mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
22947 Commits
59 Branches
Tree: e94c7b5f32
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'e94c7b5f32'
${ noResults }
sonarqube/it/it-tests/src/test/java/it/organization/OrganizationTest.java

OrganizationTest.java 18KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2017 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package it.organization;

  21. 

  22. import com.sonar.orchestrator.Orchestrator;

  23. import com.sonar.orchestrator.build.BuildFailureException;

  24. import it.Category6Suite;

  25. import java.util.List;

  26. import java.util.function.Consumer;

  27. import java.util.function.Function;

  28. import org.junit.After;

  29. import org.junit.Before;

  30. import org.junit.BeforeClass;

  31. import org.junit.ClassRule;

  32. import org.junit.Rule;

  33. import org.junit.Test;

  34. import org.junit.rules.ExpectedException;

  35. import org.sonarqube.ws.Organizations;

  36. import org.sonarqube.ws.WsComponents;

  37. import org.sonarqube.ws.WsUsers;

  38. import org.sonarqube.ws.client.HttpException;

  39. import org.sonarqube.ws.client.PostRequest;

  40. import org.sonarqube.ws.client.WsClient;

  41. import org.sonarqube.ws.client.component.ComponentsService;

  42. import org.sonarqube.ws.client.organization.CreateWsRequest;

  43. import org.sonarqube.ws.client.organization.OrganizationService;

  44. import org.sonarqube.ws.client.organization.SearchWsRequest;

  45. import org.sonarqube.ws.client.organization.UpdateWsRequest;

  46. import org.sonarqube.ws.client.permission.AddUserWsRequest;

  47. import org.sonarqube.ws.client.permission.PermissionsService;

  48. import org.sonarqube.ws.client.user.GroupsRequest;

  49. import util.ItUtils;

  50. import util.user.GroupManagement;

  51. import util.user.Groups;

  52. import util.user.UserRule;

  53. 

  54. import static it.Category6Suite.enableOrganizationsSupport;

  55. import static java.util.Collections.singletonList;

  56. import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic;

  57. import static org.assertj.core.api.Assertions.assertThat;

  58. import static org.junit.Assert.fail;

  59. import static util.ItUtils.deleteOrganizationsIfExists;

  60. import static util.ItUtils.newAdminWsClient;

  61. import static util.ItUtils.resetSettings;

  62. 

  63. public class OrganizationTest {

  64.   private static final String DEFAULT_ORGANIZATION_KEY = "default-organization";

  65.   private static final String NAME = "Foo Company";

  66.   private static final String KEY = "foo-company";

  67.   private static final String DESCRIPTION = "the description of Foo company";

  68.   private static final String URL = "https://www.foo.fr";

  69.   private static final String AVATAR_URL = "https://www.foo.fr/corporate_logo.png";

  70.   private static final String SETTING_ANYONE_CAN_CREATE_ORGANIZATIONS = "sonar.organizations.anyoneCanCreate";

  71. 

  72.   @ClassRule

  73.   public static Orchestrator orchestrator = Category6Suite.ORCHESTRATOR;

  74.   @ClassRule

  75.   public static UserRule userRule = UserRule.from(orchestrator);

  76.   @Rule

  77.   public ExpectedException expectedException = ExpectedException.none();

  78. 

  79.   private WsClient adminClient = newAdminWsClient(orchestrator);

  80.   private OrganizationService anonymousOrganizationService = ItUtils.newWsClient(orchestrator).organizations();

  81.   private OrganizationService adminOrganizationService = adminClient.organizations();

  82. 

  83.   @BeforeClass

  84.   public static void enableOrganizations() throws Exception {

  85.     enableOrganizationsSupport();

  86.   }

  87. 

  88.   @Before

  89.   public void setUp() throws Exception {

  90.     resetSettings(orchestrator, null, SETTING_ANYONE_CAN_CREATE_ORGANIZATIONS);

  91.     deleteOrganizationsIfExists(orchestrator, KEY, "an-org");

  92.   }

  93. 

  94.   @After

  95.   public void tearDown() throws Exception {

  96.     deleteOrganizationsIfExists(orchestrator, KEY, "an-org");

  97.   }

  98. 

  99.   @Test

  100.   public void create_update_delete_organizations_and_check_security() {

  101.     verifyOrganizationDoesNotExit(KEY);

  102. 

  103.     Organizations.Organization createdOrganization = adminOrganizationService.create(new CreateWsRequest.Builder()

  104.       .setName(NAME)

  105.       .setKey(KEY)

  106.       .setDescription(DESCRIPTION)

  107.       .setUrl(URL)

  108.       .setAvatar(AVATAR_URL)

  109.       .build())

  110.       .getOrganization();

  111.     assertThat(createdOrganization.getName()).isEqualTo(NAME);

  112.     assertThat(createdOrganization.getKey()).isEqualTo(KEY);

  113.     assertThat(createdOrganization.getDescription()).isEqualTo(DESCRIPTION);

  114.     assertThat(createdOrganization.getUrl()).isEqualTo(URL);

  115.     assertThat(createdOrganization.getAvatar()).isEqualTo(AVATAR_URL);

  116. 

  117.     verifySingleSearchResult(createdOrganization, NAME, DESCRIPTION, URL, AVATAR_URL);

  118. 

  119.     // update by id

  120.     adminOrganizationService.update(new UpdateWsRequest.Builder()

  121.       .setKey(createdOrganization.getKey())

  122.       .setName("new name")

  123.       .setDescription("new description")

  124.       .setUrl("new url")

  125.       .setAvatar("new avatar url")

  126.       .build());

  127.     verifySingleSearchResult(createdOrganization, "new name", "new description", "new url", "new avatar url");

  128. 

  129.     // update by key

  130.     adminOrganizationService.update(new UpdateWsRequest.Builder()

  131.       .setKey(createdOrganization.getKey())

  132.       .setName("new name 2")

  133.       .setDescription("new description 2")

  134.       .setUrl("new url 2")

  135.       .setAvatar("new avatar url 2")

  136.       .build());

  137.     verifySingleSearchResult(createdOrganization, "new name 2", "new description 2", "new url 2", "new avatar url 2");

  138. 

  139.     // remove optional fields

  140.     adminOrganizationService.update(new UpdateWsRequest.Builder()

  141.       .setKey(createdOrganization.getKey())

  142.       .setName("new name 3")

  143.       .setDescription("")

  144.       .setUrl("")

  145.       .setAvatar("")

  146.       .build());

  147.     verifySingleSearchResult(createdOrganization, "new name 3", null, null, null);

  148. 

  149.     // delete organization

  150.     adminOrganizationService.delete(createdOrganization.getKey());

  151.     verifyOrganizationDoesNotExit(KEY);

  152. 

  153.     adminOrganizationService.create(new CreateWsRequest.Builder()

  154.       .setName(NAME)

  155.       .setKey(KEY)

  156.       .build())

  157.       .getOrganization();

  158.     verifySingleSearchResult(createdOrganization, NAME, null, null, null);

  159. 

  160.     // verify anonymous can't create update nor delete an organization by default

  161.     verifyAnonymousNotAuthorized(service -> service.create(new CreateWsRequest.Builder().setName("An org").build()));

  162.     verifyUserNotAuthenticated(service -> service.update(new UpdateWsRequest.Builder().setKey(KEY).setName("new name").build()));

  163.     verifyUserNotAuthenticated(service -> service.delete(KEY));

  164. 

  165.     // verify logged in user without any permission can't create update nor delete an organization by default

  166.     userRule.createUser("john", "doh");

  167.     verifyUserNotAuthorized("john", "doh", service -> service.create(new CreateWsRequest.Builder().setName("An org").build()));

  168.     verifyUserNotAuthorized("john", "doh", service -> service.update(new UpdateWsRequest.Builder().setKey(KEY).setName("new name").build()));

  169.     verifyUserNotAuthorized("john", "doh", service -> service.delete(KEY));

  170. 

  171.     ItUtils.setServerProperty(orchestrator, SETTING_ANYONE_CAN_CREATE_ORGANIZATIONS, "true");

  172.     // verify anonymous still can't create update nor delete an organization if property is true

  173.     verifyUserNotAuthenticated(service -> service.create(new CreateWsRequest.Builder().setName("An org").build()));

  174.     verifyUserNotAuthenticated(service -> service.update(new UpdateWsRequest.Builder().setKey(KEY).setName("new name").build()));

  175.     verifyUserNotAuthenticated(service -> service.delete(KEY));

  176. 

  177.     // verify logged in user without any permission can't create nor update nor delete an organization if property is true

  178.     verifyUserNotAuthorized("john", "doh", service -> service.update(new UpdateWsRequest.Builder().setKey(KEY).setName("new name").build()));

  179.     verifyUserNotAuthorized("john", "doh", service -> service.delete(KEY));

  180.     // clean-up

  181.     adminOrganizationService.delete(KEY);

  182.     verifySingleSearchResult(

  183.       verifyUserAuthorized("john", "doh", service -> service.create(new CreateWsRequest.Builder().setName("An org").build())).getOrganization(),

  184.       "An org", null, null, null);

  185.   }

  186. 

  187.   private void verifyAnonymousNotAuthorized(Consumer<OrganizationService> consumer) {

  188.     try {

  189.       consumer.accept(anonymousOrganizationService);

  190.       fail("An HttpException should have been raised");

  191.     } catch (HttpException e) {

  192.       assertThat(e.code()).isEqualTo(403);

  193.     }

  194.   }

  195. 

  196.   private void verifyUserNotAuthenticated(Consumer<OrganizationService> consumer) {

  197.     try {

  198.       consumer.accept(anonymousOrganizationService);

  199.       fail("An HttpException should have been raised");

  200.     } catch (HttpException e) {

  201.       assertThat(e.code()).isEqualTo(401);

  202.     }

  203.   }

  204. 

  205.   private void verifyUserNotAuthorized(String login, String password, Consumer<OrganizationService> consumer) {

  206.     try {

  207.       OrganizationService organizationService = ItUtils.newUserWsClient(orchestrator, login, password).organizations();

  208.       consumer.accept(organizationService);

  209.       fail("An HttpException should have been raised");

  210.     } catch (HttpException e) {

  211.       assertThat(e.code()).isEqualTo(403);

  212.     }

  213.   }

  214. 

  215.   private <T> T verifyUserAuthorized(String login, String password, Function<OrganizationService, T> consumer) {

  216.     OrganizationService organizationService = ItUtils.newUserWsClient(orchestrator, login, password).organizations();

  217.     return consumer.apply(organizationService);

  218.   }

  219. 

  220.   @Test

  221.   public void create_generates_key_from_name() {

  222.     // create organization without key

  223.     String name = "Foo  Company to keyize";

  224.     String expectedKey = "foo-company-to-keyize";

  225.     Organizations.Organization createdOrganization = adminOrganizationService.create(new CreateWsRequest.Builder()

  226.       .setName(name)

  227.       .build())

  228.       .getOrganization();

  229.     assertThat(createdOrganization.getKey()).isEqualTo(expectedKey);

  230.     verifySingleSearchResult(createdOrganization, name, null, null, null);

  231. 

  232.     // clean-up

  233.     adminOrganizationService.delete(expectedKey);

  234.   }

  235. 

  236.   @Test

  237.   public void default_organization_can_not_be_deleted() {

  238.     try {

  239.       adminOrganizationService.delete(DEFAULT_ORGANIZATION_KEY);

  240.       fail("a HttpException should have been raised");

  241.     } catch (HttpException e) {

  242.       assertThat(e.code()).isEqualTo(400);

  243.     }

  244.   }

  245. 

  246.   @Test

  247.   public void create_fails_if_user_is_not_root() {

  248.     userRule.createUser("foo", "bar");

  249. 

  250.     CreateWsRequest createWsRequest = new CreateWsRequest.Builder()

  251.       .setName("bla bla")

  252.       .build();

  253.     OrganizationService fooUserOrganizationService = ItUtils.newUserWsClient(orchestrator, "foo", "bar").organizations();

  254. 

  255.     expect403HttpError(() -> fooUserOrganizationService.create(createWsRequest));

  256. 

  257.     userRule.setRoot("foo");

  258.     assertThat(fooUserOrganizationService.create(createWsRequest).getOrganization().getKey()).isEqualTo("bla-bla");

  259. 

  260.     // delete org, attempt recreate when no root anymore and ensure it can't anymore

  261.     fooUserOrganizationService.delete("bla-bla");

  262.     userRule.unsetRoot("foo");

  263.     expect403HttpError(() -> fooUserOrganizationService.create(createWsRequest));

  264.   }

  265. 

  266.   @Test

  267.   public void an_organization_member_can_analyze_project() {

  268.     verifyOrganizationDoesNotExit(KEY);

  269. 

  270.     Organizations.Organization createdOrganization = adminOrganizationService.create(new CreateWsRequest.Builder()

  271.       .setName(KEY)

  272.       .setKey(KEY)

  273.       .build())

  274.       .getOrganization();

  275.     verifySingleSearchResult(createdOrganization, KEY, null, null, null);

  276. 

  277.     userRule.createUser("bob", "bob");

  278.     userRule.removeGroups("sonar-users");

  279.     adminOrganizationService.addMember(KEY, "bob");

  280.     addPermissionsToUser(KEY, "bob", "provisioning", "scan");

  281. 

  282.     ItUtils.runProjectAnalysis(orchestrator, "shared/xoo-sample",

  283.       "sonar.organization", KEY, "sonar.login", "bob", "sonar.password", "bob");

  284.     ComponentsService componentsService = ItUtils.newAdminWsClient(orchestrator).components();

  285.     assertThat(searchSampleProject(KEY, componentsService).getComponentsList()).hasSize(1);

  286.   }

  287. 

  288.   @Test

  289.   public void by_default_anonymous_cannot_analyse_project_on_organization() {

  290.     verifyOrganizationDoesNotExit(KEY);

  291. 

  292.     Organizations.Organization createdOrganization = adminOrganizationService.create(new CreateWsRequest.Builder()

  293.       .setName(KEY)

  294.       .setKey(KEY)

  295.       .build())

  296.       .getOrganization();

  297.     verifySingleSearchResult(createdOrganization, KEY, null, null, null);

  298. 

  299.     try {

  300.       ItUtils.runProjectAnalysis(orchestrator, "shared/xoo-sample",

  301.         "sonar.organization", KEY);

  302.       fail();

  303.     } catch (BuildFailureException e) {

  304.       assertThat(e.getResult().getLogs()).contains("Insufficient privileges");

  305.     }

  306. 

  307.     ComponentsService componentsService = ItUtils.newAdminWsClient(orchestrator).components();

  308.     assertThat(searchSampleProject(KEY, componentsService).getComponentsCount()).isEqualTo(0);

  309.   }

  310. 

  311.   private void addPermissionsToUser(String orgKeyAndName, String login, String permission, String... otherPermissions) {

  312.     PermissionsService permissionsService = ItUtils.newAdminWsClient(orchestrator).permissions();

  313.     permissionsService.addUser(new AddUserWsRequest().setLogin(login).setOrganization(orgKeyAndName).setPermission(permission));

  314.     for (String otherPermission : otherPermissions) {

  315.       permissionsService.addUser(new AddUserWsRequest().setLogin(login).setOrganization(orgKeyAndName).setPermission(otherPermission));

  316.     }

  317.   }

  318. 

  319.   @Test

  320.   public void deleting_an_organization_also_deletes_projects_and_check_security() {

  321.     verifyOrganizationDoesNotExit(KEY);

  322. 

  323.     Organizations.Organization createdOrganization = adminOrganizationService.create(new CreateWsRequest.Builder()

  324.       .setName(KEY)

  325.       .setKey(KEY)

  326.       .build())

  327.       .getOrganization();

  328.     verifySingleSearchResult(createdOrganization, KEY, null, null, null);

  329. 

  330.     GroupManagement groupManagement = userRule.forOrganization(KEY);

  331. 

  332.     userRule.createUser("bob", "bob");

  333.     adminOrganizationService.addMember(KEY, "bob");

  334.     groupManagement.createGroup("grp1");

  335.     groupManagement.createGroup("grp2");

  336.     groupManagement.associateGroupsToUser("bob", "grp1", "grp2");

  337.     assertThat(groupManagement.getUserGroups("bob").getGroups())

  338.       .extracting(Groups.Group::getName)

  339.       .contains("grp1", "grp2");

  340.     addPermissionsToUser(KEY, "bob", "provisioning", "scan");

  341. 

  342.     ItUtils.runProjectAnalysis(orchestrator, "shared/xoo-sample",

  343.       "sonar.organization", KEY, "sonar.login", "bob", "sonar.password", "bob");

  344.     ComponentsService componentsService = ItUtils.newAdminWsClient(orchestrator).components();

  345.     assertThat(searchSampleProject(KEY, componentsService).getComponentsList()).hasSize(1);

  346. 

  347.     adminOrganizationService.delete(KEY);

  348. 

  349.     expect404HttpError(() -> searchSampleProject(KEY, componentsService));

  350.     verifyOrganizationDoesNotExit(KEY);

  351.   }

  352. 

  353.   @Test

  354.   public void return_groups_belonging_to_a_user_on_an_organization() throws Exception {

  355.     String userLogin = randomAlphabetic(10);

  356.     String groupName = randomAlphabetic(10);

  357.     adminClient.organizations().create(new CreateWsRequest.Builder().setKey(KEY).setName(KEY).build()).getOrganization();

  358.     userRule.createUser(userLogin, userLogin);

  359.     adminOrganizationService.addMember(KEY, userLogin);

  360.     adminClient.wsConnector().call(new PostRequest("api/user_groups/create")

  361.       .setParam("name", groupName)

  362.       .setParam("description", groupName)

  363.       .setParam("organization", KEY)).failIfNotSuccessful();

  364.     adminClient.wsConnector().call(new PostRequest("api/user_groups/add_user")

  365.       .setParam("login", userLogin)

  366.       .setParam("name", groupName)

  367.       .setParam("organization", KEY)).failIfNotSuccessful();

  368. 

  369.     List<WsUsers.GroupsWsResponse.Group> result = adminClient.users().groups(

  370.       GroupsRequest.builder().setLogin(userLogin).setOrganization(KEY).build()).getGroupsList();

  371. 

  372.     assertThat(result).extracting(WsUsers.GroupsWsResponse.Group::getName).containsOnly(groupName);

  373.   }

  374. 

  375.   private WsComponents.SearchWsResponse searchSampleProject(String organizationKey, ComponentsService componentsService) {

  376.     return componentsService

  377.       .search(new org.sonarqube.ws.client.component.SearchWsRequest()

  378.         .setOrganization(organizationKey)

  379.         .setQualifiers(singletonList("TRK"))

  380.         .setQuery("sample"));

  381.   }

  382. 

  383.   private void expect403HttpError(Runnable runnable) {

  384.     try {

  385.       runnable.run();

  386.       fail("Ws call should have failed");

  387.     } catch (HttpException e) {

  388.       assertThat(e.code()).isEqualTo(403);

  389.     }

  390.   }

  391. 

  392.   private void expect404HttpError(Runnable runnable) {

  393.     try {

  394.       runnable.run();

  395.       fail("Ws call should have failed");

  396.     } catch (HttpException e) {

  397.       assertThat(e.code()).isEqualTo(404);

  398.     }

  399.   }

  400. 

  401.   private void verifyOrganizationDoesNotExit(String organizationKey) {

  402.     Organizations.SearchWsResponse searchWsResponse = anonymousOrganizationService.search(new SearchWsRequest.Builder().setOrganizations(organizationKey).build());

  403.     assertThat(searchWsResponse.getOrganizationsList()).isEmpty();

  404.   }

  405. 

  406.   private void verifySingleSearchResult(Organizations.Organization createdOrganization, String name, String description, String url,

  407.     String avatarUrl) {

  408.     List<Organizations.Organization> organizations = anonymousOrganizationService.search(new SearchWsRequest.Builder().setOrganizations(createdOrganization.getKey())

  409.       .build()).getOrganizationsList();

  410.     assertThat(organizations).hasSize(1);

  411.     Organizations.Organization searchedOrganization = organizations.get(0);

  412.     assertThat(searchedOrganization.getKey()).isEqualTo(createdOrganization.getKey());

  413.     assertThat(searchedOrganization.getName()).isEqualTo(name);

  414.     if (description == null) {

  415.       assertThat(searchedOrganization.hasDescription()).isFalse();

  416.     } else {

  417.       assertThat(searchedOrganization.getDescription()).isEqualTo(description);

  418.     }

  419.     if (url == null) {

  420.       assertThat(searchedOrganization.hasUrl()).isFalse();

  421.     } else {

  422.       assertThat(searchedOrganization.getUrl()).isEqualTo(url);

  423.     }

  424.     if (avatarUrl == null) {

  425.       assertThat(searchedOrganization.hasAvatar()).isFalse();

  426.     } else {

  427.       assertThat(searchedOrganization.getAvatar()).isEqualTo(avatarUrl);

  428.     }

  429.   }

  430. }