source.dussan.org Git - sonarqube.git/blob

   1 /*
   2  * SonarQube
   3  * Copyright (C) 2009-2023 SonarSource SA
   4  * mailto:info AT sonarsource DOT com
   5  *
   6  * This program is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 3 of the License, or (at your option) any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public License
  17  * along with this program; if not, write to the Free Software Foundation,
  18  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
  19  */
  20 package org.sonar.server.platform.monitoring;
  21
  22 import org.junit.Rule;
  23 import org.junit.Test;
  24 import org.sonar.api.PropertyType;
  25 import org.sonar.api.config.PropertyDefinition;
  26 import org.sonar.api.config.PropertyDefinitions;
  27 import org.sonar.api.config.internal.MapSettings;
  28 import org.sonar.api.config.internal.Settings;
  29 import org.sonar.api.utils.System2;
  30 import org.sonar.db.DbTester;
  31 import org.sonar.db.newcodeperiod.NewCodePeriodType;
  32 import org.sonar.process.systeminfo.protobuf.ProtobufSystemInfo;
  33
  34 import static org.apache.commons.lang.StringUtils.repeat;
  35 import static org.assertj.core.api.Assertions.assertThat;
  36 import static org.sonar.process.systeminfo.SystemInfoUtils.attribute;
  37 import static org.sonar.server.platform.monitoring.SystemInfoTesting.assertThatAttributeIs;
  38
  39 public class SettingsSectionTest {
  40
  41   private static final String PASSWORD_PROPERTY = "sonar.password";
  42
  43   @Rule
  44   public DbTester dbTester = DbTester.create(System2.INSTANCE);
  45
  46   private PropertyDefinitions defs = new PropertyDefinitions(System2.INSTANCE, PropertyDefinition.builder(PASSWORD_PROPERTY).type(PropertyType.PASSWORD).build());
  47   private Settings settings = new MapSettings(defs);
  48   private SettingsSection underTest = new SettingsSection(dbTester.getDbClient(), settings);
  49
  50   @Test
  51   public void return_properties_and_sort_by_key() {
  52     settings.setProperty("foo", "foo value");
  53     settings.setProperty("bar", "bar value");
  54
  55     ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
  56     assertThatAttributeIs(protobuf, "bar", "bar value");
  57     assertThatAttributeIs(protobuf, "foo", "foo value");
  58     assertThatAttributeIs(protobuf, "Default New Code Definition", "PREVIOUS_VERSION");
  59
  60     // keys are ordered alphabetically
  61     assertThat(protobuf.getAttributesList())
  62       .extracting(ProtobufSystemInfo.Attribute::getKey)
  63       .containsExactly("bar", "foo", "Default New Code Definition");
  64   }
  65
  66   @Test
  67   public void return_default_new_code_definition_with_no_specified_value() {
  68     dbTester.newCodePeriods().insert(NewCodePeriodType.PREVIOUS_VERSION,null);
  69
  70     ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
  71     assertThatAttributeIs(protobuf, "Default New Code Definition", "PREVIOUS_VERSION");
  72   }
  73
  74   @Test
  75   public void return_default_new_code_definition_with_specified_value() {
  76     dbTester.newCodePeriods().insert(NewCodePeriodType.NUMBER_OF_DAYS,"30");
  77
  78     ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
  79     assertThatAttributeIs(protobuf, "Default New Code Definition", "NUMBER_OF_DAYS: 30");
  80   }
  81
  82   @Test
  83   public void truncate_long_property_values() {
  84     settings.setProperty("foo", repeat("abcde", 1_000));
  85
  86     ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
  87     String value = attribute(protobuf, "foo").getStringValue();
  88     assertThat(value).hasSize(500).startsWith("abcde");
  89   }
  90
  91   @Test
  92   public void value_is_obfuscated_if_key_matches_patterns() {
  93     verifyObfuscated(PASSWORD_PROPERTY);
  94     verifyObfuscated("foo.password.something");
  95     // case insensitive search of "password" term
  96     verifyObfuscated("bar.CheckPassword");
  97     verifyObfuscated("foo.passcode.something");
  98     // case insensitive search of "passcode" term
  99     verifyObfuscated("bar.CheckPassCode");
 100     verifyObfuscated("foo.something.secured");
 101     verifyObfuscated("bar.something.Secured");
 102     verifyObfuscated("sonar.auth.jwtBase64Hs256Secret");
 103
 104     verifyNotObfuscated("securedStuff");
 105     verifyNotObfuscated("foo");
 106   }
 107
 108   private void verifyObfuscated(String key) {
 109     settings.setProperty(key, "foo");
 110     ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
 111     assertThatAttributeIs(protobuf, key, "xxxxxxxx");
 112   }
 113
 114   private void verifyNotObfuscated(String key) {
 115     settings.setProperty(key, "foo");
 116     ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
 117     assertThatAttributeIs(protobuf, key, "foo");
 118   }
 119
 120   @Test
 121   public void test_monitor_name() {
 122     assertThat(underTest.toProtobuf().getName()).isEqualTo("Settings");
 123   }
 124 }