SONAR-13149 Add validation for URL in settings

author Mathieu Suen <mathieu.suen@sonarsource.com>

Tue, 24 Aug 2021 09:19:41 +0000 (11:19 +0200)

committer sonartech <sonartech@sonarsource.com>

Wed, 25 Aug 2021 20:03:16 +0000 (20:03 +0000)
author Mathieu Suen <mathieu.suen@sonarsource.com>
Tue, 24 Aug 2021 09:19:41 +0000 (11:19 +0200)
committer sonartech <sonartech@sonarsource.com>
Wed, 25 Aug 2021 20:03:16 +0000 (20:03 +0000)
diff --git a/server/sonar-web/src/main/js/apps/settings/store/__tests__/actions-test.ts b/server/sonar-web/src/main/js/apps/settings/store/__tests__/actions-test.ts

index 924aa9190a1d97c61f6063bee4c269710bbe50a3..9944b748fc9dd8c69c367d73b3065d9672bd865b 100644 (file)
--- a/server/sonar-web/src/main/js/apps/settings/store/__tests__/actions-test.ts
+++ b/server/sonar-web/src/main/js/apps/settings/store/__tests__/actions-test.ts
@@ -142,4 +142,25 @@ describe('checkValue', () => {
        key
      });
    });
+
+  it('should correctly identify URL', () => {
+    (getSettingsAppDefinition as jest.Mock).mockReturnValue({
+      key: 'sonar.core.serverBaseURL'
+    });
+
+    (getSettingsAppChangedValue as jest.Mock).mockReturnValue('http://test');
+    const key = 'sonar.core.serverBaseURL';
+    expect(checkValue(key)(dispatch, jest.fn())).toBe(true);
+    expect(dispatch).toBeCalledWith({
+      type: 'settingsPage/PASS_VALIDATION',
+      key
+    });
+
+    (getSettingsAppChangedValue as jest.Mock).mockReturnValue('not valid');
+    expect(checkValue(key)(dispatch, jest.fn())).toBe(false);
+    expect(dispatch).toBeCalledWith({
+      type: 'settingsPage/PASS_VALIDATION',
+      key
+    });
+  });
  });
diff --git a/server/sonar-web/src/main/js/apps/settings/store/actions.ts b/server/sonar-web/src/main/js/apps/settings/store/actions.ts

index 6bc80bb37e6f7e41ce03af5ff2c85a126f8ee604..ae7dc188a0005ca29fae1d77bcf14bdf79323cc2 100644 (file)
--- a/server/sonar-web/src/main/js/apps/settings/store/actions.ts
+++ b/server/sonar-web/src/main/js/apps/settings/store/actions.ts
@@ -24,7 +24,7 @@ import {
    resetSettingValue,
    setSettingValue
  } from '../../../api/settings';
-import { translate } from '../../../helpers/l10n';
+import { translate, translateWithParameters } from '../../../helpers/l10n';
  import { parseError } from '../../../helpers/request';
  import { closeAllGlobalMessages } from '../../../store/globalMessages';
  import {
@@ -32,6 +32,7 @@ import {
    getSettingsAppDefinition,
    Store
  } from '../../../store/rootReducer';
+import { SettingDefinition } from '../../../types/settings';
  import { isEmptyValue } from '../utils';
  import { receiveDefinitions } from './definitions';
  import {
@@ -43,6 +44,18 @@ import {
  } from './settingsPage';
  import { receiveValues } from './values';
  
+function isURLKind(definition: SettingDefinition) {
+  return [
+    'sonar.core.serverBaseURL',
+    'sonar.auth.github.apiUrl',
+    'sonar.auth.github.webUrl',
+    'sonar.auth.gitlab.url',
+    'sonar.lf.gravatarServerUrl',
+    'sonar.lf.logoUrl',
+    'sonar.auth.saml.loginUrl'
+  ].includes(definition.key);
+}
+
  export function fetchSettings(component?: string) {
    return (dispatch: Dispatch) => {
      return getDefinitions(component).then(definitions => {
@@ -75,11 +88,24 @@ export function checkValue(key: string) {
        return false;
      }
  
+    if (isURLKind(definition)) {
+      try {
+        // eslint-disable-next-line no-new
+        new URL(value);
+      } catch (e) {
+        dispatch(
+          failValidation(key, translateWithParameters('settings.state.url_not_valid', value))
+        );
+        return false;
+      }
+    }
+
      if (definition.type === 'JSON') {
        try {
          JSON.parse(value);
        } catch (e) {
          dispatch(failValidation(key, e.message));
+
          return false;
        }
      }
diff --git a/sonar-core/src/main/resources/org/sonar/l10n/core.properties b/sonar-core/src/main/resources/org/sonar/l10n/core.properties

index 6fe548ce23c15b9a10e171ef32735840ceb60691..ff56b8f48bba0b602548ed3ff9a9769031c7234d 100644 (file)
--- a/sonar-core/src/main/resources/org/sonar/l10n/core.properties
+++ b/sonar-core/src/main/resources/org/sonar/l10n/core.properties
@@ -1089,6 +1089,7 @@ settings.state.saved=Saved!
  settings.state.validation_failed=Validation failed. {0}
  settings.state.value_cant_be_empty=Provide a value or use "Reset" to set the value to the default one.
  settings.state.value_cant_be_empty_no_default=Provide a value.
+settings.state.url_not_valid={0} is not a valid URL
  settings._default=(default)
  settings.boolean.true=True
  settings.boolean.false=False
author	Mathieu Suen <mathieu.suen@sonarsource.com>
	Tue, 24 Aug 2021 09:19:41 +0000 (11:19 +0200)
committer	sonartech <sonartech@sonarsource.com>
	Wed, 25 Aug 2021 20:03:16 +0000 (20:03 +0000)
server/sonar-web/src/main/js/apps/settings/store/__tests__/actions-test.ts		patch \| blob \| history
server/sonar-web/src/main/js/apps/settings/store/actions.ts		patch \| blob \| history
sonar-core/src/main/resources/org/sonar/l10n/core.properties		patch \| blob \| history