@Test public void do_not_fail_if_removing_a_permission_that_does_not_exist() { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, new ProjectId(privateProject), groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); assertThat(db.users().selectGroupPermissions(group, privateProject)).isEmpty(); }
private void applyAddsPermissionToGroupOnPrivateProject(String permission) { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(privateProject), groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(permission); }
@Test public void apply_adds_organization_permission_to_group() { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); }
@Test public void add_permission_to_anyone() { OrganizationDto defaultOrganization = db.getDefaultOrganization(); GroupIdOrAnyone groupId = GroupIdOrAnyone.forAnyone(defaultOrganization.getUuid()); apply(new GroupPermissionChange(PermissionChange.Operation.ADD, GlobalPermissions.QUALITY_GATE_ADMIN, null, groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); assertThat(db.users().selectAnyonePermissions(defaultOrganization, null)).containsOnly(GlobalPermissions.QUALITY_GATE_ADMIN); }
@Test public void remove_project_permission_from_group() { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); db.users().insertPermissionOnGroup(group, ADMINISTER_QUALITY_GATES); db.users().insertProjectPermissionOnGroup(group, UserRole.ISSUE_ADMIN, privateProject); db.users().insertProjectPermissionOnGroup(group, UserRole.CODEVIEWER, privateProject); apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, UserRole.ISSUE_ADMIN, new ProjectId(privateProject), groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(ADMINISTER_QUALITY_GATES.getKey()); assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(UserRole.CODEVIEWER); }
private void applyRemovesPermissionFromGroupOnPrivateProject(String permission) { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); db.users().insertProjectPermissionOnGroup(group, permission, privateProject); apply(new GroupPermissionChange(PermissionChange.Operation.ADD, permission, new ProjectId(privateProject), groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, privateProject)).containsOnly(permission); }
@Test public void add_permission_to_project_referenced_by_its_id() { GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators"); ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.getDefaultOrganization(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY)); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, A_PROJECT_UUID) .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(SYSTEM_ADMIN); }
@Test public void add_permission_to_project_referenced_by_its_key() { GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators"); ComponentDto project = db.components().insertComponent(newPrivateProjectDto(db.getDefaultOrganization(), A_PROJECT_UUID).setDbKey(A_PROJECT_KEY)); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_KEY, A_PROJECT_KEY) .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(SYSTEM_ADMIN); }
@Test public void remove_admin_group_if_still_other_admins() { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); db.users().insertPermissionOnGroup(group, ADMINISTER); UserDto admin = db.users().insertUser(); db.users().insertPermissionOnUser(org, admin, ADMINISTER); apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, ADMINISTER.getKey(), null, groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); }
@Test public void add_permission_to_group_referenced_by_its_id() { GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators"); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_ID, group.getId().toString()) .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(SYSTEM_ADMIN); }
@Test public void add_with_view_uuid() { OrganizationDto organizationDto = db.getDefaultOrganization(); GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators"); ComponentDto view = db.components().insertComponent(newView(organizationDto, "view-uuid").setDbKey("view-key")); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, view.uuid()) .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).isEmpty(); assertThat(db.users().selectGroupPermissions(group, view)).containsOnly(SYSTEM_ADMIN); }
@Test public void do_nothing_when_adding_permission_that_already_exists() { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); db.users().insertPermissionOnGroup(group, ADMINISTER_QUALITY_GATES); apply(new GroupPermissionChange(PermissionChange.Operation.ADD, ADMINISTER_QUALITY_GATES.getKey(), null, groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(ADMINISTER_QUALITY_GATES.getKey()); }
@Test public void remove_with_project_key() { ComponentDto project = db.components().insertPrivateProject(); db.users().insertPermissionOnGroup(aGroup, ADMINISTER); db.users().insertProjectPermissionOnGroup(aGroup, ADMIN, project); db.users().insertProjectPermissionOnGroup(aGroup, ISSUE_ADMIN, project); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PROJECT_KEY, project.getDbKey()) .setParam(PARAM_PERMISSION, ADMIN) .execute(); assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); assertThat(db.users().selectGroupPermissions(aGroup, project)).containsOnly(ISSUE_ADMIN); }
@Test public void add_permission_to_group_referenced_by_its_name() { GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators"); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_NAME, "sonar-administrators") .setParam(PARAM_PERMISSION, SYSTEM_ADMIN) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(SYSTEM_ADMIN); }
@Test public void remove_permission_from_group() { GroupIdOrAnyone groupId = GroupIdOrAnyone.from(group); db.users().insertPermissionOnGroup(group, ADMINISTER_QUALITY_GATES); db.users().insertPermissionOnGroup(group, PROVISION_PROJECTS); apply(new GroupPermissionChange(PermissionChange.Operation.REMOVE, ADMINISTER_QUALITY_GATES.getKey(), null, groupId, permissionService)); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(PROVISION_PROJECTS.getKey()); }
@Test public void remove_permission_using_group_id() { db.users().insertPermissionOnGroup(aGroup, ADMINISTER); db.users().insertPermissionOnGroup(aGroup, PROVISION_PROJECTS); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_ID, aGroup.getId().toString()) .setParam(PARAM_PERMISSION, PROVISION_PROJECTS.getKey()) .execute(); assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); }
@Test public void remove_permission_using_group_name() { db.users().insertPermissionOnGroup(aGroup, ADMINISTER); db.users().insertPermissionOnGroup(aGroup, PROVISION_PROJECTS); loginAsAdmin(db.getDefaultOrganization()); newRequest() .setParam(PARAM_GROUP_NAME, aGroup.getName()) .setParam(PARAM_PERMISSION, PROVISIONING) .execute(); assertThat(db.users().selectGroupPermissions(aGroup, null)).containsOnly(ADMINISTER.getKey()); }
@Test public void reference_group_by_its_name_in_organization() { OrganizationDto org = db.organizations().insert(); GroupDto group = db.users().insertGroup(org, "the-group"); loginAsAdmin(org); newRequest() .setParam(PARAM_ORGANIZATION, org.getKey()) .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PERMISSION, PROVISIONING) .execute(); assertThat(db.users().selectGroupPermissions(group, null)).containsOnly(PROVISIONING); }
@Test public void delete_admin_group_succeeds_if_other_groups_have_administrators() throws Exception { OrganizationDto org = db.organizations().insert(); db.users().insertDefaultGroup(org); GroupDto adminGroup1 = db.users().insertGroup(org, "admins"); db.users().insertPermissionOnGroup(adminGroup1, SYSTEM_ADMIN); GroupDto adminGroup2 = db.users().insertGroup(org, "admins"); db.users().insertPermissionOnGroup(adminGroup2, SYSTEM_ADMIN); UserDto bigBoss = db.users().insertUser(); db.users().insertMember(adminGroup2, bigBoss); loginAsAdmin(org); executeDeleteGroupRequest(adminGroup1); assertThat(db.users().selectGroupPermissions(adminGroup2, null)).hasSize(1); }
/** * User is project administrator but not system administrator */ @Test public void adding_project_permission_is_allowed_to_project_administrators() { GroupDto group = db.users().insertGroup(db.getDefaultOrganization(), "sonar-administrators"); ComponentDto project = db.components().insertPrivateProject(); userSession.logIn().addProjectPermission(UserRole.ADMIN, project); newRequest() .setParam(PARAM_GROUP_NAME, group.getName()) .setParam(PARAM_PROJECT_ID, project.uuid()) .setParam(PARAM_PERMISSION, ISSUE_ADMIN) .execute(); assertThat(db.users().selectGroupPermissions(group, project)).containsOnly(ISSUE_ADMIN); }