mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29336 Commits
59 Branches
Tree: 97fd4b10e7
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '97fd4b10e7'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/test/java/org/sonar/server/issue/ws/SetTypeActionTest.java

SetTypeActionTest.java 12KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.issue.ws;

  21. 

  22. import com.google.common.collect.Sets;

  23. import com.tngtech.java.junit.dataprovider.DataProvider;

  24. import com.tngtech.java.junit.dataprovider.DataProviderRunner;

  25. import com.tngtech.java.junit.dataprovider.UseDataProvider;

  26. import java.util.EnumSet;

  27. import java.util.List;

  28. import java.util.Set;

  29. import java.util.stream.Collectors;

  30. import javax.annotation.Nullable;

  31. import org.junit.Rule;

  32. import org.junit.Test;

  33. import org.junit.rules.ExpectedException;

  34. import org.junit.runner.RunWith;

  35. import org.mockito.ArgumentCaptor;

  36. import org.sonar.api.rules.RuleType;

  37. import org.sonar.api.server.ws.Request;

  38. import org.sonar.api.server.ws.Response;

  39. import org.sonar.api.server.ws.WebService;

  40. import org.sonar.api.utils.System2;

  41. import org.sonar.core.issue.FieldDiffs;

  42. import org.sonar.db.DbClient;

  43. import org.sonar.db.DbTester;

  44. import org.sonar.db.component.ComponentDto;

  45. import org.sonar.db.issue.IssueDbTester;

  46. import org.sonar.db.issue.IssueDto;

  47. import org.sonar.db.rule.RuleDefinitionDto;

  48. import org.sonar.server.es.EsTester;

  49. import org.sonar.server.exceptions.ForbiddenException;

  50. import org.sonar.server.exceptions.NotFoundException;

  51. import org.sonar.server.exceptions.UnauthorizedException;

  52. import org.sonar.server.issue.IssueFieldsSetter;

  53. import org.sonar.server.issue.IssueFinder;

  54. import org.sonar.server.issue.TestIssueChangePostProcessor;

  55. import org.sonar.server.issue.WebIssueStorage;

  56. import org.sonar.server.issue.index.IssueIndexer;

  57. import org.sonar.server.issue.index.IssueIteratorFactory;

  58. import org.sonar.server.issue.notification.IssuesChangesNotificationSerializer;

  59. import org.sonar.server.notification.NotificationManager;

  60. import org.sonar.server.organization.DefaultOrganizationProvider;

  61. import org.sonar.server.organization.TestDefaultOrganizationProvider;

  62. import org.sonar.server.rule.DefaultRuleFinder;

  63. import org.sonar.server.tester.UserSessionRule;

  64. import org.sonar.server.ws.TestRequest;

  65. import org.sonar.server.ws.TestResponse;

  66. import org.sonar.server.ws.WsActionTester;

  67. 

  68. import static java.util.Optional.ofNullable;

  69. import static org.assertj.core.api.Assertions.assertThat;

  70. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  71. import static org.mockito.ArgumentMatchers.any;

  72. import static org.mockito.ArgumentMatchers.eq;

  73. import static org.mockito.Mockito.mock;

  74. import static org.mockito.Mockito.verify;

  75. import static org.mockito.Mockito.when;

  76. import static org.sonar.api.rules.RuleType.BUG;

  77. import static org.sonar.api.rules.RuleType.CODE_SMELL;

  78. import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;

  79. import static org.sonar.api.web.UserRole.ISSUE_ADMIN;

  80. import static org.sonar.api.web.UserRole.USER;

  81. import static org.sonar.db.component.ComponentTesting.newFileDto;

  82. 

  83. @RunWith(DataProviderRunner.class)

  84. public class SetTypeActionTest {

  85. 

  86.   @Rule

  87.   public ExpectedException expectedException = ExpectedException.none();

  88.   @Rule

  89.   public DbTester dbTester = DbTester.create();

  90.   @Rule

  91.   public EsTester es = EsTester.create();

  92.   @Rule

  93.   public UserSessionRule userSession = UserSessionRule.standalone();

  94. 

  95.   private System2 system2 = mock(System2.class);

  96. 

  97.   private DbClient dbClient = dbTester.getDbClient();

  98. 

  99.   private IssueDbTester issueDbTester = new IssueDbTester(dbTester);

  100.   private DefaultOrganizationProvider defaultOrganizationProvider = TestDefaultOrganizationProvider.from(dbTester);

  101.   private OperationResponseWriter responseWriter = mock(OperationResponseWriter.class);

  102.   private ArgumentCaptor<SearchResponseData> preloadedSearchResponseDataCaptor = ArgumentCaptor.forClass(SearchResponseData.class);

  103. 

  104.   private IssueIndexer issueIndexer = new IssueIndexer(es.client(), dbClient, new IssueIteratorFactory(dbClient));

  105.   private TestIssueChangePostProcessor issueChangePostProcessor = new TestIssueChangePostProcessor();

  106.   private IssuesChangesNotificationSerializer issuesChangesSerializer = new IssuesChangesNotificationSerializer();

  107.   private WsActionTester tester = new WsActionTester(new SetTypeAction(userSession, dbClient, new IssueFinder(dbClient, userSession), new IssueFieldsSetter(),

  108.     new IssueUpdater(dbClient,

  109.       new WebIssueStorage(system2, dbClient, new DefaultRuleFinder(dbClient, defaultOrganizationProvider), issueIndexer), mock(NotificationManager.class),

  110.       issueChangePostProcessor, issuesChangesSerializer),

  111.     responseWriter, system2));

  112. 

  113.   @Test

  114.   @UseDataProvider("allTypesFromToExceptHotspots")

  115.   public void set_type(RuleType from, RuleType to) {

  116.     long now = 1_999_777_234L;

  117.     when(system2.now()).thenReturn(now);

  118.     IssueDto issueDto = newIssueWithProject(from);

  119.     setUserWithBrowseAndAdministerIssuePermission(issueDto);

  120. 

  121.     call(issueDto.getKey(), to.name());

  122. 

  123.     verify(responseWriter).write(eq(issueDto.getKey()), preloadedSearchResponseDataCaptor.capture(), any(Request.class), any(Response.class));

  124.     IssueDto issueReloaded = dbClient.issueDao().selectByKey(dbTester.getSession(), issueDto.getKey()).get();

  125.     assertThat(issueReloaded.getType()).isEqualTo(to.getDbConstant());

  126. 

  127.     if (from != to) {

  128.       verifyContentOfPreloadedSearchResponseData(issueDto);

  129.       assertThat(issueChangePostProcessor.calledComponents())

  130.         .extracting(ComponentDto::uuid)

  131.         .containsExactlyInAnyOrder(issueDto.getComponentUuid());

  132.     } else {

  133.       assertThat(issueChangePostProcessor.wasCalled())

  134.         .isFalse();

  135.     }

  136.   }

  137. 

  138.   @Test

  139.   public void insert_entry_in_changelog_when_setting_type() {

  140.     IssueDto issueDto = newIssueWithProject(CODE_SMELL);

  141.     setUserWithBrowseAndAdministerIssuePermission(issueDto);

  142. 

  143.     call(issueDto.getKey(), BUG.name());

  144. 

  145.     List<FieldDiffs> fieldDiffs = dbClient.issueChangeDao().selectChangelogByIssue(dbTester.getSession(), issueDto.getKey());

  146.     assertThat(fieldDiffs).hasSize(1);

  147.     assertThat(fieldDiffs.get(0).diffs()).hasSize(1);

  148.     assertThat(fieldDiffs.get(0).diffs().get("type").newValue()).isEqualTo(BUG.name());

  149.     assertThat(fieldDiffs.get(0).diffs().get("type").oldValue()).isEqualTo(CODE_SMELL.name());

  150.   }

  151. 

  152.   @Test

  153.   public void fail_if_bad_type_value() {

  154.     IssueDto issueDto = newIssueWithProject(CODE_SMELL);

  155.     setUserWithBrowseAndAdministerIssuePermission(issueDto);

  156. 

  157.     assertThatThrownBy(() -> call(issueDto.getKey(), "unknown"))

  158.       .isInstanceOf(IllegalArgumentException.class)

  159.       .hasMessage("Value of parameter 'type' (unknown) must be one of: [CODE_SMELL, BUG, VULNERABILITY]");

  160.   }

  161. 

  162.   @Test

  163.   public void fail_if_SECURITY_HOTSPOT_value() {

  164.     IssueDto issueDto = newIssueWithProject(CODE_SMELL);

  165.     setUserWithBrowseAndAdministerIssuePermission(issueDto);

  166. 

  167.     assertThatThrownBy(() -> call(issueDto.getKey(), "SECURITY_HOTSPOT"))

  168.       .isInstanceOf(IllegalArgumentException.class)

  169.       .hasMessage("Value of parameter 'type' (SECURITY_HOTSPOT) must be one of: [CODE_SMELL, BUG, VULNERABILITY]");

  170.   }

  171. 

  172.   @Test

  173.   public void fail_when_not_authenticated() {

  174.     expectedException.expect(UnauthorizedException.class);

  175.     call("ABCD", BUG.name());

  176.   }

  177. 

  178.   @Test

  179.   public void fail_when_missing_browse_permission() {

  180.     IssueDto issueDto = issueDbTester.insertIssue();

  181.     String login = "john";

  182.     String permission = ISSUE_ADMIN;

  183.     logInAndAddProjectPermission(login, issueDto, permission);

  184. 

  185.     expectedException.expect(ForbiddenException.class);

  186.     call(issueDto.getKey(), BUG.name());

  187.   }

  188. 

  189.   @Test

  190.   @UseDataProvider("allTypesExceptSecurityHotspot")

  191.   public void fail_type_except_hotspot_when_missing_administer_issue_permission(RuleType type) {

  192.     IssueDto issueDto = issueDbTester.insertIssue(issue -> issue.setType(type));

  193.     logInAndAddProjectPermission("john", issueDto, USER);

  194. 

  195.     expectedException.expect(ForbiddenException.class);

  196.     call(issueDto.getKey(), type.name());

  197.   }

  198. 

  199.   @Test

  200.   @UseDataProvider("allTypesExceptSecurityHotspot")

  201.   public void fail_NFE_if_trying_to_change_type_of_a_hotspot(RuleType type) {

  202.     long now = 1_999_777_234L;

  203.     when(system2.now()).thenReturn(now);

  204.     IssueDto hotspot = issueDbTester.insertHotspot();

  205.     setUserWithBrowseAndAdministerIssuePermission(hotspot);

  206. 

  207.     assertThatThrownBy(() -> call(hotspot.getKey(), type.name()))

  208.       .isInstanceOf(NotFoundException.class)

  209.       .hasMessage("Issue with key '%s' does not exist", hotspot.getKey());

  210.   }

  211. 

  212.   @Test

  213.   public void test_definition() {

  214.     WebService.Action action = tester.getDef();

  215.     assertThat(action.key()).isEqualTo("set_type");

  216.     assertThat(action.isPost()).isTrue();

  217.     assertThat(action.isInternal()).isFalse();

  218.     assertThat(action.params()).hasSize(2);

  219.     assertThat(action.responseExample()).isNotNull();

  220.   }

  221. 

  222.   private TestResponse call(@Nullable String issueKey, @Nullable String type) {

  223.     TestRequest request = tester.newRequest();

  224.     ofNullable(issueKey).ifPresent(issue -> request.setParam("issue", issue));

  225.     ofNullable(type).ifPresent(t -> request.setParam("type", t));

  226.     return request.execute();

  227.   }

  228. 

  229.   private IssueDto newIssueWithProject(RuleType type) {

  230.     RuleDefinitionDto rule = dbTester.rules().insert();

  231.     ComponentDto project = dbTester.components().insertMainBranch();

  232.     ComponentDto file = dbTester.components().insertComponent(newFileDto(project));

  233.     return issueDbTester.insert(rule, project, file, i -> i.setType(type));

  234.   }

  235. 

  236.   private void setUserWithBrowseAndAdministerIssuePermission(IssueDto issueDto) {

  237.     ComponentDto project = dbClient.componentDao().selectByUuid(dbTester.getSession(), issueDto.getProjectUuid()).get();

  238.     userSession.logIn(dbTester.users().insertUser("john"))

  239.       .addProjectPermission(ISSUE_ADMIN, project)

  240.       .addProjectPermission(USER, project);

  241.   }

  242. 

  243.   private void logInAndAddProjectPermission(String login, IssueDto issueDto, String permission) {

  244.     userSession.logIn(login).addProjectPermission(permission, dbClient.componentDao().selectByUuid(dbTester.getSession(), issueDto.getProjectUuid()).get());

  245.   }

  246. 

  247.   private void verifyContentOfPreloadedSearchResponseData(IssueDto issue) {

  248.     SearchResponseData preloadedSearchResponseData = preloadedSearchResponseDataCaptor.getValue();

  249.     assertThat(preloadedSearchResponseData.getIssues())

  250.       .extracting(IssueDto::getKey)

  251.       .containsOnly(issue.getKey());

  252.     assertThat(preloadedSearchResponseData.getRules())

  253.       .extracting(RuleDefinitionDto::getKey)

  254.       .containsOnly(issue.getRuleKey());

  255.     assertThat(preloadedSearchResponseData.getComponents())

  256.       .extracting(ComponentDto::uuid)

  257.       .containsOnly(issue.getComponentUuid(), issue.getProjectUuid());

  258.   }

  259. 

  260.   @DataProvider

  261.   public static Object[][] allTypesExceptSecurityHotspot() {

  262.     return EnumSet.allOf(RuleType.class)

  263.       .stream()

  264.       .filter(ruleType -> SECURITY_HOTSPOT != ruleType)

  265.       .map(t -> new Object[] {t})

  266.       .toArray(Object[][]::new);

  267.   }

  268. 

  269.   @DataProvider

  270.   public static Object[][] allTypesFromToExceptHotspots() {

  271.     Set<RuleType> set = EnumSet.allOf(RuleType.class)

  272.       .stream()

  273.       .filter(ruleType -> SECURITY_HOTSPOT != ruleType)

  274.       .collect(Collectors.toSet());

  275.     return Sets.cartesianProduct(set, set)

  276.       .stream()

  277.       .map(ruleTypes -> new Object[] {ruleTypes.get(0), ruleTypes.get(1)})

  278.       .toArray(Object[][]::new);

  279.   }

  280. }