SONAR-21882 Fix SSF-570

server/sonar-web/src/main/js/apps/settings/components/almIntegration/AzureForm.tsx

@@ -56,6 +56,9 @@ export default function AzureForm(props: AzureFormProps) {
             {translate('settings.almintegration.form.url.azure.help2')}
             <br />
             <em>https://dev.azure.com/your_organization</em>
+            <br />
+            <br />
+            {translate('settings.almintegration.form.url.pat_warning')}
           </>
         }
         id="url.azure"

server/sonar-webserver-webapi/src/it/java/org/sonar/server/almsettings/ws/UpdateAzureActionIT.java

@@ -31,6 +31,7 @@ import org.sonar.server.component.ComponentFinder;
 import org.sonar.server.exceptions.ForbiddenException;
 import org.sonar.server.exceptions.NotFoundException;
 import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.ws.TestRequest;
 import org.sonar.server.ws.WsActionTester;
 
 import static java.lang.String.format;
@@ -90,7 +91,7 @@ public class UpdateAzureActionIT {
   }
 
   @Test
-  public void update_without_pat() {
+  public void update_with_url_change_needs_pat() {
     UserDto user = db.users().insertUser();
     userSession.logIn(user).setSystemAdministrator();
 
@@ -99,10 +100,28 @@ public class UpdateAzureActionIT {
     ws.newRequest()
       .setParam("key", almSettingDto.getKey())
       .setParam("url", AZURE_URL)
+      .setParam("personalAccessToken", "0123456789")
       .execute();
+
     assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
       .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, s -> s.getDecryptedPersonalAccessToken(encryption))
-      .containsOnly(tuple(almSettingDto.getKey(), AZURE_URL, almSettingDto.getDecryptedPersonalAccessToken(encryption)));
+      .containsOnly(tuple(almSettingDto.getKey(), AZURE_URL, "0123456789"));
+  }
+
+  @Test
+  public void fail_when_update_url_without_pat() {
+    UserDto user = db.users().insertUser();
+    userSession.logIn(user).setSystemAdministrator();
+
+    AlmSettingDto almSettingDto = db.almSettings().insertAzureAlmSetting();
+
+    TestRequest request = ws.newRequest()
+      .setParam("key", almSettingDto.getKey())
+      .setParam("url", AZURE_URL);
+
+    assertThatThrownBy(() -> request.execute())
+      .isInstanceOf(IllegalArgumentException.class)
+      .hasMessage("Please provide the Personal Access Token to update the URL.");
   }
 
   @Test

server/sonar-webserver-webapi/src/it/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionIT.java

@@ -105,7 +105,7 @@ public class UpdateBitbucketActionIT {
   }
 
   @Test
-  public void update_with_url_change_needs_path() {
+  public void update_with_url_change_needs_pat() {
     UserDto user = db.users().insertUser();
     userSession.logIn(user).setSystemAdministrator();
 

server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateAzureAction.java

@@ -95,6 +95,8 @@ public class UpdateAzureAction implements AlmSettingsWsAction {
         almSettingsSupport.checkAlmSettingDoesNotAlreadyExist(dbSession, newKey);
       }
 
+      almSettingsSupport.checkPatOnUrlUpdate(almSettingDto, url, pat);
+
       if (isNotBlank(pat)) {
         almSettingDto.setPersonalAccessToken(pat);
       }

server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java

@@ -85,6 +85,7 @@ public class UpdateBitbucketAction implements AlmSettingsWsAction {
   private void doHandle(Request request) {
     String key = request.mandatoryParam(PARAM_KEY);
     String newKey = request.param(PARAM_NEW_KEY);
+    String url = request.mandatoryParam(PARAM_URL);
     String pat = request.param(PARAM_PERSONAL_ACCESS_TOKEN);
 
     try (DbSession dbSession = dbClient.openSession(false)) {
@@ -93,7 +94,6 @@ public class UpdateBitbucketAction implements AlmSettingsWsAction {
         almSettingsSupport.checkAlmSettingDoesNotAlreadyExist(dbSession, newKey);
       }
 
-      String url = request.mandatoryParam(PARAM_URL);
       almSettingsSupport.checkPatOnUrlUpdate(almSettingDto, url, pat);
 
       if (isNotBlank(pat)) {