }
+
+ private static DeleteTemplateWsRequest toDeleteTemplateWsRequest(Request request) {
+ return new DeleteTemplateWsRequest()
+ .setTemplateId(request.param(PARAM_TEMPLATE_ID))
+ .setTemplateName(request.param(PARAM_TEMPLATE_NAME));
+ }
+
+ private void checkTemplateUuidIsNotDefault(String key) {
+ Set<String> defaultTemplateUuids = defaultPermissionTemplateFinder.getDefaultTemplateUuids();
+ checkRequest(!defaultTemplateUuids.contains(key), "It is not possible to delete a default template");
+ }
+}
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.permission.ws.template;
-
-import java.util.Date;
-import org.sonar.api.utils.System2;
-import org.sonar.core.util.Uuids;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-
-public class PermissionTemplateDtoBuilder {
- private final System2 system;
- private String name;
- private String description;
- private String projectKeyPattern;
-
- private PermissionTemplateDtoBuilder(System2 system) {
- this.system = system;
- }
-
- public static PermissionTemplateDtoBuilder create(System2 system) {
- return new PermissionTemplateDtoBuilder(system);
- }
-
- public PermissionTemplateDtoBuilder setName(String name) {
- this.name = name;
- return this;
- }
-
- public PermissionTemplateDtoBuilder setDescription(String description) {
- this.description = description;
- return this;
- }
-
- public PermissionTemplateDtoBuilder setProjectKeyPattern(String projectKeyPattern) {
- this.projectKeyPattern = projectKeyPattern;
- return this;
- }
-
- public PermissionTemplateDto toDto() {
- long now = system.now();
- return new PermissionTemplateDto()
- .setName(name)
- .setDescription(description)
- .setKeyPattern(projectKeyPattern)
- .setUuid(Uuids.create())
- .setCreatedAt(new Date(now))
- .setUpdatedAt(new Date(now));
- }
-}
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.GroupDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.user.UserSession;
-import org.sonar.server.usergroups.ws.WsGroupRef;
-import org.sonarqube.ws.client.permission.RemoveGroupFromTemplateWsRequest;
+import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
-import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPermission;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createGroupIdParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createGroupNameParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
-import static org.sonar.server.permission.ws.WsTemplateRef.newTemplateRef;
-import static org.sonar.server.usergroups.ws.WsGroupRef.newWsGroupRef;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
public class RemoveGroupFromTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
- private final PermissionDependenciesFinder dependenciesFinder;
+ private final PermissionWsSupport wsSupport;
private final UserSession userSession;
- public RemoveGroupFromTemplateAction(DbClient dbClient, PermissionDependenciesFinder dependenciesFinder, UserSession userSession) {
+ public RemoveGroupFromTemplateAction(DbClient dbClient, PermissionWsSupport wsSupport, UserSession userSession) {
this.dbClient = dbClient;
- this.dependenciesFinder = dependenciesFinder;
+ this.wsSupport = wsSupport;
this.userSession = userSession;
}
@Override
public void handle(Request request, Response response) throws Exception {
checkGlobalAdminUser(userSession);
- doHandle(toRemoveGroupFromTemplateWsRequest(request));
- response.noContent();
- }
-
- private void doHandle(RemoveGroupFromTemplateWsRequest request) {
- String permission = request.getPermission();
- Long groupIdInRequest = request.getGroupId() == null ? null : Long.valueOf(request.getGroupId());
- WsGroupRef group = newWsGroupRef(groupIdInRequest, request.getGroupName());
+ String permission = request.mandatoryParam(PARAM_PERMISSION);
- DbSession dbSession = dbClient.openSession(false);
- try {
- validateProjectPermission(permission);
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
- GroupDto groupDto = dependenciesFinder.getGroup(dbSession, group);
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ GroupIdOrAnyone groupId = wsSupport.findGroup(dbSession, request);
+ PermissionTemplateDto template = wsSupport.findTemplate(dbSession, WsTemplateRef.fromRequest(request));
- Long groupId = groupDto == null ? null : groupDto.getId();
- dbClient.permissionTemplateDao().deleteGroupPermission(dbSession, template.getId(), groupId, permission);
- } finally {
- dbClient.closeSession(dbSession);
+ dbClient.permissionTemplateDao().deleteGroupPermission(dbSession, template.getId(), groupId.getId(), permission);
+ dbSession.commit();
}
- }
-
- private static RemoveGroupFromTemplateWsRequest toRemoveGroupFromTemplateWsRequest(Request request) {
- return new RemoveGroupFromTemplateWsRequest()
- .setPermission(request.mandatoryParam(PARAM_PERMISSION))
- .setGroupId(request.param(PARAM_GROUP_ID))
- .setGroupName(request.param(PARAM_GROUP_NAME))
- .setTemplateId(request.param(PARAM_TEMPLATE_ID))
- .setTemplateName(request.param(PARAM_TEMPLATE_NAME));
+ response.noContent();
}
}
import org.sonar.api.utils.System2;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
-import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDao;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
-import org.sonar.server.permission.ws.WsTemplateRef;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.permission.RemoveProjectCreatorFromTemplateWsRequest;
public class RemoveProjectCreatorFromTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
- private final PermissionDependenciesFinder dependenciesFinder;
+ private final PermissionWsSupport wsSupport;
private final UserSession userSession;
private final System2 system;
- public RemoveProjectCreatorFromTemplateAction(DbClient dbClient, PermissionDependenciesFinder dependenciesFinder, UserSession userSession, System2 system) {
+ public RemoveProjectCreatorFromTemplateAction(DbClient dbClient, PermissionWsSupport wsSupport, UserSession userSession, System2 system) {
this.dbClient = dbClient;
- this.dependenciesFinder = dependenciesFinder;
+ this.wsSupport = wsSupport;
this.userSession = userSession;
this.system = system;
}
}
private void doHandle(RemoveProjectCreatorFromTemplateWsRequest request) {
- DbSession dbSession = dbClient.openSession(false);
- try {
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, WsTemplateRef.newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ PermissionTemplateDto template = wsSupport.findTemplate(dbSession, WsTemplateRef.newTemplateRef(request.getTemplateId(), request.getTemplateName()));
PermissionTemplateCharacteristicDao dao = dbClient.permissionTemplateCharacteristicDao();
Optional<PermissionTemplateCharacteristicDto> templatePermission = dao.selectByPermissionAndTemplateId(dbSession, request.getPermission(), template.getId());
if (templatePermission.isPresent()) {
updateTemplateCharacteristic(dbSession, templatePermission.get());
}
- } finally {
- dbClient.closeSession(dbSession);
}
}
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.UserDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.UserId;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
-import org.sonar.server.permission.ws.WsTemplateRef;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.client.permission.RemoveUserFromTemplateWsRequest;
public class RemoveUserFromTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
- private final PermissionDependenciesFinder dependenciesFinder;
+ private final PermissionWsSupport wsSupport;
private final UserSession userSession;
- public RemoveUserFromTemplateAction(DbClient dbClient, PermissionDependenciesFinder dependenciesFinder, UserSession userSession) {
+ public RemoveUserFromTemplateAction(DbClient dbClient, PermissionWsSupport wsSupport, UserSession userSession) {
this.dbClient = dbClient;
- this.dependenciesFinder = dependenciesFinder;
+ this.wsSupport = wsSupport;
this.userSession = userSession;
}
String permission = request.getPermission();
String userLogin = request.getLogin();
- DbSession dbSession = dbClient.openSession(false);
- try {
+ try (DbSession dbSession = dbClient.openSession(false)) {
validateProjectPermission(permission);
- PermissionTemplateDto template = dependenciesFinder.getTemplate(dbSession, WsTemplateRef.newTemplateRef(request.getTemplateId(), request.getTemplateName()));
- UserDto user = dependenciesFinder.getUser(dbSession, userLogin);
+ PermissionTemplateDto template = wsSupport.findTemplate(dbSession, WsTemplateRef.newTemplateRef(request.getTemplateId(), request.getTemplateName()));
+ UserId user = wsSupport.findUser(dbSession, userLogin);
dbClient.permissionTemplateDao().deleteUserPermission(dbSession, template.getId(), user.getId(), permission);
dbSession.commit();
- } finally {
- dbClient.closeSession(dbSession);
}
}
import org.sonar.api.server.ws.WebService.Param;
import org.sonar.core.permission.ProjectPermissions;
import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.user.UserSession;
}
private SearchTemplatesWsResponse doHandle(SearchTemplatesWsRequest wsRequest) {
- DbSession dbSession = dbClient.openSession(false);
- try {
- SearchTemplatesData data = dataLoader.load(wsRequest);
- return buildResponse(data);
- } finally {
- dbClient.closeSession(dbSession);
- }
+ SearchTemplatesData data = dataLoader.load(wsRequest);
+ return buildResponse(data);
}
private static SearchTemplatesWsRequest toSearchTemplatesWsRequest(Request request) {
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.template.CountByTemplateAndPermissionDto;
-import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
+import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.permission.ws.template.DefaultPermissionTemplateFinder.TemplateUuidQualifier;
import org.sonarqube.ws.client.permission.SearchTemplatesWsRequest;
}
public SearchTemplatesData load(SearchTemplatesWsRequest request) {
- DbSession dbSession = dbClient.openSession(false);
- try {
+ try (DbSession dbSession = dbClient.openSession(false)) {
SearchTemplatesData.Builder data = builder();
List<PermissionTemplateDto> templates = searchTemplates(dbSession, request);
List<Long> templateIds = Lists.transform(templates, PermissionTemplateDto::getId);
.withProjectCreatorByTemplateIdAndPermission(withProjectCreatorsByTemplateIdAndPermission(dbSession, templateIds));
return data.build();
- } finally {
- dbClient.closeSession(dbSession);
}
}
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
import org.sonar.server.platform.PersistentSettings;
import org.sonar.server.user.UserSession;
import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
import static org.sonar.server.permission.ws.PermissionRequestValidator.validateQualifier;
import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
-import static org.sonar.server.permission.ws.WsTemplateRef.newTemplateRef;
+import static org.sonar.server.permission.ws.template.WsTemplateRef.newTemplateRef;
import static org.sonar.server.ws.WsParameterBuilder.QualifierParameterContext.newQualifierParameterContext;
import static org.sonar.server.ws.WsParameterBuilder.createRootQualifierParameter;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
public class SetDefaultTemplateAction implements PermissionsWsAction {
private final DbClient dbClient;
- private final PermissionDependenciesFinder finder;
+ private final PermissionWsSupport wsSupport;
private final ResourceTypes resourceTypes;
private final PersistentSettings settings;
private final UserSession userSession;
private final I18n i18n;
- public SetDefaultTemplateAction(DbClient dbClient, PermissionDependenciesFinder finder, ResourceTypes resourceTypes, PersistentSettings settings, UserSession userSession,
+ public SetDefaultTemplateAction(DbClient dbClient, PermissionWsSupport wsSupport, ResourceTypes resourceTypes, PersistentSettings settings, UserSession userSession,
I18n i18n) {
this.dbClient = dbClient;
- this.finder = finder;
+ this.wsSupport = wsSupport;
this.resourceTypes = resourceTypes;
this.settings = settings;
this.userSession = userSession;
checkGlobalAdminUser(userSession);
String qualifier = request.getQualifier();
- PermissionTemplateDto template = getTemplate(request);
- validateQualifier(qualifier, resourceTypes);
- setDefaultTemplateUuid(template.getUuid(), qualifier);
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ PermissionTemplateDto template = getTemplate(dbSession, request);
+ validateQualifier(qualifier, resourceTypes);
+ setDefaultTemplateUuid(dbSession, template.getUuid(), qualifier);
+ dbSession.commit();
+ }
}
private static SetDefaultTemplateWsRequest toSetDefaultTemplateWsRequest(Request request) {
.setTemplateName(request.param(PARAM_TEMPLATE_NAME));
}
- private PermissionTemplateDto getTemplate(SetDefaultTemplateWsRequest request) {
- DbSession dbSession = dbClient.openSession(false);
- try {
- return finder.getTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
- } finally {
- dbClient.closeSession(dbSession);
- }
+ private PermissionTemplateDto getTemplate(DbSession dbSession, SetDefaultTemplateWsRequest request) {
+ return wsSupport.findTemplate(dbSession, newTemplateRef(request.getTemplateId(), request.getTemplateName()));
}
- private void setDefaultTemplateUuid(String templateUuid, String qualifier) {
- settings.saveProperty(defaultRootQualifierTemplateProperty(qualifier), templateUuid);
+ private void setDefaultTemplateUuid(DbSession dbSession, String templateUuid, String qualifier) {
+ settings.saveProperty(dbSession, defaultRootQualifierTemplateProperty(qualifier), templateUuid);
}
}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.permission.ws.template;
+
+import com.google.common.collect.Multimap;
+import com.google.common.collect.Ordering;
+import com.google.common.collect.TreeMultimap;
+import java.util.List;
+import java.util.stream.Collectors;
+import org.sonar.api.security.DefaultGroups;
+import org.sonar.api.server.ws.Request;
+import org.sonar.api.server.ws.Response;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.api.utils.Paging;
+import org.sonar.db.DbClient;
+import org.sonar.db.DbSession;
+import org.sonar.db.permission.PermissionQuery;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.db.permission.template.PermissionTemplateGroupDto;
+import org.sonar.db.user.GroupDto;
+import org.sonar.server.permission.ws.PermissionWsSupport;
+import org.sonar.server.permission.ws.PermissionsWsAction;
+import org.sonar.server.user.UserSession;
+import org.sonarqube.ws.WsPermissions;
+
+import static org.sonar.api.server.ws.WebService.Param.PAGE;
+import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
+import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
+import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
+import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE;
+import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH;
+import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
+import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPermission;
+import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
+import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
+import static org.sonar.server.ws.WsUtils.writeProtobuf;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
+
+public class TemplateGroupsAction implements PermissionsWsAction {
+ private final DbClient dbClient;
+ private final UserSession userSession;
+ private final PermissionWsSupport support;
+
+ public TemplateGroupsAction(DbClient dbClient, UserSession userSession, PermissionWsSupport support) {
+ this.dbClient = dbClient;
+ this.userSession = userSession;
+ this.support = support;
+ }
+
+ @Override
+ public void define(WebService.NewController context) {
+ WebService.NewAction action = context.createAction("template_groups")
+ .setSince("5.2")
+ .setInternal(true)
+ .setDescription("Lists the groups with their permission as individual groups rather than through user affiliation on the chosen template.<br />" +
+ "This service defaults to all groups, but can be limited to groups with a specific permission by providing the desired permission.<br>" +
+ "It requires administration permissions to access.")
+ .addPagingParams(DEFAULT_PAGE_SIZE, RESULTS_MAX_SIZE)
+ .setResponseExample(getClass().getResource("template_groups-example.json"))
+ .setHandler(this);
+
+ action.createParam(TEXT_QUERY)
+ .setDescription("Limit search to group names that contain the supplied string. Must have at least %d characters.<br/>" +
+ "When this parameter is not set, only group having at least one permission are returned.", SEARCH_QUERY_MIN_LENGTH)
+ .setExampleValue("eri");
+
+ createProjectPermissionParameter(action);
+ createTemplateParameters(action);
+ }
+
+ @Override
+ public void handle(Request wsRequest, Response wsResponse) throws Exception {
+ checkGlobalAdminUser(userSession);
+
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ WsTemplateRef templateRef = WsTemplateRef.fromRequest(wsRequest);
+ PermissionTemplateDto template = support.findTemplate(dbSession, templateRef);
+
+ PermissionQuery query = buildPermissionQuery(wsRequest);
+ int total = dbClient.permissionTemplateDao().countGroupNamesByQueryAndTemplate(dbSession, query, template.getId());
+ Paging paging = Paging.forPageIndex(wsRequest.mandatoryParamAsInt(PAGE)).withPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE)).andTotal(total);
+ List<GroupDto> groups = findGroups(dbSession, query, template);
+ List<PermissionTemplateGroupDto> groupPermissions = findGroupPermissions(dbSession, groups, template);
+ WsPermissions.WsGroupsResponse groupsResponse = buildResponse(groups, groupPermissions, paging);
+ writeProtobuf(groupsResponse, wsRequest, wsResponse);
+ }
+ }
+
+ private static PermissionQuery buildPermissionQuery(Request request) {
+ String textQuery = request.param(TEXT_QUERY);
+ String permission = request.param(PARAM_PERMISSION);
+ PermissionQuery.Builder permissionQuery = PermissionQuery.builder()
+ .setPermission(permission != null ? validateProjectPermission(permission) : null)
+ .setPageIndex(request.mandatoryParamAsInt(PAGE))
+ .setPageSize(request.mandatoryParamAsInt(PAGE_SIZE))
+ .setSearchQuery(textQuery);
+ if (textQuery == null) {
+ permissionQuery.withAtLeastOnePermission();
+ }
+ return permissionQuery.build();
+ }
+
+ private static WsPermissions.WsGroupsResponse buildResponse(List<GroupDto> groups, List<PermissionTemplateGroupDto> groupPermissions, Paging paging) {
+ Multimap<Long, String> permissionsByGroupId = TreeMultimap.create();
+ groupPermissions.forEach(groupPermission -> permissionsByGroupId.put(groupPermission.getGroupId(), groupPermission.getPermission()));
+ WsPermissions.WsGroupsResponse.Builder response = WsPermissions.WsGroupsResponse.newBuilder();
+
+ groups.forEach(group -> {
+ WsPermissions.Group.Builder wsGroup = response.addGroupsBuilder()
+ .setName(group.getName());
+ if (group.getId() != 0L) {
+ wsGroup.setId(String.valueOf(group.getId()));
+ }
+ if (group.getDescription() != null) {
+ wsGroup.setDescription(group.getDescription());
+ }
+ wsGroup.addAllPermissions(permissionsByGroupId.get(group.getId()));
+ });
+
+ response.getPagingBuilder()
+ .setPageIndex(paging.pageIndex())
+ .setPageSize(paging.pageSize())
+ .setTotal(paging.total());
+ return response.build();
+ }
+
+ private List<GroupDto> findGroups(DbSession dbSession, PermissionQuery dbQuery, PermissionTemplateDto template) {
+ List<String> orderedNames = dbClient.permissionTemplateDao().selectGroupNamesByQueryAndTemplate(dbSession, dbQuery, template.getId());
+ List<GroupDto> groups = dbClient.groupDao().selectByNames(dbSession, orderedNames);
+ if (orderedNames.contains(DefaultGroups.ANYONE)) {
+ groups.add(0, new GroupDto().setId(0L).setName(DefaultGroups.ANYONE));
+ }
+ return Ordering.explicit(orderedNames).onResultOf(GroupDto::getName).immutableSortedCopy(groups);
+ }
+
+ private List<PermissionTemplateGroupDto> findGroupPermissions(DbSession dbSession, List<GroupDto> groups, PermissionTemplateDto template) {
+ List<String> names = groups.stream().map(GroupDto::getName).collect(Collectors.toList());
+ return dbClient.permissionTemplateDao().selectGroupPermissionsByTemplateIdAndGroupNames(dbSession, template.getId(), names);
+ }
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.permission.ws.template;
+
+import com.google.common.collect.Multimap;
+import com.google.common.collect.Ordering;
+import com.google.common.collect.TreeMultimap;
+import java.util.List;
+import java.util.stream.Collectors;
+import org.sonar.api.server.ws.Request;
+import org.sonar.api.server.ws.Response;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.api.server.ws.WebService.Param;
+import org.sonar.api.utils.Paging;
+import org.sonar.db.DbClient;
+import org.sonar.db.DbSession;
+import org.sonar.db.permission.PermissionQuery;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.db.permission.template.PermissionTemplateUserDto;
+import org.sonar.db.user.UserDto;
+import org.sonar.server.permission.ws.PermissionWsSupport;
+import org.sonar.server.permission.ws.PermissionsWsAction;
+import org.sonar.server.user.UserSession;
+import org.sonarqube.ws.WsPermissions;
+import org.sonarqube.ws.WsPermissions.UsersWsResponse;
+
+import static org.sonar.api.server.ws.WebService.Param.PAGE;
+import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
+import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
+import static org.sonar.db.permission.PermissionQuery.DEFAULT_PAGE_SIZE;
+import static org.sonar.db.permission.PermissionQuery.RESULTS_MAX_SIZE;
+import static org.sonar.db.permission.PermissionQuery.SEARCH_QUERY_MIN_LENGTH;
+import static org.sonar.server.permission.PermissionPrivilegeChecker.checkGlobalAdminUser;
+import static org.sonar.server.permission.ws.PermissionRequestValidator.validateProjectPermission;
+import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createProjectPermissionParameter;
+import static org.sonar.server.permission.ws.PermissionsWsParametersBuilder.createTemplateParameters;
+import static org.sonar.server.ws.WsUtils.writeProtobuf;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
+
+public class TemplateUsersAction implements PermissionsWsAction {
+
+ private final DbClient dbClient;
+ private final UserSession userSession;
+ private final PermissionWsSupport support;
+
+ public TemplateUsersAction(DbClient dbClient, UserSession userSession, PermissionWsSupport support) {
+ this.dbClient = dbClient;
+ this.userSession = userSession;
+ this.support = support;
+ }
+
+ @Override
+ public void define(WebService.NewController context) {
+ WebService.NewAction action = context
+ .createAction("template_users")
+ .setSince("5.2")
+ .setDescription("Lists the users with their permission as individual users rather than through group affiliation on the chosen template. <br />" +
+ "This service defaults to all users, but can be limited to users with a specific permission by providing the desired permission.<br>" +
+ "It requires administration permissions to access.<br />")
+ .addPagingParams(DEFAULT_PAGE_SIZE, RESULTS_MAX_SIZE)
+ .setInternal(true)
+ .setResponseExample(getClass().getResource("template_users-example.json"))
+ .setHandler(this);
+
+ action.createParam(Param.TEXT_QUERY)
+ .setDescription("Limit search to user names that contain the supplied string. Must have at least %d characters.<br/>" +
+ "When this parameter is not set, only users having at least one permission are returned.", SEARCH_QUERY_MIN_LENGTH)
+ .setExampleValue("eri");
+ createProjectPermissionParameter(action).setRequired(false);
+ createTemplateParameters(action);
+ }
+
+ @Override
+ public void handle(Request wsRequest, Response wsResponse) throws Exception {
+ checkGlobalAdminUser(userSession);
+
+ try (DbSession dbSession = dbClient.openSession(false)) {
+ WsTemplateRef templateRef = WsTemplateRef.fromRequest(wsRequest);
+ PermissionTemplateDto template = support.findTemplate(dbSession, templateRef);
+
+ PermissionQuery query = buildQuery(wsRequest, template);
+ int total = dbClient.permissionTemplateDao().countUserLoginsByQueryAndTemplate(dbSession, query, template.getId());
+ Paging paging = Paging.forPageIndex(wsRequest.mandatoryParamAsInt(PAGE)).withPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE)).andTotal(total);
+ List<UserDto> users = findUsers(dbSession, query, template);
+ List<PermissionTemplateUserDto> permissionTemplateUsers = dbClient.permissionTemplateDao().selectUserPermissionsByTemplateIdAndUserLogins(dbSession, template.getId(),
+ users.stream().map(UserDto::getLogin).collect(Collectors.toList()));
+ WsPermissions.UsersWsResponse templateUsersResponse = buildResponse(users, permissionTemplateUsers, paging);
+ writeProtobuf(templateUsersResponse, wsRequest, wsResponse);
+ }
+ }
+
+ private static PermissionQuery buildQuery(Request wsRequest, PermissionTemplateDto template) {
+ String textQuery = wsRequest.param(TEXT_QUERY);
+ String permission = wsRequest.param(PARAM_PERMISSION);
+ PermissionQuery.Builder query = PermissionQuery.builder()
+ .setTemplate(template.getUuid())
+ .setPermission(permission != null ? validateProjectPermission(permission) : null)
+ .setPageIndex(wsRequest.mandatoryParamAsInt(PAGE))
+ .setPageSize(wsRequest.mandatoryParamAsInt(PAGE_SIZE))
+ .setSearchQuery(textQuery);
+ if (textQuery == null) {
+ query.withAtLeastOnePermission();
+ }
+ return query.build();
+ }
+
+ private static WsPermissions.UsersWsResponse buildResponse(List<UserDto> users, List<PermissionTemplateUserDto> permissionTemplateUsers, Paging paging) {
+ Multimap<Long, String> permissionsByUserId = TreeMultimap.create();
+ permissionTemplateUsers.forEach(userPermission -> permissionsByUserId.put(userPermission.getUserId(), userPermission.getPermission()));
+
+ UsersWsResponse.Builder responseBuilder = UsersWsResponse.newBuilder();
+ users.forEach(user -> {
+ WsPermissions.User.Builder userResponse = responseBuilder.addUsersBuilder()
+ .setLogin(user.getLogin())
+ .addAllPermissions(permissionsByUserId.get(user.getId()));
+ if (user.getEmail() != null) {
+ userResponse.setEmail(user.getEmail());
+ }
+ if (user.getName() != null) {
+ userResponse.setName(user.getName());
+ }
+ });
+ responseBuilder.getPagingBuilder()
+ .setPageIndex(paging.pageIndex())
+ .setPageSize(paging.pageSize())
+ .setTotal(paging.total())
+ .build();
+ return responseBuilder.build();
+ }
+
+ private List<UserDto> findUsers(DbSession dbSession, PermissionQuery query, PermissionTemplateDto template) {
+ List<String> orderedLogins = dbClient.permissionTemplateDao().selectUserLoginsByQueryAndTemplate(dbSession, query, template.getId());
+ return Ordering.explicit(orderedLogins).onResultOf(UserDto::getLogin).immutableSortedCopy(dbClient.userDao().selectByLogins(dbSession, orderedLogins));
+ }
+
+}
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.ws.PermissionWsSupport;
import org.sonar.server.permission.ws.PermissionsWsAction;
-import org.sonar.server.permission.ws.WsTemplateRef;
import org.sonar.server.user.UserSession;
import org.sonarqube.ws.WsPermissions.PermissionTemplate;
import org.sonarqube.ws.WsPermissions.UpdateTemplateWsResponse;
private final DbClient dbClient;
private final UserSession userSession;
private final System2 system;
- private final PermissionDependenciesFinder finder;
+ private final PermissionWsSupport wsSupport;
- public UpdateTemplateAction(DbClient dbClient, UserSession userSession, System2 system, PermissionDependenciesFinder finder) {
+ public UpdateTemplateAction(DbClient dbClient, UserSession userSession, System2 system, PermissionWsSupport wsSupport) {
this.dbClient = dbClient;
this.userSession = userSession;
this.system = system;
- this.finder = finder;
+ this.wsSupport = wsSupport;
}
@Override
String descriptionParam = request.getDescription();
String projectPatternParam = request.getProjectKeyPattern();
- DbSession dbSession = dbClient.openSession(false);
- try {
+ try (DbSession dbSession = dbClient.openSession(false)) {
PermissionTemplateDto templateToUpdate = getAndBuildTemplateToUpdate(dbSession, uuid, nameParam, descriptionParam, projectPatternParam);
validateTemplate(dbSession, templateToUpdate);
PermissionTemplateDto updatedTemplate = updateTemplate(dbSession, templateToUpdate);
return buildResponse(updatedTemplate);
- } finally {
- dbClient.closeSession(dbSession);
}
}
private PermissionTemplateDto getAndBuildTemplateToUpdate(DbSession dbSession, String uuid, @Nullable String newName, @Nullable String newDescription,
@Nullable String newProjectKeyPattern) {
- PermissionTemplateDto templateToUpdate = finder.getTemplate(dbSession, WsTemplateRef.newTemplateRef(uuid, null));
+ PermissionTemplateDto templateToUpdate = wsSupport.findTemplate(dbSession, WsTemplateRef.newTemplateRef(uuid, null));
templateToUpdate.setName(firstNonNull(newName, templateToUpdate.getName()));
templateToUpdate.setDescription(firstNonNull(newDescription, templateToUpdate.getDescription()));
templateToUpdate.setKeyPattern(firstNonNull(newProjectKeyPattern, templateToUpdate.getKeyPattern()));
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.permission.ws.template;
+
+import javax.annotation.CheckForNull;
+import javax.annotation.Nullable;
+import org.sonar.api.server.ws.Request;
+
+import static org.sonar.server.ws.WsUtils.checkRequest;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
+
+/**
+ * Template from a WS request. Guaranties the template id or the template name is provided, not both.
+ */
+public class WsTemplateRef {
+
+ private final String uuid;
+ private final String name;
+
+ private WsTemplateRef(@Nullable String uuid, @Nullable String name) {
+ checkRequest(uuid != null ^ name != null, "Template name or template id must be provided, not both.");
+
+ this.uuid = uuid;
+ this.name = name;
+ }
+
+ public static WsTemplateRef fromRequest(Request wsRequest) {
+ String uuid = wsRequest.param(PARAM_TEMPLATE_ID);
+ String name = wsRequest.param(PARAM_TEMPLATE_NAME);
+
+ return new WsTemplateRef(uuid, name);
+ }
+
+ public static WsTemplateRef newTemplateRef(@Nullable String uuid, @Nullable String name) {
+ return new WsTemplateRef(uuid, name);
+ }
+
+ @CheckForNull
+ public String uuid() {
+ return this.uuid;
+ }
+
+ @CheckForNull
+ public String name() {
+ return this.name;
+ }
+}
import org.junit.Test;
import org.sonar.api.issue.DefaultTransitions;
import org.sonar.api.issue.Issue;
-import org.sonar.api.security.DefaultGroups;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.db.rule.RuleTesting;
import org.sonar.db.user.UserDto;
import org.sonar.server.issue.index.IssueIndexer;
+import org.sonar.server.permission.GroupPermissionChange;
import org.sonar.server.permission.PermissionChange;
import org.sonar.server.permission.PermissionUpdater;
+import org.sonar.server.permission.ProjectRef;
import org.sonar.server.tester.ServerTester;
import org.sonar.server.tester.UserSessionRule;
import org.sonar.server.user.UserSession;
+import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
import static com.google.common.collect.Lists.newArrayList;
import static com.google.common.collect.Maps.newHashMap;
+import static java.util.Arrays.asList;
import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail;
// project can be seen by anyone
session.commit();
userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- tester.get(PermissionUpdater.class).addPermission(new PermissionChange().setComponentKey(project.getKey()).setGroupName(DefaultGroups.ANYONE).setPermission(UserRole.USER));
+ // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
+ // for each organization
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectRef(project), GroupIdOrAnyone.forAnyone("TODO"));
+ tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
userSession = userSessionRule.login("john")
.addProjectPermissions(UserRole.USER, project.key());
import org.sonar.api.issue.Issue;
import org.sonar.api.rule.RuleKey;
import org.sonar.api.rule.RuleStatus;
-import org.sonar.api.security.DefaultGroups;
import org.sonar.api.web.UserRole;
import org.sonar.core.issue.DefaultIssueComment;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.rule.RuleDto;
import org.sonar.db.rule.RuleTesting;
import org.sonar.server.issue.index.IssueIndexer;
+import org.sonar.server.permission.GroupPermissionChange;
import org.sonar.server.permission.PermissionChange;
import org.sonar.server.permission.PermissionUpdater;
+import org.sonar.server.permission.ProjectRef;
import org.sonar.server.tester.ServerTester;
import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
+import static java.util.Arrays.asList;
import static org.assertj.core.api.Assertions.assertThat;
public class IssueCommentServiceMediumTest {
// project can be seen by anyone
session.commit();
userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- tester.get(PermissionUpdater.class).addPermission(new PermissionChange().setComponentKey(project.getKey()).setGroupName(DefaultGroups.ANYONE).setPermission(UserRole.USER));
+ // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
+ // for each organization
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectRef(project), GroupIdOrAnyone.forAnyone("TODO"));
+ tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
userSessionRule.login("gandalf");
import com.google.common.collect.ImmutableSet;
import com.google.common.collect.Sets;
-import java.util.Arrays;
import java.util.List;
import org.junit.After;
import org.junit.Before;
import org.sonar.api.issue.Issue;
import org.sonar.api.rule.Severity;
import org.sonar.api.rules.RuleType;
-import org.sonar.api.security.DefaultGroups;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
import org.sonar.server.issue.index.IssueIndex;
import org.sonar.server.issue.index.IssueIndexer;
import org.sonar.server.issue.workflow.Transition;
+import org.sonar.server.permission.GroupPermissionChange;
import org.sonar.server.permission.PermissionChange;
import org.sonar.server.permission.PermissionUpdater;
+import org.sonar.server.permission.ProjectRef;
import org.sonar.server.rule.index.RuleIndexer;
import org.sonar.server.tester.ServerTester;
import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
+import static java.util.Arrays.asList;
import static org.assertj.core.api.Assertions.assertThat;
import static org.assertj.core.api.Assertions.entry;
import static org.junit.Assert.fail;
}
private IssueQuery projectQuery(String projectUuid) {
- return IssueQuery.builder(userSessionRule).projectUuids(Arrays.asList(projectUuid)).resolved(false).build();
+ return IssueQuery.builder(userSessionRule).projectUuids(asList(projectUuid)).resolved(false).build();
}
@Test
session.commit();
// project can be seen by group "anyone"
- tester.get(PermissionUpdater.class).addPermission(new PermissionChange().setComponentKey(project.getKey()).setGroupName(DefaultGroups.ANYONE).setPermission(UserRole.USER));
+ // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
+ // for each organization
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectRef(project), GroupIdOrAnyone.forAnyone("TODO"));
+ tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
userSessionRule.login();
return project;
import org.junit.Test;
import org.sonar.api.resources.Qualifiers;
import org.sonar.api.rule.RuleStatus;
-import org.sonar.api.security.DefaultGroups;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.DateUtils;
import org.sonar.api.web.UserRole;
import org.sonar.db.rule.RuleTesting;
import org.sonar.server.issue.IssueTesting;
import org.sonar.server.issue.index.IssueIndexer;
+import org.sonar.server.permission.GroupPermissionChange;
import org.sonar.server.permission.PermissionChange;
import org.sonar.server.permission.PermissionUpdater;
+import org.sonar.server.permission.ProjectRef;
import org.sonar.server.tester.ServerTester;
import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
import org.sonar.server.view.index.ViewDoc;
import org.sonar.server.view.index.ViewIndexer;
import org.sonar.server.ws.TestResponse;
import org.sonarqube.ws.client.issue.IssueFilterParameters;
import static com.google.common.collect.Lists.newArrayList;
+import static java.util.Arrays.asList;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.utils.DateUtils.parseDateTime;
import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01;
private void setAnyoneProjectPermission(ComponentDto project, String permission) {
userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- tester.get(PermissionUpdater.class).addPermission(new PermissionChange().setComponentKey(project.getKey()).setGroupName(DefaultGroups.ANYONE).setPermission(permission));
+ // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
+ // for each organization
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectRef(project), GroupIdOrAnyone.forAnyone("TODO"));
+ tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
}
private IssueDto insertIssue(IssueDto issue) {
import org.junit.rules.ExpectedException;
import org.sonar.api.issue.Issue;
import org.sonar.api.rule.RuleStatus;
-import org.sonar.api.security.DefaultGroups;
import org.sonar.api.server.ws.WebService;
import org.sonar.api.utils.DateUtils;
import org.sonar.api.web.UserRole;
import org.sonar.server.issue.IssueQuery;
import org.sonar.server.issue.IssueTesting;
import org.sonar.server.issue.index.IssueIndexer;
+import org.sonar.server.permission.GroupPermissionChange;
import org.sonar.server.permission.PermissionChange;
import org.sonar.server.permission.PermissionUpdater;
+import org.sonar.server.permission.ProjectRef;
import org.sonar.server.search.QueryContext;
import org.sonar.server.tester.ServerTester;
import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.usergroups.ws.GroupIdOrAnyone;
import org.sonar.server.ws.WsTester;
import static java.util.Arrays.asList;
private void setDefaultProjectPermission(ComponentDto project) {
// project can be seen by anyone and by code viewer
userSessionRule.login("admin").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- tester.get(PermissionUpdater.class).addPermission(new PermissionChange().setComponentKey(project.getKey()).setGroupName(DefaultGroups.ANYONE).setPermission(UserRole.USER));
- userSessionRule.login();
+ // TODO correctly feed default organization. Not a problem as long as issues search does not support "anyone"
+ // for each organization
+ GroupPermissionChange permissionChange = new GroupPermissionChange(PermissionChange.Operation.ADD, UserRole.USER, new ProjectRef(project), GroupIdOrAnyone.forAnyone("TODO"));
+ tester.get(PermissionUpdater.class).apply(session, asList(permissionChange));
}
private ComponentDto insertComponent(ComponentDto component) {
+++ /dev/null
-/*
- * SonarQube
- * Copyright (C) 2009-2016 SonarSource SA
- * mailto:contact AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-package org.sonar.server.permission.ws;
-
-import java.io.IOException;
-import java.io.InputStream;
-import javax.annotation.Nullable;
-import org.junit.Rule;
-import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.System2;
-import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.permission.template.PermissionTemplateGroupDto;
-import org.sonar.db.user.GroupDto;
-import org.sonar.server.component.ComponentFinder;
-import org.sonar.server.exceptions.BadRequestException;
-import org.sonar.server.exceptions.ForbiddenException;
-import org.sonar.server.exceptions.NotFoundException;
-import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.WsActionTester;
-import org.sonarqube.ws.WsPermissions.WsGroupsResponse;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.sonar.api.server.ws.WebService.Param.PAGE;
-import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
-import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
-import static org.sonar.api.web.UserRole.ADMIN;
-import static org.sonar.api.web.UserRole.CODEVIEWER;
-import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
-import static org.sonar.api.web.UserRole.USER;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
-import static org.sonar.test.JsonAssert.assertJson;
-import static org.sonarqube.ws.MediaTypes.PROTOBUF;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
-import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-
-public class TemplateGroupsActionTest {
-
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
-
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
-
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
-
- DbClient dbClient = db.getDbClient();
- DbSession dbSession = db.getSession();
-
- // PermissionTemplateDto template1;
- // PermissionTemplateDto template2;
-
- TemplateGroupsAction underTest = new TemplateGroupsAction(dbClient, userSession,
- new PermissionDependenciesFinder(
- dbClient,
- new ComponentFinder(dbClient),
- new UserGroupFinder(dbClient),
- resourceTypes));
-
- WsActionTester ws = new WsActionTester(underTest);
-
- @Test
- public void template_groups_of_json_example() {
- logAsSysAdminUser();
-
- GroupDto adminGroup = insertGroup(newGroupDto().setName("sonar-administrators").setDescription("System administrators"));
- GroupDto userGroup = insertGroup(newGroupDto().setName("sonar-users").setDescription("Any new users created will automatically join this group"));
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
- addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), adminGroup.getId()));
- addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), userGroup.getId()));
- // Anyone group
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
- addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));
- commit();
-
- String response = ws.newRequest()
- .setParam(PARAM_PERMISSION, ISSUE_ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid())
- .execute().getInput();
-
- assertJson(response)
- .ignoreFields("id")
- .withStrictArrayOrder()
- .isSimilarTo(getClass().getResource("template_groups-example.json"));
- }
-
- @Test
- public void return_all_permissions_of_matching_groups() throws IOException {
- logAsSysAdminUser();
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
-
- GroupDto group1 = insertGroup(new GroupDto().setName("group-1-name"));
- addGroupToTemplate(newPermissionTemplateGroup(CODEVIEWER, template.getId(), group1.getId()));
- addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group1.getId()));
-
- GroupDto group2 = insertGroup(new GroupDto().setName("group-2-name"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group2.getId()));
- addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));
-
- GroupDto group3 = insertGroup(new GroupDto().setName("group-3-name"));
-
- // Anyone
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
- addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));
-
- PermissionTemplateDto anotherTemplate = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-2"));
- addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));
- commit();
-
- InputStream responseStream = ws.newRequest()
- .setMediaType(PROTOBUF)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid())
- .execute()
- .getInputStream();
- WsGroupsResponse response = WsGroupsResponse.parseFrom(responseStream);
-
- assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name");
- assertThat(response.getGroups(0).getPermissionsList()).containsOnly("user", "issueadmin");
- assertThat(response.getGroups(1).getPermissionsList()).containsOnly("codeviewer", "admin");
- assertThat(response.getGroups(2).getPermissionsList()).containsOnly("user", "admin");
- }
-
- @Test
- public void search_by_permission() throws IOException {
- logAsSysAdminUser();
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
-
- GroupDto group1 = insertGroup(new GroupDto().setName("group-1-name"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
- addGroupToTemplate(newPermissionTemplateGroup(CODEVIEWER, template.getId(), group1.getId()));
-
- GroupDto group2 = insertGroup(new GroupDto().setName("group-2-name"));
- addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));
-
- GroupDto group3 = insertGroup(new GroupDto().setName("group-3-name"));
-
- // Anyone
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
-
- PermissionTemplateDto anotherTemplate = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-2"));
- addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));
- commit();
-
- InputStream responseStream = ws.newRequest()
- .setMediaType(PROTOBUF)
- .setParam(PARAM_PERMISSION, USER)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid())
- .execute()
- .getInputStream();
- WsGroupsResponse response = WsGroupsResponse.parseFrom(responseStream);
-
- assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name");
- assertThat(response.getGroups(0).getPermissionsList()).containsOnly("user");
- assertThat(response.getGroups(1).getPermissionsList()).containsOnly("user", "codeviewer");
- }
-
- @Test
- public void search_by_template_name() throws IOException {
- logAsSysAdminUser();
-
- GroupDto group1 = insertGroup(new GroupDto().setName("group-1-name").setDescription("group-1-description"));
- GroupDto group2 = insertGroup(new GroupDto().setName("group-2-name").setDescription("group-2-description"));
- GroupDto group3 = insertGroup(new GroupDto().setName("group-3-name").setDescription("group-3-description"));
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
- addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
-
- PermissionTemplateDto anotherTemplate = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-2"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, anotherTemplate.getId(), group1.getId()));
- commit();
-
- InputStream responseStream = ws.newRequest()
- .setMediaType(PROTOBUF)
- .setParam(PARAM_TEMPLATE_NAME, template.getName())
- .execute()
- .getInputStream();
- WsGroupsResponse response = WsGroupsResponse.parseFrom(responseStream);
-
- assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name");
- }
-
- @Test
- public void search_with_pagination() throws IOException {
- logAsSysAdminUser();
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
- GroupDto group1 = insertGroup(new GroupDto().setName("group-1-name"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
- GroupDto group2 = insertGroup(new GroupDto().setName("group-2-name"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group2.getId()));
- commit();
-
- InputStream responseStream = ws.newRequest()
- .setMediaType(PROTOBUF)
- .setParam(PARAM_PERMISSION, USER)
- .setParam(PARAM_TEMPLATE_NAME, template.getName())
- .setParam(PAGE, "2")
- .setParam(PAGE_SIZE, "1")
- .execute()
- .getInputStream();
- WsGroupsResponse response = WsGroupsResponse.parseFrom(responseStream);
-
- assertThat(response.getGroupsList()).extracting("name").containsExactly("group-2-name");
- }
-
- @Test
- public void search_with_text_query() throws IOException {
- logAsSysAdminUser();
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
- GroupDto group1 = insertGroup(new GroupDto().setName("group-1-name"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
- GroupDto group2 = insertGroup(new GroupDto().setName("group-2-name"));
- GroupDto group3 = insertGroup(new GroupDto().setName("group-3"));
- commit();
-
- InputStream responseStream = ws.newRequest()
- .setMediaType(PROTOBUF)
- .setParam(PARAM_TEMPLATE_NAME, template.getName())
- .setParam(TEXT_QUERY, "-nam")
- .execute()
- .getInputStream();
- WsGroupsResponse response = WsGroupsResponse.parseFrom(responseStream);
-
- assertThat(response.getGroupsList()).extracting("name").containsExactly("group-1-name", "group-2-name");
- }
-
- @Test
- public void search_with_text_query_return_all_groups_even_when_no_permission_set() throws IOException {
- logAsSysAdminUser();
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
- insertGroup(new GroupDto().setName("group-1-name"));
- insertGroup(new GroupDto().setName("group-2-name"));
- insertGroup(new GroupDto().setName("group-3-name"));
- commit();
-
- InputStream responseStream = ws.newRequest()
- .setMediaType(PROTOBUF)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid())
- .setParam(TEXT_QUERY, "-name")
- .execute()
- .getInputStream();
- WsGroupsResponse response = WsGroupsResponse.parseFrom(responseStream);
-
- assertThat(response.getGroupsList()).extracting("name").containsExactly("group-1-name", "group-2-name", "group-3-name");
- assertThat(response.getGroups(0).getPermissionsList()).isEmpty();
- assertThat(response.getGroups(1).getPermissionsList()).isEmpty();
- assertThat(response.getGroups(2).getPermissionsList()).isEmpty();
- }
-
- @Test
- public void search_with_text_query_return_anyone_group_even_when_no_permission_set() throws IOException {
- logAsSysAdminUser();
-
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
- GroupDto group = insertGroup(new GroupDto().setName("group"));
- addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group.getId()));
- commit();
-
- InputStream responseStream = ws.newRequest()
- .setMediaType(PROTOBUF)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid())
- .setParam(TEXT_QUERY, "nyo")
- .execute()
- .getInputStream();
- WsGroupsResponse response = WsGroupsResponse.parseFrom(responseStream);
-
- assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone");
- assertThat(response.getGroups(0).getPermissionsList()).isEmpty();
- }
-
- @Test
- public void fail_if_not_logged_in() {
- userSession.anonymous();
-
- PermissionTemplateDto template1 = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
-
- expectedException.expect(UnauthorizedException.class);
- ws.newRequest()
- .setParam(PARAM_PERMISSION, USER)
- .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
- .execute();
- }
-
- @Test
- public void fail_if_insufficient_privileges() {
- userSession.login();
-
- PermissionTemplateDto template1 = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
-
- expectedException.expect(ForbiddenException.class);
- ws.newRequest()
- .setParam(PARAM_PERMISSION, USER)
- .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
- .execute();
- }
-
- @Test
- public void fail_if_template_uuid_and_name_provided() {
- logAsSysAdminUser();
-
- PermissionTemplateDto template1 = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
-
- expectedException.expect(BadRequestException.class);
- ws.newRequest()
- .setParam(PARAM_PERMISSION, USER)
- .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
- .setParam(PARAM_TEMPLATE_NAME, template1.getName())
- .execute();
- }
-
- @Test
- public void fail_if_template_uuid_nor_name_provided() {
- logAsSysAdminUser();
-
- expectedException.expect(BadRequestException.class);
- ws.newRequest()
- .setParam(PARAM_PERMISSION, USER)
- .execute();
- }
-
- @Test
- public void fail_if_template_is_not_found() {
- logAsSysAdminUser();
-
- expectedException.expect(NotFoundException.class);
- ws.newRequest()
- .setParam(PARAM_PERMISSION, USER)
- .setParam(PARAM_TEMPLATE_ID, "unknown-uuid")
- .execute();
- }
-
- @Test
- public void fail_if_not_a_project_permission() {
- logAsSysAdminUser();
-
- PermissionTemplateDto template1 = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto().setUuid("template-uuid-1"));
-
- expectedException.expect(BadRequestException.class);
- ws.newRequest()
- .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
- .execute();
- }
-
- private GroupDto insertGroup(GroupDto group) {
- GroupDto result = dbClient.groupDao().insert(dbSession, group);
- commit();
-
- return result;
- }
-
- private void addGroupToTemplate(PermissionTemplateGroupDto permissionTemplateGroup) {
- dbClient.permissionTemplateDao().insertGroupPermission(dbSession, permissionTemplateGroup);
- }
-
- private static PermissionTemplateGroupDto newPermissionTemplateGroup(String permission, long templateId, @Nullable Long groupId) {
- return newPermissionTemplateGroupDto()
- .setPermission(permission)
- .setTemplateId(templateId)
- .setGroupId(groupId);
- }
-
- private void commit() {
- dbSession.commit();
- }
-
- private void logAsSysAdminUser() {
- userSession.login("login").setGlobalPermissions(ADMIN);
- }
-}
import java.util.List;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.System2;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
-import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.security.DefaultGroups.ANYONE;
import static org.sonar.api.web.UserRole.ADMIN;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-public class AddGroupToTemplateActionTest {
+public class AddGroupToTemplateActionTest extends BasePermissionWsTest<AddGroupToTemplateAction> {
- private static final String GROUP_NAME = "group-name";
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
+ private PermissionTemplateDto template;
+ private GroupDto group;
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
- GroupDto group;
- PermissionTemplateDto permissionTemplate;
+ @Override
+ protected AddGroupToTemplateAction buildWsAction() {
+ return new AddGroupToTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession);
+ }
@Before
public void setUp() {
- dbClient = db.getDbClient();
- dbSession = db.getSession();
- userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
-
- PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
- ws = new WsActionTester(new AddGroupToTemplateAction(dbClient, dependenciesFinder, userSession));
-
- group = insertGroup(newGroupDto().setName(GROUP_NAME));
- permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
- commit();
+ loginAsAdmin();
+ template = insertTemplate();
+ group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-name");
}
@Test
- public void add_group_to_template() {
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), CODEVIEWER);
+ public void add_group_to_template() throws Exception {
+ newRequest(group.getName(), template.getUuid(), CODEVIEWER);
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(GROUP_NAME);
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), CODEVIEWER)).containsExactly(group.getName());
}
@Test
- public void add_group_to_template_by_name() {
- ws.newRequest()
- .setParam(PARAM_GROUP_NAME, GROUP_NAME)
+ public void add_group_to_template_by_name() throws Exception {
+ newRequest()
+ .setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PERMISSION, CODEVIEWER)
- .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
+ .setParam(PARAM_TEMPLATE_NAME, template.getName().toUpperCase())
.execute();
- commit();
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(GROUP_NAME);
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), CODEVIEWER)).containsExactly(group.getName());
}
@Test
- public void add_with_group_id() {
- ws.newRequest()
- .setParam(PARAM_TEMPLATE_ID, permissionTemplate.getUuid())
+ public void add_with_group_id() throws Exception {
+ newRequest()
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
.setParam(PARAM_PERMISSION, CODEVIEWER)
.setParam(PARAM_GROUP_ID, String.valueOf(group.getId()))
.execute();
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(GROUP_NAME);
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), CODEVIEWER)).containsExactly(group.getName());
}
@Test
- public void does_not_add_a_group_twice() {
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), ISSUE_ADMIN);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), ISSUE_ADMIN);
+ public void does_not_add_a_group_twice() throws Exception {
+ newRequest(group.getName(), template.getUuid(), ISSUE_ADMIN);
+ newRequest(group.getName(), template.getUuid(), ISSUE_ADMIN);
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), ISSUE_ADMIN)).containsExactly(GROUP_NAME);
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), ISSUE_ADMIN)).containsExactly(group.getName());
}
@Test
- public void add_anyone_group_to_template() {
- newRequest(ANYONE, permissionTemplate.getUuid(), CODEVIEWER);
+ public void add_anyone_group_to_template() throws Exception {
+ newRequest(ANYONE, template.getUuid(), CODEVIEWER);
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(ANYONE);
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), CODEVIEWER)).containsExactly(ANYONE);
}
@Test
- public void fail_if_add_anyone_group_to_admin_permission() {
+ public void fail_if_add_anyone_group_to_admin_permission() throws Exception {
expectedException.expect(BadRequestException.class);
- expectedException.expectMessage(String.format("It is not possible to add the '%s' permission to the '%s' group.", UserRole.ADMIN, ANYONE));
+ expectedException.expectMessage(String.format("It is not possible to add the '%s' permission to the group 'Anyone'", UserRole.ADMIN));
- newRequest(ANYONE, permissionTemplate.getUuid(), ADMIN);
+ newRequest(ANYONE, template.getUuid(), ADMIN);
}
@Test
- public void fail_if_not_a_project_permission() {
- expectedException.expect(BadRequestException.class);
+ public void fail_if_not_a_project_permission() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
+ newRequest(group.getName(), template.getUuid(), GlobalPermissions.PROVISIONING);
}
@Test
- public void fail_if_insufficient_privileges() {
- expectedException.expect(ForbiddenException.class);
+ public void fail_if_insufficient_privileges() throws Exception {
userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), CODEVIEWER);
+ expectedException.expect(ForbiddenException.class);
+
+ newRequest(group.getName(), template.getUuid(), CODEVIEWER);
}
@Test
- public void fail_if_not_logged_in() {
+ public void fail_if_not_logged_in() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), CODEVIEWER);
+ newRequest(group.getName(), template.getUuid(), CODEVIEWER);
}
@Test
- public void fail_if_group_params_missing() {
+ public void fail_if_group_params_missing() throws Exception {
expectedException.expect(BadRequestException.class);
- newRequest(null, permissionTemplate.getUuid(), CODEVIEWER);
+ newRequest(null, template.getUuid(), CODEVIEWER);
}
@Test
- public void fail_if_permission_missing() {
+ public void fail_if_permission_missing() throws Exception {
expectedException.expect(IllegalArgumentException.class);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), null);
+ newRequest(group.getName(), template.getUuid(), null);
}
@Test
- public void fail_if_template_uuid_and_name_missing() {
+ public void fail_if_template_uuid_and_name_missing() throws Exception {
expectedException.expect(BadRequestException.class);
- newRequest(GROUP_NAME, null, CODEVIEWER);
+ newRequest(group.getName(), null, CODEVIEWER);
}
@Test
- public void fail_if_group_does_not_exist() {
+ public void fail_if_group_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
- expectedException.expectMessage("Group with name 'unknown-group-name' is not found");
+ expectedException.expectMessage("No group with name 'unknown-group-name'");
- newRequest("unknown-group-name", permissionTemplate.getUuid(), CODEVIEWER);
+ newRequest("unknown-group-name", template.getUuid(), CODEVIEWER);
}
@Test
- public void fail_if_template_key_does_not_exist() {
+ public void fail_if_template_key_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
- newRequest(GROUP_NAME, "unknown-key", CODEVIEWER);
+ newRequest(group.getName(), "unknown-key", CODEVIEWER);
}
- private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) {
- TestRequest request = ws.newRequest();
+ private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) throws Exception {
+ WsTester.TestRequest request = newRequest();
if (groupName != null) {
request.setParam(PARAM_GROUP_NAME, groupName);
}
request.execute();
}
- private void commit() {
- dbSession.commit();
- }
-
- private GroupDto insertGroup(GroupDto groupDto) {
- return dbClient.groupDao().insert(dbSession, groupDto);
+ private List<String> getGroupNamesInTemplateAndPermission(long templateId, String permission) {
+ PermissionQuery query = PermissionQuery.builder().setPermission(permission).build();
+ return db.getDbClient().permissionTemplateDao()
+ .selectGroupNamesByQueryAndTemplate(db.getSession(), query, templateId);
}
- private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
- return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
+ private WsTester.TestRequest newRequest() {
+ return wsTester.newPostRequest(CONTROLLER, "add_group_to_template");
}
- private List<String> getGroupNamesInTemplateAndPermission(long templateId, String permission) {
- PermissionQuery permissionQuery = PermissionQuery.builder().setPermission(permission).build();
- return dbClient.permissionTemplateDao()
- .selectGroupNamesByQueryAndTemplate(dbSession, permissionQuery, templateId);
+ private void loginAsAdmin() {
+ userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
}
}
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-
package org.sonar.server.permission.ws.template;
import java.util.Optional;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
-import org.sonar.db.permission.template.PermissionTemplateCharacteristicMapper;
-import org.sonar.server.component.ComponentFinder;
-import org.sonar.server.exceptions.BadRequestException;
+import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-public class AddProjectCreatorToTemplateActionTest {
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- DbClient dbClient = db.getDbClient();
- DbSession dbSession = db.getSession();
- PermissionTemplateCharacteristicMapper mapper = dbSession.getMapper(PermissionTemplateCharacteristicMapper.class);
- ResourceTypesRule resourceTypes = new ResourceTypesRule();
- System2 system = mock(System2.class);
+public class AddProjectCreatorToTemplateActionTest extends BasePermissionWsTest<AddProjectCreatorToTemplateAction> {
- WsActionTester ws;
+ private System2 system = spy(System2.INSTANCE);
+ private PermissionTemplateDto template;
- PermissionTemplateDto template;
+ @Override
+ protected AddProjectCreatorToTemplateAction buildWsAction() {
+ return new AddProjectCreatorToTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession, system);
+ }
@Before
public void setUp() {
userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- when(system.now()).thenReturn(2_000_000_000L);
-
- ws = new WsActionTester(new AddProjectCreatorToTemplateAction(dbClient,
- new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes), userSession, system));
-
template = insertTemplate();
+ when(system.now()).thenReturn(2_000_000_000L);
}
@Test
- public void insert_row_when_no_template_permission() {
- call(ws.newRequest()
+ public void insert_row_when_no_template_permission() throws Exception {
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
assertThatProjectCreatorIsPresentFor(UserRole.ADMIN, template.getId());
}
@Test
- public void update_row_when_existing_template_permission() {
- PermissionTemplateCharacteristicDto insertedPermissionTemplate = dbClient.permissionTemplateCharacteristicDao().insert(dbSession, new PermissionTemplateCharacteristicDto()
- .setTemplateId(template.getId())
- .setPermission(UserRole.USER)
- .setWithProjectCreator(false)
- .setCreatedAt(1_000_000_000L)
- .setUpdatedAt(1_000_000_000L));
+ public void update_row_when_existing_template_permission() throws Exception {
+ PermissionTemplateCharacteristicDto characteristic = db.getDbClient().permissionTemplateCharacteristicDao().insert(db.getSession(),
+ new PermissionTemplateCharacteristicDto()
+ .setTemplateId(template.getId())
+ .setPermission(UserRole.USER)
+ .setWithProjectCreator(false)
+ .setCreatedAt(1_000_000_000L)
+ .setUpdatedAt(1_000_000_000L));
db.commit();
when(system.now()).thenReturn(3_000_000_000L);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.USER)
- .setParam(PARAM_TEMPLATE_NAME, template.getName()));
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .execute();
assertThatProjectCreatorIsPresentFor(UserRole.USER, template.getId());
- PermissionTemplateCharacteristicDto updatedPermissionTemplate = mapper.selectById(insertedPermissionTemplate.getId());
- assertThat(updatedPermissionTemplate.getCreatedAt()).isEqualTo(1_000_000_000L);
- assertThat(updatedPermissionTemplate.getUpdatedAt()).isEqualTo(3_000_000_000L);
+ PermissionTemplateCharacteristicDto reloaded = reload(characteristic);
+ assertThat(reloaded.getCreatedAt()).isEqualTo(1_000_000_000L);
+ assertThat(reloaded.getUpdatedAt()).isEqualTo(3_000_000_000L);
}
@Test
- public void fail_when_template_does_not_exist() {
+ public void fail_when_template_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, "42"));
+ .setParam(PARAM_TEMPLATE_ID, "42")
+ .execute();
}
@Test
- public void fail_if_permission_is_not_a_project_permission() {
- expectedException.expect(BadRequestException.class);
+ public void fail_if_permission_is_not_a_project_permission() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
}
@Test
- public void fail_if_not_authenticated() {
+ public void fail_if_not_authenticated() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
}
@Test
- public void fail_if_insufficient_privileges() {
+ public void fail_if_insufficient_privileges() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
}
private void assertThatProjectCreatorIsPresentFor(String permission, long templateId) {
- Optional<PermissionTemplateCharacteristicDto> templatePermission = dbClient.permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(dbSession, permission, templateId);
+ Optional<PermissionTemplateCharacteristicDto> templatePermission = db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(),
+ permission,
+ templateId);
assertThat(templatePermission).isPresent();
assertThat(templatePermission.get().getWithProjectCreator()).isTrue();
}
- private PermissionTemplateDto insertTemplate() {
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto());
- db.commit();
- return template;
+ private WsTester.TestRequest newRequest() {
+ return wsTester.newPostRequest(CONTROLLER, "add_project_creator_to_template");
}
- private void call(TestRequest request) {
- request.execute();
+ private PermissionTemplateCharacteristicDto reload(PermissionTemplateCharacteristicDto characteristic) {
+ return db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(), characteristic.getPermission(), characteristic.getTemplateId()).get();
}
}
import java.util.List;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.System2;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.UserDto;
-import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
-import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
+public class AddUserToTemplateActionTest extends BasePermissionWsTest<AddUserToTemplateAction> {
-public class AddUserToTemplateActionTest {
+ private static final String ACTION = "add_user_to_template";
- private static final String USER_LOGIN = "user-login";
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
+ private UserDto user;
+ private PermissionTemplateDto permissionTemplate;
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
- UserDto user;
- PermissionTemplateDto permissionTemplate;
+ @Override
+ protected AddUserToTemplateAction buildWsAction() {
+ return new AddUserToTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession);
+ }
@Before
public void setUp() {
- dbClient = db.getDbClient();
- dbSession = db.getSession();
- userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ loginAsAdmin();
- PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
- ws = new WsActionTester(new AddUserToTemplateAction(dbClient, dependenciesFinder, userSession));
-
- user = insertUser(newUserDto().setLogin(USER_LOGIN));
- permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
- commit();
+ user = db.users().insertUser("user-login");
+ permissionTemplate = insertTemplate();
}
@Test
- public void add_user_to_template() {
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), CODEVIEWER);
+ public void add_user_to_template() throws Exception {
+ newRequest(user.getLogin(), permissionTemplate.getUuid(), CODEVIEWER);
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(USER_LOGIN);
+ assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(user.getLogin());
}
@Test
- public void add_user_to_template_by_name() {
- ws.newRequest()
- .setParam(PARAM_USER_LOGIN, USER_LOGIN)
+ public void add_user_to_template_by_name() throws Exception {
+ wsTester.newPostRequest(CONTROLLER, ACTION)
+ .setParam(PARAM_USER_LOGIN, user.getLogin())
.setParam(PARAM_PERMISSION, CODEVIEWER)
.setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
.execute();
- commit();
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(USER_LOGIN);
+ assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), CODEVIEWER)).containsExactly(user.getLogin());
}
@Test
- public void does_not_add_a_user_twice() {
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), ISSUE_ADMIN);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), ISSUE_ADMIN);
+ public void does_not_add_a_user_twice() throws Exception {
+ newRequest(user.getLogin(), permissionTemplate.getUuid(), ISSUE_ADMIN);
+ newRequest(user.getLogin(), permissionTemplate.getUuid(), ISSUE_ADMIN);
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), ISSUE_ADMIN)).containsExactly(USER_LOGIN);
+ assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), ISSUE_ADMIN)).containsExactly(user.getLogin());
}
@Test
- public void fail_if_not_a_project_permission() {
- expectedException.expect(BadRequestException.class);
+ public void fail_if_not_a_project_permission() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
+ newRequest(user.getLogin(), permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
}
@Test
- public void fail_if_insufficient_privileges() {
+ public void fail_if_insufficient_privileges() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), CODEVIEWER);
+ newRequest(user.getLogin(), permissionTemplate.getUuid(), CODEVIEWER);
}
@Test
- public void fail_if_not_logged_in() {
+ public void fail_if_not_logged_in() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), CODEVIEWER);
+ newRequest(user.getLogin(), permissionTemplate.getUuid(), CODEVIEWER);
}
@Test
- public void fail_if_user_missing() {
+ public void fail_if_user_missing() throws Exception {
expectedException.expect(IllegalArgumentException.class);
newRequest(null, permissionTemplate.getUuid(), CODEVIEWER);
}
@Test
- public void fail_if_permission_missing() {
+ public void fail_if_permission_missing() throws Exception {
expectedException.expect(IllegalArgumentException.class);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), null);
+ newRequest(user.getLogin(), permissionTemplate.getUuid(), null);
}
@Test
- public void fail_if_template_uuid_and_name_are_missing() {
+ public void fail_if_template_uuid_and_name_are_missing() throws Exception {
expectedException.expect(BadRequestException.class);
- newRequest(USER_LOGIN, null, CODEVIEWER);
+ newRequest(user.getLogin(), null, CODEVIEWER);
}
@Test
- public void fail_if_user_does_not_exist() {
+ public void fail_if_user_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("User with login 'unknown-login' is not found");
}
@Test
- public void fail_if_template_key_does_not_exist() {
+ public void fail_if_template_key_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
- newRequest(USER_LOGIN, "unknown-key", CODEVIEWER);
+ newRequest(user.getLogin(), "unknown-key", CODEVIEWER);
}
- private void newRequest(@Nullable String userLogin, @Nullable String templateKey, @Nullable String permission) {
- TestRequest request = ws.newRequest();
+ private void newRequest(@Nullable String userLogin, @Nullable String templateKey, @Nullable String permission) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, ACTION);
if (userLogin != null) {
request.setParam(PARAM_USER_LOGIN, userLogin);
}
request.execute();
}
- private void commit() {
- dbSession.commit();
- }
-
- private UserDto insertUser(UserDto userDto) {
- return dbClient.userDao().insert(dbSession, userDto.setActive(true));
- }
-
- private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
- return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
- }
-
private List<String> getLoginsInTemplateAndPermission(long templateId, String permission) {
PermissionQuery permissionQuery = PermissionQuery.builder().setPermission(permission).build();
- return dbClient.permissionTemplateDao()
- .selectUserLoginsByQueryAndTemplate(dbSession, permissionQuery, templateId);
+ return db.getDbClient().permissionTemplateDao()
+ .selectUserLoginsByQueryAndTemplate(db.getSession(), permissionQuery, templateId);
+ }
+
+ private void loginAsAdmin() {
+ userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
}
}
import java.util.List;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
import org.sonar.api.config.MapSettings;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.System2;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.permission.GroupPermissionDto;
+import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.PermissionRepository;
-import org.sonar.db.permission.UserPermissionDto;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.UserDto;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.issue.index.IssueAuthorizationIndexer;
import org.sonar.server.permission.PermissionService;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.TestResponse;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.verify;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
-import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-public class ApplyTemplateActionTest {
-
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
-
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
-
- UserDto user1;
- UserDto user2;
- GroupDto group1;
- GroupDto group2;
- ComponentDto project;
- PermissionTemplateDto template1;
- PermissionTemplateDto template2;
- IssueAuthorizationIndexer issueAuthorizationIndexer = mock(IssueAuthorizationIndexer.class);
+public class ApplyTemplateActionTest extends BasePermissionWsTest<ApplyTemplateAction> {
- @Before
- public void setUp() {
- userSession.login("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- dbClient = db.getDbClient();
- dbSession = db.getSession();
+ private static final String ACTION = "apply_template";
- PermissionRepository repository = new PermissionRepository(dbClient, new MapSettings());
- ComponentFinder componentFinder = new ComponentFinder(dbClient);
- PermissionService permissionService = new PermissionService(dbClient, repository, issueAuthorizationIndexer, userSession, componentFinder);
- PermissionDependenciesFinder permissionDependenciesFinder = new PermissionDependenciesFinder(dbClient, componentFinder, new UserGroupFinder(dbClient), resourceTypes);
+ private UserDto user1;
+ private UserDto user2;
+ private GroupDto group1;
+ private GroupDto group2;
+ private ComponentDto project;
+ private PermissionTemplateDto template1;
+ private PermissionTemplateDto template2;
+ private IssueAuthorizationIndexer issueAuthorizationIndexer = mock(IssueAuthorizationIndexer.class);
- ApplyTemplateAction underTest = new ApplyTemplateAction(dbClient, permissionService, permissionDependenciesFinder);
- ws = new WsActionTester(underTest);
+ @Override
+ protected ApplyTemplateAction buildWsAction() {
+ PermissionRepository repository = new PermissionRepository(db.getDbClient(), new MapSettings());
+ ComponentFinder componentFinder = new ComponentFinder(db.getDbClient());
+ PermissionService permissionService = new PermissionService(db.getDbClient(), repository, issueAuthorizationIndexer, userSession, componentFinder);
+ return new ApplyTemplateAction(db.getDbClient(), permissionService, newPermissionWsSupport());
+ }
+
+ @Before
+ public void setUp() {
+ loginAsAdmin();
- user1 = insertUser(newUserDto().setLogin("user-login-1"));
- user2 = insertUser(newUserDto().setLogin("user-login-2"));
- group1 = insertGroup(newGroupDto().setName("group-name-1"));
- group2 = insertGroup(newGroupDto().setName("group-name-2"));
+ user1 = db.users().insertUser("user-login-1");
+ user2 = db.users().insertUser("user-login-2");
+ OrganizationDto defaultOrg = defaultOrganizationProvider.getDto();
+ group1 = db.users().insertGroup(defaultOrg, "group-name-1");
+ group2 = db.users().insertGroup(defaultOrg, "group-name-2");
// template 1
- template1 = insertTemplate(newPermissionTemplateDto().setUuid("permission-template-uuid-1"));
+ template1 = insertTemplate();
addUserToTemplate(user1, template1, UserRole.CODEVIEWER);
addUserToTemplate(user2, template1, UserRole.ISSUE_ADMIN);
addGroupToTemplate(group1, template1, UserRole.ADMIN);
addGroupToTemplate(group2, template1, UserRole.USER);
// template 2
- template2 = insertTemplate(newPermissionTemplateDto().setUuid("permission-template-uuid-2"));
+ template2 = insertTemplate();
addUserToTemplate(user1, template2, UserRole.USER);
addUserToTemplate(user2, template2, UserRole.USER);
addGroupToTemplate(group1, template2, UserRole.USER);
addGroupToTemplate(group2, template2, UserRole.USER);
- project = insertProject(newProjectDto("project-uuid-1"));
- addUserPermissionToProject(user1, project, UserRole.ADMIN);
- addUserPermissionToProject(user2, project, UserRole.ADMIN);
- addGroupPermissionToProject(group1, project, UserRole.ADMIN);
- addGroupPermissionToProject(group2, project, UserRole.ADMIN);
-
- commit();
+ project = db.components().insertComponent(newProjectDto("project-uuid-1"));
+ db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, project);
+ db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, project);
+ db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, project);
+ db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, project);
}
@Test
- public void apply_template_with_project_uuid() {
- assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).hasSize(2);
- assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).hasSize(2);
-
+ public void apply_template_with_project_uuid() throws Exception {
newRequest(template1.getUuid(), project.uuid(), null);
assertTemplate1AppliedToProject();
}
@Test
- public void apply_template_with_project_uuid_by_template_name() {
- ws.newRequest()
+ public void apply_template_with_project_uuid_by_template_name() throws Exception {
+ wsTester.newPostRequest(CONTROLLER, ACTION)
.setParam(PARAM_TEMPLATE_NAME, template1.getName().toUpperCase())
.setParam(PARAM_PROJECT_ID, project.uuid())
.execute();
- commit();
assertTemplate1AppliedToProject();
}
@Test
- public void apply_template_with_project_key() {
+ public void apply_template_with_project_key() throws Exception {
newRequest(template1.getUuid(), null, project.key());
assertTemplate1AppliedToProject();
}
@Test
- public void fail_when_unknown_template() {
+ public void fail_when_unknown_template() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Permission template with id 'unknown-template-uuid' is not found");
}
@Test
- public void fail_when_unknown_project_uuid() {
+ public void fail_when_unknown_project_uuid() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Project id 'unknown-project-uuid' not found");
}
@Test
- public void fail_when_unknown_project_key() {
+ public void fail_when_unknown_project_key() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Project key 'unknown-project-key' not found");
}
@Test
- public void fail_when_template_is_not_provided() {
+ public void fail_when_template_is_not_provided() throws Exception {
expectedException.expect(BadRequestException.class);
newRequest(null, project.uuid(), null);
}
@Test
- public void fail_when_project_uuid_and_key_not_provided() {
+ public void fail_when_project_uuid_and_key_not_provided() throws Exception {
expectedException.expect(BadRequestException.class);
- expectedException.expectMessage("Project id or project key must be provided, not both.");
+ expectedException.expectMessage("Project id or project key can be provided, not both.");
newRequest(template1.getUuid(), null, null);
}
@Test
- public void fail_when_anonymous() {
+ public void fail_when_anonymous() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
}
@Test
- public void fail_when_insufficient_privileges() {
+ public void fail_when_insufficient_privileges() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.login().setGlobalPermissions(GlobalPermissions.SCAN_EXECUTION);
assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getLogin());
}
- private TestResponse newRequest(@Nullable String templateUuid, @Nullable String projectUuid, @Nullable String projectKey) {
- TestRequest request = ws.newRequest();
+ private WsTester.Result newRequest(@Nullable String templateUuid, @Nullable String projectUuid, @Nullable String projectKey) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, ACTION);
if (templateUuid != null) {
request.setParam(PARAM_TEMPLATE_ID, templateUuid);
}
request.setParam(PARAM_PROJECT_KEY, projectKey);
}
- TestResponse result = request.execute();
- commit();
-
- return result;
- }
-
- private ComponentDto insertProject(ComponentDto project) {
- dbClient.componentDao().insert(dbSession, project);
- return dbClient.componentDao().selectOrFailByUuid(dbSession, project.uuid());
- }
-
- private PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {
- return dbClient.permissionTemplateDao().insert(dbSession, template);
- }
-
- private UserDto insertUser(UserDto userDto) {
- return dbClient.userDao().insert(dbSession, userDto.setActive(true));
- }
-
- private GroupDto insertGroup(GroupDto group) {
- return dbClient.groupDao().insert(dbSession, group);
+ return request.execute();
}
private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) {
- dbClient.permissionTemplateDao().insertUserPermission(dbSession, permissionTemplate.getId(), user.getId(), permission);
+ db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), permissionTemplate.getId(), user.getId(), permission);
+ db.commit();
}
private void addGroupToTemplate(GroupDto group, PermissionTemplateDto permissionTemplate, String permission) {
- dbClient.permissionTemplateDao().insertGroupPermission(dbSession, permissionTemplate.getId(), group.getId(), permission);
- }
-
- private void addUserPermissionToProject(UserDto user, ComponentDto project, String permission) {
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(permission, user.getId(), project.getId()));
- }
-
- private void addGroupPermissionToProject(GroupDto group, ComponentDto project, String permission) {
- dbClient.roleDao().insertGroupRole(dbSession, new GroupPermissionDto()
- .setRole(permission)
- .setResourceId(project.getId())
- .setGroupId(group.getId()));
+ db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplate.getId(), group.getId(), permission);
+ db.commit();
}
private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) {
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponentUuid(project.uuid()).build();
- return dbClient.groupPermissionDao().selectGroupNamesByPermissionQuery(dbSession, query);
+ return db.getDbClient().groupPermissionDao().selectGroupNamesByPermissionQuery(db.getSession(), query);
}
private List<String> selectProjectPermissionUsers(ComponentDto project, String permission) {
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponentUuid(project.uuid()).build();
- return dbClient.userPermissionDao().selectLogins(dbSession, query);
+ return db.getDbClient().userPermissionDao().selectLogins(db.getSession(), query);
}
- private void commit() {
- dbSession.commit();
+ private void loginAsAdmin() {
+ userSession.login("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
}
}
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-
package org.sonar.server.permission.ws.template;
import java.util.List;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
import org.sonar.api.config.MapSettings;
-import org.sonar.api.resources.Qualifiers;
import org.sonar.api.server.ws.WebService.Param;
-import org.sonar.api.utils.System2;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ComponentDbTester;
import org.sonar.db.component.ComponentDto;
-import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.permission.GroupPermissionDto;
+import org.sonar.db.organization.OrganizationDto;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.PermissionRepository;
-import org.sonar.db.permission.UserPermissionDto;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.GroupDbTester;
import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDbTester;
import org.sonar.db.user.UserDto;
import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.i18n.I18nRule;
import org.sonar.server.issue.index.IssueAuthorizationIndexer;
import org.sonar.server.permission.PermissionService;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.sonar.db.component.ComponentTesting.newDeveloper;
import static org.sonar.db.component.ComponentTesting.newProjectDto;
import static org.sonar.db.component.ComponentTesting.newView;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
-import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-public class BulkApplyTemplateActionTest {
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone().login("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- ComponentDbTester componentDb = new ComponentDbTester(db);
- UserDbTester userDb = new UserDbTester(db);
- GroupDbTester groupDb = new GroupDbTester(db);
- DbClient dbClient = db.getDbClient();
- DbSession dbSession = db.getSession();
-
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
- I18nRule i18n = new I18nRule();
- WsActionTester ws;
-
- UserDto user1;
- UserDto user2;
- GroupDto group1;
- GroupDto group2;
- PermissionTemplateDto template1;
- PermissionTemplateDto template2;
- IssueAuthorizationIndexer issueAuthorizationIndexer = mock(IssueAuthorizationIndexer.class);
+public class BulkApplyTemplateActionTest extends BasePermissionWsTest<BulkApplyTemplateAction> {
+
+ private static final String ACTION = "bulk_apply_template";
+
+ private UserDto user1;
+ private UserDto user2;
+ private GroupDto group1;
+ private GroupDto group2;
+ private PermissionTemplateDto template1;
+ private PermissionTemplateDto template2;
+ private IssueAuthorizationIndexer issueAuthorizationIndexer = mock(IssueAuthorizationIndexer.class);
+
+ @Override
+ protected BulkApplyTemplateAction buildWsAction() {
+ PermissionRepository repository = new PermissionRepository(db.getDbClient(), new MapSettings());
+ ComponentFinder componentFinder = new ComponentFinder(db.getDbClient());
+ PermissionService permissionService = new PermissionService(db.getDbClient(), repository, issueAuthorizationIndexer, userSession, componentFinder);
+ return new BulkApplyTemplateAction(db.getDbClient(), permissionService, newPermissionWsSupport(), new I18nRule(), newRootResourceTypes());
+ }
@Before
public void setUp() {
- PermissionRepository repository = new PermissionRepository(dbClient, new MapSettings());
- ComponentFinder componentFinder = new ComponentFinder(dbClient);
- PermissionService permissionService = new PermissionService(dbClient, repository, issueAuthorizationIndexer, userSession, componentFinder);
- PermissionDependenciesFinder permissionDependenciesFinder = new PermissionDependenciesFinder(dbClient, componentFinder, new UserGroupFinder(dbClient), resourceTypes);
-
- BulkApplyTemplateAction underTest = new BulkApplyTemplateAction(dbClient, permissionService, permissionDependenciesFinder, i18n, resourceTypes);
- ws = new WsActionTester(underTest);
+ loginAsAdmin();
- user1 = userDb.insertUser(newUserDto().setLogin("user-login-1"));
- user2 = userDb.insertUser(newUserDto().setLogin("user-login-2"));
- group1 = groupDb.insertGroup(newGroupDto().setName("group-name-1"));
- group2 = groupDb.insertGroup(newGroupDto().setName("group-name-2"));
+ user1 = db.users().insertUser("user-login-1");
+ user2 = db.users().insertUser("user-login-2");
+ OrganizationDto defaultOrg = defaultOrganizationProvider.getDto();
+ group1 = db.users().insertGroup(defaultOrg, "group-name-1");
+ group2 = db.users().insertGroup(defaultOrg, "group-name-2");
// template 1
- template1 = insertTemplate(newPermissionTemplateDto().setUuid("permission-template-uuid-1"));
+ template1 = insertTemplate();
addUserToTemplate(user1, template1, UserRole.CODEVIEWER);
addUserToTemplate(user2, template1, UserRole.ISSUE_ADMIN);
addGroupToTemplate(group1, template1, UserRole.ADMIN);
addGroupToTemplate(group2, template1, UserRole.USER);
// template 2
- template2 = insertTemplate(newPermissionTemplateDto().setUuid("permission-template-uuid-2"));
+ template2 = insertTemplate();
addUserToTemplate(user1, template2, UserRole.USER);
addUserToTemplate(user2, template2, UserRole.USER);
addGroupToTemplate(group1, template2, UserRole.USER);
addGroupToTemplate(group2, template2, UserRole.USER);
-
- commit();
}
@Test
- public void bulk_apply_template_by_template_uuid() {
- ComponentDto project = componentDb.insertComponent(newProjectDto());
- ComponentDto view = componentDb.insertComponent(newView());
- ComponentDto developer = componentDb.insertComponent(newDeveloper("developer-name"));
- addUserPermissionToProject(user1, developer, UserRole.ADMIN);
- addUserPermissionToProject(user2, developer, UserRole.ADMIN);
- addGroupPermissionToProject(group1, developer, UserRole.ADMIN);
- addGroupPermissionToProject(group2, developer, UserRole.ADMIN);
- db.commit();
+ public void bulk_apply_template_by_template_uuid() throws Exception {
+ ComponentDto project = db.components().insertComponent(newProjectDto());
+ ComponentDto view = db.components().insertComponent(newView());
+ ComponentDto developer = db.components().insertComponent(newDeveloper("developer-name"));
+ db.users().insertProjectPermissionOnUser(user1, UserRole.ADMIN, developer);
+ db.users().insertProjectPermissionOnUser(user2, UserRole.ADMIN, developer);
+ db.users().insertProjectPermissionOnGroup(group1, UserRole.ADMIN, developer);
+ db.users().insertProjectPermissionOnGroup(group2, UserRole.ADMIN, developer);
- call(ws.newRequest().setParam(PARAM_TEMPLATE_ID, template1.getUuid()));
+ newRequest().setParam(PARAM_TEMPLATE_ID, template1.getUuid()).execute();
assertTemplate1AppliedToProject(project);
assertTemplate1AppliedToProject(view);
}
@Test
- public void bulk_apply_template_by_template_name() {
- ComponentDto project = componentDb.insertComponent(newProjectDto());
+ public void bulk_apply_template_by_template_name() throws Exception {
+ ComponentDto project = db.components().insertComponent(newProjectDto());
- call(ws.newRequest().setParam(PARAM_TEMPLATE_NAME, template1.getName()));
+ newRequest().setParam(PARAM_TEMPLATE_NAME, template1.getName()).execute();
assertTemplate1AppliedToProject(project);
}
@Test
- public void apply_template_by_qualifier() {
- ComponentDto project = componentDb.insertComponent(newProjectDto());
- ComponentDto view = componentDb.insertComponent(newView());
+ public void apply_template_by_qualifier() throws Exception {
+ ComponentDto project = db.components().insertComponent(newProjectDto());
+ ComponentDto view = db.components().insertComponent(newView());
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_TEMPLATE_ID, template1.getUuid())
- .setParam(PARAM_QUALIFIER, project.qualifier()));
+ .setParam(PARAM_QUALIFIER, project.qualifier()).execute();
assertTemplate1AppliedToProject(project);
assertNoPermissionOnProject(view);
}
@Test
- public void apply_template_by_query_on_name_and_key() {
+ public void apply_template_by_query_on_name_and_key() throws Exception {
ComponentDto projectFoundByKey = newProjectDto().setKey("sonar");
- componentDb.insertProjectAndSnapshot(projectFoundByKey);
+ db.components().insertProjectAndSnapshot(projectFoundByKey);
ComponentDto projectFoundByName = newProjectDto().setName("name-sonar-name");
- componentDb.insertProjectAndSnapshot(projectFoundByName);
+ db.components().insertProjectAndSnapshot(projectFoundByName);
// match must be exact on key
ComponentDto projectUntouched = newProjectDto().setKey("new-sonar").setName("project-name");
- componentDb.insertProjectAndSnapshot(projectUntouched);
- componentDb.indexAllComponents();
+ db.components().insertProjectAndSnapshot(projectUntouched);
+ db.components().indexAllComponents();
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_TEMPLATE_ID, template1.getUuid())
- .setParam(Param.TEXT_QUERY, "sonar"));
+ .setParam(Param.TEXT_QUERY, "sonar")
+ .execute();
assertTemplate1AppliedToProject(projectFoundByKey);
assertTemplate1AppliedToProject(projectFoundByName);
}
@Test
- public void fail_if_no_template_parameter() {
+ public void fail_if_no_template_parameter() throws Exception {
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("Template name or template id must be provided, not both.");
- call(ws.newRequest());
+ newRequest().execute();
}
@Test
- public void fail_if_template_name_is_incorrect() {
+ public void fail_if_template_name_is_incorrect() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Permission template with id 'unknown-template-uuid' is not found");
- call(ws.newRequest().setParam(PARAM_TEMPLATE_ID, "unknown-template-uuid"));
- }
-
- private void call(TestRequest request) {
- request.execute();
- db.commit();
+ newRequest().setParam(PARAM_TEMPLATE_ID, "unknown-template-uuid").execute();
}
- private void assertTemplate1AppliedToProject(ComponentDto project) {
+ private void assertTemplate1AppliedToProject(ComponentDto project) throws Exception {
assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).containsExactly(group1.getName());
assertThat(selectProjectPermissionGroups(project, UserRole.USER)).containsExactly(group2.getName());
assertThat(selectProjectPermissionUsers(project, UserRole.ADMIN)).isEmpty();
assertThat(selectProjectPermissionUsers(project, UserRole.ISSUE_ADMIN)).containsExactly(user2.getLogin());
}
- private void assertNoPermissionOnProject(ComponentDto project) {
+ private void assertNoPermissionOnProject(ComponentDto project) throws Exception {
assertThat(selectProjectPermissionGroups(project, UserRole.ADMIN)).isEmpty();
assertThat(selectProjectPermissionGroups(project, UserRole.CODEVIEWER)).isEmpty();
assertThat(selectProjectPermissionGroups(project, UserRole.ISSUE_ADMIN)).isEmpty();
assertThat(selectProjectPermissionUsers(project, UserRole.USER)).isEmpty();
}
- private PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {
- return dbClient.permissionTemplateDao().insert(dbSession, template);
- }
-
private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) {
- dbClient.permissionTemplateDao().insertUserPermission(dbSession, permissionTemplate.getId(), user.getId(), permission);
+ db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), permissionTemplate.getId(), user.getId(), permission);
+ db.commit();
}
private void addGroupToTemplate(GroupDto group, PermissionTemplateDto permissionTemplate, String permission) {
- dbClient.permissionTemplateDao().insertGroupPermission(dbSession, permissionTemplate.getId(), group.getId(), permission);
- }
-
- private void addUserPermissionToProject(UserDto user, ComponentDto project, String permission) {
- dbClient.userPermissionDao().insert(dbSession, new UserPermissionDto(permission, user.getId(), project.getId()));
- }
-
- private void addGroupPermissionToProject(GroupDto group, ComponentDto project, String permission) {
- dbClient.roleDao().insertGroupRole(dbSession, new GroupPermissionDto()
- .setRole(permission)
- .setResourceId(project.getId())
- .setGroupId(group.getId()));
+ db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplate.getId(), group.getId(), permission);
+ db.commit();
}
private List<String> selectProjectPermissionGroups(ComponentDto project, String permission) {
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponentUuid(project.uuid()).build();
- return dbClient.groupPermissionDao().selectGroupNamesByPermissionQuery(dbSession, query);
+ return db.getDbClient().groupPermissionDao().selectGroupNamesByPermissionQuery(db.getSession(), query);
}
private List<String> selectProjectPermissionUsers(ComponentDto project, String permission) {
PermissionQuery query = PermissionQuery.builder().setPermission(permission).setComponentUuid(project.uuid()).build();
- return dbClient.userPermissionDao().selectLogins(dbSession, query);
+ return db.getDbClient().userPermissionDao().selectLogins(db.getSession(), query);
+ }
+
+ private WsTester.TestRequest newRequest() {
+ return wsTester.newPostRequest(CONTROLLER, ACTION);
}
- private void commit() {
- dbSession.commit();
+ private void loginAsAdmin() {
+ userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
}
}
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
+import org.sonar.api.utils.internal.TestSystem2;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.TestResponse;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.test.JsonAssert.assertJson;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY_PATTERN;
-import static org.sonar.test.JsonAssert.assertJson;
-public class CreateTemplateActionTest {
+public class CreateTemplateActionTest extends BasePermissionWsTest<CreateTemplateAction> {
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
+ private static final long NOW = 1_440_512_328_743L;
+ private System2 system = new TestSystem2().setNow(NOW);
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
- System2 system = mock(System2.class);
+ @Override
+ protected CreateTemplateAction buildWsAction() {
+ return new CreateTemplateAction(db.getDbClient(), userSession, system, newPermissionWsSupport());
+ }
@Before
public void setUp() {
userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- when(system.now()).thenReturn(1440512328743L);
-
- dbClient = db.getDbClient();
- dbSession = db.getSession();
- ws = new WsActionTester(new CreateTemplateAction(dbClient, userSession, system));
}
@Test
- public void create_full_permission_template() {
- TestResponse result = newRequest("Finance", "Permissions for financially related projects", ".*\\.finance\\..*");
+ public void create_full_permission_template() throws Exception {
+ WsTester.Result result = newRequest("Finance", "Permissions for financially related projects", ".*\\.finance\\..*");
- assertJson(result.getInput())
+ assertJson(result.outputAsString())
.ignoreFields("id")
.isSimilarTo(getClass().getResource("create_template-example.json"));
- PermissionTemplateDto finance = dbClient.permissionTemplateDao().selectByName(dbSession, "Finance");
+ PermissionTemplateDto finance = db.getDbClient().permissionTemplateDao().selectByName(db.getSession(), "Finance");
assertThat(finance.getName()).isEqualTo("Finance");
assertThat(finance.getDescription()).isEqualTo("Permissions for financially related projects");
assertThat(finance.getKeyPattern()).isEqualTo(".*\\.finance\\..*");
assertThat(finance.getUuid()).isNotEmpty();
- assertThat(finance.getCreatedAt().getTime()).isEqualTo(1440512328743L);
- assertThat(finance.getUpdatedAt().getTime()).isEqualTo(1440512328743L);
+ assertThat(finance.getCreatedAt().getTime()).isEqualTo(NOW);
+ assertThat(finance.getUpdatedAt().getTime()).isEqualTo(NOW);
}
@Test
- public void create_minimalist_permission_template() {
+ public void create_minimalist_permission_template() throws Exception {
newRequest("Finance", null, null);
- PermissionTemplateDto finance = dbClient.permissionTemplateDao().selectByName(dbSession, "Finance");
+ PermissionTemplateDto finance = db.getDbClient().permissionTemplateDao().selectByName(db.getSession(), "Finance");
assertThat(finance.getName()).isEqualTo("Finance");
assertThat(finance.getDescription()).isNullOrEmpty();
assertThat(finance.getKeyPattern()).isNullOrEmpty();
assertThat(finance.getUuid()).isNotEmpty();
- assertThat(finance.getCreatedAt().getTime()).isEqualTo(1440512328743L);
- assertThat(finance.getUpdatedAt().getTime()).isEqualTo(1440512328743L);
+ assertThat(finance.getCreatedAt().getTime()).isEqualTo(NOW);
+ assertThat(finance.getUpdatedAt().getTime()).isEqualTo(NOW);
}
@Test
- public void fail_if_name_not_provided() {
+ public void fail_if_name_not_provided() throws Exception {
expectedException.expect(IllegalArgumentException.class);
newRequest(null, null, null);
}
@Test
- public void fail_if_name_empty() {
+ public void fail_if_name_empty() throws Exception {
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("The template name must not be blank");
}
@Test
- public void fail_if_regexp_if_not_valid() {
+ public void fail_if_regexp_if_not_valid() throws Exception {
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("The 'projectKeyPattern' parameter must be a valid Java regular expression. '[azerty' was passed");
}
@Test
- public void fail_if_name_already_exists_in_database_case_insensitive() {
+ public void fail_if_name_already_exists_in_database_case_insensitive() throws Exception {
+ PermissionTemplateDto template = insertTemplate();
+
expectedException.expect(BadRequestException.class);
- expectedException.expectMessage("A template with the name 'Finance' already exists (case insensitive).");
- insertTemplate(newPermissionTemplateDto().setName("finance"));
- commit();
+ expectedException.expectMessage("A template with the name '" + template.getName() + "' already exists (case insensitive).");
- newRequest("Finance", null, null);
+ newRequest(template.getName(), null, null);
}
@Test
- public void fail_if_not_logged_in() {
+ public void fail_if_not_logged_in() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
}
@Test
- public void fail_if_not_admin() {
+ public void fail_if_not_admin() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
newRequest("Finance", null, null);
}
- private PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {
- return dbClient.permissionTemplateDao().insert(dbSession, template);
- }
-
- private void commit() {
- dbSession.commit();
- }
-
- private TestResponse newRequest(@Nullable String name, @Nullable String description, @Nullable String projectPattern) {
- TestRequest request = ws.newRequest();
+ private WsTester.Result newRequest(@Nullable String name, @Nullable String description, @Nullable String projectPattern) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, "create_template");
if (name != null) {
request.setParam(PARAM_NAME, name);
}
import java.util.Date;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.System2;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
+import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
import org.sonar.db.user.GroupTesting;
import org.sonar.db.user.UserDto;
import org.sonar.db.user.UserTesting;
-import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.DeleteTemplateAction;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.TestResponse;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static com.google.common.primitives.Longs.asList;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.when;
import static org.mockito.internal.util.collections.Sets.newSet;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-public class DeleteTemplateActionTest {
-
- static final String TEMPLATE_UUID = "permission-template-uuid";
+public class DeleteTemplateActionTest extends BasePermissionWsTest<DeleteTemplateAction> {
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
+ private static final String TEMPLATE_UUID = "permission-template-uuid";
+ private static final String ACTION = "delete_template";
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
- DefaultPermissionTemplateFinder defaultTemplatePermissionFinder;
+ private DefaultPermissionTemplateFinder defaultTemplatePermissionFinder = mock(DefaultPermissionTemplateFinder.class);
+ private PermissionTemplateDto permissionTemplate;
- PermissionTemplateDto permissionTemplate;
+ @Override
+ protected DeleteTemplateAction buildWsAction() {
+ return new DeleteTemplateAction(db.getDbClient(), userSession, newPermissionWsSupport(), defaultTemplatePermissionFinder);
+ }
@Before
public void setUp() {
userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
-
- dbClient = db.getDbClient();
- dbSession = db.getSession();
- defaultTemplatePermissionFinder = mock(DefaultPermissionTemplateFinder.class);
- when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(Collections.<String>emptySet());
- PermissionDependenciesFinder finder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
- ws = new WsActionTester(new DeleteTemplateAction(dbClient, userSession, finder, defaultTemplatePermissionFinder));
+ when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(Collections.emptySet());
permissionTemplate = insertTemplateAndAssociatedPermissions(newPermissionTemplateDto().setUuid(TEMPLATE_UUID));
}
@Test
- public void delete_template_in_db() {
- TestResponse result = newRequest(TEMPLATE_UUID);
+ public void delete_template_in_db() throws Exception {
+ WsTester.Result result = newRequest(TEMPLATE_UUID);
- assertThat(result.getInput()).isEmpty();
- assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
+ assertThat(result.outputAsString()).isEmpty();
+ assertThat(db.getDbClient().permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(db.getSession(), TEMPLATE_UUID)).isNull();
}
@Test
- public void delete_template_by_name_case_insensitive() {
- ws.newRequest()
+ public void delete_template_by_name_case_insensitive() throws Exception {
+ wsTester.newPostRequest(CONTROLLER, ACTION)
.setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
.execute();
- commit();
- assertThat(dbClient.permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(dbSession, TEMPLATE_UUID)).isNull();
+ assertThat(db.getDbClient().permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(db.getSession(), TEMPLATE_UUID)).isNull();
}
@Test
- public void fail_if_uuid_is_not_known() {
+ public void fail_if_uuid_is_not_known() throws Exception {
expectedException.expect(NotFoundException.class);
newRequest("unknown-template-uuid");
}
@Test
- public void fail_if_template_is_default() {
+ public void fail_if_template_is_default() throws Exception {
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("It is not possible to delete a default template");
when(defaultTemplatePermissionFinder.getDefaultTemplateUuids()).thenReturn(newSet(TEMPLATE_UUID));
}
@Test
- public void fail_if_not_logged_in() {
+ public void fail_if_not_logged_in() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
}
@Test
- public void fail_if_not_admin() {
+ public void fail_if_not_admin() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
}
@Test
- public void fail_if_uuid_is_not_provided() {
+ public void fail_if_uuid_is_not_provided() throws Exception {
expectedException.expect(BadRequestException.class);
newRequest(null);
@Test
public void delete_perm_tpl_characteristic_when_delete_template() throws Exception {
- dbClient.permissionTemplateCharacteristicDao().insert(dbSession, new PermissionTemplateCharacteristicDto()
+ db.getDbClient().permissionTemplateCharacteristicDao().insert(db.getSession(), new PermissionTemplateCharacteristicDto()
.setPermission(UserRole.USER)
.setTemplateId(permissionTemplate.getId())
.setWithProjectCreator(true)
.setCreatedAt(new Date().getTime())
.setUpdatedAt(new Date().getTime()));
- dbSession.commit();
- assertThat(dbClient.permissionTemplateCharacteristicDao().selectByTemplateIds(dbSession, asList(permissionTemplate.getId()))).hasSize(1);
+ db.commit();
newRequest(TEMPLATE_UUID);
- assertThat(dbClient.permissionTemplateCharacteristicDao().selectByTemplateIds(dbSession, asList(permissionTemplate.getId()))).isEmpty();
+ assertThat(db.getDbClient().permissionTemplateCharacteristicDao().selectByTemplateIds(db.getSession(), asList(permissionTemplate.getId()))).isEmpty();
}
private PermissionTemplateDto insertTemplateAndAssociatedPermissions(PermissionTemplateDto template) {
- dbClient.permissionTemplateDao().insert(dbSession, template);
- UserDto user = dbClient.userDao().insert(dbSession, UserTesting.newUserDto().setActive(true));
- GroupDto group = dbClient.groupDao().insert(dbSession, GroupTesting.newGroupDto());
- dbClient.permissionTemplateDao().insertUserPermission(dbSession, template.getId(), user.getId(), UserRole.ADMIN);
- dbClient.permissionTemplateDao().insertGroupPermission(dbSession, template.getId(), group.getId(), UserRole.CODEVIEWER);
- commit();
+ db.getDbClient().permissionTemplateDao().insert(db.getSession(), template);
+ UserDto user = db.getDbClient().userDao().insert(db.getSession(), UserTesting.newUserDto().setActive(true));
+ GroupDto group = db.getDbClient().groupDao().insert(db.getSession(), GroupTesting.newGroupDto());
+ db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), template.getId(), user.getId(), UserRole.ADMIN);
+ db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), template.getId(), group.getId(), UserRole.CODEVIEWER);
+ db.commit();
return template;
}
- private void commit() {
- dbSession.commit();
- }
-
- private TestResponse newRequest(@Nullable String id) {
- TestRequest request = ws.newRequest();
+ private WsTester.Result newRequest(@Nullable String id) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, ACTION);
if (id != null) {
request.setParam(PARAM_TEMPLATE_ID, id);
}
- TestResponse result = executeRequest(request);
- commit();
- return result;
- }
-
- private static TestResponse executeRequest(TestRequest request) {
return request.execute();
}
import java.util.List;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.System2;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.GroupDto;
-import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.security.DefaultGroups.ANYONE;
import static org.sonar.api.web.UserRole.CODEVIEWER;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
-import static org.sonar.db.user.GroupTesting.newGroupDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-public class RemoveGroupFromTemplateActionTest {
+public class RemoveGroupFromTemplateActionTest extends BasePermissionWsTest<RemoveGroupFromTemplateAction> {
- private static final String GROUP_NAME = "group-name";
+ private static final String ACTION = "remove_group_from_template";
private static final String PERMISSION = CODEVIEWER;
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
-
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
- GroupDto group;
- PermissionTemplateDto permissionTemplate;
+
+ private GroupDto group;
+ private PermissionTemplateDto template;
+
+ @Override
+ protected RemoveGroupFromTemplateAction buildWsAction() {
+ return new RemoveGroupFromTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession);
+ }
@Before
public void setUp() {
- dbClient = db.getDbClient();
- dbSession = db.getSession();
userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
- ws = new WsActionTester(new RemoveGroupFromTemplateAction(dbClient, dependenciesFinder, userSession));
-
- group = insertGroup(newGroupDto().setName(GROUP_NAME));
- permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
- addGroupToPermissionTemplate(permissionTemplate.getId(), group.getId(), PERMISSION);
- commit();
+ group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-name");
+ template = insertTemplate();
+ addGroupToTemplate(template, group.getId(), PERMISSION);
}
@Test
- public void remove_group_from_template() {
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
- commit();
+ public void remove_group_from_template() throws Exception {
+ newRequest(group.getName(), template.getUuid(), PERMISSION);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
-
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), PERMISSION)).isEmpty();
}
@Test
- public void remove_group_from_template_by_name_case_insensitive() {
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
- commit();
-
- ws.newRequest()
- .setParam(PARAM_GROUP_NAME, GROUP_NAME)
+ public void remove_group_from_template_by_name_case_insensitive() throws Exception {
+ wsTester.newPostRequest(CONTROLLER, ACTION)
+ .setParam(PARAM_GROUP_NAME, group.getName())
.setParam(PARAM_PERMISSION, PERMISSION)
- .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
+ .setParam(PARAM_TEMPLATE_NAME, template.getName().toUpperCase())
.execute();
- commit();
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), PERMISSION)).isEmpty();
}
@Test
- public void remove_group_with_group_id() {
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
- commit();
-
- ws.newRequest()
- .setParam(PARAM_TEMPLATE_ID, permissionTemplate.getUuid())
+ public void remove_group_with_group_id() throws Exception {
+ wsTester.newPostRequest(CONTROLLER, ACTION)
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
.setParam(PARAM_PERMISSION, PERMISSION)
.setParam(PARAM_GROUP_ID, String.valueOf(group.getId()))
.execute();
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), PERMISSION)).isEmpty();
}
@Test
- public void remove_group_twice_without_error() {
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
+ public void remove_group_twice_without_error() throws Exception {
+ newRequest(group.getName(), template.getUuid(), PERMISSION);
+ newRequest(group.getName(), template.getUuid(), PERMISSION);
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).isEmpty();
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), PERMISSION)).isEmpty();
}
@Test
- public void remove_anyone_group_from_template() {
- addGroupToPermissionTemplate(permissionTemplate.getId(), null, PERMISSION);
- commit();
+ public void remove_anyone_group_from_template() throws Exception {
+ addGroupToTemplate(template, null, PERMISSION);
- newRequest(ANYONE, permissionTemplate.getUuid(), PERMISSION);
+ newRequest(ANYONE, template.getUuid(), PERMISSION);
- assertThat(getGroupNamesInTemplateAndPermission(permissionTemplate.getId(), PERMISSION)).containsExactly(GROUP_NAME);
+ assertThat(getGroupNamesInTemplateAndPermission(template.getId(), PERMISSION)).containsExactly(group.getName());
}
@Test
- public void fail_if_not_a_project_permission() {
- expectedException.expect(BadRequestException.class);
+ public void fail_if_not_a_project_permission() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
+ newRequest(group.getName(), template.getUuid(), GlobalPermissions.PROVISIONING);
}
@Test
- public void fail_if_insufficient_privileges() {
+ public void fail_if_insufficient_privileges() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
+ newRequest(group.getName(), template.getUuid(), PERMISSION);
}
@Test
- public void fail_if_not_logged_in() {
+ public void fail_if_not_logged_in() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), PERMISSION);
+ newRequest(group.getName(), template.getUuid(), PERMISSION);
}
@Test
- public void fail_if_group_params_missing() {
+ public void fail_if_group_params_missing() throws Exception {
expectedException.expect(BadRequestException.class);
- newRequest(null, permissionTemplate.getUuid(), PERMISSION);
+ newRequest(null, template.getUuid(), PERMISSION);
}
@Test
- public void fail_if_permission_missing() {
+ public void fail_if_permission_missing() throws Exception {
expectedException.expect(IllegalArgumentException.class);
- newRequest(GROUP_NAME, permissionTemplate.getUuid(), null);
+ newRequest(group.getName(), template.getUuid(), null);
}
@Test
- public void fail_if_template_missing() {
+ public void fail_if_template_missing() throws Exception {
expectedException.expect(BadRequestException.class);
- newRequest(GROUP_NAME, null, PERMISSION);
+ newRequest(group.getName(), null, PERMISSION);
}
@Test
- public void fail_if_group_does_not_exist() {
+ public void fail_if_group_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
- expectedException.expectMessage("Group with name 'unknown-group-name' is not found");
+ expectedException.expectMessage("No group with name 'unknown-group-name'");
- newRequest("unknown-group-name", permissionTemplate.getUuid(), PERMISSION);
+ newRequest("unknown-group-name", template.getUuid(), PERMISSION);
}
@Test
- public void fail_if_template_key_does_not_exist() {
+ public void fail_if_template_key_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
- newRequest(GROUP_NAME, "unknown-key", PERMISSION);
+ newRequest(group.getName(), "unknown-key", PERMISSION);
}
- private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) {
- TestRequest request = ws.newRequest();
+ private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, ACTION);
if (groupName != null) {
request.setParam(PARAM_GROUP_NAME, groupName);
}
request.execute();
}
- private void commit() {
- dbSession.commit();
- }
-
- private GroupDto insertGroup(GroupDto groupDto) {
- return dbClient.groupDao().insert(dbSession, groupDto);
- }
-
- private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
- return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
- }
-
- private void addGroupToPermissionTemplate(long permissionTemplateId, @Nullable Long groupId, String permission) {
- dbClient.permissionTemplateDao().insertGroupPermission(dbSession, permissionTemplateId, groupId, permission);
+ private void addGroupToTemplate(PermissionTemplateDto template, @Nullable Long groupId, String permission) {
+ db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), template.getId(), groupId, permission);
+ db.commit();
}
private List<String> getGroupNamesInTemplateAndPermission(long templateId, String permission) {
PermissionQuery permissionQuery = PermissionQuery.builder().setPermission(permission).build();
- return dbClient.permissionTemplateDao()
- .selectGroupNamesByQueryAndTemplate(dbSession, permissionQuery, templateId);
+ return db.getDbClient().permissionTemplateDao()
+ .selectGroupNamesByQueryAndTemplate(db.getSession(), permissionQuery, templateId);
}
}
* along with this program; if not, write to the Free Software Foundation,
* Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
*/
-
package org.sonar.server.permission.ws.template;
import java.util.Optional;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
import org.sonar.api.utils.System2;
import org.sonar.api.web.UserRole;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.permission.template.PermissionTemplateCharacteristicDao;
import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;
-import org.sonar.db.permission.template.PermissionTemplateCharacteristicMapper;
-import org.sonar.server.component.ComponentFinder;
-import org.sonar.server.exceptions.BadRequestException;
+import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.when;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
-public class RemoveProjectCreatorFromTemplateActionTest {
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- DbClient dbClient = db.getDbClient();
- DbSession dbSession = db.getSession();
- PermissionTemplateCharacteristicDao dao = dbClient.permissionTemplateCharacteristicDao();
- PermissionTemplateCharacteristicMapper mapper = dbSession.getMapper(PermissionTemplateCharacteristicMapper.class);
- ResourceTypesRule resourceTypes = new ResourceTypesRule();
- System2 system = mock(System2.class);
+public class RemoveProjectCreatorFromTemplateActionTest extends BasePermissionWsTest<RemoveProjectCreatorFromTemplateAction> {
- WsActionTester ws;
+ private static final String ACTION = "remove_project_creator_from_template";
- PermissionTemplateDto template;
+ private System2 system = mock(System2.class);
+ private PermissionTemplateDto template;
+
+ @Override
+ protected RemoveProjectCreatorFromTemplateAction buildWsAction() {
+ return new RemoveProjectCreatorFromTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession, system);
+ }
@Before
public void setUp() {
userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
when(system.now()).thenReturn(2_000_000_000L);
-
- ws = new WsActionTester(new RemoveProjectCreatorFromTemplateAction(dbClient,
- new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes), userSession, system));
-
template = insertTemplate();
}
@Test
- public void update_template_permission() {
- PermissionTemplateCharacteristicDto insertedPermissionTemplate = dbClient.permissionTemplateCharacteristicDao().insert(dbSession, new PermissionTemplateCharacteristicDto()
- .setTemplateId(template.getId())
- .setPermission(UserRole.USER)
- .setWithProjectCreator(false)
- .setCreatedAt(1_000_000_000L)
- .setUpdatedAt(1_000_000_000L));
+ public void update_template_permission() throws Exception {
+ PermissionTemplateCharacteristicDto characteristic = db.getDbClient().permissionTemplateCharacteristicDao().insert(db.getSession(),
+ new PermissionTemplateCharacteristicDto()
+ .setTemplateId(template.getId())
+ .setPermission(UserRole.USER)
+ .setWithProjectCreator(false)
+ .setCreatedAt(1_000_000_000L)
+ .setUpdatedAt(1_000_000_000L));
db.commit();
when(system.now()).thenReturn(3_000_000_000L);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.USER)
- .setParam(PARAM_TEMPLATE_NAME, template.getName()));
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .execute();
assertWithoutProjectCreatorFor(UserRole.USER);
- PermissionTemplateCharacteristicDto updatedPermissionTemplate = mapper.selectById(insertedPermissionTemplate.getId());
- assertThat(updatedPermissionTemplate.getCreatedAt()).isEqualTo(1_000_000_000L);
- assertThat(updatedPermissionTemplate.getUpdatedAt()).isEqualTo(3_000_000_000L);
+ PermissionTemplateCharacteristicDto reloaded = reload(characteristic);
+ assertThat(reloaded.getCreatedAt()).isEqualTo(1_000_000_000L);
+ assertThat(reloaded.getUpdatedAt()).isEqualTo(3_000_000_000L);
}
@Test
- public void do_not_fail_when_no_template_permission() {
- call(ws.newRequest()
+ public void do_not_fail_when_no_template_permission() throws Exception {
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
assertNoTemplatePermissionFor(UserRole.ADMIN);
}
@Test
- public void fail_when_template_does_not_exist() {
+ public void fail_when_template_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, "42"));
+ .setParam(PARAM_TEMPLATE_ID, "42")
+ .execute();
}
@Test
- public void fail_if_permission_is_not_a_project_permission() {
- expectedException.expect(BadRequestException.class);
+ public void fail_if_permission_is_not_a_project_permission() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
}
@Test
- public void fail_if_not_authenticated() {
+ public void fail_if_not_authenticated() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
}
@Test
- public void fail_if_insufficient_privileges() {
+ public void fail_if_insufficient_privileges() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_GATE_ADMIN);
- call(ws.newRequest()
+ newRequest()
.setParam(PARAM_PERMISSION, UserRole.ADMIN)
- .setParam(PARAM_TEMPLATE_ID, template.getUuid()));
- }
-
- @Test
- public void ws_metadata() {
- assertThat(ws.getDef().key()).isEqualTo("remove_project_creator_from_template");
- assertThat(ws.getDef().isPost()).isTrue();
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute();
}
private void assertWithoutProjectCreatorFor(String permission) {
- Optional<PermissionTemplateCharacteristicDto> templatePermission = dao.selectByPermissionAndTemplateId(dbSession, permission, template.getId());
+ Optional<PermissionTemplateCharacteristicDto> templatePermission = db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(),
+ permission, template.getId());
assertThat(templatePermission).isPresent();
assertThat(templatePermission.get().getWithProjectCreator()).isFalse();
}
private void assertNoTemplatePermissionFor(String permission) {
- Optional<PermissionTemplateCharacteristicDto> templatePermission = dao.selectByPermissionAndTemplateId(dbSession, permission, template.getId());
+ Optional<PermissionTemplateCharacteristicDto> templatePermission = db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(),
+ permission, template.getId());
assertThat(templatePermission).isNotPresent();
}
- private PermissionTemplateDto insertTemplate() {
- PermissionTemplateDto template = dbClient.permissionTemplateDao().insert(dbSession, newPermissionTemplateDto());
- db.commit();
- return template;
+ private WsTester.TestRequest newRequest() {
+ return wsTester.newPostRequest(CONTROLLER, ACTION);
}
- private void call(TestRequest request) {
- request.execute();
+ private PermissionTemplateCharacteristicDto reload(PermissionTemplateCharacteristicDto characteristic) {
+ return db.getDbClient().permissionTemplateCharacteristicDao().selectByPermissionAndTemplateId(db.getSession(), characteristic.getPermission(), characteristic.getTemplateId())
+ .get();
}
}
import java.util.List;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.utils.System2;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.PermissionQuery;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.user.UserDto;
-import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
import static org.sonar.api.web.UserRole.CODEVIEWER;
import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
-import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
-import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_USER_LOGIN;
+public class RemoveUserFromTemplateActionTest extends BasePermissionWsTest<RemoveUserFromTemplateAction> {
-public class RemoveUserFromTemplateActionTest {
-
- private static final String USER_LOGIN = "user-login";
private static final String DEFAULT_PERMISSION = CODEVIEWER;
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
-
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
- UserDto user;
- PermissionTemplateDto permissionTemplate;
+ private static final String ACTION = "remove_user_from_template";
- @Before
- public void setUp() {
- dbClient = db.getDbClient();
- dbSession = db.getSession();
- userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
+ private UserDto user;
+ private PermissionTemplateDto template;
- PermissionDependenciesFinder dependenciesFinder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
- ws = new WsActionTester(new RemoveUserFromTemplateAction(dbClient, dependenciesFinder, userSession));
+ @Override
+ protected RemoveUserFromTemplateAction buildWsAction() {
+ return new RemoveUserFromTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession);
+ }
- user = insertUser(newUserDto().setLogin(USER_LOGIN));
- permissionTemplate = insertPermissionTemplate(newPermissionTemplateDto());
- addUserToTemplate(user, permissionTemplate, DEFAULT_PERMISSION);
- commit();
+ @Before
+ public void setUp() {
+ user = db.users().insertUser("user-login");
+ template = insertTemplate();
+ addUserToTemplate(user, template, DEFAULT_PERMISSION);
}
@Test
- public void remove_user_from_template() {
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ public void remove_user_from_template() throws Exception {
+ loginAsAdmin();
+ newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
+ assertThat(getLoginsInTemplateAndPermission(template.getId(), DEFAULT_PERMISSION)).isEmpty();
}
@Test
- public void remove_user_from_template_by_name_case_insensitive() {
- ws.newRequest()
- .setParam(PARAM_USER_LOGIN, USER_LOGIN)
+ public void remove_user_from_template_by_name_case_insensitive() throws Exception {
+ loginAsAdmin();
+ wsTester.newPostRequest(CONTROLLER, ACTION)
+ .setParam(PARAM_USER_LOGIN, user.getLogin())
.setParam(PARAM_PERMISSION, DEFAULT_PERMISSION)
- .setParam(PARAM_TEMPLATE_NAME, permissionTemplate.getName().toUpperCase())
+ .setParam(PARAM_TEMPLATE_NAME, template.getName().toUpperCase())
.execute();
- commit();
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
+ assertThat(getLoginsInTemplateAndPermission(template.getId(), DEFAULT_PERMISSION)).isEmpty();
}
@Test
- public void remove_user_from_template_twice_without_failing() {
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ public void remove_user_from_template_twice_without_failing() throws Exception {
+ loginAsAdmin();
+ newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
+ newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
+ assertThat(getLoginsInTemplateAndPermission(template.getId(), DEFAULT_PERMISSION)).isEmpty();
}
@Test
- public void keep_user_permission_not_removed() {
- addUserToTemplate(user, permissionTemplate, ISSUE_ADMIN);
- commit();
+ public void keep_user_permission_not_removed() throws Exception {
+ addUserToTemplate(user, template, ISSUE_ADMIN);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ loginAsAdmin();
+ newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).isEmpty();
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), ISSUE_ADMIN)).containsExactly(user.getLogin());
+ assertThat(getLoginsInTemplateAndPermission(template.getId(), DEFAULT_PERMISSION)).isEmpty();
+ assertThat(getLoginsInTemplateAndPermission(template.getId(), ISSUE_ADMIN)).containsExactly(user.getLogin());
}
@Test
- public void keep_other_users_when_one_user_removed() {
- UserDto newUser = insertUser(newUserDto().setLogin("new-login"));
- addUserToTemplate(newUser, permissionTemplate, DEFAULT_PERMISSION);
- commit();
+ public void keep_other_users_when_one_user_removed() throws Exception {
+ UserDto newUser = db.users().insertUser("new-login");
+ addUserToTemplate(newUser, template, DEFAULT_PERMISSION);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ loginAsAdmin();
+ newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
- assertThat(getLoginsInTemplateAndPermission(permissionTemplate.getId(), DEFAULT_PERMISSION)).containsExactly("new-login");
+ assertThat(getLoginsInTemplateAndPermission(template.getId(), DEFAULT_PERMISSION)).containsExactly("new-login");
}
@Test
- public void fail_if_not_a_project_permission() {
- expectedException.expect(BadRequestException.class);
+ public void fail_if_not_a_project_permission() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), GlobalPermissions.PROVISIONING);
+ loginAsAdmin();
+ newRequest(user.getLogin(), template.getUuid(), GlobalPermissions.PROVISIONING);
}
@Test
- public void fail_if_insufficient_privileges() {
+ public void fail_if_insufficient_privileges() throws Exception {
expectedException.expect(ForbiddenException.class);
- userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
+ userSession.login("john").setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
}
@Test
- public void fail_if_not_logged_in() {
+ public void fail_if_not_logged_in() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ newRequest(user.getLogin(), template.getUuid(), DEFAULT_PERMISSION);
}
@Test
- public void fail_if_user_missing() {
+ public void fail_if_user_missing() throws Exception {
expectedException.expect(IllegalArgumentException.class);
- newRequest(null, permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ loginAsAdmin();
+ newRequest(null, template.getUuid(), DEFAULT_PERMISSION);
}
@Test
- public void fail_if_permission_missing() {
+ public void fail_if_permission_missing() throws Exception {
expectedException.expect(IllegalArgumentException.class);
- newRequest(USER_LOGIN, permissionTemplate.getUuid(), null);
+ loginAsAdmin();
+ newRequest(user.getLogin(), template.getUuid(), null);
}
@Test
- public void fail_if_template_missing() {
+ public void fail_if_template_missing() throws Exception {
expectedException.expect(BadRequestException.class);
- newRequest(USER_LOGIN, null, DEFAULT_PERMISSION);
+ loginAsAdmin();
+ newRequest(user.getLogin(), null, DEFAULT_PERMISSION);
}
@Test
- public void fail_if_user_does_not_exist() {
+ public void fail_if_user_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("User with login 'unknown-login' is not found");
- newRequest("unknown-login", permissionTemplate.getUuid(), DEFAULT_PERMISSION);
+ loginAsAdmin();
+ newRequest("unknown-login", template.getUuid(), DEFAULT_PERMISSION);
}
@Test
- public void fail_if_template_key_does_not_exist() {
+ public void fail_if_template_key_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
- newRequest(USER_LOGIN, "unknown-key", DEFAULT_PERMISSION);
+ loginAsAdmin();
+ newRequest(user.getLogin(), "unknown-key", DEFAULT_PERMISSION);
}
- private void newRequest(@Nullable String userLogin, @Nullable String templateKey, @Nullable String permission) {
- TestRequest request = ws.newRequest();
+ private void newRequest(@Nullable String userLogin, @Nullable String templateKey, @Nullable String permission) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, ACTION);
if (userLogin != null) {
request.setParam(PARAM_USER_LOGIN, userLogin);
}
request.execute();
}
- private void commit() {
- dbSession.commit();
- }
-
- private UserDto insertUser(UserDto userDto) {
- return dbClient.userDao().insert(dbSession, userDto.setActive(true));
- }
-
- private PermissionTemplateDto insertPermissionTemplate(PermissionTemplateDto permissionTemplate) {
- return dbClient.permissionTemplateDao().insert(dbSession, permissionTemplate);
- }
-
private List<String> getLoginsInTemplateAndPermission(long templateId, String permission) {
PermissionQuery permissionQuery = PermissionQuery.builder().setPermission(permission).build();
- return dbClient.permissionTemplateDao()
- .selectUserLoginsByQueryAndTemplate(dbSession, permissionQuery, templateId);
+ return db.getDbClient().permissionTemplateDao()
+ .selectUserLoginsByQueryAndTemplate(db.getSession(), permissionQuery, templateId);
+ }
+
+ private void addUserToTemplate(UserDto user, PermissionTemplateDto template, String permission) {
+ db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), template.getId(), user.getId(), permission);
+ db.commit();
}
- private void addUserToTemplate(UserDto user, PermissionTemplateDto permissionTemplate, String permission) {
- dbClient.permissionTemplateDao().insertUserPermission(dbSession, permissionTemplate.getId(), user.getId(), permission);
+ private void loginAsAdmin() {
+ userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
}
}
import org.junit.Rule;
import org.junit.Test;
import org.junit.rules.ExpectedException;
-import org.sonar.api.config.Settings;
import org.sonar.api.config.MapSettings;
+import org.sonar.api.config.Settings;
import org.sonar.api.resources.Qualifiers;
import org.sonar.api.utils.System2;
import org.sonar.api.web.UserRole;
*/
package org.sonar.server.permission.ws.template;
-import java.util.List;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
import org.sonar.api.config.MapSettings;
import org.sonar.api.resources.Qualifiers;
-import org.sonar.api.resources.ResourceType;
-import org.sonar.api.resources.ResourceTypes;
-import org.sonar.api.utils.System2;
import org.sonar.core.permission.GlobalPermissions;
import org.sonar.db.DbClient;
-import org.sonar.db.DbTester;
import org.sonar.db.permission.template.PermissionTemplateDto;
import org.sonar.db.permission.template.PermissionTemplateTesting;
-import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
import org.sonar.server.i18n.I18nRule;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
import org.sonar.server.platform.PersistentSettings;
import org.sonar.server.platform.SettingsChangeNotifier;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.ws.WsTester;
-import static java.util.Arrays.asList;
-import static java.util.Collections.singletonList;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
import static org.sonar.api.resources.Qualifiers.PROJECT;
import static org.sonar.api.resources.Qualifiers.VIEW;
import static org.sonar.server.permission.DefaultPermissionTemplates.DEFAULT_TEMPLATE_PROPERTY;
import static org.sonar.server.permission.DefaultPermissionTemplates.defaultRootQualifierTemplateProperty;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_QUALIFIER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
+public class SetDefaultTemplateActionTest extends BasePermissionWsTest<SetDefaultTemplateAction> {
-public class SetDefaultTemplateActionTest {
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- I18nRule i18n = new I18nRule();
+ private static final String ACTION = "set_default_template";
- WsActionTester ws;
- PersistentSettings persistentSettings;
- ResourceTypes resourceTypes = mock(ResourceTypes.class);
+ private I18nRule i18n = new I18nRule();
+ private PersistentSettings persistentSettings = new PersistentSettings(new MapSettings(), db.getDbClient(), new SettingsChangeNotifier());
+ private PermissionTemplateDto template;
- PermissionTemplateDto template;
+ @Override
+ protected SetDefaultTemplateAction buildWsAction() {
+ return new SetDefaultTemplateAction(db.getDbClient(), newPermissionWsSupport(), newRootResourceTypes(), persistentSettings, userSession, i18n);
+ }
@Before
public void setUp() {
DbClient dbClient = db.getDbClient();
- persistentSettings = new PersistentSettings(new MapSettings(), dbClient, new SettingsChangeNotifier());
persistentSettings.saveProperty(DEFAULT_TEMPLATE_PROPERTY, "any-template-uuid");
persistentSettings.saveProperty(defaultRootQualifierTemplateProperty(PROJECT), "any-template-uuid");
persistentSettings.saveProperty(defaultRootQualifierTemplateProperty(VIEW), "any-view-template-uuid");
persistentSettings.saveProperty(defaultRootQualifierTemplateProperty("DEV"), "any-dev-template-uuid");
- when(resourceTypes.getRoots()).thenReturn(rootResourceTypes());
userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- ws = new WsActionTester(new SetDefaultTemplateAction(
- dbClient,
- new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes),
- resourceTypes,
- persistentSettings,
- userSession, i18n));
-
template = dbClient.permissionTemplateDao().insert(db.getSession(), PermissionTemplateTesting.newPermissionTemplateDto().setUuid("permission-template-uuid"));
+ db.commit();
}
@Test
- public void update_settings_for_project_qualifier() {
+ public void update_settings_for_project_qualifier() throws Exception {
// default value is project qualifier's value
String result = newRequest(template.getUuid(), null);
}
@Test
- public void update_settings_for_project_qualifier_by_template_name() {
- ws.newRequest()
+ public void update_settings_for_project_qualifier_by_template_name() throws Exception {
+ wsTester.newPostRequest(CONTROLLER, ACTION)
.setParam(PARAM_TEMPLATE_NAME, template.getName().toUpperCase())
.execute();
db.getSession().commit();
}
@Test
- public void update_settings_of_views_property() {
+ public void update_settings_of_views_property() throws Exception {
newRequest(template.getUuid(), VIEW);
assertThat(persistentSettings.getString(DEFAULT_TEMPLATE_PROPERTY)).isEqualTo("any-template-uuid");
}
@Test
- public void fail_if_anonymous() {
+ public void fail_if_anonymous() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
}
@Test
- public void fail_if_not_admin() {
+ public void fail_if_not_admin() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.login().setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
}
@Test
- public void fail_if_template_not_provided() {
+ public void fail_if_template_not_provided() throws Exception {
expectedException.expect(BadRequestException.class);
newRequest(null, PROJECT);
}
@Test
- public void fail_if_template_does_not_exist() {
+ public void fail_if_template_does_not_exist() throws Exception {
expectedException.expect(NotFoundException.class);
newRequest("unknown-template-uuid", PROJECT);
}
@Test
- public void fail_if_qualifier_is_not_root() {
- expectedException.expect(BadRequestException.class);
- when(resourceTypes.getRoots()).thenReturn(singletonList(ResourceType.builder(PROJECT).build()));
+ public void fail_if_qualifier_is_not_root() throws Exception {
+ expectedException.expect(IllegalArgumentException.class);
+ expectedException.expectMessage("Value of parameter 'qualifier' (FIL) must be one of: [DEV, TRK, VW]");
- newRequest(template.getUuid(), VIEW);
+ newRequest(template.getUuid(), Qualifiers.FILE);
}
- private String newRequest(@Nullable String templateUuid, @Nullable String qualifier) {
- TestRequest request = ws.newRequest();
+ private String newRequest(@Nullable String templateUuid, @Nullable String qualifier) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, ACTION);
if (templateUuid != null) {
request.setParam(PARAM_TEMPLATE_ID, templateUuid);
}
request.setParam(PARAM_QUALIFIER, qualifier);
}
- return request.execute().getInput();
- }
-
- private static List<ResourceType> rootResourceTypes() {
- ResourceType project = ResourceType.builder(PROJECT).build();
- ResourceType view = ResourceType.builder(Qualifiers.VIEW).build();
- ResourceType dev = ResourceType.builder("DEV").build();
-
- return asList(project, view, dev);
+ return request.execute().outputAsString();
}
}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.permission.ws.template;
+
+import javax.annotation.Nullable;
+import org.junit.Test;
+import org.sonar.core.permission.GlobalPermissions;
+import org.sonar.db.organization.OrganizationDto;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.db.permission.template.PermissionTemplateGroupDto;
+import org.sonar.db.user.GroupDto;
+import org.sonar.server.exceptions.BadRequestException;
+import org.sonar.server.exceptions.ForbiddenException;
+import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.exceptions.UnauthorizedException;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
+import org.sonarqube.ws.WsPermissions.WsGroupsResponse;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.server.ws.WebService.Param.PAGE;
+import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;
+import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;
+import static org.sonar.api.web.UserRole.ADMIN;
+import static org.sonar.api.web.UserRole.CODEVIEWER;
+import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
+import static org.sonar.api.web.UserRole.USER;
+import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto;
+import static org.sonar.db.user.GroupTesting.newGroupDto;
+import static org.sonar.test.JsonAssert.assertJson;
+import static org.sonarqube.ws.MediaTypes.PROTOBUF;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
+
+public class TemplateGroupsActionTest extends BasePermissionWsTest<TemplateGroupsAction> {
+
+ @Override
+ protected TemplateGroupsAction buildWsAction() {
+ return new TemplateGroupsAction(db.getDbClient(), userSession, newPermissionWsSupport());
+ }
+
+ @Test
+ public void template_groups_of_json_example() throws Exception {
+ GroupDto adminGroup = insertGroupOnDefaultOrganization("sonar-administrators", "System administrators");
+ GroupDto userGroup = insertGroupOnDefaultOrganization("sonar-users", "Any new users created will automatically join this group");
+
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+ addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), adminGroup.getId()));
+ addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), userGroup.getId()));
+ // Anyone group
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
+ addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));
+ commit();
+
+ loginAsAdmin();
+ String response = newRequest()
+ .setParam(PARAM_PERMISSION, ISSUE_ADMIN)
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute().outputAsString();
+
+ assertJson(response)
+ .ignoreFields("id")
+ .withStrictArrayOrder()
+ .isSimilarTo(getClass().getResource("template_groups-example.json"));
+ }
+
+ @Test
+ public void return_all_permissions_of_matching_groups() throws Exception {
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+
+ GroupDto group1 = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-1-name");
+ addGroupToTemplate(newPermissionTemplateGroup(CODEVIEWER, template.getId(), group1.getId()));
+ addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group1.getId()));
+
+ GroupDto group2 = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-2-name");
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group2.getId()));
+ addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));
+
+ GroupDto group3 = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-3-name");
+
+ // Anyone
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
+ addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));
+
+ PermissionTemplateDto anotherTemplate = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-2"));
+ addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));
+ commit();
+
+ loginAsAdmin();
+ byte[] output = newRequest()
+ .setMediaType(PROTOBUF)
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute()
+ .output();
+ WsGroupsResponse response = WsGroupsResponse.parseFrom(output);
+
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name");
+ assertThat(response.getGroups(0).getPermissionsList()).containsOnly("user", "issueadmin");
+ assertThat(response.getGroups(1).getPermissionsList()).containsOnly("codeviewer", "admin");
+ assertThat(response.getGroups(2).getPermissionsList()).containsOnly("user", "admin");
+ }
+
+ @Test
+ public void search_by_permission() throws Exception {
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+
+ GroupDto group1 = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-1-name");
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
+ addGroupToTemplate(newPermissionTemplateGroup(CODEVIEWER, template.getId(), group1.getId()));
+
+ GroupDto group2 = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-2-name");
+ addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));
+
+ GroupDto group3 = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group-3-name");
+
+ // Anyone
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
+
+ PermissionTemplateDto anotherTemplate = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-2"));
+ addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));
+ commit();
+
+ loginAsAdmin();
+ byte[] output = newRequest()
+ .setMediaType(PROTOBUF)
+ .setParam(PARAM_PERMISSION, USER)
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .execute()
+ .output();
+ WsGroupsResponse response = WsGroupsResponse.parseFrom(output);
+
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name");
+ assertThat(response.getGroups(0).getPermissionsList()).containsOnly("user");
+ assertThat(response.getGroups(1).getPermissionsList()).containsOnly("user", "codeviewer");
+ }
+
+ @Test
+ public void search_by_template_name() throws Exception {
+ OrganizationDto defaultOrg = defaultOrganizationProvider.getDto();
+ GroupDto group1 = db.users().insertGroup(defaultOrg, "group-1-name");
+ GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");
+ GroupDto group3 = db.users().insertGroup(defaultOrg, "group-3-name");
+
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
+ addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));
+
+ PermissionTemplateDto anotherTemplate = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-2"));
+ addGroupToTemplate(newPermissionTemplateGroup(USER, anotherTemplate.getId(), group1.getId()));
+ commit();
+
+ loginAsAdmin();
+ byte[] output = newRequest()
+ .setMediaType(PROTOBUF)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .execute()
+ .output();
+ WsGroupsResponse response = WsGroupsResponse.parseFrom(output);
+
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name");
+ }
+
+ @Test
+ public void search_with_pagination() throws Exception {
+ OrganizationDto defaultOrg = defaultOrganizationProvider.getDto();
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+ GroupDto group1 = db.users().insertGroup(defaultOrg, "group-1-name");
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
+ GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group2.getId()));
+ commit();
+
+ loginAsAdmin();
+ byte[] output = newRequest()
+ .setMediaType(PROTOBUF)
+ .setParam(PARAM_PERMISSION, USER)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .setParam(PAGE, "2")
+ .setParam(PAGE_SIZE, "1")
+ .execute()
+ .output();
+ WsGroupsResponse response = WsGroupsResponse.parseFrom(output);
+
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("group-2-name");
+ }
+
+ @Test
+ public void search_with_text_query() throws Exception {
+ OrganizationDto defaultOrg = defaultOrganizationProvider.getDto();
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+ GroupDto group1 = db.users().insertGroup(defaultOrg, "group-1-name");
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));
+ GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");
+ GroupDto group3 = db.users().insertGroup(defaultOrg, "group-3");
+ commit();
+
+ loginAsAdmin();
+ byte[] output = newRequest()
+ .setMediaType(PROTOBUF)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .setParam(TEXT_QUERY, "-nam")
+ .execute()
+ .output();
+ WsGroupsResponse response = WsGroupsResponse.parseFrom(output);
+
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("group-1-name", "group-2-name");
+ }
+
+ @Test
+ public void search_with_text_query_return_all_groups_even_when_no_permission_set() throws Exception {
+ OrganizationDto defaultOrg = defaultOrganizationProvider.getDto();
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+ db.users().insertGroup(defaultOrg, "group-1-name");
+ db.users().insertGroup(defaultOrg, "group-2-name");
+ db.users().insertGroup(defaultOrg, "group-3-name");
+ commit();
+
+ loginAsAdmin();
+ byte[] output = newRequest()
+ .setMediaType(PROTOBUF)
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .setParam(TEXT_QUERY, "-name")
+ .execute()
+ .output();
+ WsGroupsResponse response = WsGroupsResponse.parseFrom(output);
+
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("group-1-name", "group-2-name", "group-3-name");
+ assertThat(response.getGroups(0).getPermissionsList()).isEmpty();
+ assertThat(response.getGroups(1).getPermissionsList()).isEmpty();
+ assertThat(response.getGroups(2).getPermissionsList()).isEmpty();
+ }
+
+ @Test
+ public void search_with_text_query_return_anyone_group_even_when_no_permission_set() throws Exception {
+ PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+ GroupDto group = db.users().insertGroup(defaultOrganizationProvider.getDto(), "group");
+ addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group.getId()));
+ commit();
+
+ loginAsAdmin();
+ byte[] output = newRequest()
+ .setMediaType(PROTOBUF)
+ .setParam(PARAM_TEMPLATE_ID, template.getUuid())
+ .setParam(TEXT_QUERY, "nyo")
+ .execute()
+ .output();
+ WsGroupsResponse response = WsGroupsResponse.parseFrom(output);
+
+ assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone");
+ assertThat(response.getGroups(0).getPermissionsList()).isEmpty();
+ }
+
+ @Test
+ public void fail_if_not_logged_in() throws Exception {
+ userSession.anonymous();
+ PermissionTemplateDto template1 = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+
+ expectedException.expect(UnauthorizedException.class);
+
+ newRequest()
+ .setParam(PARAM_PERMISSION, USER)
+ .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
+ .execute();
+ }
+
+ @Test
+ public void fail_if_insufficient_privileges() throws Exception {
+ userSession.login();
+ PermissionTemplateDto template1 = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+
+ expectedException.expect(ForbiddenException.class);
+
+ newRequest()
+ .setParam(PARAM_PERMISSION, USER)
+ .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
+ .execute();
+ }
+
+ @Test
+ public void fail_if_template_uuid_and_name_provided() throws Exception {
+ loginAsAdmin();
+ PermissionTemplateDto template1 = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+
+ expectedException.expect(BadRequestException.class);
+
+ newRequest()
+ .setParam(PARAM_PERMISSION, USER)
+ .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
+ .setParam(PARAM_TEMPLATE_NAME, template1.getName())
+ .execute();
+ }
+
+ @Test
+ public void fail_if_template_uuid_nor_name_provided() throws Exception {
+ loginAsAdmin();
+
+ expectedException.expect(BadRequestException.class);
+
+ newRequest()
+ .setParam(PARAM_PERMISSION, USER)
+ .execute();
+ }
+
+ @Test
+ public void fail_if_template_is_not_found() throws Exception {
+ loginAsAdmin();
+
+ expectedException.expect(NotFoundException.class);
+
+ newRequest()
+ .setParam(PARAM_PERMISSION, USER)
+ .setParam(PARAM_TEMPLATE_ID, "unknown-uuid")
+ .execute();
+ }
+
+ @Test
+ public void fail_if_not_a_project_permission() throws Exception {
+ loginAsAdmin();
+ PermissionTemplateDto template1 = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid("template-uuid-1"));
+
+ expectedException.expect(IllegalArgumentException.class);
+
+ newRequest()
+ .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN)
+ .setParam(PARAM_TEMPLATE_ID, template1.getUuid())
+ .execute();
+ }
+
+ private GroupDto insertGroupOnDefaultOrganization(String name, String description) {
+ return db.users().insertGroup(newGroupDto().setName(name).setDescription(description).setOrganizationUuid(defaultOrganizationProvider.get().getUuid()));
+ }
+
+ private void addGroupToTemplate(PermissionTemplateGroupDto permissionTemplateGroup) {
+ db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplateGroup);
+ }
+
+ private static PermissionTemplateGroupDto newPermissionTemplateGroup(String permission, long templateId, @Nullable Long groupId) {
+ return newPermissionTemplateGroupDto()
+ .setPermission(permission)
+ .setTemplateId(templateId)
+ .setGroupId(groupId);
+ }
+
+ private void commit() {
+ db.commit();
+ }
+
+ private WsTester.TestRequest newRequest() {
+ return wsTester.newPostRequest(CONTROLLER, "template_groups");
+ }
+
+ private void loginAsAdmin() {
+ userSession.login("login").setGlobalPermissions(ADMIN);
+ }
+}
--- /dev/null
+/*
+ * SonarQube
+ * Copyright (C) 2009-2016 SonarSource SA
+ * mailto:contact AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.server.permission.ws.template;
+
+import javax.annotation.Nullable;
+import org.junit.Test;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.core.permission.GlobalPermissions;
+import org.sonar.db.permission.template.PermissionTemplateDto;
+import org.sonar.db.permission.template.PermissionTemplateUserDto;
+import org.sonar.db.user.UserDto;
+import org.sonar.server.exceptions.BadRequestException;
+import org.sonar.server.exceptions.ForbiddenException;
+import org.sonar.server.exceptions.NotFoundException;
+import org.sonar.server.exceptions.UnauthorizedException;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.permission.ws.template.TemplateUsersAction;
+import org.sonar.server.ws.WsTester;
+import org.sonarqube.ws.WsPermissions;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.sonar.api.web.UserRole.ADMIN;
+import static org.sonar.api.web.UserRole.CODEVIEWER;
+import static org.sonar.api.web.UserRole.ISSUE_ADMIN;
+import static org.sonar.api.web.UserRole.USER;
+import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateUserDto;
+import static org.sonar.db.user.UserTesting.newUserDto;
+import static org.sonar.test.JsonAssert.assertJson;
+import static org.sonarqube.ws.MediaTypes.PROTOBUF;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;
+
+public class TemplateUsersActionTest extends BasePermissionWsTest<TemplateUsersAction> {
+
+ @Override
+ protected TemplateUsersAction buildWsAction() {
+ return new TemplateUsersAction(db.getDbClient(), userSession, newPermissionWsSupport());
+ }
+
+ @Test
+ public void search_for_users_with_response_example() throws Exception {
+ UserDto user1 = insertUser(newUserDto().setLogin("admin").setName("Administrator").setEmail("admin@admin.com"));
+ UserDto user2 = insertUser(newUserDto().setLogin("george.orwell").setName("George Orwell").setEmail("george.orwell@1984.net"));
+
+ PermissionTemplateDto template1 = insertTemplate("template-uuid-1");
+ addUserToTemplate(newPermissionTemplateUser(CODEVIEWER, template1, user1));
+ addUserToTemplate(newPermissionTemplateUser(CODEVIEWER, template1, user2));
+ addUserToTemplate(newPermissionTemplateUser(ADMIN, template1, user2));
+
+ loginAsAdmin();
+ String result = newRequest(null, template1.getUuid()).execute().outputAsString();
+ assertJson(result).isSimilarTo(getClass().getResource("template_users-example.json"));
+ }
+
+ @Test
+ public void search_for_users_by_template_name() throws Exception {
+ loginAsAdmin();
+
+ UserDto user1 = insertUser(newUserDto().setLogin("login-1").setName("name-1").setEmail("email-1"));
+ UserDto user2 = insertUser(newUserDto().setLogin("login-2").setName("name-2").setEmail("email-2"));
+ UserDto user3 = insertUser(newUserDto().setLogin("login-3").setName("name-3").setEmail("email-3"));
+
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user2));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user3));
+
+ PermissionTemplateDto anotherTemplate = insertTemplate("template-uuid-2");
+ addUserToTemplate(newPermissionTemplateUser(USER, anotherTemplate, user1));
+
+ byte[] bytes = newRequest(null, null)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .setMediaType(PROTOBUF)
+ .execute().output();
+
+ WsPermissions.UsersWsResponse response = WsPermissions.UsersWsResponse.parseFrom(bytes);
+ assertThat(response.getUsersList()).extracting("login").containsExactly("login-1", "login-2", "login-3");
+ assertThat(response.getUsers(0).getPermissionsList()).containsOnly("issueadmin", "user");
+ assertThat(response.getUsers(1).getPermissionsList()).containsOnly("user");
+ assertThat(response.getUsers(2).getPermissionsList()).containsOnly("issueadmin");
+ }
+
+ @Test
+ public void search_using_text_query() throws Exception {
+ loginAsAdmin();
+
+ UserDto user1 = insertUser(newUserDto().setLogin("login-1").setName("name-1").setEmail("email-1"));
+ UserDto user2 = insertUser(newUserDto().setLogin("login-2").setName("name-2").setEmail("email-2"));
+ UserDto user3 = insertUser(newUserDto().setLogin("login-3").setName("name-3").setEmail("email-3"));
+
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user2));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user3));
+
+ PermissionTemplateDto anotherTemplate = insertTemplate("template-uuid-2");
+ addUserToTemplate(newPermissionTemplateUser(USER, anotherTemplate, user1));
+
+ byte[] bytes = newRequest(null, null)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .setParam(WebService.Param.TEXT_QUERY, "ame-1")
+ .setMediaType(PROTOBUF)
+ .execute().output();
+
+ WsPermissions.UsersWsResponse response = WsPermissions.UsersWsResponse.parseFrom(bytes);
+ assertThat(response.getUsersList()).extracting("login").containsOnly("login-1");
+ }
+
+ @Test
+ public void search_using_permission() throws Exception {
+ UserDto user1 = insertUser(newUserDto().setLogin("login-1").setName("name-1").setEmail("email-1"));
+ UserDto user2 = insertUser(newUserDto().setLogin("login-2").setName("name-2").setEmail("email-2"));
+ UserDto user3 = insertUser(newUserDto().setLogin("login-3").setName("name-3").setEmail("email-3"));
+
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user2));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user3));
+
+ PermissionTemplateDto anotherTemplate = insertTemplate("template-uuid-2");
+ addUserToTemplate(newPermissionTemplateUser(USER, anotherTemplate, user1));
+
+ loginAsAdmin();
+ byte[] bytes = newRequest(USER, template.getUuid())
+ .setMediaType(PROTOBUF)
+ .execute().output();
+ WsPermissions.UsersWsResponse response = WsPermissions.UsersWsResponse.parseFrom(bytes);
+ assertThat(response.getUsersList()).extracting("login").containsExactly("login-1", "login-2");
+ assertThat(response.getUsers(0).getPermissionsList()).containsOnly("issueadmin", "user");
+ assertThat(response.getUsers(1).getPermissionsList()).containsOnly("user");
+ }
+
+ @Test
+ public void search_with_pagination() throws Exception {
+ UserDto user1 = insertUser(newUserDto().setLogin("login-1").setName("name-1").setEmail("email-1"));
+ UserDto user2 = insertUser(newUserDto().setLogin("login-2").setName("name-2").setEmail("email-2"));
+ UserDto user3 = insertUser(newUserDto().setLogin("login-3").setName("name-3").setEmail("email-3"));
+
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user2));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user3));
+
+ PermissionTemplateDto anotherTemplate = insertTemplate("template-uuid-2");
+ addUserToTemplate(newPermissionTemplateUser(USER, anotherTemplate, user1));
+
+ loginAsAdmin();
+ byte[] bytes = newRequest(USER, null)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .setParam(WebService.Param.SELECTED, "all")
+ .setParam(WebService.Param.PAGE, "2")
+ .setParam(WebService.Param.PAGE_SIZE, "1")
+ .setMediaType(PROTOBUF)
+ .execute().output();
+
+ WsPermissions.UsersWsResponse response = WsPermissions.UsersWsResponse.parseFrom(bytes);
+ assertThat(response.getUsersList()).extracting("login").containsOnly("login-2");
+ }
+
+ @Test
+ public void users_are_sorted_by_name() throws Exception {
+ UserDto user1 = insertUser(newUserDto().setLogin("login-2").setName("name-2"));
+ UserDto user2 = insertUser(newUserDto().setLogin("login-3").setName("name-3"));
+ UserDto user3 = insertUser(newUserDto().setLogin("login-1").setName("name-1"));
+
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user1));
+ addUserToTemplate(newPermissionTemplateUser(USER, template, user2));
+ addUserToTemplate(newPermissionTemplateUser(ISSUE_ADMIN, template, user3));
+
+ loginAsAdmin();
+ byte[] bytes = newRequest(null, null)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .setMediaType(PROTOBUF)
+ .execute().output();
+
+ WsPermissions.UsersWsResponse response = WsPermissions.UsersWsResponse.parseFrom(bytes);
+ assertThat(response.getUsersList()).extracting("login").containsExactly("login-1", "login-2", "login-3");
+ }
+
+ @Test
+ public void empty_result_when_no_user_on_template() throws Exception {
+ UserDto user = insertUser(newUserDto().setLogin("login-1").setName("name-1").setEmail("email-1"));
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ PermissionTemplateDto anotherTemplate = insertTemplate("template-uuid-2");
+ addUserToTemplate(newPermissionTemplateUser(USER, anotherTemplate, user));
+
+ loginAsAdmin();
+ byte[] bytes = newRequest(null, null)
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .setMediaType(PROTOBUF)
+ .execute()
+ .output();
+
+ WsPermissions.UsersWsResponse response = WsPermissions.UsersWsResponse.parseFrom(bytes);
+ assertThat(response.getUsersList()).isEmpty();
+ }
+
+ @Test
+ public void fail_if_not_a_project_permission() throws Exception {
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ loginAsAdmin();
+
+ expectedException.expect(IllegalArgumentException.class);
+
+ newRequest(GlobalPermissions.PROVISIONING, template.getUuid())
+ .execute();
+ }
+
+ @Test
+ public void fail_if_no_template_param() throws Exception {
+ loginAsAdmin();
+
+ expectedException.expect(BadRequestException.class);
+
+ newRequest(null, null)
+ .execute();
+ }
+
+ @Test
+ public void fail_if_template_does_not_exist() throws Exception {
+ loginAsAdmin();
+
+ expectedException.expect(NotFoundException.class);
+
+ newRequest(null, "unknown-template-uuid")
+ .execute();
+ }
+
+ @Test
+ public void fail_if_template_uuid_and_name_provided() throws Exception {
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ loginAsAdmin();
+
+ expectedException.expect(BadRequestException.class);
+
+ newRequest(null, template.getUuid())
+ .setParam(PARAM_TEMPLATE_NAME, template.getName())
+ .execute();
+ }
+
+ @Test
+ public void fail_if_not_logged_in() throws Exception {
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ userSession.anonymous();
+
+ expectedException.expect(UnauthorizedException.class);
+
+ newRequest(null, template.getUuid()).execute();
+ }
+
+ @Test
+ public void fail_if_insufficient_privileges() throws Exception {
+ PermissionTemplateDto template = insertTemplate("template-uuid-1");
+ userSession.login("login");
+
+ expectedException.expect(ForbiddenException.class);
+
+ newRequest(null, template.getUuid()).execute();
+ }
+
+ private UserDto insertUser(UserDto userDto) {
+ return db.users().insertUser(userDto);
+ }
+
+ private PermissionTemplateDto insertTemplate(String uuid) {
+ PermissionTemplateDto dto = db.getDbClient().permissionTemplateDao().insert(db.getSession(), newPermissionTemplateDto().setUuid(uuid));
+ db.commit();
+ return dto;
+ }
+
+ private void addUserToTemplate(PermissionTemplateUserDto dto) {
+ db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), dto.getTemplateId(), dto.getUserId(), dto.getPermission());
+ db.commit();
+ }
+
+ private static PermissionTemplateUserDto newPermissionTemplateUser(String permission, PermissionTemplateDto template, UserDto user) {
+ return newPermissionTemplateUserDto()
+ .setPermission(permission)
+ .setTemplateId(template.getId())
+ .setUserId(user.getId());
+ }
+
+ private WsTester.TestRequest newRequest(@Nullable String permission, @Nullable String templateUuid) {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, "template_users");
+ if (permission != null) {
+ request.setParam(PARAM_PERMISSION, permission);
+ }
+ if (templateUuid != null) {
+ request.setParam(PARAM_TEMPLATE_ID, templateUuid);
+ }
+ return request;
+ }
+
+ private void loginAsAdmin() {
+ userSession.login("login").setGlobalPermissions(ADMIN);
+ }
+}
import java.util.Date;
import javax.annotation.Nullable;
import org.junit.Before;
-import org.junit.Rule;
import org.junit.Test;
-import org.junit.rules.ExpectedException;
-import org.sonar.api.resources.Qualifiers;
import org.sonar.api.utils.System2;
import org.sonar.core.permission.GlobalPermissions;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.DbTester;
-import org.sonar.db.component.ResourceTypesRule;
import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.GroupDto;
-import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.BadRequestException;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.permission.ws.PermissionDependenciesFinder;
-import org.sonar.server.tester.UserSessionRule;
-import org.sonar.server.usergroups.ws.UserGroupFinder;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.TestResponse;
-import org.sonar.server.ws.WsActionTester;
+import org.sonar.server.permission.ws.BasePermissionWsTest;
+import org.sonar.server.ws.WsTester;
import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.spy;
import static org.mockito.Mockito.when;
import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;
+import static org.sonar.test.JsonAssert.assertJson;
+import static org.sonarqube.ws.client.permission.PermissionsWsParameters.CONTROLLER;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_DESCRIPTION;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ID;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_NAME;
import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PROJECT_KEY_PATTERN;
-import static org.sonar.test.JsonAssert.assertJson;
-public class UpdateTemplateActionTest {
+public class UpdateTemplateActionTest extends BasePermissionWsTest<UpdateTemplateAction> {
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
+ private static final String ACTION = "update_template";
- WsActionTester ws;
- DbClient dbClient;
- DbSession dbSession;
- ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, "DEV");
+ private System2 system = spy(System2.INSTANCE);
+ private PermissionTemplateDto template;
- PermissionTemplateDto templateDto;
+ @Override
+ protected UpdateTemplateAction buildWsAction() {
+ return new UpdateTemplateAction(db.getDbClient(), userSession, system, newPermissionWsSupport());
+ }
@Before
public void setUp() {
userSession.login().setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- System2 system = mock(System2.class);
when(system.now()).thenReturn(1_440_512_328_743L);
- dbClient = db.getDbClient();
- dbSession = db.getSession();
- PermissionDependenciesFinder finder = new PermissionDependenciesFinder(dbClient, new ComponentFinder(dbClient), new UserGroupFinder(dbClient), resourceTypes);
-
- ws = new WsActionTester(new UpdateTemplateAction(dbClient, userSession, system, finder));
-
- templateDto = insertTemplate(newPermissionTemplateDto()
+ template = insertTemplate(newPermissionTemplateDto()
.setName("Permission Template Name")
.setDescription("Permission Template Description")
.setKeyPattern(".*\\.pattern\\..*")
.setCreatedAt(new Date(1_000_000_000_000L))
.setUpdatedAt(new Date(1_000_000_000_000L)));
- commit();
}
@Test
- public void update_all_permission_template_fields() {
- TestResponse result = newRequest(templateDto.getUuid(), "Finance", "Permissions for financially related projects", ".*\\.finance\\..*");
+ public void update_all_permission_template_fields() throws Exception {
+ String result = call(template.getUuid(), "Finance", "Permissions for financially related projects", ".*\\.finance\\..*");
- assertJson(result.getInput())
+ assertJson(result)
.ignoreFields("id")
.isSimilarTo(getClass().getResource("update_template-example.json"));
- PermissionTemplateDto finance = dbClient.permissionTemplateDao().selectByName(dbSession, "Finance");
+ PermissionTemplateDto finance = db.getDbClient().permissionTemplateDao().selectByName(db.getSession(), "Finance");
assertThat(finance.getName()).isEqualTo("Finance");
assertThat(finance.getDescription()).isEqualTo("Permissions for financially related projects");
assertThat(finance.getKeyPattern()).isEqualTo(".*\\.finance\\..*");
- assertThat(finance.getUuid()).isEqualTo(templateDto.getUuid());
- assertThat(finance.getCreatedAt()).isEqualTo(templateDto.getCreatedAt());
+ assertThat(finance.getUuid()).isEqualTo(template.getUuid());
+ assertThat(finance.getCreatedAt()).isEqualTo(template.getCreatedAt());
assertThat(finance.getUpdatedAt().getTime()).isEqualTo(1440512328743L);
}
@Test
- public void update_with_the_same_values() {
- newRequest(templateDto.getUuid(), templateDto.getName(), templateDto.getDescription(), templateDto.getKeyPattern());
+ public void update_with_the_same_values() throws Exception {
+ call(template.getUuid(), template.getName(), template.getDescription(), template.getKeyPattern());
- PermissionTemplateDto updatedTemplate = dbClient.permissionTemplateDao().selectByUuid(dbSession, templateDto.getUuid());
- assertThat(updatedTemplate.getName()).isEqualTo(templateDto.getName());
- assertThat(updatedTemplate.getDescription()).isEqualTo(templateDto.getDescription());
- assertThat(updatedTemplate.getKeyPattern()).isEqualTo(templateDto.getKeyPattern());
+ PermissionTemplateDto reloaded = db.getDbClient().permissionTemplateDao().selectByUuid(db.getSession(), template.getUuid());
+ assertThat(reloaded.getName()).isEqualTo(template.getName());
+ assertThat(reloaded.getDescription()).isEqualTo(template.getDescription());
+ assertThat(reloaded.getKeyPattern()).isEqualTo(template.getKeyPattern());
}
@Test
- public void update_name_only() {
- newRequest(templateDto.getUuid(), "Finance", null, null);
+ public void update_name_only() throws Exception {
+ call(template.getUuid(), "Finance", null, null);
- PermissionTemplateDto finance = dbClient.permissionTemplateDao().selectByName(dbSession, "Finance");
+ PermissionTemplateDto finance = db.getDbClient().permissionTemplateDao().selectByName(db.getSession(), "Finance");
assertThat(finance.getName()).isEqualTo("Finance");
- assertThat(finance.getDescription()).isEqualTo(templateDto.getDescription());
- assertThat(finance.getKeyPattern()).isEqualTo(templateDto.getKeyPattern());
+ assertThat(finance.getDescription()).isEqualTo(template.getDescription());
+ assertThat(finance.getKeyPattern()).isEqualTo(template.getKeyPattern());
}
@Test
- public void fail_if_key_is_not_found() {
+ public void fail_if_key_is_not_found() throws Exception {
expectedException.expect(NotFoundException.class);
expectedException.expectMessage("Permission template with id 'unknown-key' is not found");
- newRequest("unknown-key", null, null, null);
+ call("unknown-key", null, null, null);
}
@Test
- public void fail_if_name_already_exists_in_another_template() {
- expectedException.expect(BadRequestException.class);
- expectedException.expectMessage("A template with the name 'My Template' already exists (case insensitive).");
-
+ public void fail_if_name_already_exists_in_another_template() throws Exception {
insertTemplate(newPermissionTemplateDto()
.setName("My Template")
.setUuid("my-key")
.setCreatedAt(new Date(12345789L))
.setUpdatedAt(new Date(12345789L)));
- commit();
- newRequest(templateDto.getUuid(), "My Template", null, null);
+ expectedException.expect(BadRequestException.class);
+ expectedException.expectMessage("A template with the name 'My Template' already exists (case insensitive).");
+
+ call(template.getUuid(), "My Template", null, null);
}
@Test
- public void fail_if_key_is_not_provided() {
+ public void fail_if_key_is_not_provided() throws Exception {
expectedException.expect(IllegalArgumentException.class);
- newRequest(null, "Finance", null, null);
+ call(null, "Finance", null, null);
}
@Test
- public void fail_if_name_empty() {
+ public void fail_if_name_empty() throws Exception {
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("The template name must not be blank");
- newRequest(templateDto.getUuid(), "", null, null);
+ call(template.getUuid(), "", null, null);
}
@Test
- public void fail_if_name_has_just_whitespaces() {
+ public void fail_if_name_has_just_whitespaces() throws Exception {
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("The template name must not be blank");
- newRequest(templateDto.getUuid(), " \r\n", null, null);
+ call(template.getUuid(), " \r\n", null, null);
}
@Test
- public void fail_if_regexp_if_not_valid() {
+ public void fail_if_regexp_if_not_valid() throws Exception {
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("The 'projectKeyPattern' parameter must be a valid Java regular expression. '[azerty' was passed");
- newRequest(templateDto.getUuid(), "Finance", null, "[azerty");
+ call(template.getUuid(), "Finance", null, "[azerty");
}
@Test
- public void fail_if_name_already_exists_in_database_case_insensitive() {
+ public void fail_if_name_already_exists_in_database_case_insensitive() throws Exception {
+ insertTemplate(newPermissionTemplateDto().setName("finance"));
+
expectedException.expect(BadRequestException.class);
expectedException.expectMessage("A template with the name 'Finance' already exists (case insensitive).");
- insertTemplate(newPermissionTemplateDto().setName("finance"));
- commit();
- newRequest(templateDto.getUuid(), "Finance", null, null);
+ call(template.getUuid(), "Finance", null, null);
}
@Test
- public void fail_if_not_logged_in() {
+ public void fail_if_not_logged_in() throws Exception {
expectedException.expect(UnauthorizedException.class);
userSession.anonymous();
- newRequest(templateDto.getUuid(), "Finance", null, null);
+ call(template.getUuid(), "Finance", null, null);
}
@Test
- public void fail_if_not_admin() {
+ public void fail_if_not_admin() throws Exception {
expectedException.expect(ForbiddenException.class);
userSession.setGlobalPermissions(GlobalPermissions.QUALITY_PROFILE_ADMIN);
- newRequest(templateDto.getUuid(), "Finance", null, null);
- }
-
- private PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {
- return dbClient.permissionTemplateDao().insert(dbSession, template);
- }
-
- private GroupDto insertGroup(GroupDto group) {
- return dbClient.groupDao().insert(db.getSession(), group);
+ call(template.getUuid(), "Finance", null, null);
}
- private void commit() {
- dbSession.commit();
+ private PermissionTemplateDto insertTemplate(PermissionTemplateDto dto) {
+ db.getDbClient().permissionTemplateDao().insert(db.getSession(), dto);
+ db.commit();
+ return dto;
}
- private TestResponse newRequest(@Nullable String key, @Nullable String name, @Nullable String description, @Nullable String projectPattern) {
- TestRequest request = ws.newRequest();
+ private String call(@Nullable String key, @Nullable String name, @Nullable String description, @Nullable String projectPattern) throws Exception {
+ WsTester.TestRequest request = wsTester.newPostRequest(CONTROLLER, ACTION);
if (key != null) {
request.setParam(PARAM_ID, key);
}
request.setParam(PARAM_PROJECT_KEY_PATTERN, projectPattern);
}
- return request.execute();
+ return request.execute().outputAsString();
}
}
*/
package org.sonar.server.startup;
-import org.hamcrest.BaseMatcher;
-import org.hamcrest.Description;
-import org.junit.Before;
+import java.util.List;
+import java.util.Objects;
+import org.junit.Rule;
import org.junit.Test;
import org.sonar.api.resources.Qualifiers;
import org.sonar.api.security.DefaultGroups;
+import org.sonar.api.utils.System2;
+import org.sonar.api.utils.log.LogTester;
+import org.sonar.api.utils.log.LoggerLevel;
import org.sonar.api.web.UserRole;
-import org.sonar.db.DbClient;
-import org.sonar.db.DbSession;
-import org.sonar.db.loadedtemplate.LoadedTemplateDao;
+import org.sonar.db.DbTester;
import org.sonar.db.loadedtemplate.LoadedTemplateDto;
-import org.sonar.db.permission.template.PermissionTemplateDao;
-import org.sonar.db.permission.template.PermissionTemplateDto;
-import org.sonar.db.user.GroupDao;
-import org.sonar.db.user.GroupDto;
-import org.sonar.db.user.UserDao;
-import org.sonar.server.permission.DefaultPermissionTemplates;
+import org.sonar.db.permission.template.PermissionTemplate;
+import org.sonar.db.permission.template.PermissionTemplateGroupDto;
+import org.sonar.server.organization.DefaultOrganizationProvider;
+import org.sonar.server.organization.DefaultOrganizationProviderRule;
import org.sonar.server.platform.PersistentSettings;
-import static org.mockito.Matchers.any;
-import static org.mockito.Matchers.anyBoolean;
-import static org.mockito.Matchers.argThat;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Matchers.anyString;
+import static org.mockito.Matchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
-import static org.mockito.Mockito.verifyNoMoreInteractions;
-import static org.mockito.Mockito.verifyZeroInteractions;
import static org.mockito.Mockito.when;
+import static org.sonar.server.permission.DefaultPermissionTemplates.DEFAULT_TEMPLATE_KEY;
import static org.sonar.server.permission.DefaultPermissionTemplates.DEFAULT_TEMPLATE_PROPERTY;
import static org.sonar.server.permission.DefaultPermissionTemplates.defaultRootQualifierTemplateProperty;
public class RegisterPermissionTemplatesTest {
- private PersistentSettings settings;
- private LoadedTemplateDao loadedTemplateDao;
- private PermissionTemplateDao permissionTemplateDao;
- private DbClient dbClient;
- private UserDao userDao;
- private GroupDao groupDao;
- private DbSession dbSession = mock(DbSession.class);
-
- @Before
- public void setUp() {
- settings = mock(PersistentSettings.class);
- loadedTemplateDao = mock(LoadedTemplateDao.class);
- permissionTemplateDao = mock(PermissionTemplateDao.class);
- userDao = mock(UserDao.class);
- groupDao = mock(GroupDao.class);
-
- dbClient = mock(DbClient.class);
- when(dbClient.permissionTemplateDao()).thenReturn(permissionTemplateDao);
- when(dbClient.loadedTemplateDao()).thenReturn(loadedTemplateDao);
- when(dbClient.userDao()).thenReturn(userDao);
- when(dbClient.groupDao()).thenReturn(groupDao);
- when(dbClient.openSession(anyBoolean())).thenReturn(dbSession);
- }
+ @Rule
+ public DbTester db = DbTester.create(System2.INSTANCE);
+
+ @Rule
+ public LogTester logTester = new LogTester();
+
+ private PersistentSettings settings = mock(PersistentSettings.class);
+ private DefaultOrganizationProvider defaultOrganizationProvider = DefaultOrganizationProviderRule.create(db);
+ private RegisterPermissionTemplates underTest = new RegisterPermissionTemplates(db.getDbClient(), settings, defaultOrganizationProvider);
@Test
- public void should_insert_and_register_default_permission_template() {
- LoadedTemplateDto expectedTemplate = new LoadedTemplateDto().setKey(DefaultPermissionTemplates.DEFAULT_TEMPLATE.getUuid())
- .setType(LoadedTemplateDto.PERMISSION_TEMPLATE_TYPE);
- PermissionTemplateDto permissionTemplate = DefaultPermissionTemplates.DEFAULT_TEMPLATE.setId(1L);
-
- when(loadedTemplateDao.countByTypeAndKey(LoadedTemplateDto.PERMISSION_TEMPLATE_TYPE, DefaultPermissionTemplates.DEFAULT_TEMPLATE.getUuid()))
- .thenReturn(0);
- when(permissionTemplateDao.insert(dbSession, DefaultPermissionTemplates.DEFAULT_TEMPLATE))
- .thenReturn(permissionTemplate);
- when(groupDao.selectByName(dbSession, DefaultGroups.ADMINISTRATORS)).thenReturn(new GroupDto().setId(1L));
- when(groupDao.selectByName(dbSession, DefaultGroups.USERS)).thenReturn(new GroupDto().setId(2L));
-
- RegisterPermissionTemplates initializer = new RegisterPermissionTemplates(dbClient, settings);
- initializer.start();
-
- verify(loadedTemplateDao).insert(argThat(Matches.template(expectedTemplate)));
- verify(permissionTemplateDao).insert(dbSession, DefaultPermissionTemplates.DEFAULT_TEMPLATE);
- verify(permissionTemplateDao).insertGroupPermission(dbSession, 1L, 1L, UserRole.ADMIN);
- verify(permissionTemplateDao).insertGroupPermission(dbSession, 1L, 1L, UserRole.ISSUE_ADMIN);
- verify(permissionTemplateDao).insertGroupPermission(dbSession, 1L, null, UserRole.USER);
- verify(permissionTemplateDao).insertGroupPermission(dbSession, 1L, null, UserRole.CODEVIEWER);
- verifyNoMoreInteractions(permissionTemplateDao);
- verify(settings).saveProperty(DEFAULT_TEMPLATE_PROPERTY, DefaultPermissionTemplates.DEFAULT_TEMPLATE.getUuid());
+ public void insert_default_permission_template_if_fresh_install() {
+ db.users().insertGroup(db.getDefaultOrganization(), DefaultGroups.ADMINISTRATORS);
+
+ underTest.start();
+
+ PermissionTemplate defaultTemplate = selectTemplate();
+ assertThat(defaultTemplate.getTemplate().getName()).isEqualTo("Default template");
+
+ List<PermissionTemplateGroupDto> groupPermissions = defaultTemplate.getGroupPermissions();
+ assertThat(groupPermissions).hasSize(4);
+ expectGroupPermission(groupPermissions, UserRole.ADMIN, DefaultGroups.ADMINISTRATORS);
+ expectGroupPermission(groupPermissions, UserRole.ISSUE_ADMIN, DefaultGroups.ADMINISTRATORS);
+ expectGroupPermission(groupPermissions, UserRole.CODEVIEWER, DefaultGroups.ANYONE);
+ expectGroupPermission(groupPermissions, UserRole.USER, DefaultGroups.ANYONE);
+
+ // template is marked as default
+ verify(settings).saveProperty(DEFAULT_TEMPLATE_PROPERTY, defaultTemplate.getTemplate().getUuid());
+
+ assertThat(logTester.logs(LoggerLevel.ERROR)).isEmpty();
}
@Test
- public void should_skip_insertion_and_registration() {
- when(loadedTemplateDao.countByTypeAndKey(LoadedTemplateDto.PERMISSION_TEMPLATE_TYPE, DefaultPermissionTemplates.DEFAULT_TEMPLATE.getUuid()))
- .thenReturn(1);
+ public void ignore_administrators_permissions_if_group_does_not_exist() {
+ underTest.start();
+
+ PermissionTemplate defaultTemplate = selectTemplate();
+ assertThat(defaultTemplate.getTemplate().getName()).isEqualTo("Default template");
+
+ List<PermissionTemplateGroupDto> groupPermissions = defaultTemplate.getGroupPermissions();
+ assertThat(groupPermissions).hasSize(2);
+ expectGroupPermission(groupPermissions, UserRole.CODEVIEWER, DefaultGroups.ANYONE);
+ expectGroupPermission(groupPermissions, UserRole.USER, DefaultGroups.ANYONE);
- RegisterPermissionTemplates initializer = new RegisterPermissionTemplates(dbClient, settings);
- initializer.start();
+ // marked as default
+ verify(settings).saveProperty(DEFAULT_TEMPLATE_PROPERTY, defaultTemplate.getTemplate().getUuid());
- verifyZeroInteractions(permissionTemplateDao);
- verify(loadedTemplateDao, never()).insert(any(LoadedTemplateDto.class));
+ assertThat(logTester.logs(LoggerLevel.ERROR)).contains("Cannot setup default permission for group: sonar-administrators");
}
@Test
- public void should_reference_TRK_template_as_default_when_present() {
- when(settings.getString(defaultRootQualifierTemplateProperty(Qualifiers.PROJECT))).thenReturn("my_projects_template");
-
- LoadedTemplateDto expectedTemplate = new LoadedTemplateDto().setKey(DefaultPermissionTemplates.DEFAULT_TEMPLATE.getUuid())
- .setType(LoadedTemplateDto.PERMISSION_TEMPLATE_TYPE);
+ public void do_not_create_default_template_if_already_exists() {
+ markTaskAsAlreadyExecuted();
- RegisterPermissionTemplates initializer = new RegisterPermissionTemplates(dbClient, settings);
- initializer.start();
+ underTest.start();
- verify(loadedTemplateDao).insert(argThat(Matches.template(expectedTemplate)));
- verify(settings).saveProperty(DEFAULT_TEMPLATE_PROPERTY, "my_projects_template");
- verifyZeroInteractions(permissionTemplateDao);
+ assertThat(selectTemplate()).isNull();
+ verify(settings, never()).saveProperty(eq(DEFAULT_TEMPLATE_PROPERTY), anyString());
+ assertThat(logTester.logs(LoggerLevel.ERROR)).isEmpty();
}
- private static class Matches extends BaseMatcher<LoadedTemplateDto> {
+ @Test
+ public void reference_TRK_template_as_default_when_present() {
+ when(settings.getString(defaultRootQualifierTemplateProperty(Qualifiers.PROJECT))).thenReturn("my_projects_template");
+ markTaskAsAlreadyExecuted();
- private final LoadedTemplateDto referenceTemplate;
+ underTest.start();
- private Matches(LoadedTemplateDto referenceTemplate) {
- this.referenceTemplate = referenceTemplate;
- }
+ verify(settings).saveProperty(DEFAULT_TEMPLATE_PROPERTY, "my_projects_template");
+ }
- static Matches template(LoadedTemplateDto referenceTemplate) {
- return new Matches(referenceTemplate);
- }
+ private void markTaskAsAlreadyExecuted() {
+ db.getDbClient().loadedTemplateDao().insert(new LoadedTemplateDto(DEFAULT_TEMPLATE_KEY, LoadedTemplateDto.PERMISSION_TEMPLATE_TYPE));
+ }
- @Override
- public boolean matches(Object o) {
- if (o != null && o instanceof LoadedTemplateDto) {
- LoadedTemplateDto otherTemplate = (LoadedTemplateDto) o;
- return referenceTemplate.getKey().equals(otherTemplate.getKey())
- && referenceTemplate.getType().equals(otherTemplate.getType());
- }
- return false;
- }
+ private PermissionTemplate selectTemplate() {
+ return db.getDbClient().permissionTemplateDao().selectByUuidWithUserAndGroupPermissions(db.getSession(), DEFAULT_TEMPLATE_KEY);
+ }
- @Override
- public void describeTo(Description description) {
- }
+ private void expectGroupPermission(List<PermissionTemplateGroupDto> groupPermissions, String expectedPermission,
+ String expectedGroupName) {
+ assertThat(
+ groupPermissions.stream().anyMatch(gp -> gp.getPermission().equals(expectedPermission) && Objects.equals(gp.getGroupName(), expectedGroupName)))
+ .isTrue();
}
}
private String description;
private String name;
private String projectKeyPattern;
+ private String organizationKey;
@CheckForNull
public String getDescription() {
this.projectKeyPattern = projectKeyPattern;
return this;
}
+
+ @CheckForNull
+ public String getOrganizationKey() {
+ return organizationKey;
+ }
+
+ public CreateTemplateWsRequest setOrganizationKey(@Nullable String s) {
+ this.organizationKey = s;
+ return this;
+ }
}