1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192 |
- /*
- * SonarQube
- * Copyright (C) 2009-2020 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
- package org.sonar.server.user;
-
- import org.junit.Before;
- import org.junit.Test;
- import org.sonar.db.component.ComponentDto;
- import org.sonar.server.tester.MockUserSession;
-
- import static org.assertj.core.api.Assertions.assertThat;
- import static org.assertj.core.api.Assertions.fail;
-
- public class DoPrivilegedTest {
-
- private static final String LOGIN = "dalailaHidou!";
-
- private ThreadLocalUserSession threadLocalUserSession = new ThreadLocalUserSession();
- private MockUserSession session = new MockUserSession(LOGIN);
-
- @Before
- public void setUp() {
- threadLocalUserSession.set(session);
- }
-
- @Test
- public void allow_everything_in_privileged_block_only() {
- UserSessionCatcherTask catcher = new UserSessionCatcherTask();
-
- DoPrivileged.execute(catcher);
-
- // verify the session used inside Privileged task
- assertThat(catcher.userSession.isLoggedIn()).isFalse();
- assertThat(catcher.userSession.hasComponentPermission("any permission", new ComponentDto())).isTrue();
- assertThat(catcher.userSession.isSystemAdministrator()).isTrue();
-
- // verify session in place after task is done
- assertThat(threadLocalUserSession.get()).isSameAs(session);
- }
-
- @Test
- public void loose_privileges_on_exception() {
- UserSessionCatcherTask catcher = new UserSessionCatcherTask() {
- @Override
- protected void doPrivileged() {
- super.doPrivileged();
- throw new RuntimeException("Test to lose privileges");
- }
- };
-
- try {
- DoPrivileged.execute(catcher);
- fail("An exception should have been raised!");
- } catch (Throwable ignored) {
- // verify session in place after task is done
- assertThat(threadLocalUserSession.get()).isSameAs(session);
-
- // verify the session used inside Privileged task
- assertThat(catcher.userSession.isLoggedIn()).isFalse();
- assertThat(catcher.userSession.hasComponentPermission("any permission", new ComponentDto())).isTrue();
- }
- }
-
- private class UserSessionCatcherTask extends DoPrivileged.Task {
- UserSession userSession;
-
- public UserSessionCatcherTask() {
- super(DoPrivilegedTest.this.threadLocalUserSession);
- }
-
- @Override
- protected void doPrivileged() {
- userSession = threadLocalUserSession.get();
- }
- }
- }
|