Jacek
3 years ago
2 changed files with 25 additions and 8 deletions
+ 16
- 2
server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java
View File
| @@ -22,6 +22,8 @@ package org.sonar.server.plugins; | |||
| import java.util.Optional; | |||
| import org.picocontainer.Startable; | |||
| import org.sonar.api.utils.log.Logger; | |||
| import org.sonar.api.utils.log.Loggers; | |||
| import org.sonar.core.extension.PluginRiskConsent; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbSession; | |||
| @@ -30,8 +32,11 @@ import org.sonar.db.property.PropertyDto; | |||
| import static org.sonar.core.config.CorePropertyDefinitions.PLUGINS_RISK_CONSENT; | |||
| import static org.sonar.core.extension.PluginRiskConsent.NOT_ACCEPTED; | |||
| import static org.sonar.core.extension.PluginRiskConsent.REQUIRED; | |||
| import static org.sonar.server.log.ServerProcessLogging.STARTUP_LOGGER_NAME; | |||
| public class PluginConsentVerifier implements Startable { | |||
| private static final Logger LOGGER = Loggers.get(STARTUP_LOGGER_NAME); | |||
| private final ServerPluginRepository pluginRepository; | |||
| private final DbClient dbClient; | |||
| @@ -47,12 +52,12 @@ public class PluginConsentVerifier implements Startable { | |||
| PropertyDto property = Optional.ofNullable(dbClient.propertiesDao().selectGlobalProperty(session, PLUGINS_RISK_CONSENT)) | |||
| .orElse(defaultPluginRiskConsentProperty()); | |||
| if (hasExternalPlugins && NOT_ACCEPTED == PluginRiskConsent.valueOf(property.getValue())) { | |||
| addWarningInSonarDotLog(); | |||
| property.setValue(REQUIRED.name()); | |||
| dbClient.propertiesDao().saveProperty(session, property); | |||
| session.commit(); | |||
| } else if (!hasExternalPlugins && REQUIRED == PluginRiskConsent.valueOf(property.getValue())) { | |||
| property.setValue(NOT_ACCEPTED.name()); | |||
| dbClient.propertiesDao().saveProperty(session, property); | |||
| dbClient.propertiesDao().deleteGlobalProperty(PLUGINS_RISK_CONSENT, session); | |||
| session.commit(); | |||
| } | |||
| } | |||
| @@ -65,6 +70,15 @@ public class PluginConsentVerifier implements Startable { | |||
| return property; | |||
| } | |||
| private static void addWarningInSonarDotLog() { | |||
| String highlighter = "####################################################################################################################"; | |||
| String msg = "Plugin(s) detected. The risk associated with installing plugins has not been accepted. The SonarQube admin needs to log in and accept the risk."; | |||
| LOGGER.warn(highlighter); | |||
| LOGGER.warn(msg); | |||
| LOGGER.warn(highlighter); | |||
| } | |||
| @Override | |||
| public void stop() { | |||
| // Nothing to do | |||
+ 9
- 6
server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java
View File
| @@ -22,6 +22,8 @@ package org.sonar.server.plugins; | |||
| import org.junit.Rule; | |||
| import org.junit.Test; | |||
| import org.sonar.api.utils.System2; | |||
| import org.sonar.api.utils.log.LogTester; | |||
| import org.sonar.api.utils.log.LoggerLevel; | |||
| import org.sonar.core.extension.PluginRiskConsent; | |||
| import org.sonar.db.DbClient; | |||
| import org.sonar.db.DbTester; | |||
| @@ -41,10 +43,12 @@ import static org.sonar.server.plugins.PluginType.EXTERNAL; | |||
| public class PluginConsentVerifierTest { | |||
| @Rule | |||
| public DbTester db = DbTester.create(System2.INSTANCE); | |||
| @Rule | |||
| public LogTester logTester = new LogTester(); | |||
| private DbClient dbClient = db.getDbClient(); | |||
| private ServerPluginRepository pluginRepository = mock(ServerPluginRepository.class); | |||
| private PluginConsentVerifier underTest = new PluginConsentVerifier(pluginRepository, dbClient); | |||
| private final DbClient dbClient = db.getDbClient(); | |||
| private final ServerPluginRepository pluginRepository = mock(ServerPluginRepository.class); | |||
| private final PluginConsentVerifier underTest = new PluginConsentVerifier(pluginRepository, dbClient); | |||
| @Test | |||
| public void require_consent_when_exist_external_plugins_and_not_accepted() { | |||
| @@ -64,6 +68,7 @@ public class PluginConsentVerifierTest { | |||
| underTest.start(); | |||
| assertThat(logTester.logs(LoggerLevel.WARN)).contains("Plugin(s) detected. The risk associated with installing plugins has not been accepted. The SonarQube admin needs to log in and accept the risk."); | |||
| assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) | |||
| .extracting(PropertyDto::getValue) | |||
| .isEqualTo(REQUIRED.name()); | |||
| @@ -100,9 +105,7 @@ public class PluginConsentVerifierTest { | |||
| underTest.start(); | |||
| assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) | |||
| .extracting(PropertyDto::getValue) | |||
| .isEqualTo(NOT_ACCEPTED.name()); | |||
| assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)).isNull(); | |||
| } | |||
| @Test | |||
Loading…