From 0fb3e470ecfcc6637cb80145aaff9236d6989a79 Mon Sep 17 00:00:00 2001 From: Teryk Bellahsene Date: Tue, 28 Jul 2015 15:27:49 +0200 Subject: [PATCH] SONAR-6481 WS permissions/remove_user remove a user permission --- .../permission/ws/PermissionsWsModule.java | 3 +- .../permission/ws/RemoveUserAction.java | 73 +++++++++++++ .../ws/PermissionsWsModuleTest.java | 2 +- .../permission/ws/RemoveUserActionTest.java | 100 ++++++++++++++++++ 4 files changed, 176 insertions(+), 2 deletions(-) create mode 100644 server/sonar-server/src/main/java/org/sonar/server/permission/ws/RemoveUserAction.java create mode 100644 server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java index 223a25c8846..246f172056b 100644 --- a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/PermissionsWsModule.java @@ -29,6 +29,7 @@ public class PermissionsWsModule extends Module { PermissionsWs.class, AddGroupAction.class, AddUserAction.class, - RemoveGroupAction.class); + RemoveGroupAction.class, + RemoveUserAction.class); } } diff --git a/server/sonar-server/src/main/java/org/sonar/server/permission/ws/RemoveUserAction.java b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/RemoveUserAction.java new file mode 100644 index 00000000000..5b02fd0943f --- /dev/null +++ b/server/sonar-server/src/main/java/org/sonar/server/permission/ws/RemoveUserAction.java @@ -0,0 +1,73 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +package org.sonar.server.permission.ws; + +import org.sonar.api.server.ws.Request; +import org.sonar.api.server.ws.Response; +import org.sonar.api.server.ws.WebService; +import org.sonar.core.permission.GlobalPermissions; +import org.sonar.server.permission.InternalPermissionService; +import org.sonar.server.permission.PermissionChange; + +public class RemoveUserAction implements PermissionsWsAction { + + public static final String ACTION = "remove_user"; + public static final String PARAM_PERMISSION = "permission"; + public static final String PARAM_USER_LOGIN = "login"; + + private final InternalPermissionService permissionService; + + public RemoveUserAction(InternalPermissionService permissionService) { + this.permissionService = permissionService; + } + + @Override + public void define(WebService.NewController context) { + WebService.NewAction action = context.createAction(ACTION) + .setDescription("Remove permission to a user.
Requires 'Administer System' permission.") + .setSince("5.2") + .setPost(true) + .setHandler(this); + + action.createParam(PARAM_PERMISSION) + .setDescription("Permission") + .setRequired(true) + .setPossibleValues(GlobalPermissions.ALL); + + action.createParam(PARAM_USER_LOGIN) + .setRequired(true) + .setDescription("User login") + .setExampleValue("g.hopper"); + } + + @Override + public void handle(Request request, Response response) throws Exception { + String permission = request.mandatoryParam(PARAM_PERMISSION); + String userLogin = request.mandatoryParam(PARAM_USER_LOGIN); + permissionService.removePermission( + new PermissionChange() + .setPermission(permission) + .setUser(userLogin) + ); + + response.noContent(); + } +} diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java index d2ed73e9155..075a7e6ceaa 100644 --- a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/PermissionsWsModuleTest.java @@ -30,6 +30,6 @@ public class PermissionsWsModuleTest { public void verify_count_of_added_components() { ComponentContainer container = new ComponentContainer(); new PermissionsWsModule().configure(container); - assertThat(container.size()).isEqualTo(6); + assertThat(container.size()).isEqualTo(7); } } diff --git a/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java new file mode 100644 index 00000000000..4ea5ed29387 --- /dev/null +++ b/server/sonar-server/src/test/java/org/sonar/server/permission/ws/RemoveUserActionTest.java @@ -0,0 +1,100 @@ +/* + * SonarQube, open source software quality management tool. + * Copyright (C) 2008-2014 SonarSource + * mailto:contact AT sonarsource DOT com + * + * SonarQube is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * SonarQube is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ + +package org.sonar.server.permission.ws; + +import org.junit.Before; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.ExpectedException; +import org.mockito.ArgumentCaptor; +import org.sonar.api.utils.System2; +import org.sonar.db.DbTester; +import org.sonar.server.exceptions.ServerException; +import org.sonar.server.permission.InternalPermissionService; +import org.sonar.server.permission.PermissionChange; +import org.sonar.server.tester.UserSessionRule; +import org.sonar.server.ws.WsTester; + +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN; +import static org.sonar.server.permission.ws.RemoveUserAction.ACTION; + +public class RemoveUserActionTest { + UserSessionRule userSession = UserSessionRule.standalone(); + WsTester ws; + @Rule + public DbTester db = DbTester.create(System2.INSTANCE); + @Rule + public ExpectedException expectedException = ExpectedException.none(); + private InternalPermissionService permissionService; + + @Before + public void setUp() { + permissionService = mock(InternalPermissionService.class); + ws = new WsTester(new PermissionsWs( + new RemoveUserAction(permissionService))); + userSession.login("admin").setGlobalPermissions(SYSTEM_ADMIN); + } + + @Test + public void call_permission_service_with_right_data() throws Exception { + ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(RemoveUserAction.PARAM_USER_LOGIN, "ray.bradbury") + .setParam(RemoveUserAction.PARAM_PERMISSION, SYSTEM_ADMIN) + .execute(); + + ArgumentCaptor permissionChangeCaptor = ArgumentCaptor.forClass(PermissionChange.class); + verify(permissionService).removePermission(permissionChangeCaptor.capture()); + PermissionChange permissionChange = permissionChangeCaptor.getValue(); + assertThat(permissionChange.user()).isEqualTo("ray.bradbury"); + assertThat(permissionChange.permission()).isEqualTo(SYSTEM_ADMIN); + } + + @Test + public void get_request_are_not_authorized() throws Exception { + expectedException.expect(ServerException.class); + + ws.newGetRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(RemoveUserAction.PARAM_USER_LOGIN, "george.orwell") + .setParam(RemoveUserAction.PARAM_PERMISSION, SYSTEM_ADMIN) + .execute(); + } + + @Test + public void fail_when_user_login_is_missing() throws Exception { + expectedException.expect(IllegalArgumentException.class); + + ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(RemoveUserAction.PARAM_PERMISSION, SYSTEM_ADMIN) + .execute(); + } + + @Test + public void fail_when_permission_is_missing() throws Exception { + expectedException.expect(IllegalArgumentException.class); + + ws.newPostRequest(PermissionsWs.ENDPOINT, ACTION) + .setParam(RemoveUserAction.PARAM_USER_LOGIN, "jrr.tolkien") + .execute(); + } +} -- 2.39.5