SONAR-6226 Remove password when updating user

diff --git a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java
index a876b088ad34e030523583958cfdbe2f248f0bc6..9c3f11427e4b442d453b9a4a509b9cfdd36461fb 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserIdentityAuthenticator.java
@@ -56,7 +56,8 @@ public class UserIdentityAuthenticator {
         userUpdater.update(dbSession, UpdateUser.create(userDto.getLogin())
           .setEmail(user.getEmail())
           .setName(user.getName())
-          .setExternalIdentity(new ExternalIdentity(provider.getKey(), user.getProviderLogin())));
+          .setExternalIdentity(new ExternalIdentity(provider.getKey(), user.getProviderLogin()))
+          .setPassword(null));
         return userDto.getId();
       }
 

diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UpdateUser.java b/server/sonar-server/src/main/java/org/sonar/server/user/UpdateUser.java
index d0c2e2c3841dfe9f761b1eed43986247670771fd..d90137d60b1384180590c96cf4ae7b92423bcdfc 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UpdateUser.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UpdateUser.java
@@ -96,17 +96,6 @@ public class UpdateUser {
     return this;
   }
 
-  @CheckForNull
-  public String passwordConfirmation() {
-    return passwordConfirmation;
-  }
-
-  public UpdateUser setPasswordConfirmation(@Nullable String passwordConfirmation) {
-    this.passwordConfirmation = passwordConfirmation;
-    passwordChanged = true;
-    return this;
-  }
-
   @CheckForNull
   public ExternalIdentity externalIdentity() {
     return externalIdentity;

diff --git a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
index ad4324642533469647092c99218385da251a8e77..320baa05c1628e8e14fb9c2edb71fb0560b91792 100644 (file)
--- a/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/user/UserUpdater.java
@@ -232,9 +232,14 @@ public class UserUpdater {
 
     String password = updateUser.password();
     if (updateUser.isPasswordChanged()) {
-      checkPasswordChangeAllowed(updateUser.login(), messages);
       validatePasswords(password, messages);
-      setEncryptedPassWord(password, userDto);
+      checkPasswordChangeAllowed(updateUser.login(), messages);
+      if (Strings.isNullOrEmpty(password)) {
+        userDto.setSalt(null);
+        userDto.setCryptedPassword(null);
+      } else {
+        setEncryptedPassWord(password, userDto);
+      }
     }
 
     if (updateUser.isScmAccountsChanged()) {
@@ -304,7 +309,9 @@ public class UserUpdater {
   }
 
   private static void validatePasswords(@Nullable String password, List<Message> messages) {
-    checkNotEmptyParam(password, PASSWORD_PARAM, messages);
+    if (password != null && password.length() == 0) {
+      messages.add(Message.of(Validation.CANT_BE_EMPTY_MESSAGE, PASSWORD_PARAM));
+    }
   }
 
   private void validateScmAccounts(DbSession dbSession, List<String> scmAccounts, @Nullable String login, @Nullable String email, @Nullable UserDto existingUser,

diff --git a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java
index 7a826681dd77084a4ca351536e1eabd842c0285e..6b32b960b162e7c298661de20ff7f8b3f0fd3d7f 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserIdentityAuthenticatorTest.java
@@ -109,6 +109,8 @@ public class UserIdentityAuthenticatorTest {
     assertThat(updateUser.email()).isEqualTo("john@email.com");
     assertThat(updateUser.externalIdentity().getProvider()).isEqualTo("github");
     assertThat(updateUser.externalIdentity().getId()).isEqualTo("johndoo");
+    assertThat(updateUser.isPasswordChanged()).isTrue();
+    assertThat(updateUser.password()).isNull();
   }
 
   @Test

diff --git a/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java b/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java
index d5c915a48c581ea6e0c79fad98047bd1cfe2d4a4..585a72e5a275eb747bc122f4d1df061b6dd66c26 100644 (file)
--- a/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/user/UserUpdaterTest.java
@@ -803,6 +803,21 @@ public class UserUpdaterTest {
     assertThat(dto.getEmail()).isEqualTo("marius@lesbronzes.fr");
   }
 
+  @Test
+  public void update_password_with_null_value() {
+    db.prepareDbUnit(getClass(), "update_user.xml");
+    createDefaultGroup();
+
+    userUpdater.update(UpdateUser.create(DEFAULT_LOGIN)
+      .setPassword(null));
+    session.commit();
+    session.clearCache();
+
+    UserDto dto = userDao.selectByLogin(session, DEFAULT_LOGIN);
+    assertThat(dto.getSalt()).isNull();
+    assertThat(dto.getCryptedPassword()).isNull();
+  }
+
   @Test
   public void fail_to_update_password_when_external_auth_is_used() {
     db.prepareDbUnit(getClass(), "update_user.xml");