mirrors
/
sonarqube
дзеркало https://github.com/SonarSource/sonarqube.git
Слідкувати 1
В обрані 0
Форк 0
Код Проблеми 0 Релізи 237 Вікі Активність
Ви не можете вибрати більше 25 тем Теми мають розпочинатися з літери або цифри, можуть містити дефіси (-) і не повинні перевищувати 35 символів.
33490 Коміти
59 Гілки
Дерево: a7431823ca
Гілки Теги
${ item.name }
Створити гілку ${ searchTerm }
з 'a7431823ca'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/test/java/org/sonar/server/webhook/ws/UpdateActionTest.java

UpdateActionTest.java 11KB
Неформатований Blame Історія

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2023 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.webhook.ws;

  21. 

  22. import java.util.Optional;

  23. import org.junit.Rule;

  24. import org.junit.Test;

  25. import org.sonar.api.config.Configuration;

  26. import org.sonar.api.resources.ResourceTypes;

  27. import org.sonar.api.server.ws.WebService;

  28. import org.sonar.api.web.UserRole;

  29. import org.sonar.db.DbClient;

  30. import org.sonar.db.DbTester;

  31. import org.sonar.db.component.ComponentDbTester;

  32. import org.sonar.db.project.ProjectDto;

  33. import org.sonar.db.webhook.WebhookDbTester;

  34. import org.sonar.db.webhook.WebhookDto;

  35. import org.sonar.server.component.ComponentFinder;

  36. import org.sonar.server.exceptions.ForbiddenException;

  37. import org.sonar.server.exceptions.NotFoundException;

  38. import org.sonar.server.exceptions.UnauthorizedException;

  39. import org.sonar.server.tester.UserSessionRule;

  40. import org.sonar.server.ws.TestRequest;

  41. import org.sonar.server.ws.TestResponse;

  42. import org.sonar.server.ws.WsActionTester;

  43. 

  44. import static java.net.HttpURLConnection.HTTP_NO_CONTENT;

  45. import static org.assertj.core.api.Assertions.assertThat;

  46. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  47. import static org.assertj.core.api.AssertionsForClassTypes.tuple;

  48. import static org.mockito.Mockito.mock;

  49. import static org.sonar.api.web.UserRole.ADMIN;

  50. import static org.sonar.db.DbTester.create;

  51. import static org.sonar.db.permission.GlobalPermission.ADMINISTER;

  52. import static org.sonar.server.tester.UserSessionRule.standalone;

  53. import static org.sonar.server.ws.KeyExamples.NAME_WEBHOOK_EXAMPLE_001;

  54. import static org.sonar.server.ws.KeyExamples.URL_WEBHOOK_EXAMPLE_001;

  55. 

  56. public class UpdateActionTest {

  57. 

  58.   @Rule

  59.   public UserSessionRule userSession = standalone();

  60. 

  61.   @Rule

  62.   public DbTester db = create();

  63.   private final DbClient dbClient = db.getDbClient();

  64.   private final WebhookDbTester webhookDbTester = db.webhooks();

  65.   private final ComponentDbTester componentDbTester = db.components();

  66.   private final Configuration configuration = mock(Configuration.class);

  67.   private final NetworkInterfaceProvider networkInterfaceProvider = mock(NetworkInterfaceProvider.class);

  68.   private final WebhookSupport webhookSupport = new WebhookSupport(userSession, configuration, networkInterfaceProvider);

  69.   private final ResourceTypes resourceTypes = mock(ResourceTypes.class);

  70.   private final ComponentFinder componentFinder = new ComponentFinder(dbClient, resourceTypes);

  71.   private final UpdateAction underTest = new UpdateAction(dbClient, userSession, webhookSupport, componentFinder);

  72.   private final WsActionTester wsActionTester = new WsActionTester(underTest);

  73. 

  74.   @Test

  75.   public void test_ws_definition() {

  76.     WebService.Action action = wsActionTester.getDef();

  77.     assertThat(action).isNotNull();

  78.     assertThat(action.isInternal()).isFalse();

  79.     assertThat(action.isPost()).isTrue();

  80. 

  81.     assertThat(action.params())

  82.       .extracting(WebService.Param::key, WebService.Param::isRequired)

  83.       .containsExactlyInAnyOrder(

  84.         tuple("webhook", true),

  85.         tuple("name", true),

  86.         tuple("url", true),

  87.         tuple("secret", false));

  88.   }

  89. 

  90.   @Test

  91.   public void update_a_project_webhook_with_required_fields() {

  92.     ProjectDto project = componentDbTester.insertPrivateProjectDto();

  93.     WebhookDto dto = webhookDbTester.insertWebhook(project);

  94.     userSession.logIn().addProjectPermission(ADMIN, project);

  95. 

  96.     TestResponse response = wsActionTester.newRequest()

  97.       .setParam("webhook", dto.getUuid())

  98.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  99.       .setParam("url", URL_WEBHOOK_EXAMPLE_001)

  100.       .execute();

  101. 

  102.     assertThat(response.getStatus()).isEqualTo(HTTP_NO_CONTENT);

  103.     Optional<WebhookDto> reloaded = webhookDbTester.selectWebhook(dto.getUuid());

  104.     assertThat(reloaded).isPresent();

  105.     assertThat(reloaded.get().getName()).isEqualTo(NAME_WEBHOOK_EXAMPLE_001);

  106.     assertThat(reloaded.get().getUrl()).isEqualTo(URL_WEBHOOK_EXAMPLE_001);

  107.     assertThat(reloaded.get().getProjectUuid()).isEqualTo(dto.getProjectUuid());

  108.     assertThat(reloaded.get().getSecret()).isEqualTo(dto.getSecret());

  109.   }

  110. 

  111.   @Test

  112.   public void update_with_empty_secrets_removes_the_secret() {

  113.     ProjectDto project = componentDbTester.insertPrivateProjectDto();

  114.     WebhookDto dto = webhookDbTester.insertWebhook(project);

  115.     userSession.logIn().addProjectPermission(UserRole.ADMIN, project);

  116. 

  117.     TestResponse response = wsActionTester.newRequest()

  118.       .setParam("webhook", dto.getUuid())

  119.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  120.       .setParam("url", URL_WEBHOOK_EXAMPLE_001)

  121.       .setParam("secret", "")

  122.       .execute();

  123. 

  124.     assertThat(response.getStatus()).isEqualTo(HTTP_NO_CONTENT);

  125.     Optional<WebhookDto> reloaded = webhookDbTester.selectWebhook(dto.getUuid());

  126.     assertThat(reloaded).isPresent();

  127.     assertThat(reloaded.get().getName()).isEqualTo(NAME_WEBHOOK_EXAMPLE_001);

  128.     assertThat(reloaded.get().getUrl()).isEqualTo(URL_WEBHOOK_EXAMPLE_001);

  129.     assertThat(reloaded.get().getProjectUuid()).isEqualTo(dto.getProjectUuid());

  130.     assertThat(reloaded.get().getSecret()).isEqualTo(null);

  131.   }

  132. 

  133.   @Test

  134.   public void update_a_project_webhook_with_all_fields() {

  135.     ProjectDto project = componentDbTester.insertPrivateProjectDto();

  136.     WebhookDto dto = webhookDbTester.insertWebhook(project);

  137.     userSession.logIn().addProjectPermission(ADMIN, project);

  138. 

  139.     TestResponse response = wsActionTester.newRequest()

  140.       .setParam("webhook", dto.getUuid())

  141.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  142.       .setParam("url", URL_WEBHOOK_EXAMPLE_001)

  143.       .setParam("secret", "a_new_secret")

  144.       .execute();

  145. 

  146.     assertThat(response.getStatus()).isEqualTo(HTTP_NO_CONTENT);

  147.     Optional<WebhookDto> reloaded = webhookDbTester.selectWebhook(dto.getUuid());

  148.     assertThat(reloaded).isPresent();

  149.     assertThat(reloaded.get().getName()).isEqualTo(NAME_WEBHOOK_EXAMPLE_001);

  150.     assertThat(reloaded.get().getUrl()).isEqualTo(URL_WEBHOOK_EXAMPLE_001);

  151.     assertThat(reloaded.get().getProjectUuid()).isEqualTo(dto.getProjectUuid());

  152.     assertThat(reloaded.get().getSecret()).isEqualTo("a_new_secret");

  153.   }

  154. 

  155.   @Test

  156.   public void update_a_global_webhook() {

  157.     WebhookDto dto = webhookDbTester.insertGlobalWebhook();

  158.     userSession.logIn().addPermission(ADMINISTER);

  159. 

  160.     TestResponse response = wsActionTester.newRequest()

  161.       .setParam("webhook", dto.getUuid())

  162.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  163.       .setParam("url", URL_WEBHOOK_EXAMPLE_001)

  164.       .setParam("secret", "a_new_secret")

  165.       .execute();

  166. 

  167.     assertThat(response.getStatus()).isEqualTo(HTTP_NO_CONTENT);

  168.     Optional<WebhookDto> reloaded = webhookDbTester.selectWebhook(dto.getUuid());

  169.     assertThat(reloaded).isPresent();

  170.     assertThat(reloaded.get().getName()).isEqualTo(NAME_WEBHOOK_EXAMPLE_001);

  171.     assertThat(reloaded.get().getUrl()).isEqualTo(URL_WEBHOOK_EXAMPLE_001);

  172.     assertThat(reloaded.get().getProjectUuid()).isNull();

  173.     assertThat(reloaded.get().getSecret()).isEqualTo("a_new_secret");

  174.   }

  175. 

  176.   @Test

  177.   public void fail_if_webhook_does_not_exist() {

  178.     userSession.logIn().addPermission(ADMINISTER);

  179.     TestRequest request = wsActionTester.newRequest()

  180.       .setParam("webhook", "inexistent-webhook-uuid")

  181.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  182.       .setParam("url", URL_WEBHOOK_EXAMPLE_001);

  183. 

  184.     assertThatThrownBy(request::execute)

  185.       .isInstanceOf(NotFoundException.class)

  186.       .hasMessage("No webhook with key 'inexistent-webhook-uuid'");

  187.   }

  188. 

  189.   @Test

  190.   public void fail_if_not_logged_in() {

  191.     WebhookDto dto = webhookDbTester.insertGlobalWebhook();

  192.     userSession.anonymous();

  193.     TestRequest request = wsActionTester.newRequest()

  194.       .setParam("webhook", dto.getUuid())

  195.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  196.       .setParam("url", URL_WEBHOOK_EXAMPLE_001);

  197. 

  198.     assertThatThrownBy(request::execute)

  199.       .isInstanceOf(UnauthorizedException.class);

  200.   }

  201. 

  202.   @Test

  203.   public void fail_if_no_permission_on_webhook_scope_project() {

  204.     ProjectDto project = componentDbTester.insertPrivateProjectDto();

  205.     WebhookDto dto = webhookDbTester.insertWebhook(project);

  206.     userSession.logIn();

  207.     TestRequest request = wsActionTester.newRequest()

  208.       .setParam("webhook", dto.getUuid())

  209.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  210.       .setParam("url", URL_WEBHOOK_EXAMPLE_001);

  211. 

  212.     assertThatThrownBy(request::execute)

  213.       .isInstanceOf(ForbiddenException.class)

  214.       .hasMessage("Insufficient privileges");

  215.   }

  216. 

  217.   @Test

  218.   public void fail_if_no_permission_on_webhook_scope_global() {

  219.     WebhookDto dto = webhookDbTester.insertGlobalWebhook();

  220.     userSession.logIn();

  221.     TestRequest request = wsActionTester.newRequest()

  222.       .setParam("webhook", dto.getUuid())

  223.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  224.       .setParam("url", URL_WEBHOOK_EXAMPLE_001);

  225. 

  226.     assertThatThrownBy(request::execute)

  227.       .isInstanceOf(ForbiddenException.class)

  228.       .hasMessage("Insufficient privileges");

  229.   }

  230. 

  231.   @Test

  232.   public void fail_if_url_is_not_valid() {

  233.     ProjectDto project = componentDbTester.insertPrivateProjectDto();

  234.     WebhookDto dto = webhookDbTester.insertWebhook(project);

  235.     userSession.logIn().addProjectPermission(ADMIN, project);

  236.     TestRequest request = wsActionTester.newRequest()

  237.       .setParam("webhook", dto.getUuid())

  238.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  239.       .setParam("url", "htp://www.wrong-protocol.com/");

  240. 

  241.     assertThatThrownBy(request::execute)

  242.       .isInstanceOf(IllegalArgumentException.class);

  243.   }

  244. 

  245.   @Test

  246.   public void fail_if_credential_in_url_is_have_a_wrong_format() {

  247.     ProjectDto project = componentDbTester.insertPrivateProjectDto();

  248.     WebhookDto dto = webhookDbTester.insertWebhook(project);

  249.     userSession.logIn().addProjectPermission(ADMIN, project);

  250.     TestRequest request = wsActionTester.newRequest()

  251.       .setParam("webhook", dto.getUuid())

  252.       .setParam("name", NAME_WEBHOOK_EXAMPLE_001)

  253.       .setParam("url", "http://:www.wrong-protocol.com/");

  254. 

  255.     assertThatThrownBy(request::execute)

  256.       .isInstanceOf(IllegalArgumentException.class);

  257.   }

  258. 

  259. }