Skip to content

Commit

Permalink
SONAR-9105 enable back ITs requiring private projects
Browse files Browse the repository at this point in the history
  • Loading branch information
@sns-seb
sns-seb committed Apr 27, 2017
1 parent adbd222 commit 29e6245
Show file tree
Hide file tree
Showing 4 changed files with 85 additions and 58 deletions.
7 changes: 4 additions & 3 deletions it/it-tests/src/test/java/it/authorisation/ExecuteAnalysisPermissionTest.java
View file
Expand Up @@ -25,17 +25,19 @@
import org.junit.After; import org.junit.After;
import org.junit.Before; import org.junit.Before;
import org.junit.ClassRule; import org.junit.ClassRule;
import org.junit.Ignore;
import org.junit.Test; import org.junit.Test;
import org.sonar.wsclient.SonarClient; import org.sonar.wsclient.SonarClient;
import org.sonar.wsclient.user.UserParameters; import org.sonar.wsclient.user.UserParameters;
import org.sonarqube.ws.client.WsClient; import org.sonarqube.ws.client.WsClient;
import org.sonarqube.ws.client.permission.AddGroupWsRequest; import org.sonarqube.ws.client.permission.AddGroupWsRequest;
import org.sonarqube.ws.client.permission.AddProjectCreatorToTemplateWsRequest; import org.sonarqube.ws.client.permission.AddProjectCreatorToTemplateWsRequest;
import org.sonarqube.ws.client.permission.RemoveGroupWsRequest; import org.sonarqube.ws.client.permission.RemoveGroupWsRequest;
import org.sonarqube.ws.client.project.UpdateVisibilityRequest;
import util.ItUtils;


import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.junit.Assert.fail; import static org.junit.Assert.fail;
import static org.sonarqube.ws.client.project.UpdateVisibilityRequest.Visibility.PRIVATE;
import static util.ItUtils.newAdminWsClient; import static util.ItUtils.newAdminWsClient;
import static util.ItUtils.runProjectAnalysis; import static util.ItUtils.runProjectAnalysis;


Expand Down Expand Up @@ -70,7 +72,6 @@ public void tearDown() {
} }


@Test @Test
@Ignore // FIXME disabled until WS is available to create a private project
public void should_fail_if_logged_but_no_scan_permission() throws Exception { public void should_fail_if_logged_but_no_scan_permission() throws Exception {
executeLoggedAnalysis(); executeLoggedAnalysis();


Expand All @@ -84,7 +85,7 @@ public void should_fail_if_logged_but_no_scan_permission() throws Exception {
"You're only authorized to execute a local (preview) SonarQube analysis without pushing the results to the SonarQube server. Please contact your SonarQube administrator."); "You're only authorized to execute a local (preview) SonarQube analysis without pushing the results to the SonarQube server. Please contact your SonarQube administrator.");
} }


removeProjectPermission("anyone", "sample", "user"); ItUtils.newAdminWsClient(orchestrator).projects().updateVisibility(new UpdateVisibilityRequest(PROJECT_KEY, PRIVATE));
try { try {
// Execute anonymous analysis // Execute anonymous analysis
executeAnonymousAnalysis(); executeAnonymousAnalysis();
Expand Down
118 changes: 69 additions & 49 deletions it/it-tests/src/test/java/it/authorisation/IssuePermissionTest.java
View file
Expand Up @@ -24,7 +24,6 @@
import it.Category1Suite; import it.Category1Suite;
import org.junit.Before; import org.junit.Before;
import org.junit.ClassRule; import org.junit.ClassRule;
import org.junit.Ignore;
import org.junit.Test; import org.junit.Test;
import org.sonar.wsclient.SonarClient; import org.sonar.wsclient.SonarClient;
import org.sonar.wsclient.base.HttpException; import org.sonar.wsclient.base.HttpException;
Expand All @@ -35,12 +34,13 @@
import org.sonarqube.ws.client.WsClient; import org.sonarqube.ws.client.WsClient;
import org.sonarqube.ws.client.issue.BulkChangeRequest; import org.sonarqube.ws.client.issue.BulkChangeRequest;
import org.sonarqube.ws.client.permission.AddUserWsRequest; import org.sonarqube.ws.client.permission.AddUserWsRequest;
import org.sonarqube.ws.client.permission.RemoveGroupWsRequest; import org.sonarqube.ws.client.project.UpdateVisibilityRequest;
import util.ItUtils; import util.ItUtils;


import static java.util.Arrays.asList; import static java.util.Arrays.asList;
import static junit.framework.TestCase.fail; import static junit.framework.TestCase.fail;
import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThat;
import static org.sonarqube.ws.client.project.UpdateVisibilityRequest.Visibility.PRIVATE;
import static util.ItUtils.newAdminWsClient; import static util.ItUtils.newAdminWsClient;
import static util.ItUtils.newUserWsClient; import static util.ItUtils.newUserWsClient;
import static util.ItUtils.projectDir; import static util.ItUtils.projectDir;
Expand All @@ -57,21 +57,23 @@ public void init() {


ItUtils.restoreProfile(orchestrator, getClass().getResource("/authorisation/one-issue-per-line-profile.xml")); ItUtils.restoreProfile(orchestrator, getClass().getResource("/authorisation/one-issue-per-line-profile.xml"));


orchestrator.getServer().provisionProject("sample", "Sample"); orchestrator.getServer().provisionProject("privateProject", "PrivateProject");
orchestrator.getServer().associateProjectToQualityProfile("sample", "xoo", "one-issue-per-line"); ItUtils.newAdminWsClient(orchestrator).projects().updateVisibility(new UpdateVisibilityRequest("privateProject", PRIVATE));
SonarScanner sampleProject = SonarScanner.create(projectDir("shared/xoo-sample")); orchestrator.getServer().associateProjectToQualityProfile("privateProject", "xoo", "one-issue-per-line");
orchestrator.executeBuild(sampleProject); SonarScanner privateProject = SonarScanner.create(projectDir("shared/xoo-sample"))

.setProperty("sonar.projectKey", "privateProject")
orchestrator.getServer().provisionProject("sample2", "Sample2"); .setProperty("sonar.projectName", "PrivateProject");
orchestrator.getServer().associateProjectToQualityProfile("sample2", "xoo", "one-issue-per-line"); orchestrator.executeBuild(privateProject);
SonarScanner sampleProject2 = SonarScanner.create(projectDir("shared/xoo-sample"))
.setProperty("sonar.projectKey", "sample2") orchestrator.getServer().provisionProject("publicProject", "PublicProject");
.setProperty("sonar.projectName", "Sample2"); orchestrator.getServer().associateProjectToQualityProfile("publicProject", "xoo", "one-issue-per-line");
orchestrator.executeBuild(sampleProject2); SonarScanner publicProject = SonarScanner.create(projectDir("shared/xoo-sample"))
.setProperty("sonar.projectKey", "publicProject")
.setProperty("sonar.projectName", "PublicProject");
orchestrator.executeBuild(publicProject);
} }


@Test @Test
@Ignore // FIXME disabled until WS is available to create a private project
public void need_user_permission_on_project_to_see_issue() { public void need_user_permission_on_project_to_see_issue() {
SonarClient client = orchestrator.getServer().adminWsClient(); SonarClient client = orchestrator.getServer().adminWsClient();


Expand All @@ -81,20 +83,18 @@ public void need_user_permission_on_project_to_see_issue() {
try { try {
client.userClient().create(UserParameters.create().login(withBrowsePermission).name(withBrowsePermission) client.userClient().create(UserParameters.create().login(withBrowsePermission).name(withBrowsePermission)
.password("password").passwordConfirmation("password")); .password("password").passwordConfirmation("password"));
addUserPermission(withBrowsePermission, "sample", "user"); addUserPermission(withBrowsePermission, "privateProject", "user");


client.userClient().create(UserParameters.create().login(withoutBrowsePermission).name(withoutBrowsePermission) client.userClient().create(UserParameters.create().login(withoutBrowsePermission).name(withoutBrowsePermission)
.password("password").passwordConfirmation("password")); .password("password").passwordConfirmation("password"));
// By default, it's the group anyone that have the permission user, it would be better to remove all groups on this permission
removeGroupPermission("anyone", "sample", "user");


// Without user permission, a user cannot see issues on the project // Without user permission, a user cannot see issues on the project
assertThat(orchestrator.getServer().wsClient(withoutBrowsePermission, "password").issueClient().find( assertThat(orchestrator.getServer().wsClient(withoutBrowsePermission, "password").issueClient().find(
IssueQuery.create().componentRoots("sample")).list()).isEmpty(); IssueQuery.create().componentRoots("privateProject")).list()).isEmpty();


// With user permission, a user can see issues on the project // With user permission, a user can see issues on the project
assertThat(orchestrator.getServer().wsClient(withBrowsePermission, "password").issueClient().find( assertThat(orchestrator.getServer().wsClient(withBrowsePermission, "password").issueClient().find(
IssueQuery.create().componentRoots("sample")).list()).isNotEmpty(); IssueQuery.create().componentRoots("privateProject")).list()).isNotEmpty();


} finally { } finally {
client.userClient().deactivate(withBrowsePermission); client.userClient().deactivate(withBrowsePermission);
Expand All @@ -106,10 +106,9 @@ public void need_user_permission_on_project_to_see_issue() {
* SONAR-4839 * SONAR-4839
*/ */
@Test @Test
@Ignore // FIXME disabled until WS is available to create a private project
public void need_user_permission_on_project_to_see_issue_changelog() { public void need_user_permission_on_project_to_see_issue_changelog() {
SonarClient client = orchestrator.getServer().adminWsClient(); SonarClient client = orchestrator.getServer().adminWsClient();
Issue issue = client.issueClient().find(IssueQuery.create().componentRoots("sample")).list().get(0); Issue issue = client.issueClient().find(IssueQuery.create().componentRoots("privateProject")).list().get(0);
client.issueClient().assign(issue.key(), "admin"); client.issueClient().assign(issue.key(), "admin");


String withBrowsePermission = "with-browse-permission"; String withBrowsePermission = "with-browse-permission";
Expand All @@ -118,12 +117,10 @@ public void need_user_permission_on_project_to_see_issue_changelog() {
try { try {
client.userClient().create(UserParameters.create().login(withBrowsePermission).name(withBrowsePermission) client.userClient().create(UserParameters.create().login(withBrowsePermission).name(withBrowsePermission)
.password("password").passwordConfirmation("password")); .password("password").passwordConfirmation("password"));
addUserPermission(withBrowsePermission, "sample", "user"); addUserPermission(withBrowsePermission, "privateProject", "user");


client.userClient().create(UserParameters.create().login(withoutBrowsePermission).name(withoutBrowsePermission) client.userClient().create(UserParameters.create().login(withoutBrowsePermission).name(withoutBrowsePermission)
.password("password").passwordConfirmation("password")); .password("password").passwordConfirmation("password"));
// By default, it's the group anyone that have the permission user, it would be better to remove all groups on this permission
removeGroupPermission("anyone", "sample", "user");


// Without user permission, a user cannot see issue changelog on the project // Without user permission, a user cannot see issue changelog on the project
try { try {
Expand All @@ -148,25 +145,25 @@ public void need_user_permission_on_project_to_see_issue_changelog() {
@Test @Test
public void need_administer_issue_permission_on_project_to_set_severity() { public void need_administer_issue_permission_on_project_to_set_severity() {
SonarClient client = orchestrator.getServer().adminWsClient(); SonarClient client = orchestrator.getServer().adminWsClient();
Issue issueOnSample = client.issueClient().find(IssueQuery.create().componentRoots("sample")).list().get(0); Issue issueOnPrivateProject = client.issueClient().find(IssueQuery.create().componentRoots("privateProject")).list().get(0);
Issue issueOnSample2 = client.issueClient().find(IssueQuery.create().componentRoots("sample2")).list().get(0); Issue issueOnPublicProject = client.issueClient().find(IssueQuery.create().componentRoots("publicProject")).list().get(0);


String user = "user"; String user = "user";


try { try {
client.userClient().create(UserParameters.create().login(user).name(user).password("password").passwordConfirmation("password")); client.userClient().create(UserParameters.create().login(user).name(user).password("password").passwordConfirmation("password"));
addUserPermission(user, "sample", "issueadmin"); addUserPermission(user, "publicProject", "issueadmin");


// Without issue admin permission, a user cannot set severity on the issue // Without issue admin permission, a user cannot set severity on the issue
try { try {
orchestrator.getServer().wsClient(user, "password").issueClient().setSeverity(issueOnSample2.key(), "BLOCKER"); orchestrator.getServer().wsClient(user, "password").issueClient().setSeverity(issueOnPrivateProject.key(), "BLOCKER");
fail(); fail();
} catch (Exception e) { } catch (Exception e) {
assertThat(e).isInstanceOf(HttpException.class).describedAs("404"); assertThat(e).isInstanceOf(HttpException.class).describedAs("404");
} }


// With issue admin permission, a user can set severity on the issue // With issue admin permission, a user can set severity on the issue
assertThat(orchestrator.getServer().wsClient(user, "password").issueClient().setSeverity(issueOnSample.key(), "BLOCKER").severity()).isEqualTo("BLOCKER"); assertThat(orchestrator.getServer().wsClient(user, "password").issueClient().setSeverity(issueOnPublicProject.key(), "BLOCKER").severity()).isEqualTo("BLOCKER");


} finally { } finally {
client.userClient().deactivate(user); client.userClient().deactivate(user);
Expand All @@ -179,25 +176,25 @@ public void need_administer_issue_permission_on_project_to_set_severity() {
@Test @Test
public void need_administer_issue_permission_on_project_to_flag_as_false_positive() { public void need_administer_issue_permission_on_project_to_flag_as_false_positive() {
SonarClient client = orchestrator.getServer().adminWsClient(); SonarClient client = orchestrator.getServer().adminWsClient();
Issue issueOnSample = client.issueClient().find(IssueQuery.create().componentRoots("sample")).list().get(0); Issue issueOnPrivateProject = client.issueClient().find(IssueQuery.create().componentRoots("privateProject")).list().get(0);
Issue issueOnSample2 = client.issueClient().find(IssueQuery.create().componentRoots("sample2")).list().get(0); Issue issueOnPublicProject = client.issueClient().find(IssueQuery.create().componentRoots("publicProject")).list().get(0);


String user = "user"; String user = "user";


try { try {
client.userClient().create(UserParameters.create().login(user).name(user).password("password").passwordConfirmation("password")); client.userClient().create(UserParameters.create().login(user).name(user).password("password").passwordConfirmation("password"));
addUserPermission(user, "sample", "issueadmin"); addUserPermission(user, "publicProject", "issueadmin");


// Without issue admin permission, a user cannot flag an issue as false positive // Without issue admin permission, a user cannot flag an issue as false positive
try { try {
orchestrator.getServer().wsClient(user, "password").issueClient().doTransition(issueOnSample2.key(), "falsepositive"); orchestrator.getServer().wsClient(user, "password").issueClient().doTransition(issueOnPrivateProject.key(), "falsepositive");
fail(); fail();
} catch (Exception e) { } catch (Exception e) {
assertThat(e).isInstanceOf(HttpException.class).describedAs("404"); assertThat(e).isInstanceOf(HttpException.class).describedAs("404");
} }


// With issue admin permission, a user can flag an issue as false positive // With issue admin permission, a user can flag an issue as false positive
assertThat(orchestrator.getServer().wsClient(user, "password").issueClient().doTransition(issueOnSample.key(), "falsepositive").status()).isEqualTo("RESOLVED"); assertThat(orchestrator.getServer().wsClient(user, "password").issueClient().doTransition(issueOnPublicProject.key(), "falsepositive").status()).isEqualTo("RESOLVED");


} finally { } finally {
client.userClient().deactivate(user); client.userClient().deactivate(user);
Expand All @@ -210,30 +207,60 @@ public void need_administer_issue_permission_on_project_to_flag_as_false_positiv
@Test @Test
public void need_administer_issue_permission_on_project_to_bulk_change_severity_and_false_positive() { public void need_administer_issue_permission_on_project_to_bulk_change_severity_and_false_positive() {
SonarClient client = orchestrator.getServer().adminWsClient(); SonarClient client = orchestrator.getServer().adminWsClient();
Issue issueOnSample = client.issueClient().find(IssueQuery.create().componentRoots("sample")).list().get(0); Issue issueOnPrivateProject = client.issueClient().find(IssueQuery.create().componentRoots("privateProject")).list().get(0);
Issue issueOnSample2 = client.issueClient().find(IssueQuery.create().componentRoots("sample2")).list().get(0); Issue issueOnPublicProject = client.issueClient().find(IssueQuery.create().componentRoots("publicProject")).list().get(0);


String user = "user"; String user = "user";


try { try {
client.userClient().create(UserParameters.create().login(user).name(user).password("password").passwordConfirmation("password")); client.userClient().create(UserParameters.create().login(user).name(user).password("password").passwordConfirmation("password"));
addUserPermission(user, "sample", "issueadmin"); addUserPermission(user, "privateProject", "issueadmin");


Issues.BulkChangeWsResponse response = newUserWsClient(orchestrator, user, "password").issues() Issues.BulkChangeWsResponse response = makeBlockerAndFalsePositive(user, issueOnPrivateProject, issueOnPublicProject);
.bulkChange(BulkChangeRequest.builder().setIssues(asList(issueOnSample.key(), issueOnSample2.key()))
.setSetSeverity("BLOCKER")
.setDoTransition("falsepositive")
.build());


// public project but no issueadmin permission on publicProject => issue visible but not updated
// no user permission on privateproject => issue invisible and not updated
assertThat(response.getTotal()).isEqualTo(1);
assertThat(response.getSuccess()).isEqualTo(0);
assertThat(response.getIgnored()).isEqualTo(1);

addUserPermission(user, "privateProject", "user");
response = makeBlockerAndFalsePositive(user, issueOnPrivateProject, issueOnPublicProject);

// public project but no issueadmin permission on publicProject => unsuccessful on issueOnPublicProject
// user and issueadmin permission on privateproject => successful and 1 more issue visible
assertThat(response.getTotal()).isEqualTo(2);
assertThat(response.getSuccess()).isEqualTo(1);
assertThat(response.getIgnored()).isEqualTo(1);

addUserPermission(user, "publicProject", "issueadmin");
response = makeBlockerAndFalsePositive(user, issueOnPrivateProject, issueOnPublicProject);

// public and issueadmin permission on publicProject => successful on issueOnPublicProject
// issueOnPrivateProject already in specified state => unsuccessful
assertThat(response.getTotal()).isEqualTo(2); assertThat(response.getTotal()).isEqualTo(2);
assertThat(response.getSuccess()).isEqualTo(1); assertThat(response.getSuccess()).isEqualTo(1);
assertThat(response.getIgnored()).isEqualTo(1); assertThat(response.getIgnored()).isEqualTo(1);


response = makeBlockerAndFalsePositive(user, issueOnPrivateProject, issueOnPublicProject);

// issueOnPublicProject and issueOnPrivateProject already in specified state => unsuccessful
assertThat(response.getTotal()).isEqualTo(2);
assertThat(response.getSuccess()).isEqualTo(0);
assertThat(response.getIgnored()).isEqualTo(2);
} finally { } finally {
client.userClient().deactivate(user); client.userClient().deactivate(user);
} }
} }


private Issues.BulkChangeWsResponse makeBlockerAndFalsePositive(String user, Issue issueOnPrivateProject, Issue issueOnPublicProject) {
return newUserWsClient(orchestrator, user, "password").issues()
.bulkChange(BulkChangeRequest.builder().setIssues(asList(issueOnPrivateProject.key(), issueOnPublicProject.key()))
.setSetSeverity("BLOCKER")
.setDoTransition("falsepositive")
.build());
}

private void addUserPermission(String login, String projectKey, String permission) { private void addUserPermission(String login, String projectKey, String permission) {
adminWsClient.permissions().addUser( adminWsClient.permissions().addUser(
new AddUserWsRequest() new AddUserWsRequest()
Expand All @@ -242,13 +269,6 @@ private void addUserPermission(String login, String projectKey, String permissio
.setPermission(permission)); .setPermission(permission));
} }


private void removeGroupPermission(String groupName, String projectKey, String permission) {
adminWsClient.permissions().removeGroup(new RemoveGroupWsRequest()
.setGroupName(groupName)
.setProjectKey(projectKey)
.setPermission(permission));
}

private static Issues.ChangelogWsResponse changelog(String issueKey, String login, String password) { private static Issues.ChangelogWsResponse changelog(String issueKey, String login, String password) {
return newUserWsClient(orchestrator, login, password).issues().changelog(issueKey); return newUserWsClient(orchestrator, login, password).issues().changelog(issueKey);
} }
Expand Down
8 changes: 6 additions & 2 deletions sonar-ws/src/main/java/org/sonarqube/ws/client/project/ProjectsService.java
View file
Expand Up @@ -44,6 +44,7 @@
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID; import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_PROJECT_ID;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_QUALIFIERS; import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_QUALIFIERS;
import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_TO; import static org.sonarqube.ws.client.project.ProjectsWsParameters.PARAM_TO;
import static org.sonarqube.ws.client.project.UpdateVisibilityRequest.Visibility.PUBLIC;


/** /**
* Maps web service {@code api/projects}. * Maps web service {@code api/projects}.
Expand Down Expand Up @@ -109,8 +110,11 @@ public SearchWsResponse search(SearchWsRequest request) {


public void updateVisibility(UpdateVisibilityRequest request) { public void updateVisibility(UpdateVisibilityRequest request) {
PostRequest post = new PostRequest(path("update_visibility")) PostRequest post = new PostRequest(path("update_visibility"))
.setParam(PARAM_PROJECT, request.getProject()) .setParam(PARAM_PROJECT, request.getProject())
.setParam("visibility", request.getVisibility()); .setParam("visibility",
request.getVisibility()
.map(visibility -> visibility == PUBLIC ? "public" : "private")
.orElse(null));


call(post); call(post);
} }
Expand Down
10 changes: 6 additions & 4 deletions sonar-ws/src/main/java/org/sonarqube/ws/client/project/UpdateVisibilityRequest.java
View file
Expand Up @@ -19,24 +19,26 @@
*/ */
package org.sonarqube.ws.client.project; package org.sonarqube.ws.client.project;


import java.util.Optional;

public class UpdateVisibilityRequest { public class UpdateVisibilityRequest {
private final String project; private final String project;
private final String visibility; private final Visibility visibility;


public enum Visibility { public enum Visibility {
PUBLIC, PRIVATE PUBLIC, PRIVATE
} }


public UpdateVisibilityRequest(String project, Visibility visibility) { public UpdateVisibilityRequest(String project, Visibility visibility) {
this.project = project; this.project = project;
this.visibility = visibility == Visibility.PUBLIC ? "public" : "private"; this.visibility = visibility;
} }


public String getProject() { public String getProject() {
return project; return project;
} }


public String getVisibility() { public Optional<Visibility> getVisibility() {
return visibility; return Optional.ofNullable(visibility);
} }
} }

0 comments on commit 29e6245

Please sign in to comment.