mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
27803 Commits
59 Branches
Tree: db18af0468
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'db18af0468'
${ noResults }
sonarqube/server/sonar-server/src/test/java/org/sonar/server/permission/ws/template/TemplateGroupsActionTest.java

TemplateGroupsActionTest.java 16KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2019 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.permission.ws.template;

  21. 

  22. import javax.annotation.Nullable;

  23. import org.junit.Test;

  24. import org.sonar.api.resources.Qualifiers;

  25. import org.sonar.api.resources.ResourceTypes;

  26. import org.sonar.core.permission.GlobalPermissions;

  27. import org.sonar.db.component.ResourceTypesRule;

  28. import org.sonar.db.organization.OrganizationDto;

  29. import org.sonar.db.permission.template.PermissionTemplateDto;

  30. import org.sonar.db.permission.template.PermissionTemplateGroupDto;

  31. import org.sonar.db.user.GroupDto;

  32. import org.sonar.server.exceptions.BadRequestException;

  33. import org.sonar.server.exceptions.ForbiddenException;

  34. import org.sonar.server.exceptions.NotFoundException;

  35. import org.sonar.server.exceptions.UnauthorizedException;

  36. import org.sonar.server.permission.PermissionService;

  37. import org.sonar.server.permission.PermissionServiceImpl;

  38. import org.sonar.server.permission.ws.BasePermissionWsTest;

  39. import org.sonar.server.permission.ws.RequestValidator;

  40. import org.sonar.server.permission.ws.WsParameters;

  41. import org.sonarqube.ws.Permissions.WsGroupsResponse;

  42. 

  43. import static org.assertj.core.api.Assertions.assertThat;

  44. import static org.sonar.api.server.ws.WebService.Param.PAGE;

  45. import static org.sonar.api.server.ws.WebService.Param.PAGE_SIZE;

  46. import static org.sonar.api.server.ws.WebService.Param.TEXT_QUERY;

  47. import static org.sonar.api.web.UserRole.ADMIN;

  48. import static org.sonar.api.web.UserRole.CODEVIEWER;

  49. import static org.sonar.api.web.UserRole.ISSUE_ADMIN;

  50. import static org.sonar.api.web.UserRole.USER;

  51. import static org.sonar.db.permission.template.PermissionTemplateTesting.newPermissionTemplateGroupDto;

  52. import static org.sonar.db.user.GroupTesting.newGroupDto;

  53. import static org.sonar.test.JsonAssert.assertJson;

  54. import static org.sonarqube.ws.MediaTypes.PROTOBUF;

  55. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_PERMISSION;

  56. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_ID;

  57. import static org.sonarqube.ws.client.permission.PermissionsWsParameters.PARAM_TEMPLATE_NAME;

  58. 

  59. public class TemplateGroupsActionTest extends BasePermissionWsTest<TemplateGroupsAction> {

  60. 

  61.   private ResourceTypes resourceTypes = new ResourceTypesRule().setRootQualifiers(Qualifiers.PROJECT);

  62.   private PermissionService permissionService = new PermissionServiceImpl(resourceTypes);

  63.   private WsParameters wsParameters = new WsParameters(permissionService);

  64.   private RequestValidator requestValidator = new RequestValidator(permissionService);

  65. 

  66.   @Override

  67.   protected TemplateGroupsAction buildWsAction() {

  68.     return new TemplateGroupsAction(db.getDbClient(), userSession, newPermissionWsSupport(), wsParameters, requestValidator);

  69.   }

  70. 

  71.   @Test

  72.   public void template_groups_of_json_example() {

  73.     GroupDto adminGroup = insertGroupOnDefaultOrganization("sonar-administrators", "System administrators");

  74.     GroupDto userGroup = insertGroupOnDefaultOrganization("sonar-users", "Any new users created will automatically join this group");

  75. 

  76.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  77.     addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), adminGroup.getId()));

  78.     addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), userGroup.getId()));

  79.     // Anyone group

  80.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));

  81.     addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));

  82.     commit();

  83.     loginAsAdmin(db.getDefaultOrganization());

  84. 

  85.     String response = newRequest()

  86.       .setParam(PARAM_PERMISSION, ISSUE_ADMIN)

  87.       .setParam(PARAM_TEMPLATE_ID, template.getUuid())

  88.       .execute()

  89.       .getInput();

  90. 

  91.     assertJson(response)

  92.       .ignoreFields("id")

  93.       .withStrictArrayOrder()

  94.       .isSimilarTo(getClass().getResource("template_groups-example.json"));

  95.   }

  96. 

  97.   @Test

  98.   public void do_not_fail_when_group_name_exists_in_multiple_organizations() {

  99.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  100. 

  101.     String groupName = "group-name";

  102.     GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), groupName);

  103.     addGroupToTemplate(newPermissionTemplateGroup(CODEVIEWER, template.getId(), group1.getId()));

  104.     addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group1.getId()));

  105. 

  106.     OrganizationDto otherOrganization = db.organizations().insert();

  107.     db.users().insertGroup(otherOrganization, groupName);

  108. 

  109.     loginAsAdmin(db.getDefaultOrganization());

  110. 

  111.     newRequest()

  112.         .setMediaType(PROTOBUF)

  113.         .setParam(PARAM_TEMPLATE_ID, template.getUuid())

  114.         .setParam(TEXT_QUERY, "-nam")

  115.         .execute();

  116.   }

  117. 

  118.   @Test

  119.   public void return_all_permissions_of_matching_groups() {

  120.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  121. 

  122.     GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group-1-name");

  123.     addGroupToTemplate(newPermissionTemplateGroup(CODEVIEWER, template.getId(), group1.getId()));

  124.     addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group1.getId()));

  125. 

  126.     GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization(), "group-2-name");

  127.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group2.getId()));

  128.     addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));

  129. 

  130.     GroupDto group3 = db.users().insertGroup(db.getDefaultOrganization(), "group-3-name");

  131. 

  132.     // Anyone

  133.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));

  134.     addGroupToTemplate(newPermissionTemplateGroup(ISSUE_ADMIN, template.getId(), null));

  135. 

  136.     PermissionTemplateDto anotherTemplate = addTemplateToDefaultOrganization();

  137.     addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));

  138.     commit();

  139.     loginAsAdmin(db.getDefaultOrganization());

  140. 

  141.     WsGroupsResponse response = newRequest()

  142.       .setParam(PARAM_TEMPLATE_ID, template.getUuid())

  143.       .executeProtobuf(WsGroupsResponse.class);

  144. 

  145.     assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name", "group-3-name");

  146.     assertThat(response.getGroups(0).getPermissionsList()).containsOnly("user", "issueadmin");

  147.     assertThat(response.getGroups(1).getPermissionsList()).containsOnly("codeviewer", "admin");

  148.     assertThat(response.getGroups(2).getPermissionsList()).containsOnly("user", "admin");

  149.   }

  150. 

  151.   @Test

  152.   public void search_by_permission() {

  153.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  154. 

  155.     GroupDto group1 = db.users().insertGroup(db.getDefaultOrganization(), "group-1-name");

  156.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));

  157.     addGroupToTemplate(newPermissionTemplateGroup(CODEVIEWER, template.getId(), group1.getId()));

  158. 

  159.     GroupDto group2 = db.users().insertGroup(db.getDefaultOrganization(), "group-2-name");

  160.     addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));

  161. 

  162.     GroupDto group3 = db.users().insertGroup(db.getDefaultOrganization(), "group-3-name");

  163. 

  164.     // Anyone

  165.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));

  166. 

  167.     PermissionTemplateDto anotherTemplate = addTemplateToDefaultOrganization();

  168.     addGroupToTemplate(newPermissionTemplateGroup(ADMIN, anotherTemplate.getId(), group3.getId()));

  169.     commit();

  170.     loginAsAdmin(db.getDefaultOrganization());

  171. 

  172.     WsGroupsResponse response = newRequest()

  173.       .setParam(PARAM_PERMISSION, USER)

  174.       .setParam(PARAM_TEMPLATE_ID, template.getUuid())

  175.       .executeProtobuf(WsGroupsResponse.class);

  176. 

  177.     assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name");

  178.     assertThat(response.getGroups(0).getPermissionsList()).containsOnly("user");

  179.     assertThat(response.getGroups(1).getPermissionsList()).containsOnly("user", "codeviewer");

  180.   }

  181. 

  182.   @Test

  183.   public void search_by_template_name() {

  184.     OrganizationDto defaultOrg = db.getDefaultOrganization();

  185.     GroupDto group1 = db.users().insertGroup(defaultOrg, "group-1-name");

  186.     GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");

  187.     GroupDto group3 = db.users().insertGroup(defaultOrg, "group-3-name");

  188. 

  189.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  190.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));

  191.     addGroupToTemplate(newPermissionTemplateGroup(ADMIN, template.getId(), group2.getId()));

  192.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), null));

  193. 

  194.     PermissionTemplateDto anotherTemplate = addTemplateToDefaultOrganization();

  195.     addGroupToTemplate(newPermissionTemplateGroup(USER, anotherTemplate.getId(), group1.getId()));

  196.     commit();

  197.     loginAsAdmin(db.getDefaultOrganization());

  198. 

  199.     WsGroupsResponse response = newRequest()

  200.       .setParam(PARAM_TEMPLATE_NAME, template.getName())

  201.       .executeProtobuf(WsGroupsResponse.class);

  202. 

  203.     assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone", "group-1-name", "group-2-name", "group-3-name");

  204.   }

  205. 

  206.   @Test

  207.   public void search_with_pagination() {

  208.     OrganizationDto defaultOrg = db.getDefaultOrganization();

  209.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  210.     GroupDto group1 = db.users().insertGroup(defaultOrg, "group-1-name");

  211.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));

  212.     GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");

  213.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group2.getId()));

  214.     commit();

  215.     loginAsAdmin(db.getDefaultOrganization());

  216. 

  217.     WsGroupsResponse response = newRequest()

  218.       .setParam(PARAM_PERMISSION, USER)

  219.       .setParam(PARAM_TEMPLATE_NAME, template.getName())

  220.       .setParam(PAGE, "2")

  221.       .setParam(PAGE_SIZE, "1")

  222.       .executeProtobuf(WsGroupsResponse.class);

  223. 

  224.     assertThat(response.getGroupsList()).extracting("name").containsExactly("group-2-name");

  225.   }

  226. 

  227.   @Test

  228.   public void search_with_text_query() {

  229.     OrganizationDto defaultOrg = db.getDefaultOrganization();

  230.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  231.     GroupDto group1 = db.users().insertGroup(defaultOrg, "group-1-name");

  232.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group1.getId()));

  233.     GroupDto group2 = db.users().insertGroup(defaultOrg, "group-2-name");

  234.     GroupDto group3 = db.users().insertGroup(defaultOrg, "group-3");

  235.     commit();

  236.     loginAsAdmin(db.getDefaultOrganization());

  237. 

  238.     WsGroupsResponse response = newRequest()

  239.       .setParam(PARAM_TEMPLATE_NAME, template.getName())

  240.       .setParam(TEXT_QUERY, "-nam")

  241.       .executeProtobuf(WsGroupsResponse.class);

  242. 

  243.     assertThat(response.getGroupsList()).extracting("name").containsExactly("group-1-name", "group-2-name");

  244.   }

  245. 

  246.   @Test

  247.   public void search_with_text_query_return_all_groups_even_when_no_permission_set() {

  248.     OrganizationDto defaultOrg = db.getDefaultOrganization();

  249.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  250.     db.users().insertGroup(defaultOrg, "group-1-name");

  251.     db.users().insertGroup(defaultOrg, "group-2-name");

  252.     db.users().insertGroup(defaultOrg, "group-3-name");

  253.     commit();

  254.     loginAsAdmin(db.getDefaultOrganization());

  255. 

  256.     WsGroupsResponse response = newRequest()

  257.       .setParam(PARAM_TEMPLATE_ID, template.getUuid())

  258.       .setParam(TEXT_QUERY, "-name")

  259.       .executeProtobuf(WsGroupsResponse.class);

  260. 

  261.     assertThat(response.getGroupsList()).extracting("name").containsExactly("group-1-name", "group-2-name", "group-3-name");

  262.     assertThat(response.getGroups(0).getPermissionsList()).isEmpty();

  263.     assertThat(response.getGroups(1).getPermissionsList()).isEmpty();

  264.     assertThat(response.getGroups(2).getPermissionsList()).isEmpty();

  265.   }

  266. 

  267.   @Test

  268.   public void search_with_text_query_return_anyone_group_even_when_no_permission_set() {

  269.     PermissionTemplateDto template = addTemplateToDefaultOrganization();

  270.     GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "group");

  271.     addGroupToTemplate(newPermissionTemplateGroup(USER, template.getId(), group.getId()));

  272.     commit();

  273.     loginAsAdmin(db.getDefaultOrganization());

  274. 

  275.     WsGroupsResponse response = newRequest()

  276.       .setParam(PARAM_TEMPLATE_ID, template.getUuid())

  277.       .setParam(TEXT_QUERY, "nyo")

  278.       .executeProtobuf(WsGroupsResponse.class);

  279. 

  280.     assertThat(response.getGroupsList()).extracting("name").containsExactly("Anyone");

  281.     assertThat(response.getGroups(0).getPermissionsList()).isEmpty();

  282.   }

  283. 

  284.   @Test

  285.   public void fail_if_not_logged_in() {

  286.     PermissionTemplateDto template1 = addTemplateToDefaultOrganization();

  287.     userSession.anonymous();

  288. 

  289.     expectedException.expect(UnauthorizedException.class);

  290. 

  291.     newRequest()

  292.       .setParam(PARAM_PERMISSION, USER)

  293.       .setParam(PARAM_TEMPLATE_ID, template1.getUuid())

  294.       .execute();

  295.   }

  296. 

  297.   @Test

  298.   public void fail_if_insufficient_privileges() {

  299.     PermissionTemplateDto template1 = addTemplateToDefaultOrganization();

  300.     userSession.logIn();

  301. 

  302.     expectedException.expect(ForbiddenException.class);

  303. 

  304.     newRequest()

  305.       .setParam(PARAM_PERMISSION, USER)

  306.       .setParam(PARAM_TEMPLATE_ID, template1.getUuid())

  307.       .execute();

  308.   }

  309. 

  310.   @Test

  311.   public void fail_if_template_uuid_and_name_provided() {

  312.     PermissionTemplateDto template1 = addTemplateToDefaultOrganization();

  313.     loginAsAdmin(db.getDefaultOrganization());

  314. 

  315.     expectedException.expect(BadRequestException.class);

  316. 

  317.     newRequest()

  318.       .setParam(PARAM_PERMISSION, USER)

  319.       .setParam(PARAM_TEMPLATE_ID, template1.getUuid())

  320.       .setParam(PARAM_TEMPLATE_NAME, template1.getName())

  321.       .execute();

  322.   }

  323. 

  324.   @Test

  325.   public void fail_if_template_uuid_nor_name_provided() {

  326.     loginAsAdmin(db.getDefaultOrganization());

  327. 

  328.     expectedException.expect(BadRequestException.class);

  329. 

  330.     newRequest()

  331.       .setParam(PARAM_PERMISSION, USER)

  332.       .execute();

  333.   }

  334. 

  335.   @Test

  336.   public void fail_if_template_is_not_found() {

  337.     loginAsAdmin(db.getDefaultOrganization());

  338. 

  339.     expectedException.expect(NotFoundException.class);

  340. 

  341.     newRequest()

  342.       .setParam(PARAM_PERMISSION, USER)

  343.       .setParam(PARAM_TEMPLATE_ID, "unknown-uuid")

  344.       .execute();

  345.   }

  346. 

  347.   @Test

  348.   public void fail_if_not_a_project_permission() {

  349.     loginAsAdmin(db.getDefaultOrganization());

  350.     PermissionTemplateDto template1 = addTemplateToDefaultOrganization();

  351. 

  352.     expectedException.expect(IllegalArgumentException.class);

  353. 

  354.     newRequest()

  355.       .setParam(PARAM_PERMISSION, GlobalPermissions.QUALITY_GATE_ADMIN)

  356.       .setParam(PARAM_TEMPLATE_ID, template1.getUuid())

  357.       .execute();

  358.   }

  359. 

  360.   private GroupDto insertGroupOnDefaultOrganization(String name, String description) {

  361.     return db.users().insertGroup(newGroupDto().setName(name).setDescription(description).setOrganizationUuid(db.getDefaultOrganization().getUuid()));

  362.   }

  363. 

  364.   private void addGroupToTemplate(PermissionTemplateGroupDto permissionTemplateGroup) {

  365.     db.getDbClient().permissionTemplateDao().insertGroupPermission(db.getSession(), permissionTemplateGroup);

  366.   }

  367. 

  368.   private static PermissionTemplateGroupDto newPermissionTemplateGroup(String permission, long templateId, @Nullable Integer groupId) {

  369.     return newPermissionTemplateGroupDto()

  370.       .setPermission(permission)

  371.       .setTemplateId(templateId)

  372.       .setGroupId(groupId);

  373.   }

  374. 

  375.   private void commit() {

  376.     db.commit();

  377.   }

  378. }