private void addPermissions(OrganizationDto organization, ComponentDto root) { if (!root.isPrivate()) { dbTester.users().insertProjectPermissionOnAnyone("foo1", root); dbTester.users().insertPermissionOnAnyone(organization, "not project level"); } GroupDto group = dbTester.users().insertGroup(organization); dbTester.users().insertProjectPermissionOnGroup(group, "bar", root); dbTester.users().insertPermissionOnGroup(group, "not project level"); UserDto user = dbTester.users().insertUser(); dbTester.users().insertProjectPermissionOnUser(user, "doh", root); dbTester.users().insertPermissionOnUser(user, OrganizationPermission.SCAN); assertThat(dbTester.countRowsOfTable("group_roles")).isEqualTo(root.isPrivate() ? 2 : 4); assertThat(dbTester.countRowsOfTable("user_roles")).isEqualTo(2); }
@Test public void return_user_info_even_when_user_is_already_member_of_organization() { OrganizationDto organization = db.organizations().insert(); db.users().insertDefaultGroup(organization, "default"); UserDto user = db.users().insertUser(u -> u.setEmail("john@smith.com")); IntStream.range(0, 3) .mapToObj(i -> db.users().insertGroup(organization)) .forEach(g -> db.users().insertMembers(g, user)); db.organizations().addMember(organization, user); AddMemberWsResponse result = call(organization.getKey(), user.getLogin()); assertThat(result.getUser().getLogin()).isEqualTo(user.getLogin()); assertThat(result.getUser().getName()).isEqualTo(user.getName()); assertThat(result.getUser().getAvatar()).isEqualTo("b0d8c6e5ea589e6fc3d3e08afb1873bb"); assertThat(result.getUser().getGroupCount()).isEqualTo(3); }
@Test public void does_not_authenticate_from_user_token_when_token_does_not_match_active_user() { UserDto user = db.users().insertDisabledUser(); when(userTokenAuthentication.authenticate("token")).thenReturn(Optional.of(user.getUuid())); when(request.getHeader("Authorization")).thenReturn("Basic " + toBase64("token:")); expectedException.expect(authenticationException().from(Source.local(Method.BASIC_TOKEN)).withoutLogin().andNoPublicMessage()); try { underTest.authenticate(request); } finally { verifyZeroInteractions(authenticationEvent); } }
public UserDto insertAdminByUserPermission(OrganizationDto org) { UserDto user = insertUser(); insertPermissionOnUser(org, user, ADMINISTER); return user; }
private int insertGroupWithPermissions(OrganizationDto organization1) { GroupDto group = db.users().insertGroup(organization1); db.users().insertPermissionOnGroup(group, "foo"); db.users().insertPermissionOnGroup(group, "bar"); db.users().insertPermissionOnGroup(group, "doh"); return group.getId(); }
@Before public void setUp() { OrganizationDto defOrg = db.getDefaultOrganization(); group1 = db.users().insertGroup(defOrg, "group-1-name"); group2 = db.users().insertGroup(defOrg, "group-2-name"); group3 = db.users().insertGroup(defOrg, "group-3-name"); db.users().insertPermissionOnGroup(group1, SCAN); db.users().insertPermissionOnGroup(group2, SCAN); db.users().insertPermissionOnGroup(group3, ADMINISTER); db.users().insertPermissionOnAnyone(defOrg, SCAN); db.commit(); }
@Test public void delete_global_permission_from_group_on_public_project() { OrganizationDto org = db.organizations().insert(); GroupDto group1 = db.users().insertGroup(org); ComponentDto project1 = db.components().insertPublicProject(org); db.users().insertPermissionOnAnyone(org, "perm1"); db.users().insertPermissionOnGroup(group1, "perm2"); db.users().insertProjectPermissionOnGroup(group1, "perm3", project1); db.users().insertProjectPermissionOnAnyone("perm4", project1); underTest.delete(dbSession, "perm2", group1.getOrganizationUuid(), group1.getId(), null); dbSession.commit(); assertThatNoPermission("perm2"); assertThat(db.countRowsOfTable("group_roles")).isEqualTo(3); }
@Test public void getGroups_returns_the_groups_of_logged_in_user() { UserDto user = db.users().insertUser(); GroupDto group1 = db.users().insertGroup(); GroupDto group2 = db.users().insertGroup(); db.users().insertMember(group1, user); db.users().insertMember(group2, user); assertThat(newUserSession(user).getGroups()).extracting(GroupDto::getId).containsOnly(group1.getId(), group2.getId()); }
@Test public void keep_authorized_users_returns_empty_list_for_role_and_project_for_anonymous() { ComponentDto project1 = db.components().insertPrivateProject(organization); ComponentDto project2 = db.components().insertPrivateProject(organization); ComponentDto project3 = db.components().insertPrivateProject(organization); UserDto user1 = db.users().insertUser("u1"); UserDto user2 = db.users().insertUser("u2"); UserDto user3 = db.users().insertUser("u3"); GroupDto group1 = db.users().insertGroup(organization); GroupDto group2 = db.users().insertGroup(organization); db.users().insertMembers(group1, user1, user2); db.users().insertMembers(group2, user3); db.users().insertProjectPermissionOnUser(user1, UserRole.USER, project1); db.users().insertProjectPermissionOnUser(user2, UserRole.USER, project1); db.users().insertProjectPermissionOnUser(user3, UserRole.USER, project1); db.users().insertProjectPermissionOnGroup(group2, UserRole.USER, project3); assertThat(underTest.keepAuthorizedUsersForRoleAndProject(dbSession, // Only 100 and 101 has 'user' role on project newHashSet(100, 101, 102), "user", PROJECT_ID)).isEmpty(); }
@Test public void anonymous_should_be_authorized() { ComponentDto project1 = db.components().insertPublicProject(organization); ComponentDto project2 = db.components().insertPublicProject(organization); UserDto user1 = db.users().insertUser("u1"); GroupDto group = db.users().insertGroup(organization); db.users().insertMembers(group, user1); assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId(), project2.getId()), null, UserRole.USER)) .containsOnly(project1.getId(), project2.getId()); // group does not have the role "admin" assertThat(underTest.keepAuthorizedProjectIds(dbSession, newHashSet(project1.getId()), null, "admin")) .isEmpty(); }
@Test public void return_user_info() { OrganizationDto organization = db.organizations().insert(); db.users().insertDefaultGroup(organization, "default"); UserDto user = db.users().insertUser(u -> u.setEmail("john@smith.com")); AddMemberWsResponse result = call(organization.getKey(), user.getLogin()); assertThat(result.getUser().getLogin()).isEqualTo(user.getLogin()); assertThat(result.getUser().getName()).isEqualTo(user.getName()); assertThat(result.getUser().getAvatar()).isEqualTo("b0d8c6e5ea589e6fc3d3e08afb1873bb"); assertThat(result.getUser().getGroupCount()).isEqualTo(1); }
@Test public void remove_admin_group_if_still_other_admins() { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); db.users().insertPermissionOnGroup(group, ADMINISTER); UserDto admin = db.users().insertUser(); db.users().insertPermissionOnUser(org, admin, ADMINISTER); apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, ADMINISTER.getKey(), null, groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); }
@Test public void remove_admin_user_if_still_other_admins() { db.users().insertPermissionOnUser(org1, user1, ADMINISTER); GroupDto admins = db.users().insertGroup(org1, "admins"); db.users().insertMember(admins, user2); db.users().insertPermissionOnGroup(admins, ADMINISTER); UserPermissionChange change = new UserPermissionChange(REMOVE, org1.getUuid(), ADMINISTER.getKey(), null, UserId.from(user1), permissionService); underTest.apply(db.getSession(), change); assertThat(db.users().selectPermissionsOfUser(user1, org1)).isEmpty(); }
@Test public void return_group_counts_if_org_admin() { OrganizationDto organization = db.organizations().insert(); UserDto currentUser = db.users().insertUser(); userSession.logIn(currentUser) .addPermission(OrganizationPermission.ADMINISTER, organization) .addMembership(organization); UserDto user = db.users().insertUser(); db.organizations().addMember(organization, user); UserDto anotherUser = db.users().insertUser(); db.organizations().addMember(organization, anotherUser); IntStream.range(0, 10) .mapToObj(i -> db.users().insertGroup(organization)) .forEach(g -> db.users().insertMembers(g, user)); OrganizationDto anotherOrganization = db.organizations().insert(); GroupDto anotherGroup = db.users().insertGroup(anotherOrganization); db.users().insertMember(anotherGroup, user); indexAllUsers(); SearchMembersWsResponse result = ws.newRequest() .setParam("organization", organization.getKey()) .executeProtobuf(SearchMembersWsResponse.class); assertThat(result.getUsersList()).extracting(User::getLogin, User::getGroupCount, User::hasGroupCount) .containsExactlyInAnyOrder( tuple(user.getLogin(), 10, true), tuple(anotherUser.getLogin(), 0, true)); }
@Test public void selectProjectPermissions_returns_permissions_of_logged_in_user_on_specified_public_project_through_all_possible_configurations() { ComponentDto project = db.components().insertPublicProject(organization); db.users().insertProjectPermissionOnUser(user, "p1", project); db.users().insertProjectPermissionOnAnyone("p2", project); db.users().insertProjectPermissionOnGroup(group1, "p3", project); db.users().insertMember(group1, user); assertThat(underTest.selectProjectPermissions(dbSession, project.uuid(), user.getId())).containsOnly("p1", "p2", "p3"); }
@Test public void test_hasPermission_on_organization_for_logged_in_user() { OrganizationDto org = db.organizations().insert(); ComponentDto project = db.components().insertPrivateProject(org); UserDto user = db.users().insertUser(); db.users().insertPermissionOnUser(org, user, PROVISION_PROJECTS); db.users().insertProjectPermissionOnUser(user, UserRole.ADMIN, project); UserSession session = newUserSession(user); assertThat(session.hasPermission(PROVISION_PROJECTS, org.getUuid())).isTrue(); assertThat(session.hasPermission(ADMINISTER, org.getUuid())).isFalse(); assertThat(session.hasPermission(PROVISION_PROJECTS, "another-org")).isFalse(); }
@Test public void selectProjectPermissionsOfAnonymous_returns_permissions_of_anonymous_user_on_specified_public_project() { ComponentDto project = db.components().insertPublicProject(organization); db.users().insertProjectPermissionOnAnyone("p1", project); db.users().insertProjectPermissionOnUser(db.users().insertUser(), "p2", project); ComponentDto otherProject = db.components().insertPublicProject(); db.users().insertProjectPermissionOnAnyone("p3", otherProject); assertThat(underTest.selectProjectPermissionsOfAnonymous(dbSession, project.uuid())).containsOnly("p1"); }
@Test public void throw_IAE_when_members_group_already_exists() { UserDto user = dbTester.users().insertUser(); dbTester.users().insertDefaultGroup(dbTester.getDefaultOrganization(), "sonar-users"); dbTester.users().insertGroup(dbTester.getDefaultOrganization(), "Members"); expectedException.expect(IllegalArgumentException.class); expectedException.expectMessage("The group 'Members' already exist"); call(user.getLogin()); }
@Test public void select_by_email() { UserDto activeUser1 = db.users().insertUser(u -> u.setEmail("user1@email.com")); UserDto activeUser2 = db.users().insertUser(u -> u.setEmail("user1@email.com")); UserDto disableUser = db.users().insertUser(u -> u.setActive(false)); assertThat(underTest.selectByEmail(session, "user1@email.com")).hasSize(2); assertThat(underTest.selectByEmail(session, disableUser.getEmail())).isEmpty(); assertThat(underTest.selectByEmail(session, "unknown")).isEmpty(); }
@Test public void does_not_fail_if_user_already_added_in_organization() { OrganizationDto organization = db.organizations().insert(); GroupDto defaultGroup = db.users().insertDefaultGroup(organization, "default"); UserDto user = db.users().insertUser(); db.organizations().addMember(organization, user); db.users().insertMember(defaultGroup, user); assertMember(organization.getUuid(), user.getId()); call(organization.getKey(), user.getLogin()); assertMember(organization.getUuid(), user.getId()); }