Fix unittests

scm-core/src/main/java/sonia/scm/repository/Namespace.java

@@ -109,6 +109,14 @@ public class Namespace implements PermissionObject, Cloneable {
       .toHashCode();
   }
 
+  @Override
+  public String toString() {
+    return "Namespace{" +
+      "namespace='" + namespace + '\'' +
+      ", permissions=" + permissions +
+      '}';
+  }
+
   @Override
   public Namespace clone() {
     try {

scm-webapp/src/main/java/sonia/scm/api/v2/resources/NamespacePermissionResource.java

@@ -295,9 +295,8 @@ public class NamespacePermissionResource {
   }
 
   private Predicate<RepositoryPermission> filterPermission(String name) {
-    return permission -> getPermissionName(name).equals(permission.getName())
+    return permission ->
-      &&
+      getPermissionName(name).equals(permission.getName()) && permission.isGroupPermission() == isGroupPermission(name);
-      permission.isGroupPermission() == isGroupPermission(name);
   }
 
   private String getPermissionName(String permissionName) {

scm-webapp/src/test/java/sonia/scm/api/v2/resources/NamespaceRootResourceTest.java

@@ -224,26 +224,6 @@ class NamespaceRootResourceTest {
       assertThat(response.getStatus()).isEqualTo(404);
     }
 
-    @Test
-    void shouldNotCreateNewPermission() throws URISyntaxException {
-      MockHttpRequest request = MockHttpRequest.post("/" + NamespaceRootResource.NAMESPACE_PATH_V2 + "space/permissions")
-        .content("{\"name\":\"dent\",\"verbs\":[],\"role\":\"WRITE\",\"groupPermission\":false}".getBytes())
-        .header("Content-Type", "application/vnd.scmm-repositoryPermission+json;v=2");
-
-      dispatcher.invoke(request, response);
-
-      assertThat(response.getStatus()).isEqualTo(403);
-    }
-
-    @Test
-    void shouldNotDeletePermission() throws URISyntaxException {
-      MockHttpRequest request = MockHttpRequest.delete("/" + NamespaceRootResource.NAMESPACE_PATH_V2 + "hitchhiker/permissions/@humans");
-
-      dispatcher.invoke(request, response);
-
-      assertThat(response.getStatus()).isEqualTo(403);
-    }
-
     @Nested
     class WithWritePermission {
 

scm-webapp/src/test/java/sonia/scm/repository/DefaultNamespaceManagerTest.java

@@ -24,8 +24,13 @@
 
 package sonia.scm.repository;
 
-import com.github.legman.EventBus;
+import org.apache.shiro.authz.AuthorizationException;
+import org.apache.shiro.subject.Subject;
+import org.apache.shiro.util.ThreadContext;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.Assertions;
 import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Nested;
 import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.extension.ExtendWith;
 import org.mockito.Mock;
@@ -41,6 +46,7 @@ import java.util.Optional;
 import static java.util.Arrays.asList;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.mockito.ArgumentMatchers.argThat;
+import static org.mockito.Mockito.lenient;
 import static org.mockito.Mockito.verify;
 import static org.mockito.Mockito.when;
 import static sonia.scm.HandlerEventType.DELETE;
@@ -54,6 +60,8 @@ class DefaultNamespaceManagerTest {
   RepositoryManager repositoryManager;
   @Mock
   ScmEventBus eventBus;
+  @Mock
+  Subject subject;
 
   Namespace life;
 
@@ -64,8 +72,7 @@ class DefaultNamespaceManagerTest {
 
   @BeforeEach
   void mockExistingNamespaces() {
-    dao = new NamespaceDao(new InMemoryDataStoreFactory(new InMemoryDataStore()));
+    dao = new NamespaceDao(new InMemoryDataStoreFactory(new InMemoryDataStore<Namespace>()));
-    manager = new DefaultNamespaceManager(repositoryManager, dao, eventBus);
 
     when(repositoryManager.getAllNamespaces()).thenReturn(asList("life", "universe", "rest"));
 
@@ -76,6 +83,18 @@ class DefaultNamespaceManagerTest {
 
     universe = new Namespace("universe");
     rest = new Namespace("rest");
+
+    manager = new DefaultNamespaceManager(repositoryManager, dao, eventBus);
+  }
+
+  @BeforeEach
+  void mockSubject() {
+    ThreadContext.bind(subject);
+  }
+
+  @AfterEach
+  void unbindSubject() {
+    ThreadContext.unbindSubject();
   }
 
   @Test
@@ -85,6 +104,36 @@ class DefaultNamespaceManagerTest {
     assertThat(namespace).isEmpty();
   }
 
+  @Test
+  void shouldCleanUpPermissionWhenLastRepositoryOfNamespaceWasDeleted() {
+    when(repositoryManager.getAllNamespaces()).thenReturn(asList("universe", "rest"));
+
+    manager.cleanupDeletedNamespaces(new RepositoryEvent(DELETE, new Repository("1", "git", "life", "earth")));
+
+    assertThat(dao.get("life")).isEmpty();
+  }
+
+  @Test
+  void shouldCleanUpPermissionWhenLastRepositoryOfNamespaceWasRenamed() {
+    when(repositoryManager.getAllNamespaces()).thenReturn(asList("universe", "rest", "highway"));
+
+    manager.cleanupDeletedNamespaces(
+      new RepositoryModificationEvent(
+        MODIFY,
+        new Repository("1", "git", "highway", "earth"),
+        new Repository("1", "git", "life", "earth")));
+
+    assertThat(dao.get("life")).isEmpty();
+  }
+
+  @Nested
+  class WithPermissionToReadPermissions {
+
+    @BeforeEach
+    void grantReadPermission() {
+      when(subject.isPermitted("namespace:permissionRead")).thenReturn(true);
+    }
+
     @Test
     void shouldCreateNewNamespaceObjectIfNotInStore() {
       Namespace namespace = manager.get("universe").orElse(null);
@@ -127,26 +176,42 @@ class DefaultNamespaceManagerTest {
       verify(eventBus).post(argThat(event -> ((NamespaceModificationEvent) event).getEventType() == HandlerEventType.BEFORE_MODIFY));
       verify(eventBus).post(argThat(event -> ((NamespaceModificationEvent) event).getEventType() == HandlerEventType.MODIFY));
     }
+  }
 
-  @Test
+  @Nested
-  void shouldCleanUpPermissionWhenLastRepositoryOfNamespaceWasDeleted() {
+  class WithoutPermissionToReadOrWritePermissions {
-    when(repositoryManager.getAllNamespaces()).thenReturn(asList("universe", "rest"));
 
-    manager.cleanupDeletedNamespaces(new RepositoryEvent(DELETE, new Repository("1", "git", "life", "earth")));
+    @BeforeEach
-
+    void grantReadPermission() {
-    assertThat(dao.get("life")).isEmpty();
+      when(subject.isPermitted("namespace:permissionRead")).thenReturn(false);
+      lenient().doThrow(AuthorizationException.class).when(subject).checkPermission("namespace:permissionWrite");
     }
 
     @Test
-  void shouldCleanUpPermissionWhenLastRepositoryOfNamespaceWasRenamed() {
+    void shouldNotEnrichExistingNamespaceWithPermissions() {
-    when(repositoryManager.getAllNamespaces()).thenReturn(asList("universe", "rest", "highway"));
+      Namespace namespace = manager.get("life").orElse(null);
 
-    manager.cleanupDeletedNamespaces(
+      assertThat(namespace.getPermissions()).isEmpty();
-      new RepositoryModificationEvent(
+    }
-        MODIFY,
-        new Repository("1", "git", "highway", "earth"),
-        new Repository("1", "git", "life", "earth")));
 
-    assertThat(dao.get("life")).isEmpty();
+    @Test
+    void shouldNotEnrichExistingNamespaceWithPermissionsInGetAll() {
+      Collection<Namespace> namespaces = manager.getAll();
+
+      assertThat(namespaces).containsExactly(
+        new Namespace("life"),
+        universe,
+        rest
+      );
+    }
+
+    @Test
+    void shouldNotModifyExistingNamespaceWithPermissions() {
+      Namespace modifiedNamespace = manager.get("life").get();
+
+      modifiedNamespace.setPermissions(asList(new RepositoryPermission("Arthur Dent", "READ", false)));
+
+      Assertions.assertThrows(AuthorizationException.class, () -> manager.modify(modifiedNamespace));
+    }
   }
 }