From bafd855d4a9c1202fd94c245ebbded78b12c2d4e Mon Sep 17 00:00:00 2001 From: Jacek Date: Thu, 8 Apr 2021 13:27:44 +0200 Subject: [PATCH] SONAR-14606 Add WARN log when plugins consent not accepted --- .../server/plugins/PluginConsentVerifier.java | 18 ++++++++++++++++-- .../plugins/PluginConsentVerifierTest.java | 15 +++++++++------ 2 files changed, 25 insertions(+), 8 deletions(-) diff --git a/server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java b/server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java index 8bb031476d8..e677596b074 100644 --- a/server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java +++ b/server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java @@ -22,6 +22,8 @@ package org.sonar.server.plugins; import java.util.Optional; import org.picocontainer.Startable; +import org.sonar.api.utils.log.Logger; +import org.sonar.api.utils.log.Loggers; import org.sonar.core.extension.PluginRiskConsent; import org.sonar.db.DbClient; import org.sonar.db.DbSession; @@ -30,8 +32,11 @@ import org.sonar.db.property.PropertyDto; import static org.sonar.core.config.CorePropertyDefinitions.PLUGINS_RISK_CONSENT; import static org.sonar.core.extension.PluginRiskConsent.NOT_ACCEPTED; import static org.sonar.core.extension.PluginRiskConsent.REQUIRED; +import static org.sonar.server.log.ServerProcessLogging.STARTUP_LOGGER_NAME; public class PluginConsentVerifier implements Startable { + private static final Logger LOGGER = Loggers.get(STARTUP_LOGGER_NAME); + private final ServerPluginRepository pluginRepository; private final DbClient dbClient; @@ -47,12 +52,12 @@ public class PluginConsentVerifier implements Startable { PropertyDto property = Optional.ofNullable(dbClient.propertiesDao().selectGlobalProperty(session, PLUGINS_RISK_CONSENT)) .orElse(defaultPluginRiskConsentProperty()); if (hasExternalPlugins && NOT_ACCEPTED == PluginRiskConsent.valueOf(property.getValue())) { + addWarningInSonarDotLog(); property.setValue(REQUIRED.name()); dbClient.propertiesDao().saveProperty(session, property); session.commit(); } else if (!hasExternalPlugins && REQUIRED == PluginRiskConsent.valueOf(property.getValue())) { - property.setValue(NOT_ACCEPTED.name()); - dbClient.propertiesDao().saveProperty(session, property); + dbClient.propertiesDao().deleteGlobalProperty(PLUGINS_RISK_CONSENT, session); session.commit(); } } @@ -65,6 +70,15 @@ public class PluginConsentVerifier implements Startable { return property; } + private static void addWarningInSonarDotLog() { + String highlighter = "####################################################################################################################"; + String msg = "Plugin(s) detected. The risk associated with installing plugins has not been accepted. The SonarQube admin needs to log in and accept the risk."; + + LOGGER.warn(highlighter); + LOGGER.warn(msg); + LOGGER.warn(highlighter); + } + @Override public void stop() { // Nothing to do diff --git a/server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java b/server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java index e77d71e7936..15d8dcaf324 100644 --- a/server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java +++ b/server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java @@ -22,6 +22,8 @@ package org.sonar.server.plugins; import org.junit.Rule; import org.junit.Test; import org.sonar.api.utils.System2; +import org.sonar.api.utils.log.LogTester; +import org.sonar.api.utils.log.LoggerLevel; import org.sonar.core.extension.PluginRiskConsent; import org.sonar.db.DbClient; import org.sonar.db.DbTester; @@ -41,10 +43,12 @@ import static org.sonar.server.plugins.PluginType.EXTERNAL; public class PluginConsentVerifierTest { @Rule public DbTester db = DbTester.create(System2.INSTANCE); + @Rule + public LogTester logTester = new LogTester(); - private DbClient dbClient = db.getDbClient(); - private ServerPluginRepository pluginRepository = mock(ServerPluginRepository.class); - private PluginConsentVerifier underTest = new PluginConsentVerifier(pluginRepository, dbClient); + private final DbClient dbClient = db.getDbClient(); + private final ServerPluginRepository pluginRepository = mock(ServerPluginRepository.class); + private final PluginConsentVerifier underTest = new PluginConsentVerifier(pluginRepository, dbClient); @Test public void require_consent_when_exist_external_plugins_and_not_accepted() { @@ -64,6 +68,7 @@ public class PluginConsentVerifierTest { underTest.start(); + assertThat(logTester.logs(LoggerLevel.WARN)).contains("Plugin(s) detected. The risk associated with installing plugins has not been accepted. The SonarQube admin needs to log in and accept the risk."); assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) .extracting(PropertyDto::getValue) .isEqualTo(REQUIRED.name()); @@ -100,9 +105,7 @@ public class PluginConsentVerifierTest { underTest.start(); - assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) - .extracting(PropertyDto::getValue) - .isEqualTo(NOT_ACCEPTED.name()); + assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)).isNull(); } @Test -- 2.39.5