From a9c56c11f9889888311e1be3a1a100321c3f1ac0 Mon Sep 17 00:00:00 2001 From: Julien Lancelot Date: Tue, 24 Jan 2017 15:48:52 +0100 Subject: SONAR-8236 Add ITs on permission used by analysis --- .../src/test/java/it/analysis/PermissionTest.java | 71 ++++++++++++++-------- 1 file changed, 47 insertions(+), 24 deletions(-) (limited to 'it') diff --git a/it/it-tests/src/test/java/it/analysis/PermissionTest.java b/it/it-tests/src/test/java/it/analysis/PermissionTest.java index 84438b31755..5c1765a6a57 100644 --- a/it/it-tests/src/test/java/it/analysis/PermissionTest.java +++ b/it/it-tests/src/test/java/it/analysis/PermissionTest.java @@ -24,7 +24,7 @@ import com.sonar.orchestrator.Orchestrator; import com.sonar.orchestrator.build.BuildResult; import com.sonar.orchestrator.build.SonarScanner; import it.Category3Suite; -import org.junit.After; +import javax.annotation.Nullable; import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; @@ -49,50 +49,48 @@ import static util.ItUtils.setServerProperty; public class PermissionTest { + private static final String SIMPLE_USER = "simple-user"; + @ClassRule public static Orchestrator orchestrator = Category3Suite.ORCHESTRATOR; @ClassRule public static UserRule userRule = UserRule.from(orchestrator); - private static WsClient adminWsClient; - private static UserTokensService userTokensWsClient; - private static final String USER_WITH_EXECUTE_ANALYSIS_AND_ADMIN_PERMISSION = "george.orwell"; + private static UserTokensService userTokensWsClient; @BeforeClass public static void setUp() { adminWsClient = newAdminWsClient(orchestrator); userTokensWsClient = adminWsClient.userTokens(); - - userRule.createUser(USER_WITH_EXECUTE_ANALYSIS_AND_ADMIN_PERMISSION, "123456"); - addUserPermission(USER_WITH_EXECUTE_ANALYSIS_AND_ADMIN_PERMISSION, "scan"); - - userRule.createUser("simple-user", "password"); + resetData(); } @AfterClass - public static void resetSettingsAndUsers() throws Exception { - resetSettings(orchestrator, null, "sonar.forceAuthentication"); - userRule.deactivateUsers(USER_WITH_EXECUTE_ANALYSIS_AND_ADMIN_PERMISSION, "simple-user"); + public static void restoreAnyonePermissionToScan() throws Exception { + addGroupPermission("Anyone", "scan"); } @Before public void deleteData() { - orchestrator.resetData(); - resetSettings(orchestrator, null, "sonar.forceAuthentication"); + resetData(); } - @After - public void restoreAnyonePermissionOnScan() throws Exception { - addGroupPermission("Anyone", "scan"); + private static void resetData() { + orchestrator.resetData(); + resetSettings(orchestrator, null, "sonar.forceAuthentication"); + userRule.deactivateUsers(SIMPLE_USER); + removeGroupPermission("Anyone", "scan"); } @Test public void run_analysis_with_token_authentication() { + userRule.createUser(SIMPLE_USER, "password"); + addUserPermission(SIMPLE_USER, "scan", null); String tokenName = "Analyze Project"; WsUserTokens.GenerateWsResponse generateWsResponse = userTokensWsClient.generate(new GenerateWsRequest() - .setLogin(USER_WITH_EXECUTE_ANALYSIS_AND_ADMIN_PERMISSION) + .setLogin(SIMPLE_USER) .setName(tokenName)); SonarScanner sampleProject = SonarScanner.create(projectDir("shared/xoo-sample")); sampleProject.setProperties( @@ -102,7 +100,7 @@ public class PermissionTest { BuildResult buildResult = orchestrator.executeBuild(sampleProject); assertThat(buildResult.isSuccess()).isTrue(); - userTokensWsClient.revoke(new RevokeWsRequest().setLogin(USER_WITH_EXECUTE_ANALYSIS_AND_ADMIN_PERMISSION).setName(tokenName)); + userTokensWsClient.revoke(new RevokeWsRequest().setLogin(SIMPLE_USER).setName(tokenName)); } @Test @@ -147,16 +145,41 @@ public class PermissionTest { } @Test - public void execute_analysis_permission_on_project() throws Exception { - removeGroupPermission("Anyone", "scan"); - + public void run_analysis_with_authenticated_user_having_global_execute_analysis_permission() throws Exception { + userRule.createUser(SIMPLE_USER, "password"); + orchestrator.getServer().provisionProject("sample", "sample"); + addUserPermission(SIMPLE_USER, "scan", null); + + BuildResult buildResult = scanQuietly("shared/xoo-sample", "sonar.login", SIMPLE_USER, "sonar.password", "password"); + assertThat(buildResult.isSuccess()).isTrue(); + } + + @Test + public void run_analysis_with_authenticated_user_having_execute_analysis_permission_only_on_project() throws Exception { + userRule.createUser(SIMPLE_USER, "password"); + orchestrator.getServer().provisionProject("sample", "sample"); + addUserPermission(SIMPLE_USER, "scan", "sample"); + + BuildResult buildResult = scanQuietly("shared/xoo-sample", "sonar.login", SIMPLE_USER, "sonar.password", "password"); + + assertThat(buildResult.isSuccess()).isTrue(); } - private static void addUserPermission(String login, String permission) { + @Test + public void run_analysis_when_execute_analysis_is_set_to_anyone() throws Exception { + addGroupPermission("Anyone", "scan"); + + BuildResult buildResult = scanQuietly("shared/xoo-sample"); + + assertThat(buildResult.isSuccess()).isTrue(); + } + + private static void addUserPermission(String login, String permission, @Nullable String projectKey) { adminWsClient.permissions().addUser(new AddUserWsRequest() .setLogin(login) - .setPermission(permission)); + .setPermission(permission) + .setProjectKey(projectKey)); } private static void addGroupPermission(String groupName, String permission) { -- cgit v1.2.3