mirrors
/
sonarqube
espelhamento de https://github.com/SonarSource/sonarqube.git
Observar 1
Favorito 0
Fork 0
Código Issues 0 Versões 237 Wiki Atividade
Você não pode selecionar mais de 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.
27803 Commits
59 Branches
Tag: db18af0468
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de db18af0468
${ noResults }
sonarqube/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/DeleteTemplateActionTest.java

DeleteTemplateActionTest.java 19KB
Original Anotar Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2019 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission.ws.template;

  21. 

  22. import java.util.Arrays;

  23. import javax.annotation.Nullable;

  24. import org.junit.Before;

  25. import org.junit.Rule;

  26. import org.junit.Test;

  27. import org.junit.rules.ExpectedException;

  28. import org.sonar.api.resources.Qualifiers;

  29. import org.sonar.api.utils.internal.AlwaysIncreasingSystem2;

  30. import org.sonar.api.web.UserRole;

  31. import org.sonar.db.DbClient;

  32. import org.sonar.db.DbTester;

  33. import org.sonar.db.component.ResourceTypesRule;

  34. import org.sonar.db.organization.OrganizationDto;

  35. import org.sonar.db.permission.template.PermissionTemplateDto;

  36. import org.sonar.db.permission.template.PermissionTemplateTesting;

  37. import org.sonar.db.user.GroupDto;

  38. import org.sonar.db.user.GroupTesting;

  39. import org.sonar.db.user.UserDto;

  40. import org.sonar.db.user.UserTesting;

  41. import org.sonar.server.component.ComponentFinder;

  42. import org.sonar.server.exceptions.BadRequestException;

  43. import org.sonar.server.exceptions.ForbiddenException;

  44. import org.sonar.server.exceptions.NotFoundException;

  45. import org.sonar.server.exceptions.UnauthorizedException;

  46. import org.sonar.server.organization.TestDefaultOrganizationProvider;

  47. import org.sonar.server.permission.ws.PermissionWsSupport;

  48. import org.sonar.server.tester.UserSessionRule;

  49. import org.sonar.server.usergroups.DefaultGroupFinder;

  50. import org.sonar.server.usergroups.ws.GroupWsSupport;

  51. import org.sonar.server.ws.TestRequest;

  52. import org.sonar.server.ws.TestResponse;

  53. import org.sonar.server.ws.WsActionTester;

  54. 

  55. import static org.assertj.core.api.Assertions.assertThat;

  56. import static org.assertj.core.api.Assertions.fail;

  57. import static org.sonar.db.permission.OrganizationPermission.ADMINISTER;

  58. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_ORGANIZATION;

  59. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;

  60. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;

  61. 

  62. public class DeleteTemplateActionTest {

  63. 

  64.   @Rule

  65.   public DbTester db = DbTester.create(new AlwaysIncreasingSystem2());

  66.   @Rule

  67.   public ExpectedException expectedException = ExpectedException.none();

  68. 

  69.   private UserSessionRule userSession = UserSessionRule.standalone();

  70.   private DbClient dbClient = db.getDbClient();

  71.   private final ResourceTypesRule resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);

  72.   private final ResourceTypesRule resourceTypesWithViews = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT, Qualifiers.VIEW);

  73. 

  74.   private DefaultTemplatesResolver defaultTemplatesResolver = new DefaultTemplatesResolverImpl(resourceTypes);

  75.   private DefaultTemplatesResolver defaultTemplatesResolverWithViews = new DefaultTemplatesResolverImpl(resourceTypesWithViews);

  76. 

  77.   private WsActionTester underTestWithoutViews;

  78.   private WsActionTester underTestWithViews;

  79. 

  80.   @Before

  81.   public void setUp() throws Exception {

  82.     GroupWsSupport groupWsSupport = new GroupWsSupport(dbClient, TestDefaultOrganizationProvider.from(db), new DefaultGroupFinder(db.getDbClient()));

  83.     this.underTestWithoutViews = new WsActionTester(new DeleteTemplateAction(dbClient, userSession,

  84.       new PermissionWsSupport(dbClient, new ComponentFinder(dbClient, resourceTypes), groupWsSupport), defaultTemplatesResolver));

  85.     this.underTestWithViews = new WsActionTester(new DeleteTemplateAction(dbClient, userSession,

  86.       new PermissionWsSupport(dbClient, new ComponentFinder(dbClient, resourceTypes), groupWsSupport), defaultTemplatesResolverWithViews));

  87.   }

  88. 

  89.   @Test

  90.   public void delete_template_in_db() throws Exception {

  91.     runOnAllUnderTests((underTest) -> {

  92.       OrganizationDto organization = db.organizations().insert();

  93.       PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  94.       db.organizations().setDefaultTemplates(

  95.         db.permissionTemplates().insertTemplate(organization),

  96.         null, db.permissionTemplates().insertTemplate(organization)

  97.       );

  98.       loginAsAdmin(organization);

  99. 

  100.       TestResponse result = newRequestByUuid(underTest, template.getUuid());

  101. 

  102.       assertThat(result.getInput()).isEmpty();

  103.       assertTemplateDoesNotExist(template);

  104.     });

  105.   }

  106. 

  107.   @Test

  108.   public void delete_template_by_name_case_insensitive() throws Exception {

  109.     runOnAllUnderTests((underTest) -> {

  110.       OrganizationDto organization = db.organizations().insert();

  111.       db.organizations().setDefaultTemplates(

  112.         db.permissionTemplates().insertTemplate(organization),

  113.         db.permissionTemplates().insertTemplate(organization), db.permissionTemplates().insertTemplate(organization)

  114.       );

  115.       PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  116.       loginAsAdmin(organization);

  117.       newRequestByName(underTest, organization, template);

  118. 

  119.       assertTemplateDoesNotExist(template);

  120.     });

  121.   }

  122. 

  123.   @Test

  124.   public void delete_template_by_name_returns_empty_when_no_organization_is_provided_and_templates_does_not_belong_to_default_organization() throws Exception {

  125.     OrganizationDto organization = db.organizations().insert();

  126.     db.organizations().setDefaultTemplates(

  127.       db.permissionTemplates().insertTemplate(organization),

  128.       db.permissionTemplates().insertTemplate(organization), db.permissionTemplates().insertTemplate(organization)

  129.     );

  130.     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  131.     loginAsAdmin(organization);

  132. 

  133.     runOnAllUnderTests((underTest) -> {

  134.       try {

  135.         newRequestByName(underTest, null, template);

  136.         fail("NotFoundException should have been raised");

  137.       } catch (NotFoundException e) {

  138.         assertThat(e).hasMessage(

  139.           "Permission template with name '" + template.getName() + "' is not found (case insensitive) in organization with key '" + db.getDefaultOrganization().getKey() + "'");

  140.       }

  141.     });

  142.   }

  143. 

  144.   @Test

  145.   public void delete_template_by_name_returns_empty_when_wrong_organization_is_provided() throws Exception {

  146.     OrganizationDto organization = db.organizations().insert();

  147.     db.organizations().setDefaultTemplates(

  148.       db.permissionTemplates().insertTemplate(organization),

  149.       db.permissionTemplates().insertTemplate(organization), db.permissionTemplates().insertTemplate(organization)

  150.     );

  151.     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  152.     OrganizationDto otherOrganization = db.organizations().insert();

  153.     loginAsAdmin(organization);

  154. 

  155.     runOnAllUnderTests((underTest) -> {

  156.       try {

  157.         newRequestByName(underTest, otherOrganization, template);

  158.         fail("NotFoundException should have been raised");

  159.       } catch (NotFoundException e) {

  160.         assertThat(e)

  161.           .hasMessage("Permission template with name '" + template.getName() + "' is not found (case insensitive) in organization with key '" + otherOrganization.getKey() + "'");

  162.       }

  163.     });

  164.   }

  165. 

  166.   @Test

  167.   public void fail_if_uuid_is_not_known_without_views() {

  168.     userSession.logIn();

  169. 

  170.     expectedException.expect(NotFoundException.class);

  171. 

  172.     newRequestByUuid(underTestWithoutViews, "unknown-template-uuid");

  173.   }

  174. 

  175.   @Test

  176.   public void fail_if_uuid_is_not_known_with_views() {

  177.     userSession.logIn();

  178. 

  179.     expectedException.expect(NotFoundException.class);

  180. 

  181.     newRequestByUuid(underTestWithViews, "unknown-template-uuid");

  182.   }

  183. 

  184.   @Test

  185.   public void fail_to_delete_by_uuid_if_template_is_default_template_for_project_without_views() throws Exception {

  186.     fail_to_delete_by_uuid_if_template_is_default_template_for_project(this.underTestWithoutViews);

  187.   }

  188. 

  189.   @Test

  190.   public void fail_to_delete_by_uuid_if_template_is_default_template_for_project_with_views() throws Exception {

  191.     fail_to_delete_by_uuid_if_template_is_default_template_for_project(this.underTestWithViews);

  192.   }

  193. 

  194.   private void fail_to_delete_by_uuid_if_template_is_default_template_for_project(WsActionTester underTest) {

  195.     OrganizationDto organization = db.organizations().insert();

  196.     PermissionTemplateDto projectTemplate = insertTemplateAndAssociatedPermissions(organization);

  197.     db.organizations().setDefaultTemplates(projectTemplate,

  198.       null, db.permissionTemplates().insertTemplate(organization));

  199.     loginAsAdmin(organization);

  200. 

  201.     expectedException.expect(BadRequestException.class);

  202.     expectedException.expectMessage("It is not possible to delete the default permission template for projects");

  203. 

  204.     newRequestByUuid(underTest, projectTemplate.getUuid());

  205.   }

  206. 

  207.   @Test

  208.   public void fail_to_delete_by_name_if_template_is_default_template_for_project_without_views() throws Exception {

  209.     fail_to_delete_by_name_if_template_is_default_template_for_project(this.underTestWithoutViews);

  210.   }

  211. 

  212.   @Test

  213.   public void fail_to_delete_by_name_if_template_is_default_template_for_project_with_views() throws Exception {

  214.     fail_to_delete_by_name_if_template_is_default_template_for_project(this.underTestWithViews);

  215.   }

  216. 

  217.   private void fail_to_delete_by_name_if_template_is_default_template_for_project(WsActionTester underTest) {

  218.     OrganizationDto organization = db.organizations().insert();

  219.     PermissionTemplateDto projectTemplate = insertTemplateAndAssociatedPermissions(organization);

  220.     db.organizations().setDefaultTemplates(projectTemplate, null, db.permissionTemplates().insertTemplate(organization));

  221.     loginAsAdmin(organization);

  222. 

  223.     expectedException.expect(BadRequestException.class);

  224.     expectedException.expectMessage("It is not possible to delete the default permission template for projects");

  225. 

  226.     newRequestByName(underTest, organization.getKey(), projectTemplate.getName());

  227.   }

  228. 

  229.   @Test

  230.   public void fail_to_delete_by_uuid_if_template_is_default_template_for_portfolios_with_views() {

  231.     OrganizationDto organization = db.organizations().insert();

  232.     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  233.     db.organizations().setDefaultTemplates(db.permissionTemplates().insertTemplate(organization), null, template);

  234.     loginAsAdmin(organization);

  235. 

  236.     expectedException.expect(BadRequestException.class);

  237.     expectedException.expectMessage("It is not possible to delete the default permission template for portfolios");

  238. 

  239.     newRequestByUuid(this.underTestWithViews, template.getUuid());

  240.   }

  241. 

  242.   @Test

  243.   public void fail_to_delete_by_uuid_if_template_is_default_template_for_applications_with_views() {

  244.     OrganizationDto organization = db.organizations().insert();

  245.     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  246.     db.organizations().setDefaultTemplates(db.permissionTemplates().insertTemplate(organization), template, null);

  247.     loginAsAdmin(organization);

  248. 

  249.     expectedException.expect(BadRequestException.class);

  250.     expectedException.expectMessage("It is not possible to delete the default permission template for applications");

  251. 

  252.     newRequestByUuid(this.underTestWithViews, template.getUuid());

  253.   }

  254. 

  255.   @Test

  256.   public void default_template_for_views_can_be_deleted_by_uuid_if_views_is_not_installed_and_default_template_for_views_is_reset() {

  257.     OrganizationDto organization = db.organizations().insert();

  258.     PermissionTemplateDto projectTemplate = db.permissionTemplates().insertTemplate(organization);

  259.     PermissionTemplateDto viewTemplate = insertTemplateAndAssociatedPermissions(organization);

  260.     db.organizations().setDefaultTemplates(projectTemplate, null, viewTemplate);

  261.     loginAsAdmin(organization);

  262. 

  263.     newRequestByUuid(this.underTestWithoutViews, viewTemplate.getUuid());

  264. 

  265.     assertTemplateDoesNotExist(viewTemplate);

  266. 

  267.     assertThat(db.getDbClient().organizationDao().getDefaultTemplates(db.getSession(), organization.getUuid())

  268.       .get().getApplicationsUuid())

  269.         .isNull();

  270.   }

  271. 

  272.   @Test

  273.   public void fail_to_delete_by_uuid_if_not_logged_in_without_views() {

  274.     expectedException.expect(UnauthorizedException.class);

  275. 

  276.     newRequestByUuid(underTestWithoutViews, "uuid");

  277.   }

  278. 

  279.   @Test

  280.   public void fail_to_delete_by_uuid_if_not_logged_in_with_views() {

  281.     expectedException.expect(UnauthorizedException.class);

  282. 

  283.     newRequestByUuid(underTestWithViews, "uuid");

  284.   }

  285. 

  286.   @Test

  287.   public void fail_to_delete_by_name_if_not_logged_in_without_views() {

  288.     expectedException.expect(UnauthorizedException.class);

  289. 

  290.     newRequestByName(underTestWithoutViews, "whatever", "name");

  291.   }

  292. 

  293.   @Test

  294.   public void fail_to_delete_by_name_if_not_logged_in_with_views() {

  295.     expectedException.expect(UnauthorizedException.class);

  296. 

  297.     newRequestByName(underTestWithViews, "whatever", "name");

  298.   }

  299. 

  300.   @Test

  301.   public void fail_to_delete_by_uuid_if_not_admin_without_views() {

  302.     OrganizationDto organization = db.organizations().insert();

  303.     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  304.     userSession.logIn();

  305. 

  306.     expectedException.expect(ForbiddenException.class);

  307. 

  308.     newRequestByUuid(underTestWithoutViews, template.getUuid());

  309.   }

  310. 

  311.   @Test

  312.   public void fail_to_delete_by_uuid_if_not_admin_with_views() {

  313.     OrganizationDto organization = db.organizations().insert();

  314.     PermissionTemplateDto template = insertTemplateAndAssociatedPermissions(organization);

  315.     userSession.logIn();

  316. 

  317.     expectedException.expect(ForbiddenException.class);

  318. 

  319.     newRequestByUuid(underTestWithViews, template.getUuid());

  320.   }

  321. 

  322.   @Test

  323.   public void fail_to_delete_by_name_if_not_admin_without_views() {

  324.     OrganizationDto organization = db.organizations().insert();

  325.     PermissionTemplateDto template = db.permissionTemplates().insertTemplate(organization);

  326.     userSession.logIn();

  327. 

  328.     expectedException.expect(ForbiddenException.class);

  329. 

  330.     newRequestByName(underTestWithoutViews, organization.getKey(), template.getName());

  331.   }

  332. 

  333.   @Test

  334.   public void fail_to_delete_by_name_if_not_admin_with_views() throws Exception {

  335.     OrganizationDto organization = db.organizations().insert();

  336.     PermissionTemplateDto template = db.permissionTemplates().insertTemplate(PermissionTemplateTesting.newPermissionTemplateDto()

  337.       .setOrganizationUuid(organization.getUuid())

  338.       .setName("the name"));

  339.     userSession.logIn();

  340. 

  341.     expectedException.expect(ForbiddenException.class);

  342. 

  343.     newRequestByName(underTestWithViews, organization, template);

  344.   }

  345. 

  346.   @Test

  347.   public void fail_if_neither_uuid_nor_name_is_provided_without_views() {

  348.     userSession.logIn();

  349. 

  350.     expectedException.expect(BadRequestException.class);

  351. 

  352.     newRequestByUuid(underTestWithoutViews, null);

  353.   }

  354. 

  355.   @Test

  356.   public void fail_if_neither_uuid_nor_name_is_provided_with_views() {

  357.     userSession.logIn();

  358. 

  359.     expectedException.expect(BadRequestException.class);

  360. 

  361.     newRequestByUuid(underTestWithViews, null);

  362.   }

  363. 

  364.   @Test

  365.   public void fail_if_both_uuid_and_name_are_provided_without_views() {

  366.     userSession.logIn();

  367. 

  368.     expectedException.expect(BadRequestException.class);

  369. 

  370.     underTestWithoutViews.newRequest().setMethod("POST")

  371.       .setParam(PARAM_TEMPLATE_ID, "uuid")

  372.       .setParam(PARAM_TEMPLATE_NAME, "name")

  373.       .execute();

  374.   }

  375. 

  376.   @Test

  377.   public void fail_if_both_uuid_and_name_are_provided_with_views() {

  378.     userSession.logIn();

  379. 

  380.     expectedException.expect(BadRequestException.class);

  381. 

  382.     underTestWithViews.newRequest().setMethod("POST")

  383.       .setParam(PARAM_TEMPLATE_ID, "uuid")

  384.       .setParam(PARAM_TEMPLATE_NAME, "name")

  385.       .execute();

  386.   }

  387. 

  388.   // @Test

  389.   // public void delete_perm_tpl_characteristic_when_delete_template() throws Exception {

  390.   // db.getDbClient().permissionTemplateCharacteristicDao().insert(db.getSession(), new PermissionTemplateCharacteristicDto()

  391.   // .setPermission(UserRole.USER)

  392.   // .setTemplateId(template.getId())

  393.   // .setWithProjectCreator(true)

  394.   // .setCreatedAt(new Date().getTime())

  395.   // .setUpdatedAt(new Date().getTime()));

  396.   // db.commit();

  397.   //

  398.   // newRequest(template.getUuid());

  399.   //

  400.   // assertThat(db.getDbClient().permissionTemplateCharacteristicDao().selectByTemplateIds(db.getSession(),

  401.   // asList(template.getId()))).isEmpty();

  402.   // }

  403. 

  404.   private UserSessionRule loginAsAdmin(OrganizationDto organization) {

  405.     return userSession.logIn().addPermission(ADMINISTER, organization);

  406.   }

  407. 

  408.   private void runOnAllUnderTests(ConsumerWithException<WsActionTester> consumer) throws Exception {

  409.     for (WsActionTester underTest : Arrays.asList(underTestWithoutViews, underTestWithViews)) {

  410.       consumer.accept(underTest);

  411.     }

  412.   }

  413. 

  414.   private interface ConsumerWithException<T> {

  415.     void accept(T e) throws Exception;

  416.   }

  417. 

  418.   private PermissionTemplateDto insertTemplateAndAssociatedPermissions(OrganizationDto organization) {

  419.     PermissionTemplateDto dto = db.permissionTemplates().insertTemplate(organization);

  420.     UserDto user = db.getDbClient().userDao().insert(db.getSession(), UserTesting.newUserDto().setActive(true));

  421.     GroupDto group = db.getDbClient().groupDao().insert(db.getSession(), GroupTesting.newGroupDto());

  422.     db.getDbClient().permissionTemplateDao().insertUserPermission(db.getSession(), dto.getId(), user.getId(), UserRole.ADMIN);

  423.     db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), dto.getId(), group.getId(), UserRole.CODEVIEWER);

  424.     db.commit();

  425.     return dto;

  426.   }

  427. 

  428.   private TestResponse newRequestByUuid(WsActionTester actionTester, @Nullable String id) {

  429.     TestRequest request = actionTester.newRequest().setMethod("POST");

  430.     if (id != null) {

  431.       request.setParam(PARAM_TEMPLATE_ID, id);

  432.     }

  433.     return request.execute();

  434.   }

  435. 

  436.   private TestResponse newRequestByName(WsActionTester actionTester, @Nullable OrganizationDto organizationDto, @Nullable PermissionTemplateDto permissionTemplateDto)

  437.     throws Exception {

  438.     return newRequestByName(

  439.       actionTester,

  440.       organizationDto == null ? null : organizationDto.getKey(),

  441.       permissionTemplateDto == null ? null : permissionTemplateDto.getName());

  442.   }

  443. 

  444.   private TestResponse newRequestByName(WsActionTester actionTester, @Nullable String organizationKey, @Nullable String name) {

  445.     TestRequest request = actionTester.newRequest().setMethod("POST");

  446.     if (organizationKey != null) {

  447.       request.setParam(PARAM_ORGANIZATION, organizationKey);

  448.     }

  449.     if (name != null) {

  450.       request.setParam(PARAM_TEMPLATE_NAME, name);

  451.     }

  452. 

  453.     return request.execute();

  454.   }

  455. 

  456.   private void assertTemplateDoesNotExist(PermissionTemplateDto template) {

  457.     assertThat(db.getDbClient().permissionTemplateDao().selectByUuid(db.getSession(), template.getUuid())).isNull();

  458.   }

  459. 

  460. }