Merge branch 'release/2.22' into release/3.0-beta

# Conflicts:
#	ontrack-repository-impl/src/main/java/net/nemerosa/ontrack/repository/config/MainDBInitConfig.java

.travis.yml

@@ -4,9 +4,17 @@ sudo: required
 services:
   - docker
 
+before_cache:
+  - rm -f $HOME/.gradle/caches/modules-2/modules-2.lock
+
+cache:
+  directories:
+    - $HOME/.gradle/caches/
+    - $HOME/.gradle/wrapper/
+
 jdk:
   - oraclejdk8
-  
+
 node_js:
   - "0.10"
 

doc/security-remember-me.md

@@ -0,0 +1,14 @@
+Enabling Security Remember Me feature
+=====================================
+
+* How to enable this feature with a LDAP authentication source?
+
+See http://stackoverflow.com/questions/24745528/spring-security-ldap-and-remember-me#24853922
+
+* How to test?
+
+Login normally.
+Delete the `JSESSIONID` cookie, and keep the `remember-be` one.
+Close the page
+Open the page
+

ontrack-acceptance/src/test/groovy/net/nemerosa/ontrack/acceptance/ACCBrowserBuildLinkPromotions.groovy

@@ -37,7 +37,7 @@ class ACCBrowserBuildLinkPromotions extends AcceptanceTestClient {
 
         // Link from another build
         def build2 = ontrack.build(projectName, 'B', '2')
-        build2.config.buildLink projectName, '1'
+        build2.buildLink projectName, '1'
 
         // Goes to the build page
         browser { browser ->

ontrack-acceptance/src/test/groovy/net/nemerosa/ontrack/acceptance/ACCBrowserLoginOn403.groovy

@@ -0,0 +1,36 @@
+package net.nemerosa.ontrack.acceptance
+
+import net.nemerosa.ontrack.acceptance.browser.pages.AccountManagementPage
+import net.nemerosa.ontrack.acceptance.browser.pages.HomePage
+import net.nemerosa.ontrack.acceptance.support.AcceptanceTestSuite
+import org.junit.Test
+
+import static net.nemerosa.ontrack.acceptance.browser.Browser.browser
+
+/**
+ * GUI test which tests the login redirection in case of page not authorised
+ */
+@AcceptanceTestSuite
+class ACCBrowserLoginOn403 extends AcceptanceTestClient {
+
+
+    @Test
+    void 'Login redirection'() {
+
+        browser { browser ->
+            // Tries to go to unauthorised page
+            browser.goTo AccountManagementPage, [:], false
+            // This should be rejected - and we should be on the login page
+            browser.screenshot 'access-rejected'
+            HomePage home = browser.page(HomePage)
+            home.header.checkOnLogin()
+            // Now, we login as admin
+            home.header.doLogin('admin', adminPassword, 3000)
+            // And we should be redirected to the account management page
+            browser.screenshot 'access-granted'
+            browser.at AccountManagementPage
+        }
+
+    }
+
+}

ontrack-acceptance/src/test/groovy/net/nemerosa/ontrack/acceptance/ACCDSL.groovy

@@ -24,14 +24,17 @@ class ACCDSL extends AbstractACCDSL {
         def testBranch = doCreateBranch()
         def projectName = testBranch.project.name.asText()
         def branchName = testBranch.name.asText()
-        // Anonymous client
-        Ontrack ontrack = ontrackBuilder.build()
-        // Branch cannot be found
-        try {
-            ontrack.branch(projectName, branchName)
-            Assert.fail "Branch access should have been forbidden"
-        } catch (OTNotFoundException ex) {
-            assert ex.message == "Branch not found: ${projectName}/${branchName}"
+        // Removes 'grant view to all'
+        withNotGrantProjectViewToAll {
+            // Anonymous client
+            Ontrack ontrack = ontrackBuilder.build()
+            // Branch cannot be found
+            try {
+                ontrack.branch(projectName, branchName)
+                Assert.fail "Branch access should have been forbidden"
+            } catch (OTNotFoundException ex) {
+                assert ex.message == "Branch not found: ${projectName}/${branchName}" as String
+            }
         }
     }
 

ontrack-acceptance/src/test/groovy/net/nemerosa/ontrack/acceptance/ACCDSLBuildLinks.groovy

@@ -2,6 +2,7 @@ package net.nemerosa.ontrack.acceptance
 
 import net.nemerosa.ontrack.acceptance.support.AcceptanceTestSuite
 import net.nemerosa.ontrack.dsl.SearchResult
+import net.nemerosa.ontrack.dsl.http.OTNotFoundException
 import org.junit.Test
 
 import static net.nemerosa.ontrack.test.TestUtils.uid
@@ -17,20 +18,25 @@ class ACCDSLBuildLinks extends AbstractACCDSL {
         // Creating two builds with some build links
         def p1 = uid('P1')
         def p2 = uid('P2')
+
+        ontrack.project(p2) {
+            branch('B2') {
+                build('2.0')
+                build('3.0')
+            }
+        }
+
         ontrack.project(p1) {
             branch('B1') {
                 build('1.1') {
-                    config {
-                        buildLink p2, '2.0'
-                    }
+                    buildLink p2, '2.0'
                 }
                 build('1.2') {
-                    config {
-                        buildLink p2, '3.0'
-                    }
+                    buildLink p2, '3.0'
                 }
             }
         }
+
         // Build id
         def id = ontrack.build(p1, 'B1', '1.1').id
         // Performs a search
@@ -39,7 +45,7 @@ class ACCDSLBuildLinks extends AbstractACCDSL {
         assert results.size() == 1
         SearchResult result = results[0]
         assert result.title == "Build ${p1}/B1/1.1"
-        assert result.description == "${p2} -> 2.0"
+        assert result.description == "${p1} -> 1.1"
         assert result.uri == "${baseURL}/structure/builds/${id}"
         assert result.page == "${baseURL}/#/build/${id}"
     }
@@ -65,34 +71,83 @@ class ACCDSLBuildLinks extends AbstractACCDSL {
             }
         }
 
-        def p3 = uid('P3')
-
         // Build ids
 
         def b111 = ontrack.build(p1, 'B1', '1.1').id
         def b220 = ontrack.build(p2, 'B2', '2.0').id
 
         // Links
-        ontrack.build(p1, 'B1', '1.0').config {
+        ontrack.build(p1, 'B1', '1.0').with {
             // Same project
             buildLink p1, '1.1'
             // Other project
             buildLink p2, '2.0'
-            // Unexisting build
-            buildLink p2, '2.2'
-            // Unexisting project
-            buildLink p3, '3.0'
         }
 
         // Gets the links
-        def buildLinks = ontrack.build(p1, 'B1', '1.0').config.buildLinks
-        assert buildLinks.collect { [it.project, it.build, it.page] } == [
+        def buildLinks = ontrack.build(p1, 'B1', '1.0').buildLinks
+
+        def collect = buildLinks.collect { [it.project, it.name, it.page] }
+        println collect
+        assert collect == [
                 [p1, '1.1', "${baseURL}/#/build/${b111}"],
                 [p2, '2.0', "${baseURL}/#/build/${b220}"],
-                [p2, '2.2', null],
-                [p3, '3.0', null],
         ]
 
     }
 
+    @Test(expected = OTNotFoundException)
+    void 'Build links with unexisting build'() {
+
+        // Creating projects, branches and builds
+
+        def p1 = uid('P1')
+        ontrack.project(p1) {
+            branch('B1', '') {
+                build('1.0', '')
+                build('1.1', '')
+            }
+        }
+
+        def p2 = uid('P2')
+        ontrack.project(p2) {
+            branch('B2', '')
+        }
+
+        // Build ids
+
+        def b111 = ontrack.build(p1, 'B1', '1.1').id
+        def b220 = ontrack.build(p2, 'B2', '2.0').id
+
+        // Links
+        ontrack.build(p1, 'B1', '1.0').with {
+            // Unexisting build
+            buildLink p2, '2.2'
+        }
+
+    }
+
+    @Test(expected = OTNotFoundException)
+    void 'Build link with unexisting project'() {
+
+        // Creating projects, branches and builds
+
+        def p1 = uid('P1')
+        ontrack.project(p1) {
+            branch('B1', '') {
+                build('1.0', '')
+                build('1.1', '')
+            }
+        }
+
+        def p3 = uid('P3')
+
+        // Links
+        ontrack.build(p1, 'B1', '1.0').with {
+            // Unexisting project
+            buildLink p3, '3.0'
+        }
+
+    }
+
 }

ontrack-acceptance/src/test/groovy/net/nemerosa/ontrack/acceptance/ACCDSLDecorations.groovy

@@ -138,32 +138,24 @@ class ACCDSLDecorations extends AbstractACCDSL {
             }
         }
 
-        def p3 = uid('P3')
-
         // Build ids
 
         ontrack.build(p1, 'B1', '1.1').id
         ontrack.build(p2, 'B2', '2.0').id
 
         // Links
-        ontrack.build(p1, 'B1', '1.0').config {
+        ontrack.build(p1, 'B1', '1.0').with {
             // Same project
             buildLink p1, '1.1'
             // Other project
             buildLink p2, '2.0'
-            // Unexisting build
-            buildLink p2, '2.2'
-            // Unexisting project
-            buildLink p3, '3.0'
         }
 
         // Gets the link decorations
         def buildLinks = ontrack.build(p1, 'B1', '1.0').buildLinkDecorations
         assert buildLinks.collect { [it.project, it.build] } == [
                 [p1, '1.1'],
                 [p2, '2.0'],
-                [p2, '2.2'],
-                [p3, '3.0'],
         ]
 
     }

ontrack-acceptance/src/test/groovy/net/nemerosa/ontrack/acceptance/ACCSearch.groovy

@@ -4,28 +4,32 @@ import com.fasterxml.jackson.databind.JsonNode
 import net.nemerosa.ontrack.acceptance.support.AcceptanceTestSuite
 import org.junit.Test
 
-import static net.nemerosa.ontrack.json.JsonUtils.array
-import static net.nemerosa.ontrack.json.JsonUtils.object
-
 /**
  * Search acceptance tests.
  */
 @AcceptanceTestSuite
 class ACCSearch extends AcceptanceTestClient {
 
     @Test
-    void 'Looking for a build when anonymous does not return anything by default'() {
+    void 'With default security settings, all builds are accessible'() {
         // Prerequisites
         JsonNode build = doCreateBuild()
-        // Looking for this build as anonymous
-        def results = anonymous().post(
-                object()
-                        .with('token', build.path('name').asText())
-                        .end(),
-                'search'
-        ).get()
+        // Looking for this build as a different user
+        def results = anonymousOntrack.search(build.path('name').asText())
         // Check
-        assert results == array().end()
+        assert results.size() == 1
+    }
+
+    @Test
+    void 'Looking for a non authorised build when does not return anything'() {
+        withNotGrantProjectViewToAll {
+            // Prerequisites
+            JsonNode build = doCreateBuild()
+            // Looking for this build as a different user
+            def results = ontrackAsAnyUser.search(build.path('name').asText())
+            // Check
+            assert results.empty
+        }
     }
 
     @Test
@@ -38,16 +42,11 @@ class ACCSearch extends AcceptanceTestClient {
         String name = build.path('name').asText()
         String id = build.path('id').asText()
         // Looking for this build as admin
-        def results = admin().post(
-                object()
-                        .with('token', build.path('name').asText())
-                        .end(),
-                'search'
-        ).get()
+        def results = ontrack.search(build.path('name').asText())
         // Check
         def result = results.get(0)
-        assert result.path('title').asText() == "Build ${project}/${branch}/${name}" as String
-        assert result.path('page').asText() == "${baseURL}/#/build/${id}" as String
+        assert result.title == "Build ${project}/${branch}/${name}" as String
+        assert result.page == "${baseURL}/#/build/${id}" as String
     }
 
 }

ontrack-acceptance/src/test/groovy/net/nemerosa/ontrack/acceptance/AcceptanceTestClient.groovy

@@ -11,6 +11,8 @@ import org.junit.Before
 import org.slf4j.Logger
 import org.slf4j.LoggerFactory
 
+import static net.nemerosa.ontrack.test.TestUtils.uid
+
 class AcceptanceTestClient extends AcceptanceSupport {
 
     private final Logger logger = LoggerFactory.getLogger(AcceptanceTestClient)
@@ -26,12 +28,25 @@ class AcceptanceTestClient extends AcceptanceSupport {
         return getOntrackAs('admin', adminPassword)
     }
 
+    protected Ontrack getAnonymousOntrack() {
+        return ontrackBuilder.build()
+    }
+
     protected Ontrack getOntrackAs(String user, String password) {
         return ontrackBuilder
                 .authenticate(user, password)
                 .build()
     }
 
+    protected Ontrack getOntrackAsAnyUser() {
+        def name = uid('U')
+        def password = uid('P')
+        ontrack.admin.account(name, name, "${name}@nemerosa.net", password)
+        return ontrackBuilder
+                .authenticate(name, password)
+                .build()
+    }
+
     protected JsonClient getJsonClient() {
         return new JsonClientImpl(
                 OTHttpClientBuilder.create(baseURL, sslDisabled)
@@ -128,4 +143,15 @@ class AcceptanceTestClient extends AcceptanceSupport {
             doDeleteProject name
         }
     }
+
+    def withNotGrantProjectViewToAll(Closure action) {
+        boolean oldGrant = ontrack.config.grantProjectViewToAll
+        try {
+            ontrack.config.grantProjectViewToAll = false
+            // Action
+            action()
+        } finally {
+            ontrack.config.grantProjectViewToAll = oldGrant
+        }
+    }
 }