mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27803 Commits
59 Branches
Tree: db18af0468
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'db18af0468'
${ noResults }
sonarqube/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/AddGroupToTemplateActionTes...

AddGroupToTemplateActionTest.java 7.9KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2019 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission.ws.template;

  21. 

  22. import java.util.List;

  23. import javax.annotation.Nullable;

  24. import org.junit.Before;

  25. import org.junit.Test;

  26. import org.sonar.api.resources.Qualifiers;

  27. import org.sonar.api.resources.ResourceTypes;

  28. import org.sonar.api.web.UserRole;

  29. import org.sonar.core.permission.GlobalPermissions;

  30. import org.sonar.db.component.ResourceTypesRule;

  31. import org.sonar.db.permission.PermissionQuery;

  32. import org.sonar.db.permission.template.PermissionTemplateDto;

  33. import org.sonar.db.user.GroupDto;

  34. import org.sonar.server.exceptions.BadRequestException;

  35. import org.sonar.server.exceptions.ForbiddenException;

  36. import org.sonar.server.exceptions.NotFoundException;

  37. import org.sonar.server.permission.PermissionService;

  38. import org.sonar.server.permission.PermissionServiceImpl;

  39. import org.sonar.server.permission.ws.BasePermissionWsTest;

  40. import org.sonar.server.permission.ws.WsParameters;

  41. import org.sonar.server.ws.TestRequest;

  42. 

  43. import static org.assertj.core.api.Assertions.assertThat;

  44. import static org.sonar.api.security.DefaultGroups.ANYONE;

  45. import static org.sonar.api.web.UserRole.ADMIN;

  46. import static org.sonar.api.web.UserRole.CODEVIEWER;

  47. import static org.sonar.api.web.UserRole.ISSUE_ADMIN;

  48. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_ID;

  49. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_GROUP_NAME;

  50. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;

  51. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;

  52. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;

  53. 

  54. public class AddGroupToTemplateActionTest extends BasePermissionWsTest<AddGroupToTemplateAction> {

  55. 

  56.   private PermissionTemplateDto template;

  57.   private GroupDto group;

  58.   private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);

  59.   private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);

  60.   private WsParameters wsParameters = new WsParameters(permissionService);

  61. 

  62.   @Override

  63.   protected AddGroupToTemplateAction buildWsAction() {

  64.     return new AddGroupToTemplateAction(db.getDbClient(), newPermissionWsSupport(), userSession, wsParameters);

  65.   }

  66. 

  67.   @Before

  68.   public void setUp() {

  69.     template = db.permissionTemplates().insertTemplate(db.getDefaultOrganization());

  70.     group = db.users().insertGroup(db.getDefaultOrganization(), "group-name");

  71.   }

  72. 

  73.   @Test

  74.   public void add_group_to_template() {

  75.     loginAsAdmin(db.getDefaultOrganization());

  76. 

  77.     newRequest(group.getName(), template.getUuid(), CODEVIEWER);

  78. 

  79.     assertThat(getGroupNamesInTemplateAndPermission(template, CODEVIEWER)).containsExactly(group.getName());

  80.   }

  81. 

  82.   @Test

  83.   public void add_group_to_template_by_name() {

  84.     loginAsAdmin(db.getDefaultOrganization());

  85. 

  86.     newRequest()

  87.       .setParam(PARAM_GROUP_NAME, group.getName())

  88.       .setParam(PARAM_PERMISSION, CODEVIEWER)

  89.       .setParam(PARAM_TEMPLATE_NAME, template.getName().toUpperCase())

  90.       .execute();

  91. 

  92.     assertThat(getGroupNamesInTemplateAndPermission(template, CODEVIEWER)).containsExactly(group.getName());

  93.   }

  94. 

  95.   @Test

  96.   public void add_with_group_id() {

  97.     loginAsAdmin(db.getDefaultOrganization());

  98. 

  99.     newRequest()

  100.       .setParam(PARAM_TEMPLATE_ID, template.getUuid())

  101.       .setParam(PARAM_PERMISSION, CODEVIEWER)

  102.       .setParam(PARAM_GROUP_ID, String.valueOf(group.getId()))

  103.       .execute();

  104. 

  105.     assertThat(getGroupNamesInTemplateAndPermission(template, CODEVIEWER)).containsExactly(group.getName());

  106.   }

  107. 

  108.   @Test

  109.   public void does_not_add_a_group_twice() {

  110.     loginAsAdmin(db.getDefaultOrganization());

  111. 

  112.     newRequest(group.getName(), template.getUuid(), ISSUE_ADMIN);

  113.     newRequest(group.getName(), template.getUuid(), ISSUE_ADMIN);

  114. 

  115.     assertThat(getGroupNamesInTemplateAndPermission(template, ISSUE_ADMIN)).containsExactly(group.getName());

  116.   }

  117. 

  118.   @Test

  119.   public void add_anyone_group_to_template() {

  120.     loginAsAdmin(db.getDefaultOrganization());

  121. 

  122.     newRequest(ANYONE, template.getUuid(), CODEVIEWER);

  123. 

  124.     assertThat(getGroupNamesInTemplateAndPermission(template, CODEVIEWER)).containsExactly(ANYONE);

  125.   }

  126. 

  127.   @Test

  128.   public void fail_if_add_anyone_group_to_admin_permission() {

  129.     loginAsAdmin(db.getDefaultOrganization());

  130. 

  131.     expectedException.expect(BadRequestException.class);

  132.     expectedException.expectMessage(String.format("It is not possible to add the '%s' permission to the group 'Anyone'", UserRole.ADMIN));

  133. 

  134.     newRequest(ANYONE, template.getUuid(), ADMIN);

  135.   }

  136. 

  137.   @Test

  138.   public void fail_if_not_a_project_permission() {

  139.     loginAsAdmin(db.getDefaultOrganization());

  140. 

  141.     expectedException.expect(IllegalArgumentException.class);

  142. 

  143.     newRequest(group.getName(), template.getUuid(), GlobalPermissions.PROVISIONING);

  144.   }

  145. 

  146.   @Test

  147.   public void fail_if_not_admin_of_default_organization() {

  148.     userSession.logIn();

  149. 

  150.     expectedException.expect(ForbiddenException.class);

  151. 

  152.     newRequest(group.getName(), template.getUuid(), CODEVIEWER);

  153.   }

  154. 

  155.   @Test

  156.   public void fail_if_group_params_missing() {

  157.     loginAsAdmin(db.getDefaultOrganization());

  158. 

  159.     expectedException.expect(BadRequestException.class);

  160. 

  161.     newRequest(null, template.getUuid(), CODEVIEWER);

  162.   }

  163. 

  164.   @Test

  165.   public void fail_if_permission_missing() {

  166.     loginAsAdmin(db.getDefaultOrganization());

  167. 

  168.     expectedException.expect(IllegalArgumentException.class);

  169. 

  170.     newRequest(group.getName(), template.getUuid(), null);

  171.   }

  172. 

  173.   @Test

  174.   public void fail_if_template_uuid_and_name_missing() {

  175.     loginAsAdmin(db.getDefaultOrganization());

  176. 

  177.     expectedException.expect(BadRequestException.class);

  178. 

  179.     newRequest(group.getName(), null, CODEVIEWER);

  180.   }

  181. 

  182.   @Test

  183.   public void fail_if_group_does_not_exist() {

  184.     loginAsAdmin(db.getDefaultOrganization());

  185. 

  186.     expectedException.expect(NotFoundException.class);

  187.     expectedException.expectMessage("No group with name 'unknown-group-name'");

  188. 

  189.     newRequest("unknown-group-name", template.getUuid(), CODEVIEWER);

  190.   }

  191. 

  192.   @Test

  193.   public void fail_if_template_key_does_not_exist() {

  194.     loginAsAdmin(db.getDefaultOrganization());

  195. 

  196.     expectedException.expect(NotFoundException.class);

  197.     expectedException.expectMessage("Permission template with id 'unknown-key' is not found");

  198. 

  199.     newRequest(group.getName(), "unknown-key", CODEVIEWER);

  200.   }

  201. 

  202.   private void newRequest(@Nullable String groupName, @Nullable String templateKey, @Nullable String permission) {

  203.     TestRequest request = newRequest();

  204.     if (groupName != null) {

  205.       request.setParam(PARAM_GROUP_NAME, groupName);

  206.     }

  207.     if (templateKey != null) {

  208.       request.setParam(PARAM_TEMPLATE_ID, templateKey);

  209.     }

  210.     if (permission != null) {

  211.       request.setParam(PARAM_PERMISSION, permission);

  212.     }

  213. 

  214.     request.execute();

  215.   }

  216. 

  217.   private List<String> getGroupNamesInTemplateAndPermission(PermissionTemplateDto template, String permission) {

  218.     PermissionQuery query = PermissionQuery.builder().setOrganizationUuid(template.getOrganizationUuid()).setPermission(permission).build();

  219.     return db.getDbClient().permissionTemplateDao()

  220.       .selectGroupNamesByQueryAndTemplate(db.getSession(), query, template.getId());

  221.   }

  222. }