mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29336 Commits
59 Branches
Tree: 97fd4b10e7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97fd4b10e7'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/EditCommentActionTest.java

EditCommentActionTest.java 10.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.issue.ws;

  21. 

  22. import javax.annotation.Nullable;

  23. import org.junit.Before;

  24. import org.junit.Rule;

  25. import org.junit.Test;

  26. import org.junit.rules.ExpectedException;

  27. import org.mockito.ArgumentCaptor;

  28. import org.sonar.api.server.ws.Request;

  29. import org.sonar.api.server.ws.Response;

  30. import org.sonar.api.server.ws.WebService;

  31. import org.sonar.api.utils.System2;

  32. import org.sonar.db.DbClient;

  33. import org.sonar.db.DbTester;

  34. import org.sonar.db.issue.IssueChangeDto;

  35. import org.sonar.db.issue.IssueDbTester;

  36. import org.sonar.db.issue.IssueDto;

  37. import org.sonar.db.user.UserDto;

  38. import org.sonar.server.exceptions.ForbiddenException;

  39. import org.sonar.server.exceptions.NotFoundException;

  40. import org.sonar.server.exceptions.UnauthorizedException;

  41. import org.sonar.server.issue.IssueFinder;

  42. import org.sonar.server.tester.UserSessionRule;

  43. import org.sonar.server.ws.TestRequest;

  44. import org.sonar.server.ws.TestResponse;

  45. import org.sonar.server.ws.WsActionTester;

  46. 

  47. import static java.util.Optional.ofNullable;

  48. import static org.assertj.core.api.Assertions.assertThat;

  49. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  50. import static org.mockito.ArgumentMatchers.any;

  51. import static org.mockito.ArgumentMatchers.eq;

  52. import static org.mockito.Mockito.mock;

  53. import static org.mockito.Mockito.verify;

  54. import static org.mockito.Mockito.when;

  55. import static org.sonar.api.web.UserRole.CODEVIEWER;

  56. import static org.sonar.api.web.UserRole.USER;

  57. 

  58. public class EditCommentActionTest {

  59. 

  60.   private static final long NOW = 10_000_000_000L;

  61. 

  62.   @Rule

  63.   public ExpectedException expectedException = ExpectedException.none();

  64.   @Rule

  65.   public DbTester dbTester = DbTester.create();

  66.   @Rule

  67.   public UserSessionRule userSession = UserSessionRule.standalone();

  68. 

  69.   private System2 system2 = mock(System2.class);

  70.   private DbClient dbClient = dbTester.getDbClient();

  71.   private IssueDbTester issueDbTester = new IssueDbTester(dbTester);

  72.   private OperationResponseWriter responseWriter = mock(OperationResponseWriter.class);

  73.   private ArgumentCaptor<SearchResponseData> preloadedSearchResponseDataCaptor = ArgumentCaptor.forClass(SearchResponseData.class);

  74. 

  75.   private WsActionTester tester = new WsActionTester(

  76.     new EditCommentAction(system2, userSession, dbClient, new IssueFinder(dbClient, userSession), responseWriter));

  77. 

  78.   @Before

  79.   public void setUp() {

  80.     when(system2.now()).thenReturn(NOW);

  81.   }

  82. 

  83.   @Test

  84.   public void edit_comment() {

  85.     IssueDto issueDto = newIssue();

  86.     UserDto user = dbTester.users().insertUser();

  87.     IssueChangeDto commentDto = issueDbTester.insertComment(issueDto, user, "please fix it");

  88.     loginWithBrowsePermission(user, USER, issueDto);

  89. 

  90.     call(commentDto.getKey(), "please have a look");

  91. 

  92.     verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class));

  93. 

  94.     verifyContentOfPreloadedSearchResponseData(issueDto);

  95.     IssueChangeDto issueComment = dbClient.issueChangeDao().selectCommentByKey(dbTester.getSession(), commentDto.getKey()).get();

  96.     assertThat(issueComment.getChangeData()).isEqualTo("please have a look");

  97.     assertThat(issueComment.getUpdatedAt()).isEqualTo(NOW);

  98.   }

  99. 

  100.   @Test

  101.   public void edit_comment_using_deprecated_key_parameter() {

  102.     IssueDto issueDto = newIssue();

  103.     UserDto user = dbTester.users().insertUser();

  104.     IssueChangeDto commentDto = issueDbTester.insertComment(issueDto, user, "please fix it");

  105.     loginWithBrowsePermission(user, USER, issueDto);

  106. 

  107.     tester.newRequest().setParam("key", commentDto.getKey()).setParam("text", "please have a look").execute();

  108. 

  109.     verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class));

  110. 

  111.     verifyContentOfPreloadedSearchResponseData(issueDto);

  112.     IssueChangeDto issueComment = dbClient.issueChangeDao().selectCommentByKey(dbTester.getSession(), commentDto.getKey()).get();

  113.     assertThat(issueComment.getChangeData()).isEqualTo("please have a look");

  114.     assertThat(issueComment.getUpdatedAt()).isEqualTo(NOW);

  115.   }

  116. 

  117.   @Test

  118.   public void fail_when_comment_is_for_hotspot() {

  119.     IssueDto hotspot = issueDbTester.insertHotspot();

  120.     UserDto user = dbTester.users().insertUser();

  121.     IssueChangeDto commentDto = issueDbTester.insertComment(hotspot, user, "please fix it");

  122.     UserDto another = dbTester.users().insertUser();

  123.     loginWithBrowsePermission(another, USER, hotspot);

  124. 

  125.     assertThatThrownBy(() -> call(commentDto.getKey(), "please have a look"))

  126.     .isInstanceOf(NotFoundException.class)

  127.     .hasMessage("Issue with key '%s' does not exist", hotspot.getKey());

  128.   }

  129. 

  130.   @Test

  131.   public void fail_when_comment_does_not_belong_to_current_user() {

  132.     IssueDto issueDto = newIssue();

  133.     UserDto user = dbTester.users().insertUser();

  134.     IssueChangeDto commentDto = issueDbTester.insertComment(issueDto, user, "please fix it");

  135.     UserDto another = dbTester.users().insertUser();

  136.     loginWithBrowsePermission(another, USER, issueDto);

  137. 

  138.     expectedException.expect(IllegalArgumentException.class);

  139.     expectedException.expectMessage("You can only edit your own comments");

  140.     call(commentDto.getKey(), "please have a look");

  141.   }

  142. 

  143.   @Test

  144.   public void fail_when_comment_has_not_user() {

  145.     IssueDto issueDto = newIssue();

  146.     UserDto user = dbTester.users().insertUser();

  147.     IssueChangeDto commentDto = issueDbTester.insertComment(issueDto, null, "please fix it");

  148.     loginWithBrowsePermission(user, USER, issueDto);

  149. 

  150.     expectedException.expect(IllegalArgumentException.class);

  151.     expectedException.expectMessage("You can only edit your own comments");

  152.     call(commentDto.getKey(), "please have a look");

  153.   }

  154. 

  155.   @Test

  156.   public void fail_when_missing_comment_key() {

  157.     userSession.logIn("john");

  158. 

  159.     expectedException.expect(IllegalArgumentException.class);

  160.     call(null, "please fix it");

  161.   }

  162. 

  163.   @Test

  164.   public void fail_when_comment_does_not_exist() {

  165.     userSession.logIn("john");

  166. 

  167.     expectedException.expect(NotFoundException.class);

  168.     call("ABCD", "please fix it");

  169.   }

  170. 

  171.   @Test

  172.   public void fail_when_missing_comment_text() {

  173.     userSession.logIn("john");

  174. 

  175.     expectedException.expect(IllegalArgumentException.class);

  176.     call("ABCD", null);

  177.   }

  178. 

  179.   @Test

  180.   public void fail_when_empty_comment_text() {

  181.     IssueDto issueDto = newIssue();

  182.     UserDto user = dbTester.users().insertUser();

  183.     IssueChangeDto commentDto = issueDbTester.insertComment(issueDto, user, "please fix it");

  184.     loginWithBrowsePermission(user, USER, issueDto);

  185. 

  186.     expectedException.expect(IllegalArgumentException.class);

  187.     call(commentDto.getKey(), "");

  188.   }

  189. 

  190.   @Test

  191.   public void fail_when_not_authenticated() {

  192.     expectedException.expect(UnauthorizedException.class);

  193.     call("ABCD", "please fix it");

  194.   }

  195. 

  196.   @Test

  197.   public void fail_when_not_enough_permission() {

  198.     IssueDto issueDto = newIssue();

  199.     UserDto user = dbTester.users().insertUser();

  200.     IssueChangeDto commentDto = issueDbTester.insertComment(issueDto, user, "please fix it");

  201.     loginWithBrowsePermission(user, CODEVIEWER, issueDto);

  202. 

  203.     expectedException.expect(ForbiddenException.class);

  204.     call(commentDto.getKey(), "please have a look");

  205.   }

  206. 

  207.   @Test

  208.   public void fail_NFE_if_security_hotspots() {

  209.     IssueDto issueDto = issueDbTester.insertHotspot();

  210.     UserDto user = dbTester.users().insertUser();

  211.     IssueChangeDto commentDto = issueDbTester.insertComment(issueDto, user, "please fix it");

  212.     loginWithBrowsePermission(user, CODEVIEWER, issueDto);

  213. 

  214.     expectedException.expect(NotFoundException.class);

  215.     expectedException.expectMessage(String.format("Issue with key '%s' does not exist", issueDto.getKey()));

  216.     call(commentDto.getKey(), "please have a look");

  217.   }

  218. 

  219.   @Test

  220.   public void test_definition() {

  221.     WebService.Action action = tester.getDef();

  222.     assertThat(action.key()).isEqualTo("edit_comment");

  223.     assertThat(action.isPost()).isTrue();

  224.     assertThat(action.isInternal()).isFalse();

  225.     assertThat(action.params()).hasSize(2);

  226.     assertThat(action.responseExample()).isNotNull();

  227.   }

  228. 

  229.   private TestResponse call(@Nullable String commentKey, @Nullable String commentText) {

  230.     TestRequest request = tester.newRequest();

  231.     ofNullable(commentKey).ifPresent(comment1 -> request.setParam("comment", comment1));

  232.     ofNullable(commentText).ifPresent(comment -> request.setParam("text", comment));

  233.     return request.execute();

  234.   }

  235. 

  236.   private IssueDto newIssue() {

  237.     return issueDbTester.insertIssue();

  238.   }

  239. 

  240.   private void loginWithBrowsePermission(UserDto user, String permission, IssueDto issueDto) {

  241.     userSession.logIn(user).addProjectPermission(permission,

  242.       dbClient.componentDao().selectByUuid(dbTester.getSession(), issueDto.getProjectUuid()).get(),

  243.       dbClient.componentDao().selectByUuid(dbTester.getSession(), issueDto.getComponentUuid()).get());

  244.   }

  245. 

  246.   private void verifyContentOfPreloadedSearchResponseData(IssueDto issue) {

  247.     SearchResponseData preloadedSearchResponseData = preloadedSearchResponseDataCaptor.getValue();

  248.     assertThat(preloadedSearchResponseData.getIssues())

  249.       .extracting(IssueDto::getKey)

  250.       .containsOnly(issue.getKey());

  251.     assertThat(preloadedSearchResponseData.getRules()).isNullOrEmpty();

  252.     assertThat(preloadedSearchResponseData.getComponents()).isNullOrEmpty();

  253.   }

  254. }