}
@Test
- public void update_without_private_key_nor_client_secret() {
+ public void update_without_client_secret() {
buildTestRequestWithoutSecrets().execute();
assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
.extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, AlmSettingDto::getAppId,
s -> s.getDecryptedPrivateKey(encryption), AlmSettingDto::getClientId, s -> s.getDecryptedClientSecret(encryption))
.containsOnly(tuple(almSettingDto.getKey(), "https://github.enterprise-unicorn.com", "54321",
- almSettingDto.getDecryptedPrivateKey(encryption), "client_1234", almSettingDto.getDecryptedClientSecret(encryption)));
+ "10987654321", "client_1234", almSettingDto.getDecryptedClientSecret(encryption)));
}
.setParam("key", almSettingDto.getKey())
.setParam("url", "https://github.enterprise-unicorn.com/")
.setParam("appId", "54321")
- .setParam("clientId", "client_1234");
+ .setParam("clientId", "client_1234")
+ .setParam("privateKey", "10987654321");
}
@Test
.hasMessageContaining(format("An DevOps Platform setting with key '%s' already exists", almSetting2.getKey()));
}
+ @Test
+ public void update_without_url_changes_does_not_need_private_key() {
+ TestRequest request = ws.newRequest()
+ .setParam("key", almSettingDto.getKey())
+ .setParam("url", almSettingDto.getUrl())
+ .setParam("appId", "54321")
+ .setParam("clientId", "client_1234");
+
+ request.execute();
+
+ assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
+ .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, AlmSettingDto::getAppId, AlmSettingDto::getClientId)
+ .containsOnly(tuple(almSettingDto.getKey(), almSettingDto.getUrl(), "54321", "client_1234"));
+ }
+
+ @Test
+ public void fail_when_url_updated_without_private_key() {
+ TestRequest request = ws.newRequest()
+ .setParam("key", almSettingDto.getKey())
+ .setParam("url", "https://github.enterprise-unicorn.com")
+ .setParam("appId", "54321")
+ .setParam("clientId", "client_1234");
+
+ assertThatThrownBy(request::execute)
+ .isInstanceOf(IllegalArgumentException.class)
+ .hasMessageContaining("Please provide the Private Key to update the URL.");
+ }
+
@Test
public void fail_when_missing_administer_system_permission() {
UserDto user = db.users().insertUser();
public static Object[][] secretParams() {
return new Object[][] {
{"webhookSecret"},
- {"clientSecret"},
- {"privateKey"}
+ {"clientSecret"}
};
}
package org.sonar.server.almsettings.ws;
import java.util.regex.Pattern;
+import javax.annotation.Nullable;
import org.sonar.api.server.ServerSide;
import org.sonar.db.DbClient;
import org.sonar.db.DbSession;
import org.sonarqube.ws.AlmSettings;
import static java.lang.String.format;
+import static org.apache.commons.lang.StringUtils.isEmpty;
import static org.sonar.api.web.UserRole.ADMIN;
@ServerSide
throw new IllegalStateException(format("Unknown DevOps Platform '%s'", alm.name()));
}
}
+
+ public void checkPrivateKeyOnUrlUpdate(AlmSettingDto almSettingDto, String url, @Nullable String privateKey) {
+ if (!url.equals(almSettingDto.getUrl()) && isEmpty(privateKey)) {
+ throw new IllegalArgumentException("Please provide the Private Key to update the URL.");
+ }
+ }
}
private void doHandle(Request request, DbSession dbSession) {
String key = request.mandatoryParam(PARAM_KEY);
String newKey = request.param(PARAM_NEW_KEY);
+
if (isNotBlank(newKey) && !newKey.equals(key)) {
almSettingsSupport.checkAlmSettingDoesNotAlreadyExist(dbSession, newKey);
}
AlmSettingDto almSettingDto = almSettingsSupport.getAlmSetting(dbSession, key);
-
+ String url = request.mandatoryParam(PARAM_URL);
String privateKey = request.param(PARAM_PRIVATE_KEY);
+
+ almSettingsSupport.checkPrivateKeyOnUrlUpdate(almSettingDto, url, privateKey);
+
if (isNotBlank(privateKey)) {
almSettingDto.setPrivateKey(privateKey);
}
projects / sonarqube.git / commitdiff