mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31489 Commits
59 Branches
Tree: 29b7cf350c
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '29b7cf350c'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/test/java/org/sonar/server/badge/ws/TokenActionTest.java

TokenActionTest.java 3.5KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2021 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.badge.ws;

  21. 

  22. import org.assertj.core.api.Assertions;

  23. import org.junit.Rule;

  24. import org.junit.Test;

  25. import org.mockito.Mockito;

  26. import org.sonar.api.web.UserRole;

  27. import org.sonar.db.DbTester;

  28. import org.sonar.db.component.ComponentDto;

  29. import org.sonar.server.exceptions.ForbiddenException;

  30. import org.sonar.server.tester.UserSessionRule;

  31. import org.sonar.server.usertoken.TokenGenerator;

  32. import org.sonar.server.ws.TestRequest;

  33. import org.sonar.server.ws.TestResponse;

  34. import org.sonar.server.ws.WsActionTester;

  35. 

  36. import static org.mockito.Mockito.when;

  37. 

  38. public class TokenActionTest {

  39. 

  40.   @Rule

  41.   public DbTester db = DbTester.create();

  42. 

  43.   @Rule

  44.   public UserSessionRule userSession = UserSessionRule.standalone();

  45. 

  46.   private final TokenGenerator tokenGenerator = Mockito.mock(TokenGenerator.class);

  47. 

  48.   private final WsActionTester ws = new WsActionTester(

  49.     new TokenAction(

  50.       db.getDbClient(),

  51.       tokenGenerator, userSession));

  52. 

  53.   @Test

  54.   public void missing_project_parameter_should_fail() {

  55.     TestRequest request = ws.newRequest();

  56.     Assertions.assertThatThrownBy(request::execute)

  57.       .hasMessage("The 'project' parameter is missing")

  58.       .isInstanceOf(IllegalArgumentException.class);

  59.   }

  60. 

  61.   @Test

  62.   public void missing_project_permission_should_fail() {

  63.     ComponentDto project = db.components().insertPrivateProject();

  64. 

  65.     TestRequest request = ws.newRequest().setParam("project", project.getKey());

  66. 

  67.     Assertions.assertThatThrownBy(request::execute)

  68.       .hasMessage("Insufficient privileges")

  69.       .isInstanceOf(ForbiddenException.class);

  70.   }

  71. 

  72.   @Test

  73.   public void should_generate_token() {

  74.     ComponentDto project = db.components().insertPrivateProject();

  75.     userSession.logIn().addProjectPermission(UserRole.USER, project);

  76.     when(tokenGenerator.generate()).thenReturn("generated_token");

  77. 

  78.     TestResponse response = ws.newRequest().setParam("project", project.getKey()).execute();

  79. 

  80.     response.assertJson("{\"token\":\"generated_token\"}");

  81.   }

  82. 

  83.   @Test

  84.   public void should_reuse_generated_token() {

  85.     ComponentDto project = db.components().insertPrivateProject();

  86.     userSession.logIn().addProjectPermission(UserRole.USER, project);

  87.     when(tokenGenerator.generate()).thenReturn("generated_token");

  88. 

  89.     // first call, generating the token

  90.     TestResponse firstResponse = ws.newRequest().setParam("project", project.getKey()).execute();

  91.     firstResponse.assertJson("{\"token\":\"generated_token\"}");

  92. 

  93.     // 2nd call, reusing the existing token

  94.     when(tokenGenerator.generate()).thenReturn("never_generated_token");

  95.     TestResponse secondResponse = ws.newRequest().setParam("project", project.getKey()).execute();

  96. 

  97.     secondResponse.assertJson("{\"token\":\"generated_token\"}");

  98. 

  99.   }

  100. 

  101. }