@Test public void testNotGrantedBuildWhenRepositoryIsEmpty() throws IOException { mockGHMyselfAs("Me"); Project mockProject = mockProject(null); GithubRequireOrganizationMembershipACL acl = aclForProject(mockProject); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertFalse(acl.hasPermission(authenticationToken, Item.READ)); }
@Test public void testUsersCanCreateWithConfigurationEnabledPermission() throws IOException { boolean authenticatedUserCreateJobPermission = true; mockGHMyselfAs("Me"); GithubRequireOrganizationMembershipACL acl = new GithubRequireOrganizationMembershipACL( "admin", "myOrg", true, true, authenticatedUserCreateJobPermission, true, true, true); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertTrue(acl.hasPermission(authenticationToken, Item.CREATE)); }
@Test public void testNotGrantedBuildWhenNotUsingGitSCM() throws IOException { mockGHMyselfAs("Me"); Project mockProject = PowerMockito.mock(Project.class); PowerMockito.when(mockProject.getScm()).thenReturn(new NullSCM()); GithubRequireOrganizationMembershipACL acl = aclForProject(mockProject); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertFalse(acl.hasPermission(authenticationToken, Item.READ)); }
@Test public void testCanReadAndBuildOneOfMyRepositories() throws IOException { GHMyself me = mockGHMyselfAs("Me"); mockReposFor(me, Arrays.asList("me/a-repo")); mockOrgRepos(me, ImmutableMap.of("some-org", Arrays.asList("some-org/a-public-repo"))); Project mockProject = mockProject("https://github.com/me/a-repo.git"); GithubRequireOrganizationMembershipACL acl = aclForProject(mockProject); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertTrue(acl.hasPermission(authenticationToken, Item.READ)); assertTrue(acl.hasPermission(authenticationToken, Item.BUILD)); }
@Test public void testCanNotReadOrBuildRepositoryIDoNotCollaborateOn() throws IOException { GHMyself me = mockGHMyselfAs("Me"); mockReposFor(me, Arrays.asList("me/a-repo")); mockOrgRepos(me, ImmutableMap.of("some-org", Arrays.asList("some-org/a-private-repo"))); Project mockProject = mockProject("https://github.com/some-org/another-private-repo.git"); GithubRequireOrganizationMembershipACL acl = aclForProject(mockProject); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertFalse(acl.hasPermission(authenticationToken, Item.READ)); assertFalse(acl.hasPermission(authenticationToken, Item.BUILD)); }
private GithubRequireOrganizationMembershipACL aclForProject(Project project) { boolean useRepositoryPermissions = true; boolean authenticatedUserReadPermission = true; boolean authenticatedUserCreateJobPermission = false; GithubRequireOrganizationMembershipACL acl = new GithubRequireOrganizationMembershipACL( "admin", "myOrg", authenticatedUserReadPermission, useRepositoryPermissions, authenticatedUserCreateJobPermission, true, true, true); return acl.cloneForProject(project); }
@Test public void testNotGrantedReadWhenRepositoryUrlIsEmpty() throws IOException { mockGHMyselfAs("Me"); Project mockProject = PowerMockito.mock(Project.class); PowerMockito.when(mockProject.getScm()).thenReturn(new NullSCM()); GitSCM gitSCM = PowerMockito.mock(GitSCM.class); List<UserRemoteConfig> userRemoteConfigs = Collections.<UserRemoteConfig>emptyList(); PowerMockito.when(mockProject.getScm()).thenReturn(gitSCM); PowerMockito.when(gitSCM.getUserRemoteConfigs()).thenReturn(userRemoteConfigs); GithubRequireOrganizationMembershipACL acl = aclForProject(mockProject); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertFalse(acl.hasPermission(authenticationToken, Item.READ)); }
@Test public void testGlobalReadAvailableDueToAuthenticatedUserReadPermission() throws IOException { boolean useRepositoryPermissions = false; boolean authenticatedUserReadPermission = true; mockGHMyselfAs("Me"); GithubRequireOrganizationMembershipACL acl = new GithubRequireOrganizationMembershipACL( "admin", "myOrg", authenticatedUserReadPermission, useRepositoryPermissions, true, true, true, true); Project mockProject = mockProject("https://github.com/some-org/another-private-repo.git"); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertTrue(acl.hasPermission(authenticationToken, Hudson.READ)); }
@Test public void testWithoutUseRepositoryPermissionsSetCanReadDueToAuthenticatedUserReadPermission() throws IOException { boolean useRepositoryPermissions = false; boolean authenticatedUserReadPermission = true; mockGHMyselfAs("Me"); GithubRequireOrganizationMembershipACL acl = new GithubRequireOrganizationMembershipACL( "admin", "myOrg", authenticatedUserReadPermission, useRepositoryPermissions, true, true, true, true); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertTrue(acl.hasPermission(authenticationToken, Item.READ)); }
@Test public void testCannotReadConfigureDeleteAProjectWithoutToAuthenticatedUserReadPermission() throws IOException { String nullProjectName = null; Project mockProject = mockProject(nullProjectName); boolean authenticatedUserCreateJobPermission = false; mockGHMyselfAs("Me"); GithubRequireOrganizationMembershipACL globalAcl = new GithubRequireOrganizationMembershipACL( "admin", "myOrg", true, true, authenticatedUserCreateJobPermission, true, true, true); GithubRequireOrganizationMembershipACL acl = globalAcl.cloneForProject(mockProject); GithubAuthenticationToken authenticationToken = new GithubAuthenticationToken("accessToken", "https://api.github.com"); assertFalse(acl.hasPermission(authenticationToken, Item.READ)); assertFalse(acl.hasPermission(authenticationToken, Item.CONFIGURE)); assertFalse(acl.hasPermission(authenticationToken, Item.DELETE)); assertFalse(acl.hasPermission(authenticationToken, Item.EXTENDED_READ)); }