@Test
  public void postPipelineAsXmlPartial_shouldEnforcePipelineGroupAdminPermissions()
      throws Exception {
    String md5 = setUpPipelineGroupsWithAdminPermissions();

    controller.postPipelineAsXmlPartial(0, "studios", NEW_PIPELINE, md5, response);
    assertThat(response.getStatus(), is(SC_UNAUTHORIZED));

    controller.postPipelineAsXmlPartial(0, "consulting", NEW_PIPELINE, md5, response);
    assertThat(response.getStatus(), is(SC_OK));
  }
 @Test
 public void shouldReturnXmlAndErrorMessageWhenPostOfPipelineAsInvalidPartialXml()
     throws Exception {
   groupName = BasicPipelineConfigs.DEFAULT_GROUP;
   configHelper.addPipeline("pipeline", "stage", "build1", "build2");
   String badXml =
       "<pipeline name=\"cruise\" labeltemplate=\"invalid\">\n"
           + "  <materials>\n"
           + "    <svn url=\"file:///tmp/foo\" checkexternals=\"true\" />\n"
           + "  </materials>\n"
           + "  <stage name=\"dev\">\n"
           + "    <jobs>\n"
           + "      <job name=\"linux\" />\n"
           + "      <job name=\"windows\" />\n"
           + "    </jobs>\n"
           + "  </stage>\n"
           + "</pipeline>";
   String md5 = goConfigDao.md5OfConfigFile();
   ModelAndView mav = controller.postPipelineAsXmlPartial(0, groupName, badXml, md5, response);
   assertThat(response.getStatus(), is(SC_CONFLICT));
   assertThat(response.getContentType(), is(RESPONSE_CHARSET_JSON));
   Map<String, String> json = (Map) mav.getModel().get("json");
   assertThat(json.get("result").toString(), containsString("Label is invalid"));
   assertThat(json.get("originalContent"), is(badXml));
 }
 @Test
 public void shouldPostPipelineAsPartialXml() throws Exception {
   configHelper.addPipeline("pipeline", "stage", "build1", "build2");
   String newXml = NEW_PIPELINE;
   String md5 = goConfigDao.md5OfConfigFile();
   groupName = BasicPipelineConfigs.DEFAULT_GROUP;
   ModelAndView mav = controller.postPipelineAsXmlPartial(0, groupName, newXml, md5, response);
   assertThat(response.getStatus(), is(SC_OK));
   assertThat(response.getContentType(), is(RESPONSE_CHARSET_JSON));
   Map json = (Map) mav.getModel().get("json");
   new JsonTester(json).shouldContain("{ 'result' : 'Pipeline changed successfully.' }");
 }
  @Test
  public void
      postPipelineAsXmlPartial_shouldEnforcePipelineGroupAdminPermissionsForPipelineTemplates()
          throws Exception {
    String md5 = setUpPipelineGroupsWithAdminPermissions();

    controller.postPipelineAsXmlPartial(
        0,
        TemplatesConfig.PIPELINE_TEMPLATES_FAKE_GROUP_NAME,
        NEW_PIPELINE_TEMPLATE,
        md5,
        response);
    assertThat(response.getStatus(), is(SC_UNAUTHORIZED));

    setCurrentUser("admin");
    controller.postPipelineAsXmlPartial(
        0,
        TemplatesConfig.PIPELINE_TEMPLATES_FAKE_GROUP_NAME,
        NEW_PIPELINE_TEMPLATE,
        md5,
        response);
    assertThat(response.getStatus(), is(SC_OK));
  }
 @Test
 public void shouldReturnXmlAndErrorMessageWhenInvalidPostOfPipelineAsPartialXml()
     throws Exception {
   groupName = DEFAULT_GROUP;
   configHelper.addPipeline("pipeline", "stage", "build1", "build2");
   String md5 = goConfigDao.md5OfConfigFile();
   ModelAndView mav =
       controller.postPipelineAsXmlPartial(4, groupName, NEW_PIPELINE, md5, response);
   assertThat(response.getStatus(), is(SC_NOT_FOUND));
   assertThat(response.getContentType(), is(RESPONSE_CHARSET_JSON));
   Map<String, Object> json = (Map) mav.getModel().get("json");
   Map<String, Object> jsonMap = new LinkedHashMap<>();
   jsonMap.put("result", "Pipeline does not exist.");
   jsonMap.put("originalContent", NEW_PIPELINE);
   assertThat(json, is(jsonMap));
 }
 @Test
 public void shouldReturnXmlAndErrorMessageWhenPostOfPipelineAsInvalidXml() throws Exception {
   groupName = BasicPipelineConfigs.DEFAULT_GROUP;
   configHelper.addPipeline("pipeline", "stage", "build1", "build2");
   String badXml = "<;askldjfa;dsklfja;sdjas;lkdf";
   String md5 = goConfigDao.md5OfConfigFile();
   ModelAndView mav = controller.postPipelineAsXmlPartial(0, groupName, badXml, md5, response);
   assertThat(response.getStatus(), is(SC_CONFLICT));
   assertThat(response.getContentType(), is(RESPONSE_CHARSET_JSON));
   Map json = (Map) mav.getModel().get("json");
   new JsonTester(json)
       .shouldContain(
           "{ 'result' : 'Error on line 1 of document  : The markup in the document preceding the root element must be well-formed. Nested exception: The markup in the document preceding the root element must be well-formed.',"
               + "  'originalContent' : '"
               + badXml
               + "' }");
 }
  @Test
  public void shouldGetPipelineAsPartialXml() throws Exception {
    // get the pipeline XML
    configHelper.addPipeline("pipeline", "dev", "linux", "windows");
    groupName = BasicPipelineConfigs.DEFAULT_GROUP;
    controller.getPipelineAsXmlPartial(0, groupName, null, response);
    String xml = response.getContentAsString();
    assertThat(xml, containsString("pass"));

    // save the pipeline XML
    MockHttpServletResponse postResponse = new MockHttpServletResponse();
    String modifiedXml = xml.replace("pass", "secret");
    controller.postPipelineAsXmlPartial(
        0, groupName, modifiedXml, goConfigDao.md5OfConfigFile(), postResponse);

    // get the pipeline XML again
    MockHttpServletResponse getResponse = new MockHttpServletResponse();
    controller.getPipelineAsXmlPartial(0, groupName, null, getResponse);
    assertThat(getResponse.getContentAsString(), containsString("secret"));
    assertThat(getResponse.getContentAsString(), is(modifiedXml));
  }
  @Test
  public void shouldGetTemplateAsPartialXmlOnlyIfUserHasAdminRights() throws Exception {
    // get the pipeline XML
    configHelper.addPipeline("pipeline", "dev", "linux", "windows");
    configHelper.addTemplate("new-template", "dev");
    controller.getPipelineAsXmlPartial(
        0, TemplatesConfig.PIPELINE_TEMPLATES_FAKE_GROUP_NAME, null, response);
    String xml = response.getContentAsString();
    assertThat(xml, containsString("new-template"));

    // save the pipeline XML
    MockHttpServletResponse postResponse = new MockHttpServletResponse();
    String modifiedXml = xml.replace("new-template", "new-name-for-template");
    controller.postPipelineAsXmlPartial(
        0,
        TemplatesConfig.PIPELINE_TEMPLATES_FAKE_GROUP_NAME,
        modifiedXml,
        goConfigDao.md5OfConfigFile(),
        postResponse);

    // get the pipeline XML again
    MockHttpServletResponse getResponse = new MockHttpServletResponse();
    controller.getPipelineAsXmlPartial(
        0, TemplatesConfig.PIPELINE_TEMPLATES_FAKE_GROUP_NAME, null, getResponse);
    assertThat(getResponse.getContentAsString(), containsString("new-name-for-template"));
    assertThat(getResponse.getContentAsString(), is(modifiedXml));

    setCurrentUser("user");
    MockHttpServletResponse nonAdminResponse = new MockHttpServletResponse();
    controller.getPipelineAsXmlPartial(
        0, TemplatesConfig.PIPELINE_TEMPLATES_FAKE_GROUP_NAME, null, nonAdminResponse);
    assertThat(nonAdminResponse.getStatus(), is(SC_UNAUTHORIZED));
    assertThat(
        nonAdminResponse.getContentAsString(),
        is("User 'user' does not have permission to administer pipeline templates"));
  }