mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36262 Commits
59 Branches
Tree: 412f42cb11
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '412f42cb11'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/it/java/org/sonar/server/permission/ws/template/SearchTemplatesActionIT.java

SearchTemplatesActionIT.java 17KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission.ws.template;

  21. 

  22. import java.util.Date;

  23. import javax.annotation.Nullable;

  24. import org.junit.Before;

  25. import org.junit.Test;

  26. import org.sonar.api.resources.Qualifiers;

  27. import org.sonar.api.web.UserRole;

  28. import org.sonar.core.util.Uuids;

  29. import org.sonar.db.DbClient;

  30. import org.sonar.db.DbSession;

  31. import org.sonar.db.component.ResourceTypesRule;

  32. import org.sonar.db.permission.template.PermissionTemplateCharacteristicDto;

  33. import org.sonar.db.permission.template.PermissionTemplateDto;

  34. import org.sonar.db.user.GroupDto;

  35. import org.sonar.db.user.UserDto;

  36. import org.sonar.server.exceptions.UnauthorizedException;

  37. import org.sonar.server.l18n.I18nRule;

  38. import org.sonar.server.common.permission.DefaultTemplatesResolver;

  39. import org.sonar.server.common.permission.DefaultTemplatesResolverImpl;

  40. import org.sonar.server.permission.PermissionService;

  41. import org.sonar.server.permission.PermissionServiceImpl;

  42. import org.sonar.server.permission.ws.BasePermissionWsIT;

  43. import org.sonar.server.ws.TestRequest;

  44. import org.sonar.server.ws.WsActionTester;

  45. 

  46. import static org.assertj.core.api.Assertions.assertThat;

  47. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  48. import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;

  49. import static org.sonar.core.util.Uuids.UUID_EXAMPLE_01;

  50. import static org.sonar.core.util.Uuids.UUID_EXAMPLE_02;

  51. import static org.sonar.core.util.Uuids.UUID_EXAMPLE_10;

  52. import static org.sonar.db.permission.GlobalPermission.ADMINISTER;

  53. import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateDto;

  54. import static org.sonar.test.JsonAssert.assertJson;

  55. 

  56. public class SearchTemplatesActionIT extends BasePermissionWsIT<SearchTemplatesAction> {

  57. 

  58.   private I18nRule i18n = new I18nRule();

  59.   private DbClient dbClient = db.getDbClient();

  60.   private DbSession dbSession = db.getSession();

  61. 

  62.   private ResourceTypesRule resourceTypesWithViews = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW, Qualifiers.APP);

  63.   private ResourceTypesRule resourceTypesWithoutViews = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);

  64.   private PermissionService permissionServiceWithViews = new PermissionServiceImpl(resourceTypesWithViews);

  65.   private PermissionService permissionServiceWithoutViews = new PermissionServiceImpl(resourceTypesWithoutViews);

  66.   private DefaultTemplatesResolver defaultTemplatesResolverWithViews = new DefaultTemplatesResolverImpl(dbClient, resourceTypesWithViews);

  67. 

  68.   private WsActionTester underTestWithoutViews;

  69. 

  70.   @Override

  71.   protected SearchTemplatesAction buildWsAction() {

  72.     return new SearchTemplatesAction(dbClient, userSession, i18n, defaultTemplatesResolverWithViews, permissionServiceWithViews);

  73.   }

  74. 

  75.   @Before

  76.   public void setUp() {

  77.     DefaultTemplatesResolver defaultTemplatesResolverWithViews = new DefaultTemplatesResolverImpl(dbClient, resourceTypesWithoutViews);

  78.     underTestWithoutViews = new WsActionTester(

  79.       new SearchTemplatesAction(dbClient, userSession, i18n, defaultTemplatesResolverWithViews, permissionServiceWithoutViews));

  80.     i18n.setProjectPermissions();

  81.     userSession.logIn().addPermission(ADMINISTER);

  82.   }

  83. 

  84.   @Test

  85.   public void search_project_permissions_without_views() {

  86.     PermissionTemplateDto projectTemplate = insertProjectTemplate();

  87. 

  88.     UserDto user1 = db.users().insertUser();

  89.     UserDto user2 = db.users().insertUser();

  90.     UserDto user3 = db.users().insertUser();

  91. 

  92.     GroupDto group1 = db.users().insertGroup();

  93.     GroupDto group2 = db.users().insertGroup();

  94.     GroupDto group3 = db.users().insertGroup();

  95. 

  96.     addUserToTemplate(projectTemplate.getUuid(), user1.getUuid(), UserRole.ISSUE_ADMIN, projectTemplate.getName(), user1.getLogin());

  97.     addUserToTemplate(projectTemplate.getUuid(), user2.getUuid(), UserRole.ISSUE_ADMIN, projectTemplate.getName(), user2.getLogin());

  98.     addUserToTemplate(projectTemplate.getUuid(), user3.getUuid(), UserRole.ISSUE_ADMIN, projectTemplate.getName(), user3.getLogin());

  99.     addUserToTemplate(projectTemplate.getUuid(), user1.getUuid(), UserRole.CODEVIEWER, projectTemplate.getName(), user1.getLogin());

  100.     addGroupToTemplate(projectTemplate.getUuid(), group1.getUuid(), UserRole.ADMIN, projectTemplate.getName(), group1.getName());

  101.     addPermissionTemplateWithProjectCreator(projectTemplate.getUuid(), UserRole.ADMIN, projectTemplate.getName());

  102. 

  103.     db.permissionTemplates().setDefaultTemplates(projectTemplate, null, null);

  104. 

  105.     String result = newRequest(underTestWithoutViews).execute().getInput();

  106. 

  107.     assertJson(result)

  108.       .withStrictArrayOrder()

  109.       .isSimilarTo(getClass().getResource("search_templates-example-without-views.json"));

  110.   }

  111. 

  112.   @Test

  113.   public void search_project_permissions_with_views() {

  114.     PermissionTemplateDto projectTemplate = insertProjectTemplate();

  115.     PermissionTemplateDto portfoliosTemplate = insertPortfoliosTemplate();

  116.     PermissionTemplateDto applicationsTemplate = insertApplicationsTemplate();

  117. 

  118.     UserDto user1 = db.users().insertUser();

  119.     UserDto user2 = db.users().insertUser();

  120.     UserDto user3 = db.users().insertUser();

  121. 

  122.     GroupDto group1 = db.users().insertGroup();

  123.     GroupDto group2 = db.users().insertGroup();

  124.     GroupDto group3 = db.users().insertGroup();

  125. 

  126.     addUserToTemplate(projectTemplate.getUuid(), user1.getUuid(), UserRole.ISSUE_ADMIN, projectTemplate.getName(), user1.getLogin());

  127.     addUserToTemplate(projectTemplate.getUuid(), user2.getUuid(), UserRole.ISSUE_ADMIN, projectTemplate.getName(), user2.getLogin());

  128.     addUserToTemplate(projectTemplate.getUuid(), user3.getUuid(), UserRole.ISSUE_ADMIN, projectTemplate.getName(), user3.getLogin());

  129.     addUserToTemplate(projectTemplate.getUuid(), user1.getUuid(), UserRole.CODEVIEWER, projectTemplate.getName(), user1.getLogin());

  130.     addGroupToTemplate(projectTemplate.getUuid(), group1.getUuid(), UserRole.ADMIN, projectTemplate.getName(), group1.getName());

  131.     addPermissionTemplateWithProjectCreator(projectTemplate.getUuid(), UserRole.ADMIN, projectTemplate.getName());

  132. 

  133.     addUserToTemplate(portfoliosTemplate.getUuid(), user1.getUuid(), UserRole.USER, portfoliosTemplate.getName(), user1.getLogin());

  134.     addUserToTemplate(portfoliosTemplate.getUuid(), user2.getUuid(), UserRole.USER, portfoliosTemplate.getName(), user2.getLogin());

  135.     addGroupToTemplate(portfoliosTemplate.getUuid(), group1.getUuid(), UserRole.ISSUE_ADMIN, portfoliosTemplate.getName(), group1.getName());

  136.     addGroupToTemplate(portfoliosTemplate.getUuid(), group2.getUuid(), UserRole.ISSUE_ADMIN, portfoliosTemplate.getName(), group2.getName());

  137.     addGroupToTemplate(portfoliosTemplate.getUuid(), group3.getUuid(), UserRole.ISSUE_ADMIN, portfoliosTemplate.getName(), group3.getName());

  138. 

  139.     db.permissionTemplates().setDefaultTemplates(projectTemplate, applicationsTemplate, portfoliosTemplate);

  140. 

  141.     String result = newRequest().execute().getInput();

  142. 

  143.     assertJson(result)

  144.       .withStrictArrayOrder()

  145.       .isSimilarTo(getClass().getResource("search_templates-example-with-views.json"));

  146.   }

  147. 

  148.   @Test

  149.   public void empty_result() {

  150.     db.permissionTemplates().setDefaultTemplates("AU-Tpxb--iU5OvuD2FLy", "AU-Tpxb--iU5OvuD2FLz", "AU-TpxcA-iU5OvuD2FLx");

  151.     String result = newRequest(wsTester).execute().getInput();

  152. 

  153.     assertJson(result)

  154.       .withStrictArrayOrder()

  155.       .ignoreFields("permissions")

  156.       .isSimilarTo("{" +

  157.         "  \"permissionTemplates\": []," +

  158.         "  \"defaultTemplates\": [" +

  159.         "    {" +

  160.         "      \"templateId\": \"AU-Tpxb--iU5OvuD2FLy\"," +

  161.         "      \"qualifier\": \"TRK\"" +

  162.         "    }," +

  163.         "    {" +

  164.         "      \"templateId\": \"AU-Tpxb--iU5OvuD2FLz\"," +

  165.         "      \"qualifier\": \"APP\"" +

  166.         "    }," +

  167.         "    {" +

  168.         "      \"templateId\": \"AU-TpxcA-iU5OvuD2FLx\"," +

  169.         "      \"qualifier\": \"VW\"" +

  170.         "    }" +

  171.         "  ]" +

  172.         "}");

  173.   }

  174. 

  175.   @Test

  176.   public void empty_result_without_views() {

  177.     db.permissionTemplates().setDefaultTemplates("AU-Tpxb--iU5OvuD2FLy", "AU-TpxcA-iU5OvuD2FLz", "AU-TpxcA-iU5OvuD2FLx");

  178.     String result = newRequest(underTestWithoutViews).execute().getInput();

  179. 

  180.     assertJson(result)

  181.       .withStrictArrayOrder()

  182.       .ignoreFields("permissions")

  183.       .isSimilarTo("{" +

  184.         "  \"permissionTemplates\": []," +

  185.         "  \"defaultTemplates\": [" +

  186.         "    {" +

  187.         "      \"templateId\": \"AU-Tpxb--iU5OvuD2FLy\"," +

  188.         "      \"qualifier\": \"TRK\"" +

  189.         "    }" +

  190.         "  ]" +

  191.         "}");

  192.   }

  193. 

  194.   @Test

  195.   public void search_by_name() {

  196.     db.permissionTemplates().setDefaultTemplates(db.permissionTemplates().insertTemplate(), null, null);

  197.     insertProjectTemplate();

  198.     insertPortfoliosTemplate();

  199. 

  200.     String result = newRequest(wsTester)

  201.       .setParam(TEXT_QUERY, "portfolio")

  202.       .execute()

  203.       .getInput();

  204. 

  205.     assertThat(result).contains("Default template for Portfolios")

  206.       .doesNotContain("projects")

  207.       .doesNotContain("developers");

  208.   }

  209. 

  210.   @Test

  211.   public void fail_if_not_logged_in() {

  212.     assertThatThrownBy(() ->  {

  213.       userSession.anonymous();

  214.       newRequest().execute();

  215.     })

  216.       .isInstanceOf(UnauthorizedException.class);

  217.   }

  218. 

  219.   @Test

  220.   public void display_all_project_permissions() {

  221.     db.permissionTemplates().setDefaultTemplates(db.permissionTemplates().insertTemplate(), null, null);

  222. 

  223.     String result = newRequest(underTestWithoutViews).execute().getInput();

  224. 

  225.     assertJson(result)

  226.       .withStrictArrayOrder()

  227.       .ignoreFields("defaultTemplates", "permissionTemplates")

  228.       .isSimilarTo(

  229.         "{" +

  230.           "  \"permissions\": [" +

  231.           "    {" +

  232.           "      \"key\": \"admin\"," +

  233.           "      \"name\": \"Administer\"," +

  234.           "      \"description\": \"Ability to access project settings and perform administration tasks. (Users will also need \\\"Browse\\\" permission)\"" +

  235.           "    }," +

  236.           "    {" +

  237.           "      \"key\": \"codeviewer\"," +

  238.           "      \"name\": \"See Source Code\"," +

  239.           "      \"description\": \"Ability to view the project\\u0027s source code. (Users will also need \\\"Browse\\\" permission)\"" +

  240.           "    }," +

  241.           "    {" +

  242.           "      \"key\": \"issueadmin\"," +

  243.           "      \"name\": \"Administer Issues\"," +

  244.           "      \"description\": \"Grants the permission to perform advanced editing on issues: marking an issue False Positive / Won\\u0027t Fix or changing an Issue\\u0027s severity. (Users will also need \\\"Browse\\\" permission)\""

  245.           +

  246.           "    }," +

  247.           "    {" +

  248.           "      \"key\": \"securityhotspotadmin\"," +

  249.           "      \"name\": \"Administer Security Hotspots\"," +

  250.           "      \"description\": \"Detect a Vulnerability from a \\\"Security Hotspot\\\". Reject, clear, accept, reopen a \\\"Security Hotspot\\\" (users also need \\\"Browse\\\" permissions).\""

  251.           +

  252.           "    }," +

  253.           "    {" +

  254.           "      \"key\": \"scan\"," +

  255.           "      \"name\": \"Execute Analysis\"," +

  256.           "      \"description\": \"Ability to execute analyses, and to get all settings required to perform the analysis, even the secured ones like the scm account password, the jira account password, and so on.\""

  257.           +

  258.           "    }," +

  259.           "    {" +

  260.           "      \"key\": \"user\"," +

  261.           "      \"name\": \"Browse\"," +

  262.           "      \"description\": \"Ability to access a project, browse its measures, and create/edit issues for it.\"" +

  263.           "    }" +

  264.           "  ]" +

  265.           "}");

  266.   }

  267. 

  268.   @Test

  269.   public void display_all_project_permissions_with_views() {

  270.     db.permissionTemplates().setDefaultTemplates(db.permissionTemplates().insertTemplate(), null, null);

  271. 

  272.     String result = newRequest().execute().getInput();

  273. 

  274.     assertJson(result)

  275.       .withStrictArrayOrder()

  276.       .ignoreFields("defaultTemplates", "permissionTemplates")

  277.       .isSimilarTo(

  278.         "{" +

  279.           "  \"permissions\": [" +

  280.           "    {" +

  281.           "      \"key\": \"admin\"," +

  282.           "      \"name\": \"Administer\"," +

  283.           "      \"description\": \"Ability to access project settings and perform administration tasks. (Users will also need \\\"Browse\\\" permission)\"" +

  284.           "    }," +

  285.           "    {" +

  286.           "      \"key\": \"codeviewer\"," +

  287.           "      \"name\": \"See Source Code\"," +

  288.           "      \"description\": \"Ability to view the project\\u0027s source code. (Users will also need \\\"Browse\\\" permission)\"" +

  289.           "    }," +

  290.           "    {" +

  291.           "      \"key\": \"issueadmin\"," +

  292.           "      \"name\": \"Administer Issues\"," +

  293.           "      \"description\": \"Grants the permission to perform advanced editing on issues: marking an issue False Positive / Won\\u0027t Fix or changing an Issue\\u0027s severity. (Users will also need \\\"Browse\\\" permission)\""

  294.           +

  295.           "    }," +

  296.           "    {" +

  297.           "      \"key\": \"securityhotspotadmin\"," +

  298.           "      \"name\": \"Administer Security Hotspots\"," +

  299.           "      \"description\": \"Detect a Vulnerability from a \\\"Security Hotspot\\\". Reject, clear, accept, reopen a \\\"Security Hotspot\\\" (users also need \\\"Browse\\\" permissions).\""

  300.           +

  301.           "    }," +

  302.           "    {" +

  303.           "      \"key\": \"scan\"," +

  304.           "      \"name\": \"Execute Analysis\"," +

  305.           "      \"description\": \"Ability to execute analyses, and to get all settings required to perform the analysis, even the secured ones like the scm account password, the jira account password, and so on.\""

  306.           +

  307.           "    }," +

  308.           "    {" +

  309.           "      \"key\": \"user\"," +

  310.           "      \"name\": \"Browse\"," +

  311.           "      \"description\": \"Ability to access a project, browse its measures, and create/edit issues for it.\"" +

  312.           "    }" +

  313.           "  ]" +

  314.           "}");

  315.   }

  316. 

  317.   private PermissionTemplateDto insertProjectTemplate() {

  318.     return insertProjectTemplate(UUID_EXAMPLE_01);

  319.   }

  320. 

  321.   private PermissionTemplateDto insertProjectTemplate(String uuid) {

  322.     return insertTemplate(newPermissionTemplateDto()

  323.       .setUuid(uuid)

  324.       .setName("Default template for Projects")

  325.       .setDescription("Template for new projects")

  326.       .setKeyPattern(null)

  327.       .setCreatedAt(new Date(1_000_000_000_000L))

  328.       .setUpdatedAt(new Date(1_000_000_000_000L)));

  329.   }

  330. 

  331.   private PermissionTemplateDto insertPortfoliosTemplate() {

  332.     return insertTemplate(newPermissionTemplateDto()

  333.       .setUuid(UUID_EXAMPLE_02)

  334.       .setName("Default template for Portfolios")

  335.       .setDescription("Template for new portfolios")

  336.       .setKeyPattern(".*sonar.views.*")

  337.       .setCreatedAt(new Date(1_000_000_000_000L))

  338.       .setUpdatedAt(new Date(1_100_000_000_000L)));

  339.   }

  340. 

  341.   private PermissionTemplateDto insertApplicationsTemplate() {

  342.     return insertTemplate(newPermissionTemplateDto()

  343.       .setUuid(UUID_EXAMPLE_10)

  344.       .setName("Default template for Applications")

  345.       .setDescription("Template for new applications")

  346.       .setKeyPattern(".*sonar.views.*")

  347.       .setCreatedAt(new Date(1_000_000_000_000L))

  348.       .setUpdatedAt(new Date(1_100_000_000_000L)));

  349.   }

  350. 

  351.   private PermissionTemplateDto insertTemplate(PermissionTemplateDto template) {

  352.     PermissionTemplateDto insert = dbClient.permissionTemplateDao().insert(db.getSession(), template);

  353.     db.getSession().commit();

  354.     return insert;

  355.   }

  356. 

  357.   private void addGroupToTemplate(String templateUuid, @Nullable String groupUuid, String permission, String templateName, String groupName) {

  358.     dbClient.permissionTemplateDao().insertGroupPermission(db.getSession(), templateUuid, groupUuid, permission, templateName, groupName);

  359.     db.getSession().commit();

  360.   }

  361. 

  362.   private void addUserToTemplate(String templateUuid, String userId, String permission, String templateName, String userLogin) {

  363.     dbClient.permissionTemplateDao().insertUserPermission(db.getSession(), templateUuid, userId, permission, templateName, userLogin);

  364.     db.getSession().commit();

  365.   }

  366. 

  367.   private void addPermissionTemplateWithProjectCreator(String templateUuid, String permission, String templateName) {

  368.     dbClient.permissionTemplateCharacteristicDao().insert(dbSession, new PermissionTemplateCharacteristicDto()

  369.         .setUuid(Uuids.createFast())

  370.         .setWithProjectCreator(true)

  371.         .setTemplateUuid(templateUuid)

  372.         .setPermission(permission)

  373.         .setCreatedAt(1_000_000_000L)

  374.         .setUpdatedAt(2_000_000_000L),

  375.       templateName);

  376.     db.commit();

  377.   }

  378. 

  379.   private TestRequest newRequest(WsActionTester underTest) {

  380.     return underTest.newRequest().setMethod("POST");

  381.   }

  382. }