- /*
+/*
* SonarQube
* Copyright (C) 2009-2016 SonarSource SA
* mailto:contact AT sonarsource DOT com
import com.google.common.collect.Maps;
import com.sonar.orchestrator.Orchestrator;
import java.util.Map;
-import java.util.Objects;
import javax.annotation.CheckForNull;
import org.apache.commons.lang.RandomStringUtils;
import org.junit.After;
import org.sonar.wsclient.Host;
import org.sonar.wsclient.Sonar;
import org.sonar.wsclient.base.HttpException;
-import org.sonar.wsclient.connectors.ConnectionException;
import org.sonar.wsclient.connectors.HttpClient4Connector;
import org.sonar.wsclient.services.AuthenticationQuery;
-import org.sonar.wsclient.services.UserPropertyCreateQuery;
-import org.sonar.wsclient.services.UserPropertyQuery;
import org.sonar.wsclient.user.UserParameters;
import org.sonarqube.ws.client.GetRequest;
import org.sonarqube.ws.client.HttpConnector;
* Property from security-plugin for user management.
*/
private static final String USERS_PROPERTY = "sonar.fakeauthenticator.users";
- private static String AUTHORIZED = "authorized";
- private static String NOT_AUTHORIZED = "not authorized";
@ClassRule
public static final Orchestrator orchestrator = Orchestrator.builderEnv()
users.put(username + ".groups", "sonar-user");
updateUsersInExtAuth(users);
// Then
- assertThat(loginAttempt(username, password)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsOk(username, password);
+
// with external details and groups
runSelenese(orchestrator, "/user/ExternalAuthenticationTest/external-user-details.html");
users.put(username + ".groups", "sonar-user");
updateUsersInExtAuth(users);
// Then
- assertThat(loginAttempt(username, password)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsOk(username, password);
+
// with external details and groups
// TODO replace by WS ? Or with new Selenese utils
runSelenese(orchestrator, "/user/ExternalAuthenticationTest/external-user-details.html");
users.put(username + ".email", "tester2@example.org");
updateUsersInExtAuth(users);
// Then
- assertThat(loginAttempt(username, password)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsOk(username, password);
+
// with external details and groups updated
runSelenese(orchestrator, "/user/ExternalAuthenticationTest/external-user-details2.html");
}
users.put(login + ".password", password);
updateUsersInExtAuth(users);
// Then
- assertThat(loginAttempt(login, password)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsOk(login, password);
+
// When external system does not work
users.remove(login + ".password");
updateUsersInExtAuth(users);
// Then
- assertThat(loginAttempt(login, password)).isEqualTo(NOT_AUTHORIZED);
+ verifyAuthenticationIsNotOk(login, password);
}
/**
updateUsersInExtAuth(users);
// Then this is local DB that should be used
- assertThat(loginAttempt(login, remotePassword)).isEqualTo(NOT_AUTHORIZED);
- assertThat(loginAttempt(login, localPassword)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsNotOk(login, remotePassword);
+ verifyAuthenticationIsOk(login, localPassword);
}
/**
// When user not exists in external system
// Then
- assertThat(loginAttempt(username, password)).isEqualTo(NOT_AUTHORIZED);
+ verifyAuthenticationIsNotOk(username, password);
// When user created in external system
users.put(username + ".password", password);
updateUsersInExtAuth(users);
// Then
- assertThat(loginAttempt(username, password)).isEqualTo(AUTHORIZED);
- assertThat(loginAttempt(username, "wrong")).isEqualTo(NOT_AUTHORIZED);
+ verifyAuthenticationIsOk(username, password);
+ verifyAuthenticationIsNotOk(username, "wrong");
}
/**
// When user not exists in external system
// Then
- assertThat(loginAttempt(username, password)).isEqualTo(NOT_AUTHORIZED);
+ verifyAuthenticationIsNotOk(username, password);
// When user created in external system
users.put(username + ".password", password);
updateUsersInExtAuth(users);
// Then
- assertThat(loginAttempt(username, password)).isEqualTo(NOT_AUTHORIZED);
+ verifyAuthenticationIsNotOk(username, password);
}
// SONAR-3258
users.put(login + ".password", password);
updateUsersInExtAuth(users);
// check that the deleted/deactivated user "tester" has been reactivated and can now log in
- assertThat(loginAttempt(login, password)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsOk(login, password);
}
/**
public void update_password_of_technical_user() throws Exception {
// Create user in external authentication
updateUsersInExtAuth(ImmutableMap.of(USER_LOGIN + ".password", USER_LOGIN));
- assertThat(loginAttempt(USER_LOGIN, USER_LOGIN)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsOk(USER_LOGIN, USER_LOGIN);
// Create technical user in db
createUserInDb(TECH_USER, "old_password");
users.put(login + ".password", password);
updateUsersInExtAuth(users);
- assertThat(checkAuthenticationWithWebService(login, password).code()).isEqualTo(HTTP_OK);
- assertThat(checkAuthenticationWithWebService("wrong", password).code()).isEqualTo(HTTP_UNAUTHORIZED);
- assertThat(checkAuthenticationWithWebService(login, "wrong").code()).isEqualTo(HTTP_UNAUTHORIZED);
- assertThat(checkAuthenticationWithWebService(login, null).code()).isEqualTo(HTTP_UNAUTHORIZED);
- assertThat(checkAuthenticationWithWebService(null, null).code()).isEqualTo(HTTP_OK);
+ verifyAuthenticationIsOk(login, password);
+ verifyAuthenticationIsNotOk("wrong", password);
+ verifyAuthenticationIsNotOk(login, "wrong");
+ verifyAuthenticationIsNotOk(login, null);
+ verifyAuthenticationIsOk(null, null);
setServerProperty(orchestrator, "sonar.forceAuthentication", "true");
- assertThat(checkAuthenticationWithWebService(login, password).code()).isEqualTo(HTTP_OK);
- assertThat(checkAuthenticationWithWebService("wrong", password).code()).isEqualTo(HTTP_UNAUTHORIZED);
- assertThat(checkAuthenticationWithWebService(login, "wrong").code()).isEqualTo(HTTP_UNAUTHORIZED);
- assertThat(checkAuthenticationWithWebService(login, null).code()).isEqualTo(HTTP_UNAUTHORIZED);
- assertThat(checkAuthenticationWithWebService(null, null).code()).isEqualTo(HTTP_UNAUTHORIZED);
+ verifyAuthenticationIsOk(login, password);
+ verifyAuthenticationIsNotOk("wrong", password);
+ verifyAuthenticationIsNotOk(login, "wrong");
+ verifyAuthenticationIsNotOk(login, null);
+ verifyAuthenticationIsNotOk(null, null);
}
@Test
String password = "1234567";
updateUsersInExtAuth(ImmutableMap.of(username + ".password", password));
- assertThat(loginAttempt(username, password)).isEqualTo(AUTHORIZED);
+ verifyAuthenticationIsOk(username, password);
+ ;
}
protected void verifyHttpException(Exception e, int expectedCode) {
return createWsClient(login, password).find(new AuthenticationQuery()).isValid();
}
- /**
- * Utility method to check that user can be authorized.
- *
- * @throws IllegalStateException
- */
- private String loginAttempt(String username, String password) {
- String expectedValue = Long.toString(System.currentTimeMillis());
- Sonar wsClient = createWsClient(username, password);
- try {
- wsClient.create(new UserPropertyCreateQuery("auth", expectedValue));
- } catch (ConnectionException e) {
- return NOT_AUTHORIZED;
- }
- try {
- String value = wsClient.find(new UserPropertyQuery("auth")).getValue();
- if (!Objects.equals(value, expectedValue)) {
- // exceptional case - update+retrieval were successful, but value doesn't match
- throw new IllegalStateException("Expected " + expectedValue + " , but got " + value);
- }
- } catch (ConnectionException e) {
- // exceptional case - update was successful, but not retrieval
- throw new IllegalStateException(e);
- }
- return AUTHORIZED;
- }
-
/**
* Updates information about users in security-plugin.
*/
return sb.toString();
}
+ private void verifyAuthenticationIsOk(String login, String password) {
+ assertThat(checkAuthenticationWithWebService(login, password).code()).isEqualTo(HTTP_OK);
+ }
+
+ private void verifyAuthenticationIsNotOk(String login, String password) {
+ assertThat(checkAuthenticationWithWebService(login, password).code()).isEqualTo(HTTP_UNAUTHORIZED);
+ }
+
private WsResponse checkAuthenticationWithWebService(String login, String password) {
WsClient wsClient = WsClientFactories.getDefault().newClient(HttpConnector.newBuilder().url(orchestrator.getServer().getUrl()).credentials(login, password).build());
// Call any WS
+++ /dev/null
-#
-# SonarQube, open source software quality management tool.
-# Copyright (C) 2008-2016 SonarSource
-# mailto:contact AT sonarsource DOT com
-#
-# SonarQube is free software; you can redistribute it and/or
-# modify it under the terms of the GNU Lesser General Public
-# License as published by the Free Software Foundation; either
-# version 3 of the License, or (at your option) any later version.
-#
-# SonarQube is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
-# Lesser General Public License for more details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with this program; if not, write to the Free Software Foundation,
-# Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
-#
-
-require 'json'
-
-class Api::UserPropertiesController < Api::ApiController
-
- before_filter :login_required
-
-
- #
- # GET /api/user_properties
- # curl http://localhost:9000/api/user_properties -v -u admin:admin
- #
- def index
- properties = current_user.properties
- respond_to do |format|
- format.json { render :json => jsonp(properties_to_json(properties)) }
- format.xml { render :xml => properties_to_xml(properties) }
- format.text { render :text => text_not_supported }
- end
- end
-
- #
- # GET /api/user_properties/<key>
- # curl http://localhost:9000/api/user_properties/<key> -v -u admin:admin
- #
- def show
- property = Property.by_key(params[:id], nil, current_user.id)
- if property
- respond_to do |format|
- format.json { render :json => jsonp(properties_to_json([property])) }
- format.xml { render :xml => properties_to_xml([property]) }
- format.text { render :text => text_not_supported }
- end
- else
- render_error('Not found', 404)
- end
- end
-
-
- #
- # POST /api/user_properties?key=<key>&value=<value>
- # curl -d "key=foo&value=bar" http://localhost:9000/api/user_properties -v -u admin:admin
- #
- def create
- key = params[:key]
- value = params[:value]
- if key
- begin
- property=Property.set(key, value, nil, current_user.id)
- respond_to do |format|
- format.json { render :json => jsonp(properties_to_json([property])) }
- format.xml { render :xml => properties_to_xml([property]) }
- format.text { render :text => text_not_supported }
- end
-
- rescue Exception => e
- render_error(e.message, 500)
- end
- else
- render_error('Bad request: missing key', 400)
- end
- end
-
- #
- # DELETE /api/user_properties/<key>
- # curl -X DELETE http://localhost:9000/api/user_properties/<key> -v -u admin:admin
- #
- def destroy
- begin
- if params[:id]
- Api::Utils.java_facade.saveProperty(params[:id], nil, current_user.id, nil)
- end
- render_success("Property deleted")
- rescue Exception => e
- logger.error("Fails to execute #{request.url} : #{e.message}")
- render_error(e.message)
- end
- end
-
- private
-
- def properties_to_json(properties=[])
- json=[]
- properties.each do |p|
- json<<p.to_hash_json
- end
- json
- end
-
- def properties_to_xml(properties, xml=Builder::XmlMarkup.new(:indent => 0))
- xml.properties do
- properties.each do |p|
- p.to_xml(xml)
- end
- end
- end
-
-end
projects / sonarqube.git / commitdiff