123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168 |
- /*
- * SonarQube, open source software quality management tool.
- * Copyright (C) 2008-2014 SonarSource
- * mailto:contact AT sonarsource DOT com
- *
- * SonarQube is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * SonarQube is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
- */
-
- package org.sonar.server.permission.ws;
-
- import com.google.common.io.Resources;
- import org.junit.Before;
- import org.junit.Rule;
- import org.junit.Test;
- import org.junit.experimental.categories.Category;
- import org.junit.rules.ExpectedException;
- import org.sonar.api.security.DefaultGroups;
- import org.sonar.api.server.ws.WebService.Param;
- import org.sonar.api.server.ws.WebService.SelectionMode;
- import org.sonar.api.utils.System2;
- import org.sonar.core.permission.GlobalPermissions;
- import org.sonar.db.DbClient;
- import org.sonar.db.DbSession;
- import org.sonar.db.DbTester;
- import org.sonar.db.user.GroupDto;
- import org.sonar.db.user.GroupRoleDto;
- import org.sonar.server.exceptions.ForbiddenException;
- import org.sonar.server.exceptions.UnauthorizedException;
- import org.sonar.server.permission.PermissionFinder;
- import org.sonar.server.tester.UserSessionRule;
- import org.sonar.server.ws.WsActionTester;
- import org.sonar.test.DbTests;
-
- import static org.assertj.core.api.Assertions.assertThat;
- import static org.sonar.test.JsonAssert.assertJson;
-
- @Category(DbTests.class)
- public class GroupsActionTest {
-
- @Rule
- public ExpectedException expectedException = ExpectedException.none();
- @Rule
- public UserSessionRule userSession = UserSessionRule.standalone();
- @Rule
- public DbTester db = DbTester.create(System2.INSTANCE);
-
- DbClient dbClient;
- DbSession dbSession;
- WsActionTester ws;
- PermissionFinder permissionFinder;
-
- GroupsAction underTest;
-
- @Before
- public void setUp() {
- dbClient = db.getDbClient();
- dbSession = db.getSession();
- permissionFinder = new PermissionFinder(dbClient);
- userSession.login("login").setGlobalPermissions(GlobalPermissions.SYSTEM_ADMIN);
- underTest = new GroupsAction(userSession, permissionFinder);
- ws = new WsActionTester(underTest);
-
- GroupDto group1 = dbClient.groupDao().insert(dbSession, new GroupDto()
- .setName("group-1-name")
- .setDescription("group-1-description"));
- GroupDto group2 = dbClient.groupDao().insert(dbSession, new GroupDto()
- .setName("group-2-name")
- .setDescription("group-2-description"));
- GroupDto group3 = dbClient.groupDao().insert(dbSession, new GroupDto()
- .setName("group-3-name")
- .setDescription("group-3-description"));
- dbClient.roleDao().insertGroupRole(dbSession, new GroupRoleDto()
- .setGroupId(group1.getId())
- .setRole(GlobalPermissions.SCAN_EXECUTION));
- dbClient.roleDao().insertGroupRole(dbSession, new GroupRoleDto()
- .setGroupId(group2.getId())
- .setRole(GlobalPermissions.SCAN_EXECUTION));
- dbClient.roleDao().insertGroupRole(dbSession, new GroupRoleDto()
- .setGroupId(group3.getId())
- .setRole(GlobalPermissions.SYSTEM_ADMIN));
- dbSession.commit();
- }
-
- @Test
- public void search_for_groups_with_one_permission() {
- String result = ws.newRequest()
- .setParam("permission", "scan")
- .execute().getInput();
-
- assertJson(result).isSimilarTo(Resources.getResource(getClass(), "GroupsActionTest/groups.json"));
- }
-
- @Test
- public void search_with_selection() {
- String result = ws.newRequest()
- .setParam("permission", "scan")
- .setParam("selected", SelectionMode.ALL.value())
- .execute().getInput();
-
- assertThat(result).containsSequence(DefaultGroups.ANYONE, "group-1", "group-2", "group-3");
- }
-
- @Test
- public void search_groups_with_pagination() {
- String result = ws.newRequest()
- .setParam("permission", "scan")
- .setParam(Param.PAGE_SIZE, "1")
- .setParam(Param.PAGE, "2")
- .execute().getInput();
-
- assertThat(result).contains("group-2")
- .doesNotContain("group-1")
- .doesNotContain("group-3");
- }
-
- @Test
- public void search_groups_with_query() {
- String result = ws.newRequest()
- .setParam("permission", "scan")
- .setParam(Param.TEXT_QUERY, "group-")
- .execute().getInput();
-
- assertThat(result)
- .contains("group-1", "group-2", "group-3")
- .doesNotContain(DefaultGroups.ANYONE);
-
- }
-
- @Test
- public void fail_if_not_logged_in() {
- expectedException.expect(UnauthorizedException.class);
- userSession.anonymous();
-
- ws.newRequest()
- .setParam("permission", "scan")
- .execute();
- }
-
- @Test
- public void fail_if_insufficient_privileges() {
- expectedException.expect(ForbiddenException.class);
- userSession.login("login");
-
- ws.newRequest()
- .setParam("permission", "scan")
- .execute();
- }
-
- @Test
- public void fail_if_permission_is_not_specified() {
- expectedException.expect(IllegalArgumentException.class);
-
- ws.newRequest()
- .execute();
- }
- }
|