mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30155 Commits
59 Branches
Tree: 4d8f0c4bf3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4d8f0c4bf3'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/test/java/org/sonar/server/usergroups/ws/DeleteActionTest.java

DeleteActionTest.java 9.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.usergroups.ws;

  21. 

  22. import org.junit.Rule;

  23. import org.junit.Test;

  24. import org.junit.rules.ExpectedException;

  25. import org.sonar.api.impl.utils.AlwaysIncreasingSystem2;

  26. import org.sonar.api.server.ws.Change;

  27. import org.sonar.api.server.ws.WebService.Action;

  28. import org.sonar.api.web.UserRole;

  29. import org.sonar.db.DbTester;

  30. import org.sonar.db.component.ComponentDbTester;

  31. import org.sonar.db.component.ComponentDto;

  32. import org.sonar.db.component.ComponentTesting;

  33. import org.sonar.db.permission.template.PermissionTemplateDto;

  34. import org.sonar.db.permission.template.PermissionTemplateTesting;

  35. import org.sonar.db.qualityprofile.QProfileDto;

  36. import org.sonar.db.user.GroupDto;

  37. import org.sonar.db.user.UserDto;

  38. import org.sonar.server.exceptions.NotFoundException;

  39. import org.sonar.server.tester.UserSessionRule;

  40. import org.sonar.server.usergroups.DefaultGroupFinder;

  41. import org.sonar.server.ws.TestRequest;

  42. import org.sonar.server.ws.TestResponse;

  43. import org.sonar.server.ws.WsActionTester;

  44. 

  45. import static org.assertj.core.api.Assertions.assertThat;

  46. import static org.assertj.core.api.Assertions.tuple;

  47. import static org.sonar.core.permission.GlobalPermissions.SYSTEM_ADMIN;

  48. import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;

  49. import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_ID;

  50. import static org.sonar.server.usergroups.ws.GroupWsSupport.PARAM_GROUP_NAME;

  51. 

  52. public class DeleteActionTest {

  53. 

  54.   @Rule

  55.   public UserSessionRule userSession = UserSessionRule.standalone();

  56.   @Rule

  57.   public ExpectedException expectedException = ExpectedException.none();

  58.   @Rule

  59.   public DbTester db = DbTester.create(new AlwaysIncreasingSystem2());

  60. 

  61.   private final ComponentDbTester componentTester = new ComponentDbTester(db);

  62.   private final WsActionTester ws = new WsActionTester(new DeleteAction(db.getDbClient(), userSession, newGroupWsSupport()));

  63. 

  64.   @Test

  65.   public void verify_definition() {

  66.     Action wsDef = ws.getDef();

  67. 

  68.     assertThat(wsDef.isInternal()).isFalse();

  69.     assertThat(wsDef.since()).isEqualTo("5.2");

  70.     assertThat(wsDef.isPost()).isTrue();

  71.     assertThat(wsDef.changelog()).extracting(Change::getVersion, Change::getDescription).containsOnly(

  72.       tuple("8.4", "Parameter 'id' is deprecated. Format changes from integer to string. Use 'name' instead."));

  73.   }

  74. 

  75.   @Test

  76.   public void response_has_no_content() {

  77.     addAdmin();

  78.     insertDefaultGroup();

  79.     GroupDto group = db.users().insertGroup();

  80.     loginAsAdmin();

  81. 

  82.     TestResponse response = newRequest()

  83.       .setParam("id", group.getUuid())

  84.       .execute();

  85. 

  86.     assertThat(response.getStatus()).isEqualTo(204);

  87.   }

  88. 

  89.   @Test

  90.   public void delete_by_id() {

  91.     addAdmin();

  92.     insertDefaultGroup();

  93.     GroupDto group = db.users().insertGroup();

  94.     loginAsAdmin();

  95. 

  96.     newRequest()

  97.       .setParam("id", group.getUuid())

  98.       .execute();

  99. 

  100.     assertThat(db.users().selectGroupByUuid(group.getUuid())).isNull();

  101.   }

  102. 

  103.   @Test

  104.   public void delete_by_name() {

  105.     addAdmin();

  106.     insertDefaultGroup();

  107.     GroupDto group = db.users().insertGroup();

  108.     loginAsAdmin();

  109. 

  110.     newRequest()

  111.       .setParam(PARAM_GROUP_NAME, group.getName())

  112.       .execute();

  113. 

  114.     assertThat(db.users().selectGroupByUuid(group.getUuid())).isNull();

  115.   }

  116. 

  117.   @Test

  118.   public void delete_members() {

  119.     addAdmin();

  120.     insertDefaultGroup();

  121.     GroupDto group = db.users().insertGroup();

  122.     UserDto user = db.users().insertUser();

  123.     db.users().insertMember(group, user);

  124.     loginAsAdmin();

  125. 

  126.     newRequest()

  127.       .setParam("id", group.getUuid())

  128.       .execute();

  129. 

  130.     assertThat(db.countRowsOfTable("groups_users")).isZero();

  131.   }

  132. 

  133.   @Test

  134.   public void delete_permissions() {

  135.     addAdmin();

  136.     insertDefaultGroup();

  137.     GroupDto group = db.users().insertGroup();

  138.     ComponentDto project = componentTester.insertComponent(ComponentTesting.newPrivateProjectDto(db.getDefaultOrganization()));

  139.     db.users().insertProjectPermissionOnGroup(group, UserRole.ADMIN, project);

  140.     loginAsAdmin();

  141. 

  142.     newRequest()

  143.       .setParam("id", group.getUuid())

  144.       .execute();

  145. 

  146.     assertThat(db.countRowsOfTable("group_roles")).isZero();

  147.   }

  148. 

  149.   @Test

  150.   public void delete_group_from_permission_templates() {

  151.     addAdmin();

  152.     insertDefaultGroup();

  153.     GroupDto group = db.users().insertGroup();

  154.     PermissionTemplateDto template = db.getDbClient().permissionTemplateDao().insert(db.getSession(),

  155.       PermissionTemplateTesting.newPermissionTemplateDto());

  156.     db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), template.getUuid(), group.getUuid(), "perm");

  157.     db.commit();

  158.     loginAsAdmin();

  159.     assertThat(db.countRowsOfTable("perm_templates_groups")).isEqualTo(1);

  160. 

  161.     newRequest()

  162.       .setParam("id", group.getUuid())

  163.       .execute();

  164. 

  165.     assertThat(db.countRowsOfTable("perm_templates_groups")).isZero();

  166.   }

  167. 

  168.   @Test

  169.   public void delete_qprofile_permissions() {

  170.     addAdmin();

  171.     insertDefaultGroup();

  172.     GroupDto group = db.users().insertGroup();

  173.     QProfileDto profile = db.qualityProfiles().insert();

  174.     db.qualityProfiles().addGroupPermission(profile, group);

  175.     loginAsAdmin();

  176. 

  177.     newRequest()

  178.       .setParam("id", group.getUuid())

  179.       .execute();

  180. 

  181.     assertThat(db.countRowsOfTable("qprofile_edit_groups")).isZero();

  182.   }

  183. 

  184.   @Test

  185.   public void fail_if_id_does_not_exist() {

  186.     addAdmin();

  187.     loginAsAdmin();

  188.     int groupId = 123;

  189. 

  190.     expectedException.expect(NotFoundException.class);

  191.     expectedException.expectMessage("No group with id '" + groupId + "'");

  192. 

  193.     newRequest()

  194.       .setParam("id", String.valueOf(groupId))

  195.       .execute();

  196.   }

  197. 

  198.   @Test

  199.   public void fail_to_delete_default_group() {

  200.     loginAsAdmin();

  201.     GroupDto defaultGroup = db.users().insertDefaultGroup();

  202. 

  203.     expectedException.expect(IllegalArgumentException.class);

  204.     expectedException.expectMessage("Default group 'sonar-users' cannot be used to perform this action");

  205. 

  206.     newRequest()

  207.       .setParam("id", defaultGroup.getUuid())

  208.       .execute();

  209.   }

  210. 

  211.   @Test

  212.   public void cannot_delete_last_system_admin_group() {

  213.     insertDefaultGroup();

  214.     GroupDto group = db.users().insertGroup();

  215.     db.users().insertPermissionOnGroup(group, SYSTEM_ADMIN);

  216.     loginAsAdmin();

  217. 

  218.     expectedException.expect(IllegalArgumentException.class);

  219.     expectedException.expectMessage("The last system admin group cannot be deleted");

  220. 

  221.     newRequest()

  222.       .setParam(PARAM_GROUP_NAME, group.getName())

  223.       .execute();

  224.   }

  225. 

  226.   @Test

  227.   public void delete_admin_group_fails_if_no_admin_users_left() {

  228.     // admin users are part of the group to be deleted

  229.     db.users().insertDefaultGroup();

  230.     GroupDto adminGroup = db.users().insertGroup("admins");

  231.     db.users().insertPermissionOnGroup(adminGroup, SYSTEM_ADMIN);

  232.     UserDto bigBoss = db.users().insertUser();

  233.     db.users().insertMember(adminGroup, bigBoss);

  234.     loginAsAdmin();

  235. 

  236.     expectedException.expect(IllegalArgumentException.class);

  237.     expectedException.expectMessage("The last system admin group cannot be deleted");

  238. 

  239.     executeDeleteGroupRequest(adminGroup);

  240.   }

  241. 

  242.   @Test

  243.   public void delete_admin_group_succeeds_if_other_groups_have_administrators() {

  244.     db.users().insertDefaultGroup();

  245.     GroupDto adminGroup1 = db.users().insertGroup("admins");

  246.     db.users().insertPermissionOnGroup(adminGroup1, SYSTEM_ADMIN);

  247.     GroupDto adminGroup2 = db.users().insertGroup("admins2");

  248.     db.users().insertPermissionOnGroup(adminGroup2, SYSTEM_ADMIN);

  249.     UserDto bigBoss = db.users().insertUser();

  250.     db.users().insertMember(adminGroup2, bigBoss);

  251.     loginAsAdmin();

  252. 

  253.     executeDeleteGroupRequest(adminGroup1);

  254. 

  255.     assertThat(db.users().selectGroupPermissions(adminGroup2, null)).hasSize(1);

  256.   }

  257. 

  258.   private void executeDeleteGroupRequest(GroupDto adminGroup1) {

  259.     newRequest()

  260.       .setParam(PARAM_GROUP_ID, adminGroup1.getUuid())

  261.       .execute();

  262.   }

  263. 

  264.   private void addAdmin() {

  265.     UserDto admin = db.users().insertUser();

  266.     db.users().insertPermissionOnUser(admin, SYSTEM_ADMIN);

  267.   }

  268. 

  269.   private void loginAsAdmin() {

  270.     userSession.logIn().addPermission(ADMINISTER);

  271.   }

  272. 

  273.   private void insertDefaultGroup() {

  274.     db.users().insertDefaultGroup();

  275.   }

  276. 

  277.   private TestRequest newRequest() {

  278.     return ws.newRequest();

  279.   }

  280. 

  281.   private GroupWsSupport newGroupWsSupport() {

  282.     return new GroupWsSupport(db.getDbClient(), new DefaultGroupFinder(db.getDbClient()));

  283.   }

  284. 

  285. }