From: Lukasz Jarocki Date: Thu, 16 Sep 2021 11:23:43 +0000 (+0200) Subject: SONAR-15338 setSecuredSettings added to the api/settings/values endpoint X-Git-Tag: 9.1.0.47736~8 X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=f790e5fd2320688ed331ab3f428f89f3ab3042e8;p=sonarqube.git SONAR-15338 setSecuredSettings added to the api/settings/values endpoint --- diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/ValuesAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/ValuesAction.java index 84f491d1742..2c732d910f5 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/ValuesAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/ValuesAction.java @@ -95,11 +95,12 @@ public class ValuesAction implements SettingsWsAction { .setDescription("List settings values.
" + "If no value has been set for a setting, then the default value is returned.
" + "The settings from conf/sonar.properties are excluded from results.
" + - "Requires 'Browse' or 'Execute Analysis' permission when a component is specified.
") + "Requires 'Browse' or 'Execute Analysis' permission when a component is specified.
" + + "Secured settings are not returned by the endpoint.
") .setResponseExample(getClass().getResource("values-example.json")) .setSince("6.3") .setChangelog( - new Change("9.1", "The value of secured settings are no longer returned"), + new Change("9.1", "The secured settings are no longer returned."), new Change("7.6", String.format("The use of module keys in parameter '%s' is deprecated", PARAM_COMPONENT)), new Change("7.1", "The settings from conf/sonar.properties are excluded from results.")) .setHandler(this); @@ -249,6 +250,12 @@ public class ValuesAction implements SettingsWsAction { private void processSettings() { settings.forEach(setting -> { + if (isSecured(setting.getKey())) { + if (!setting.isDefault()) { + valuesWsBuilder.addSetSecuredSettings(setting.getKey()); + } + return; + } Settings.Setting.Builder valueBuilder = getOrCreateValueBuilder(keysToDisplayMap.get(setting.getKey())); setInherited(setting, valueBuilder); setValue(setting, valueBuilder); @@ -269,9 +276,6 @@ public class ValuesAction implements SettingsWsAction { } private void setValue(Setting setting, Settings.Setting.Builder valueBuilder) { - if (isSecured(setting.getKey())) { - return; - } PropertyDefinition definition = setting.getDefinition(); String value = setting.getValue(); if (definition == null) { diff --git a/server/sonar-webserver-webapi/src/main/resources/org/sonar/server/setting/ws/values-example.json b/server/sonar-webserver-webapi/src/main/resources/org/sonar/server/setting/ws/values-example.json index f6c39e5a6dc..8c063c67d1c 100644 --- a/server/sonar-webserver-webapi/src/main/resources/org/sonar/server/setting/ws/values-example.json +++ b/server/sonar-webserver-webapi/src/main/resources/org/sonar/server/setting/ws/values-example.json @@ -28,5 +28,8 @@ ], "inherited": false } + ], + "setSecuredSettings": [ + "email.smtp_port.secured" ] } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java index 7bf27b1ae0b..fafc5b77b31 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/ValuesActionTest.java @@ -543,7 +543,8 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForGlobalProperties(); - assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo", "secret.secured"); + assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo"); + assertThat(result.getSetSecuredSettingsList()).containsOnly("secret.secured"); } @Test @@ -563,7 +564,8 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForProjectProperties(); - assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo", "global.secret.secured", "secret.secured"); + assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo"); + assertThat(result.getSetSecuredSettingsList()).contains("global.secret.secured", "secret.secured"); } @Test @@ -576,7 +578,7 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForProjectProperties("not-defined.secured"); - assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("not-defined.secured"); + assertThat(result.getSetSecuredSettingsList()).containsOnly("not-defined.secured"); } @Test @@ -591,7 +593,8 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForGlobalProperties(); - assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo", "secret.secured"); + assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo"); + assertThat(result.getSetSecuredSettingsList()).containsOnly("secret.secured"); } @Test @@ -610,8 +613,9 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForProjectProperties(); List settingsList = result.getSettingsList().stream().sorted(comparing(Settings.Setting::getKey)).collect(Collectors.toList()); - assertThat(settingsList).extracting(Settings.Setting::getKey).containsExactly("foo", "global.secret.secured", "secret.secured"); - assertThat(settingsList).extracting(Settings.Setting::hasValue).containsExactly(true, false, false); + assertThat(settingsList).extracting(Settings.Setting::getKey).containsExactly("foo"); + assertThat(settingsList).extracting(Settings.Setting::hasValue).containsExactly(true); + assertThat(result.getSetSecuredSettingsList()).containsOnly("global.secret.secured", "secret.secured"); } @Test @@ -622,7 +626,8 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForProjectProperties("not-defined.secured"); - assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("not-defined.secured"); + assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).isEmpty(); + assertThat(result.getSetSecuredSettingsList()).containsOnly("not-defined.secured"); } @Test @@ -654,7 +659,8 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForGlobalProperties(); - assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo", "secret.secured"); + assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo"); + assertThat(result.getSetSecuredSettingsList()).containsOnly("secret.secured"); } @Test @@ -669,7 +675,8 @@ public class ValuesActionTest { ValuesWsResponse result = executeRequestForProjectProperties(); - assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo", "secret.secured"); + assertThat(result.getSettingsList()).extracting(Settings.Setting::getKey).containsOnly("foo"); + assertThat(result.getSetSecuredSettingsList()).containsOnly("secret.secured"); } @Test @@ -738,7 +745,7 @@ public class ValuesActionTest { @Test public void test_example_json_response() { - logIn(); + logInAsAdmin(); definitions.addComponent(PropertyDefinition .builder("sonar.test.jira") .defaultValue("abc") @@ -757,8 +764,15 @@ public class ValuesActionTest { .build()); propertyDb.insertPropertySet("sonar.demo", null, ImmutableMap.of("text", "foo", "boolean", "true"), ImmutableMap.of("text", "bar", "boolean", "false")); + definitions.addComponent(PropertyDefinition + .builder("email.smtp_port.secured") + .defaultValue("25") + .build()); + propertyDb.insertProperties(null, null, null, null, + newGlobalPropertyDto().setKey("email.smtp_port.secured").setValue("25")); + String result = newTester().newRequest() - .setParam("keys", "sonar.test.jira,sonar.autogenerated,sonar.demo") + .setParam("keys", "sonar.test.jira,sonar.autogenerated,sonar.demo,email.smtp_port.secured") .setMediaType(JSON) .execute() .getInput(); @@ -824,21 +838,18 @@ public class ValuesActionTest { userSession.logIn() .addPermission(GlobalPermission.SCAN); response = executeRequest(tester, null, securedDef.key(), standardDef.key()); - assertThat(response.getSettingsList()).extracting(Settings.Setting::getKey).containsExactly("my.password.secured", "my.property"); - assertThat(response.getSettingsList()).extracting(Settings.Setting::hasValue).containsExactly(false, true); + assertThat(response.getSetSecuredSettingsList()).contains("my.password.secured"); // global administrator userSession.logIn() .addPermission(GlobalPermission.ADMINISTER); response = executeRequest(tester, null, securedDef.key(), standardDef.key()); - assertThat(response.getSettingsList()).extracting(Settings.Setting::getKey).containsExactly("my.password.secured", "my.property"); - assertThat(response.getSettingsList()).extracting(Settings.Setting::hasValue).containsExactly(false, true); + assertThat(response.getSetSecuredSettingsList()).contains("my.password.secured"); // system administrator userSession.logIn().setSystemAdministrator(); response = executeRequest(tester, null, securedDef.key(), standardDef.key()); - assertThat(response.getSettingsList()).extracting(Settings.Setting::getKey).containsExactly("my.password.secured", "my.property"); - assertThat(response.getSettingsList()).extracting(Settings.Setting::hasValue).containsExactly(false, true); + assertThat(response.getSetSecuredSettingsList()).contains("my.password.secured"); } private ValuesWsResponse executeRequestForComponentProperties(ComponentDto componentDto, String... keys) { diff --git a/sonar-ws/src/main/protobuf/ws-settings.proto b/sonar-ws/src/main/protobuf/ws-settings.proto index 69e8f6d93d9..cbaebbb4a72 100644 --- a/sonar-ws/src/main/protobuf/ws-settings.proto +++ b/sonar-ws/src/main/protobuf/ws-settings.proto @@ -87,6 +87,7 @@ enum Type { // Response of GET api/settings/values message ValuesWsResponse { repeated Setting settings = 1; + repeated string setSecuredSettings = 2; } message Setting {