mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
34710 Commits
59 Branches
Tree: b0ab2c391e
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'b0ab2c391e'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/it/java/org/sonar/server/user/ws/SearchActionIT.java

SearchActionIT.java 24KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2023 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.user.ws;

  21. 

  22. import java.time.Instant;

  23. import java.time.OffsetDateTime;

  24. import java.time.temporal.ChronoUnit;

  25. import java.util.Set;

  26. import java.util.stream.IntStream;

  27. import java.util.stream.Stream;

  28. import org.assertj.core.api.InstanceOfAssertFactories;

  29. import org.junit.Rule;

  30. import org.junit.Test;

  31. import org.sonar.api.server.ws.WebService;

  32. import org.sonar.api.server.ws.WebService.Param;

  33. import org.sonar.api.utils.DateUtils;

  34. import org.sonar.core.util.UuidFactory;

  35. import org.sonar.db.DbTester;

  36. import org.sonar.db.scim.ScimUserDao;

  37. import org.sonar.db.user.GroupDto;

  38. import org.sonar.db.user.UserDto;

  39. import org.sonar.server.common.avatar.AvatarResolverImpl;

  40. import org.sonar.server.common.user.service.UserService;

  41. import org.sonar.server.exceptions.BadRequestException;

  42. import org.sonar.server.exceptions.ServerException;

  43. import org.sonar.server.management.ManagedInstanceService;

  44. import org.sonar.server.tester.UserSessionRule;

  45. import org.sonar.server.ws.TestRequest;

  46. import org.sonar.server.ws.WsActionTester;

  47. import org.sonarqube.ws.Common.Paging;

  48. import org.sonarqube.ws.Users.SearchWsResponse;

  49. import org.sonarqube.ws.Users.SearchWsResponse.User;

  50. 

  51. import static java.util.Arrays.asList;

  52. import static java.util.Collections.emptyList;

  53. import static java.util.Collections.singletonList;

  54. import static java.util.function.Function.identity;

  55. import static java.util.stream.Collectors.toMap;

  56. import static org.assertj.core.api.Assertions.assertThat;

  57. import static org.assertj.core.api.Assertions.assertThatExceptionOfType;

  58. import static org.assertj.core.api.Assertions.assertThatThrownBy;

  59. import static org.assertj.core.api.Assertions.tuple;

  60. import static org.mockito.ArgumentMatchers.any;

  61. import static org.mockito.ArgumentMatchers.anyBoolean;

  62. import static org.mockito.Mockito.mock;

  63. import static org.mockito.Mockito.when;

  64. import static org.sonar.api.utils.DateUtils.formatDateTime;

  65. import static org.sonar.test.JsonAssert.assertJson;

  66. 

  67. public class SearchActionIT {

  68. 

  69.   @Rule

  70.   public UserSessionRule userSession = UserSessionRule.standalone();

  71. 

  72.   @Rule

  73.   public DbTester db = DbTester.create();

  74. 

  75.   private final ManagedInstanceService managedInstanceService = mock(ManagedInstanceService.class);

  76. 

  77.   private final UserService userService = new UserService(db.getDbClient(), new AvatarResolverImpl(), managedInstanceService);

  78. 

  79.   private final SearchWsReponseGenerator searchWsReponseGenerator = new SearchWsReponseGenerator(userSession);

  80. 

  81.   private final WsActionTester ws = new WsActionTester(new SearchAction(userSession, userService, searchWsReponseGenerator));

  82. 

  83.   @Test

  84.   public void search_for_all_active_users() {

  85.     UserDto user1 = db.users().insertUser();

  86.     UserDto user2 = db.users().insertUser();

  87.     UserDto user3 = db.users().insertUser(u -> u.setActive(false));

  88. 

  89.     userSession.logIn();

  90. 

  91.     SearchWsResponse response = ws.newRequest()

  92.       .executeProtobuf(SearchWsResponse.class);

  93. 

  94.     assertThat(response.getUsersList())

  95.       .extracting(User::getLogin, User::getName)

  96.       .containsExactlyInAnyOrder(

  97.         tuple(user1.getLogin(), user1.getName()),

  98.         tuple(user2.getLogin(), user2.getName()));

  99.   }

  100. 

  101.   @Test

  102.   public void search_deactivated_users() {

  103.     UserDto user1 = db.users().insertUser(u -> u.setActive(false));

  104.     UserDto user2 = db.users().insertUser(u -> u.setActive(true));

  105.     userSession.logIn();

  106. 

  107.     SearchWsResponse response = ws.newRequest()

  108.       .setParam("deactivated", "true")

  109.       .executeProtobuf(SearchWsResponse.class);

  110. 

  111.     assertThat(response.getUsersList())

  112.       .extracting(User::getLogin, User::getName)

  113.       .containsExactlyInAnyOrder(

  114.         tuple(user1.getLogin(), user1.getName()));

  115.   }

  116. 

  117.   @Test

  118.   public void search_with_query() {

  119.     userSession.logIn();

  120.     UserDto user = db.users().insertUser(u -> u

  121.       .setLogin("user-%_%-login")

  122.       .setName("user-name")

  123.       .setEmail("user@mail.com")

  124.       .setLocal(true)

  125.       .setScmAccounts(singletonList("user1")));

  126. 

  127.     assertThat(ws.newRequest()

  128.       .setParam("q", "user-%_%-")

  129.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  130.       .extracting(User::getLogin)

  131.       .containsExactlyInAnyOrder(user.getLogin());

  132.     assertThat(ws.newRequest()

  133.       .setParam("q", "user@MAIL.com")

  134.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  135.       .extracting(User::getLogin)

  136.       .containsExactlyInAnyOrder(user.getLogin());

  137.     assertThat(ws.newRequest()

  138.       .setParam("q", "user-name")

  139.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  140.       .extracting(User::getLogin)

  141.       .containsExactlyInAnyOrder(user.getLogin());

  142.   }

  143. 

  144.   @Test

  145.   public void return_avatar() {

  146.     UserDto user = db.users().insertUser(u -> u.setEmail("john@doe.com"));

  147.     userSession.logIn();

  148. 

  149.     SearchWsResponse response = ws.newRequest()

  150.       .executeProtobuf(SearchWsResponse.class);

  151. 

  152.     assertThat(response.getUsersList())

  153.       .extracting(User::getLogin, User::getAvatar)

  154.       .containsExactlyInAnyOrder(tuple(user.getLogin(), "6a6c19fea4a3676970167ce51f39e6ee"));

  155.   }

  156. 

  157.   @Test

  158.   public void return_isManagedFlag() {

  159.     UserDto nonManagedUser = db.users().insertUser(u -> u.setEmail("john@doe.com"));

  160.     UserDto managedUser = db.users().insertUser(u -> u.setEmail("externalUser@doe.com"));

  161.     mockUsersAsManaged(managedUser.getUuid());

  162.     userSession.logIn().setSystemAdministrator();

  163. 

  164.     SearchWsResponse response = ws.newRequest()

  165.       .executeProtobuf(SearchWsResponse.class);

  166. 

  167.     assertThat(response.getUsersList())

  168.       .extracting(User::getLogin, User::getManaged)

  169.       .containsExactlyInAnyOrder(

  170.         tuple(managedUser.getLogin(), true),

  171.         tuple(nonManagedUser.getLogin(), false)

  172.       );

  173.   }

  174. 

  175.   @Test

  176.   public void search_whenFilteringByManagedAndInstanceNotManaged_throws() {

  177.     userSession.logIn().setSystemAdministrator();

  178. 

  179.     TestRequest testRequest = ws.newRequest()

  180.       .setParam("managed", "true");

  181. 

  182.     assertThatExceptionOfType(BadRequestException.class)

  183.       .isThrownBy(() -> testRequest.executeProtobuf(SearchWsResponse.class))

  184.       .withMessage("The 'managed' parameter is only available for managed instances.");

  185.   }

  186. 

  187.   @Test

  188.   public void search_whenFilteringByManagedAndInstanceManaged_returnsCorrectResults() {

  189.     UserDto nonManagedUser = db.users().insertUser(u -> u.setEmail("john@doe.com"));

  190.     UserDto managedUser = db.users().insertUser(u -> u.setEmail("externalUser@doe.com"));

  191.     db.users().enableScimForUser(managedUser);

  192.     mockUsersAsManaged(managedUser.getUuid());

  193.     mockInstanceExternallyManagedAndFilterForManagedUsers();

  194.     userSession.logIn().setSystemAdministrator();

  195. 

  196.     SearchWsResponse response = ws.newRequest()

  197.       .setParam("managed", "true")

  198.       .executeProtobuf(SearchWsResponse.class);

  199. 

  200.     assertThat(response.getUsersList())

  201.       .extracting(User::getLogin, User::getManaged)

  202.       .containsExactlyInAnyOrder(

  203.         tuple(managedUser.getLogin(), true)

  204.       );

  205.   }

  206. 

  207.   @Test

  208.   public void search_whenFilteringByNonManagedAndInstanceManaged_returnsCorrectResults() {

  209.     UserDto nonManagedUser = db.users().insertUser(u -> u.setEmail("john@doe.com"));

  210.     UserDto managedUser = db.users().insertUser(u -> u.setEmail("externalUser@doe.com"));

  211.     db.users().enableScimForUser(managedUser);

  212.     mockUsersAsManaged(managedUser.getUuid());

  213.     mockInstanceExternallyManagedAndFilterForManagedUsers();

  214.     userSession.logIn().setSystemAdministrator();

  215. 

  216.     SearchWsResponse response = ws.newRequest()

  217.       .setParam("managed", "false")

  218.       .executeProtobuf(SearchWsResponse.class);

  219. 

  220.     assertThat(response.getUsersList())

  221.       .extracting(User::getLogin, User::getManaged)

  222.       .containsExactlyInAnyOrder(

  223.         tuple(nonManagedUser.getLogin(), false)

  224.       );

  225.   }

  226. 

  227.   private void mockInstanceExternallyManagedAndFilterForManagedUsers() {

  228.     when(managedInstanceService.isInstanceExternallyManaged()).thenReturn(true);

  229.     when(managedInstanceService.getManagedUsersSqlFilter(anyBoolean()))

  230.       .thenAnswer(invocation -> {

  231.         Boolean managed = invocation.getArgument(0, Boolean.class);

  232.         return new ScimUserDao(mock(UuidFactory.class)).getManagedUserSqlFilter(managed);

  233.       });

  234.   }

  235. 

  236.   @Test

  237.   public void return_scm_accounts() {

  238.     UserDto user = db.users().insertUser(u -> u.setScmAccounts(asList("john1", "john2")));

  239. 

  240.     userSession.logIn();

  241. 

  242.     SearchWsResponse response = ws.newRequest()

  243.       .executeProtobuf(SearchWsResponse.class);

  244. 

  245.     assertThat(response.getUsersList())

  246.       .extracting(User::getLogin, u -> u.getScmAccounts().getScmAccountsList())

  247.       .containsExactlyInAnyOrder(tuple(user.getLogin(), asList("john1", "john2")));

  248.   }

  249. 

  250.   @Test

  251.   public void return_tokens_count_when_system_administer() {

  252.     UserDto user = db.users().insertUser();

  253.     db.users().insertToken(user);

  254.     db.users().insertToken(user);

  255. 

  256.     userSession.logIn().setSystemAdministrator();

  257.     assertThat(ws.newRequest()

  258.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  259.       .extracting(User::getLogin, User::getTokensCount)

  260.       .containsExactlyInAnyOrder(tuple(user.getLogin(), 2));

  261. 

  262.     userSession.logIn();

  263.     assertThat(ws.newRequest()

  264.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  265.       .extracting(User::getLogin, User::hasTokensCount)

  266.       .containsExactlyInAnyOrder(tuple(user.getLogin(), false));

  267.   }

  268. 

  269.   @Test

  270.   public void return_email_only_when_system_administer() {

  271.     UserDto user = db.users().insertUser();

  272. 

  273.     userSession.logIn().setSystemAdministrator();

  274.     assertThat(ws.newRequest()

  275.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  276.       .extracting(User::getLogin, User::getEmail)

  277.       .containsExactlyInAnyOrder(tuple(user.getLogin(), user.getEmail()));

  278. 

  279.     userSession.logIn();

  280.     assertThat(ws.newRequest()

  281.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  282.       .extracting(User::getLogin, User::hasEmail)

  283.       .containsExactlyInAnyOrder(tuple(user.getLogin(), false));

  284.   }

  285. 

  286.   @Test

  287.   public void return_user_not_having_email() {

  288.     UserDto user = db.users().insertUser(u -> u.setEmail(null));

  289.     userSession.logIn().setSystemAdministrator();

  290. 

  291.     SearchWsResponse response = ws.newRequest()

  292.       .executeProtobuf(SearchWsResponse.class);

  293. 

  294.     assertThat(response.getUsersList())

  295.       .extracting(User::getLogin, User::hasEmail)

  296.       .containsExactlyInAnyOrder(tuple(user.getLogin(), false));

  297.   }

  298. 

  299.   @Test

  300.   public void return_groups_only_when_system_administer() {

  301.     UserDto user = db.users().insertUser();

  302.     GroupDto group1 = db.users().insertGroup("group1");

  303.     GroupDto group2 = db.users().insertGroup("group2");

  304.     GroupDto group3 = db.users().insertGroup("group3");

  305.     db.users().insertMember(group1, user);

  306.     db.users().insertMember(group2, user);

  307. 

  308.     userSession.logIn().setSystemAdministrator();

  309.     assertThat(ws.newRequest()

  310.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  311.       .extracting(User::getLogin, u -> u.getGroups().getGroupsList())

  312.       .containsExactlyInAnyOrder(tuple(user.getLogin(), asList(group1.getName(), group2.getName())));

  313. 

  314.     userSession.logIn();

  315.     assertThat(ws.newRequest()

  316.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  317.       .extracting(User::getLogin, User::hasGroups)

  318.       .containsExactlyInAnyOrder(tuple(user.getLogin(), false));

  319.   }

  320. 

  321.   @Test

  322.   public void return_external_information() {

  323.     UserDto user = db.users().insertUser();

  324.     userSession.logIn().setSystemAdministrator();

  325. 

  326.     SearchWsResponse response = ws.newRequest()

  327.       .executeProtobuf(SearchWsResponse.class);

  328. 

  329.     assertThat(response.getUsersList())

  330.       .extracting(User::getLogin, User::getExternalIdentity, User::getExternalProvider)

  331.       .containsExactlyInAnyOrder(tuple(user.getLogin(), user.getExternalLogin(), user.getExternalIdentityProvider()));

  332.   }

  333. 

  334.   @Test

  335.   public void return_external_identity_only_when_system_administer() {

  336.     UserDto user = db.users().insertUser();

  337. 

  338.     userSession.logIn().setSystemAdministrator();

  339.     assertThat(ws.newRequest()

  340.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  341.       .extracting(User::getLogin, User::getExternalIdentity)

  342.       .containsExactlyInAnyOrder(tuple(user.getLogin(), user.getExternalLogin()));

  343. 

  344.     userSession.logIn();

  345.     assertThat(ws.newRequest()

  346.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  347.       .extracting(User::getLogin, User::hasExternalIdentity)

  348.       .containsExactlyInAnyOrder(tuple(user.getLogin(), false));

  349.   }

  350. 

  351.   @Test

  352.   public void only_return_login_and_name_when_not_logged() {

  353.     UserDto user = db.users().insertUser();

  354.     db.users().insertToken(user);

  355.     GroupDto group = db.users().insertGroup();

  356.     db.users().insertMember(group, user);

  357.     userSession.anonymous();

  358. 

  359.     SearchWsResponse response = ws.newRequest()

  360.       .executeProtobuf(SearchWsResponse.class);

  361. 

  362.     assertThat(response.getUsersList())

  363.       .extracting(User::getLogin, User::getName, User::hasTokensCount, User::hasScmAccounts, User::hasAvatar, User::hasGroups, User::hasManaged)

  364.       .containsExactlyInAnyOrder(tuple(user.getLogin(), user.getName(), false, false, false, false, false));

  365.   }

  366. 

  367.   @Test

  368.   public void return_last_connection_date_when_system_administer() {

  369.     UserDto userWithLastConnectionDate = db.users().insertUser();

  370.     db.users().updateLastConnectionDate(userWithLastConnectionDate, 10_000_000_000L);

  371.     UserDto userWithoutLastConnectionDate = db.users().insertUser();

  372.     userSession.logIn().setSystemAdministrator();

  373. 

  374.     SearchWsResponse response = ws.newRequest()

  375.       .executeProtobuf(SearchWsResponse.class);

  376. 

  377.     assertThat(response.getUsersList())

  378.       .extracting(User::getLogin, User::hasLastConnectionDate, User::getLastConnectionDate)

  379.       .containsExactlyInAnyOrder(

  380.         tuple(userWithLastConnectionDate.getLogin(), true, formatDateTime(10_000_000_000L)),

  381.         tuple(userWithoutLastConnectionDate.getLogin(), false, ""));

  382.   }

  383. 

  384.   @Test

  385.   public void return_all_fields_for_logged_user() {

  386.     UserDto user = db.users().insertUser();

  387.     db.users().updateLastConnectionDate(user, 10_000_000_000L);

  388.     db.users().insertToken(user);

  389.     db.users().insertToken(user);

  390.     GroupDto group = db.users().insertGroup();

  391.     db.users().insertMember(group, user);

  392.     UserDto otherUser = db.users().insertUser();

  393. 

  394.     userSession.logIn(user);

  395.     assertThat(ws.newRequest().setParam("q", user.getLogin())

  396.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  397.       .extracting(User::getLogin, User::getName, User::getEmail, User::getExternalIdentity, User::getExternalProvider,

  398.         User::hasScmAccounts, User::hasAvatar, User::hasGroups, User::getTokensCount, User::hasLastConnectionDate, User::hasManaged)

  399.       .containsExactlyInAnyOrder(

  400.         tuple(user.getLogin(), user.getName(), user.getEmail(), user.getExternalLogin(), user.getExternalIdentityProvider(), true, true, true, 2, true, true));

  401. 

  402.     userSession.logIn(otherUser);

  403.     assertThat(ws.newRequest().setParam("q", user.getLogin())

  404.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  405.       .extracting(User::getLogin, User::getName, User::hasEmail, User::hasExternalIdentity, User::hasExternalProvider,

  406.         User::hasScmAccounts, User::hasAvatar, User::hasGroups, User::hasTokensCount, User::hasLastConnectionDate)

  407.       .containsExactlyInAnyOrder(

  408.         tuple(user.getLogin(), user.getName(), false, false, true, true, true, false, false, false));

  409.   }

  410. 

  411.   @Test

  412.   public void search_whenNoPagingInformationProvided_setsDefaultValues() {

  413.     userSession.logIn();

  414.     IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertUser(u -> u.setLogin("user-" + i).setName("User " + i)));

  415. 

  416.     SearchWsResponse response = ws.newRequest()

  417.       .executeProtobuf(SearchWsResponse.class);

  418. 

  419.     assertThat(response.getPaging().getTotal()).isEqualTo(10);

  420.     assertThat(response.getPaging().getPageIndex()).isEqualTo(1);

  421.     assertThat(response.getPaging().getPageSize()).isEqualTo(50);

  422.   }

  423. 

  424.   @Test

  425.   public void search_with_paging() {

  426.     userSession.logIn();

  427.     IntStream.rangeClosed(0, 9).forEach(i -> db.users().insertUser(u -> u.setLogin("user-" + i).setName("User " + i)));

  428. 

  429.     SearchWsResponse response = ws.newRequest()

  430.       .setParam(Param.PAGE_SIZE, "5")

  431.       .executeProtobuf(SearchWsResponse.class);

  432.     assertThat(response.getUsersList())

  433.       .extracting(User::getLogin)

  434.       .containsExactly("user-0", "user-1", "user-2", "user-3", "user-4");

  435.     assertThat(response.getPaging())

  436.       .extracting(Paging::getPageIndex, Paging::getPageSize, Paging::getTotal)

  437.       .containsExactly(1, 5, 10);

  438. 

  439.     response = ws.newRequest()

  440.       .setParam(Param.PAGE_SIZE, "5")

  441.       .setParam(Param.PAGE, "2")

  442.       .executeProtobuf(SearchWsResponse.class);

  443.     assertThat(response.getUsersList())

  444.       .extracting(User::getLogin)

  445.       .containsExactly("user-5", "user-6", "user-7", "user-8", "user-9");

  446.     assertThat(response.getPaging())

  447.       .extracting(Paging::getPageIndex, Paging::getPageSize, Paging::getTotal)

  448.       .containsExactly(2, 5, 10);

  449.   }

  450. 

  451.   @Test

  452.   public void return_empty_result_when_no_user() {

  453.     userSession.logIn();

  454. 

  455.     SearchWsResponse response = ws.newRequest()

  456.       .executeProtobuf(SearchWsResponse.class);

  457. 

  458.     assertThat(response.getUsersList()).isEmpty();

  459.     assertThat(response.getPaging().getTotal()).isZero();

  460.   }

  461. 

  462.   @Test

  463.   public void test_json_example() {

  464.     UserDto fmallet = db.users().insertUser(u -> u.setLogin("fmallet").setName("Freddy Mallet").setEmail("f@m.com")

  465.       .setLocal(true)

  466.       .setScmAccounts(emptyList())

  467.       .setExternalLogin("fmallet")

  468.       .setExternalIdentityProvider("sonarqube"));

  469.     long lastConnection = DateUtils.parseOffsetDateTime("2019-03-27T09:51:50+0100").toInstant().toEpochMilli();

  470.     fmallet = db.users().updateLastConnectionDate(fmallet, lastConnection);

  471.     fmallet = db.users().updateSonarLintLastConnectionDate(fmallet, lastConnection);

  472.     UserDto simon = db.users().insertUser(u -> u.setLogin("sbrandhof").setName("Simon").setEmail("s.brandhof@company.tld")

  473.       .setLocal(false)

  474.       .setExternalLogin("sbrandhof@ldap.com")

  475.       .setExternalIdentityProvider("sonarqube")

  476.       .setScmAccounts(asList("simon.brandhof", "s.brandhof@company.tld")));

  477. 

  478.     mockUsersAsManaged(simon.getUuid());

  479. 

  480.     GroupDto sonarUsers = db.users().insertGroup("sonar-users");

  481.     GroupDto sonarAdministrators = db.users().insertGroup("sonar-administrators");

  482.     db.users().insertMember(sonarUsers, simon);

  483.     db.users().insertMember(sonarUsers, fmallet);

  484.     db.users().insertMember(sonarAdministrators, fmallet);

  485.     db.users().insertToken(simon);

  486.     db.users().insertToken(simon);

  487.     db.users().insertToken(simon);

  488.     db.users().insertToken(fmallet);

  489.     userSession.logIn().setSystemAdministrator();

  490. 

  491.     String response = ws.newRequest().execute().getInput();

  492. 

  493.     assertJson(response).isSimilarTo(getClass().getResource("search-example.json"));

  494.   }

  495. 

  496.   @Test

  497.   public void test_definition() {

  498.     WebService.Action action = ws.getDef();

  499.     assertThat(action).isNotNull();

  500.     assertThat(action.isPost()).isFalse();

  501.     assertThat(action.responseExampleAsString()).isNotEmpty();

  502.     assertThat(action.params()).hasSize(9);

  503.   }

  504. 

  505.   @Test

  506.   public void search_whenFilteringConnectionDate_shouldApplyFilter() {

  507.     userSession.logIn().setSystemAdministrator();

  508.     final Instant lastConnection = Instant.now();

  509.     UserDto user = db.users().insertUser(u -> u

  510.       .setLogin("user-%_%-login")

  511.       .setName("user-name")

  512.       .setEmail("user@mail.com")

  513.       .setLocal(true)

  514.       .setScmAccounts(singletonList("user1")));

  515.     user = db.users().updateLastConnectionDate(user, lastConnection.toEpochMilli());

  516.     user = db.users().updateSonarLintLastConnectionDate(user, lastConnection.toEpochMilli());

  517. 

  518.     assertThat(ws.newRequest()

  519.       .setParam("q", "user-%_%-")

  520.       .executeProtobuf(SearchWsResponse.class).getUsersList())

  521.       .extracting(User::getLogin)

  522.       .containsExactlyInAnyOrder(user.getLogin());

  523. 

  524.     assertUserWithFilter(SearchAction.LAST_CONNECTION_DATE_FROM, lastConnection.minus(1, ChronoUnit.DAYS), user.getLogin(), true);

  525.     assertUserWithFilter(SearchAction.LAST_CONNECTION_DATE_FROM, lastConnection.plus(1, ChronoUnit.DAYS), user.getLogin(), false);

  526.     assertUserWithFilter(SearchAction.LAST_CONNECTION_DATE_TO, lastConnection.minus(1, ChronoUnit.DAYS), user.getLogin(), false);

  527.     assertUserWithFilter(SearchAction.LAST_CONNECTION_DATE_TO, lastConnection.plus(1, ChronoUnit.DAYS), user.getLogin(), true);

  528. 

  529.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_FROM, lastConnection.minus(1, ChronoUnit.DAYS), user.getLogin(), true);

  530.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_FROM, lastConnection.plus(1, ChronoUnit.DAYS), user.getLogin(), false);

  531.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_TO, lastConnection.minus(1, ChronoUnit.DAYS), user.getLogin(), false);

  532.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_TO, lastConnection.plus(1, ChronoUnit.DAYS), user.getLogin(), true);

  533. 

  534.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_FROM, lastConnection, user.getLogin(), true);

  535.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_TO, lastConnection, user.getLogin(), true);

  536.   }

  537. 

  538.   @Test

  539.   public void search_whenNoLastConnection_shouldReturnForBeforeOnly() {

  540.     userSession.logIn().setSystemAdministrator();

  541.     final Instant lastConnection = Instant.now();

  542.     UserDto user = db.users().insertUser(u -> u

  543.       .setLogin("user-%_%-login")

  544.       .setName("user-name")

  545.       .setEmail("user@mail.com")

  546.       .setLocal(true)

  547.       .setScmAccounts(singletonList("user1")));

  548. 

  549.     assertUserWithFilter(SearchAction.LAST_CONNECTION_DATE_FROM, lastConnection, user.getLogin(), false);

  550.     assertUserWithFilter(SearchAction.LAST_CONNECTION_DATE_TO, lastConnection, user.getLogin(), true);

  551. 

  552.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_FROM, lastConnection, user.getLogin(), false);

  553.     assertUserWithFilter(SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_TO, lastConnection, user.getLogin(), true);

  554.   }

  555. 

  556.   @Test

  557.   public void search_whenNotAdmin_shouldThrowForbidden() {

  558.     userSession.logIn();

  559. 

  560.     Stream.of(SearchAction.LAST_CONNECTION_DATE_FROM, SearchAction.LAST_CONNECTION_DATE_TO,

  561.         SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_FROM, SearchAction.SONAR_LINT_LAST_CONNECTION_DATE_TO)

  562.       .map(param -> ws.newRequest().setParam(param, formatDateTime(OffsetDateTime.now())))

  563.       .forEach(SearchActionIT::assertForbiddenException);

  564.   }

  565. 

  566.   private static void assertForbiddenException(TestRequest testRequest) {

  567.     assertThatThrownBy(() -> testRequest.executeProtobuf(SearchWsResponse.class))

  568.       .asInstanceOf(InstanceOfAssertFactories.type(ServerException.class))

  569.       .extracting(ServerException::httpCode)

  570.       .isEqualTo(403);

  571.   }

  572. 

  573.   private void assertUserWithFilter(String field, Instant filterValue, String userLogin, boolean isExpectedToBeThere) {

  574.     var assertion = assertThat(ws.newRequest()

  575.       .setParam("q", "user-%_%-")

  576.       .setParam(field, DateUtils.formatDateTime(filterValue.toEpochMilli()))

  577.       .executeProtobuf(SearchWsResponse.class).getUsersList());

  578.     if (isExpectedToBeThere) {

  579.       assertion

  580.         .extracting(User::getLogin)

  581.         .containsExactlyInAnyOrder(userLogin);

  582.     } else {

  583.       assertion.isEmpty();

  584.     }

  585.   }

  586. 

  587.   private void mockUsersAsManaged(String... userUuids) {

  588.     when(managedInstanceService.getUserUuidToManaged(any(), any())).thenAnswer(invocation ->

  589.       {

  590.         Set<?> allUsersUuids = invocation.getArgument(1, Set.class);

  591.         return allUsersUuids.stream()

  592.           .map(userUuid -> (String) userUuid)

  593.           .collect(toMap(identity(), userUuid -> Set.of(userUuids).contains(userUuid)));

  594.       }

  595.     );

  596.   }

  597. 

  598. }