Add CLI commands for global permission management (#2091)

Add CLI commands for permission management for users and groups.

Co-authored-by: Konstantin Schaper <konstantin.schaper@cloudogu.com>

scm-webapp/src/test/java/sonia/scm/group/cli/GroupPermissionRemoveCommandTest.java

@@ -0,0 +1,91 @@
+/*
+ * MIT License
+ *
+ * Copyright (c) 2020-present Cloudogu GmbH and Contributors
+ *
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ *
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
+ */
+
+package sonia.scm.group.cli;
+
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.junit.jupiter.api.extension.ExtendWith;
+import org.mockito.Mock;
+import org.mockito.junit.jupiter.MockitoExtension;
+import sonia.scm.cli.CliExitException;
+import sonia.scm.group.Group;
+import sonia.scm.group.GroupManager;
+import sonia.scm.security.PermissionAssigner;
+import sonia.scm.security.PermissionDescriptor;
+
+import java.util.List;
+
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.argThat;
+import static org.mockito.ArgumentMatchers.eq;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+
+@ExtendWith(MockitoExtension.class)
+class GroupPermissionRemoveCommandTest {
+
+  private final GroupTemplateTestRenderer testRenderer = new GroupTemplateTestRenderer();
+
+  @Mock
+  private GroupManager manager;
+  @Mock
+  private PermissionAssigner permissionAssigner;
+
+  private GroupPermissionRemoveCommand command;
+
+  @BeforeEach
+  void initCommand() {
+    command = new GroupPermissionRemoveCommand(testRenderer.getTemplateRenderer(), permissionAssigner, manager);
+  }
+
+  @Test
+  void shouldRenderErrorForUnknownUser() {
+    when(manager.get(any())).thenReturn(null);
+    command.setName("mygroup");
+    command.setRemovedPermissions(new String[]{"hitchhiker"});
+
+    assertThrows(CliExitException.class, () -> command.run());
+
+    assertThat(testRenderer.getStdErr()).contains("Could not find group");
+  }
+
+  @Test
+  void shouldRemovePermissions() {
+    when(manager.get(any())).thenReturn(new Group());
+    command.setName("mygroup");
+    command.setRemovedPermissions(new String[]{"hitchhiker", "heartOfGold"});
+    when(permissionAssigner.readPermissionsForGroup("mygroup"))
+      .thenReturn(List.of(new PermissionDescriptor("hitchhiker"), new PermissionDescriptor("heartOfGold"), new PermissionDescriptor("puzzle42")));
+
+    command.run();
+
+    verify(permissionAssigner).setPermissionsForGroup(eq("mygroup"), argThat(arg -> {
+      assertThat(arg.stream().map(PermissionDescriptor::getValue)).containsExactly("puzzle42");
+      return true;
+    }));
+  }
+}