SONAR-14586 Add a new uses default credentials flag to api/navigation/global for system administrators

server/sonar-webserver-webapi/build.gradle

@@ -13,6 +13,7 @@ dependencies {
   compile project(':server:sonar-ce-task')
   compile project(':server:sonar-db-dao')
   compile project(':server:sonar-process')
+  compile project(':server:sonar-webserver-auth')
   compile project(':server:sonar-webserver-es')
   compile project(':server:sonar-webserver-ws')
   compile project(':server:sonar-alm-client')

server/sonar-webserver-webapi/src/main/java/org/sonar/server/ui/ws/GlobalAction.java

@@ -39,6 +39,7 @@ import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.dialect.H2;
 import org.sonar.server.almsettings.MultipleAlmFeatureProvider;
+import org.sonar.server.authentication.DefaultAdminCredentialsVerifier;
 import org.sonar.server.branch.BranchFeatureProxy;
 import org.sonar.server.issue.index.IssueIndexSyncProgressChecker;
 import org.sonar.server.platform.WebServer;
@@ -83,10 +84,12 @@ public class GlobalAction implements NavigationWsAction, Startable {
   private final MultipleAlmFeatureProvider multipleAlmFeatureProvider;
   private final WebAnalyticsLoader webAnalyticsLoader;
   private final IssueIndexSyncProgressChecker issueIndexSyncChecker;
+  private final DefaultAdminCredentialsVerifier defaultAdminCredentialsVerifier;
 
   public GlobalAction(PageRepository pageRepository, Configuration config, ResourceTypes resourceTypes, Server server,
     WebServer webServer, DbClient dbClient, BranchFeatureProxy branchFeature, UserSession userSession, PlatformEditionProvider editionProvider,
-    MultipleAlmFeatureProvider multipleAlmFeatureProvider, WebAnalyticsLoader webAnalyticsLoader, IssueIndexSyncProgressChecker issueIndexSyncChecker) {
+    MultipleAlmFeatureProvider multipleAlmFeatureProvider, WebAnalyticsLoader webAnalyticsLoader, IssueIndexSyncProgressChecker issueIndexSyncChecker,
+    DefaultAdminCredentialsVerifier defaultAdminCredentialsVerifier) {
     this.pageRepository = pageRepository;
     this.config = config;
     this.resourceTypes = resourceTypes;
@@ -100,6 +103,7 @@ public class GlobalAction implements NavigationWsAction, Startable {
     this.webAnalyticsLoader = webAnalyticsLoader;
     this.systemSettingValuesByKey = new HashMap<>();
     this.issueIndexSyncChecker = issueIndexSyncChecker;
+    this.defaultAdminCredentialsVerifier = defaultAdminCredentialsVerifier;
   }
 
   @Override
@@ -140,6 +144,7 @@ public class GlobalAction implements NavigationWsAction, Startable {
       writeVersion(json);
       writeDatabaseProduction(json);
       writeBranchSupport(json);
+      writeInstanceUsesDefaultAdminCredentials(json);
       writeMultipleAlmEnabled(json);
       editionProvider.get().ifPresent(e -> json.prop("edition", e.name().toLowerCase(Locale.ENGLISH)));
       writeNeedIssueSync(json);
@@ -197,6 +202,12 @@ public class GlobalAction implements NavigationWsAction, Startable {
     json.prop("branchesEnabled", branchFeature.isEnabled());
   }
 
+  private void writeInstanceUsesDefaultAdminCredentials(JsonWriter json) {
+    if (userSession.isSystemAdministrator()) {
+      json.prop("instanceUsesDefaultAdminCredentials", defaultAdminCredentialsVerifier.hasDefaultCredentialUser());
+    }
+  }
+
   private void writeMultipleAlmEnabled(JsonWriter json) {
     json.prop("multipleAlmEnabled", multipleAlmFeatureProvider.enabled());
   }

server/sonar-webserver-webapi/src/test/java/org/sonar/server/ui/ws/GlobalActionTest.java

@@ -38,6 +38,7 @@ import org.sonar.db.DbClient;
 import org.sonar.db.dialect.H2;
 import org.sonar.db.dialect.PostgreSql;
 import org.sonar.server.almsettings.MultipleAlmFeatureProvider;
+import org.sonar.server.authentication.DefaultAdminCredentialsVerifier;
 import org.sonar.server.issue.index.IssueIndexSyncProgressChecker;
 import org.sonar.server.platform.WebServer;
 import org.sonar.server.tester.UserSessionRule;
@@ -68,6 +69,7 @@ public class GlobalActionTest {
   private final PlatformEditionProvider editionProvider = mock(PlatformEditionProvider.class);
   private final MultipleAlmFeatureProvider multipleAlmFeatureProvider = mock(MultipleAlmFeatureProvider.class);
   private final WebAnalyticsLoader webAnalyticsLoader = mock(WebAnalyticsLoader.class);
+  private final DefaultAdminCredentialsVerifier defaultAdminCredentialsVerifier = mock(DefaultAdminCredentialsVerifier.class);
 
   private WsActionTester ws;
 
@@ -270,6 +272,22 @@ public class GlobalActionTest {
     assertJson(call()).isSimilarTo("{\"canAdmin\":true}");
   }
 
+  @Test
+  public void instance_uses_default_admin_credentials() {
+    init();
+
+    when(defaultAdminCredentialsVerifier.hasDefaultCredentialUser()).thenReturn(true);
+
+    // Even if the default credentials are used, if the current user it not a system admin, the flag is not returned.
+    assertJson(call()).isNotSimilarTo("{\"instanceUsesDefaultAdminCredentials\":true}");
+
+    userSession.logIn().setSystemAdministrator();
+    assertJson(call()).isSimilarTo("{\"instanceUsesDefaultAdminCredentials\":true}");
+
+    when(defaultAdminCredentialsVerifier.hasDefaultCredentialUser()).thenReturn(false);
+    assertJson(call()).isSimilarTo("{\"instanceUsesDefaultAdminCredentials\":false}");
+  }
+
   @Test
   public void standalone_flag() {
     init();
@@ -374,7 +392,7 @@ public class GlobalActionTest {
     pageRepository.start();
     GlobalAction wsAction = new GlobalAction(pageRepository, settings.asConfig(), new ResourceTypes(resourceTypeTrees), server,
       webServer, dbClient, branchFeature, userSession, editionProvider, multipleAlmFeatureProvider, webAnalyticsLoader,
-      indexSyncProgressChecker);
+      indexSyncProgressChecker, defaultAdminCredentialsVerifier);
     ws = new WsActionTester(wsAction);
     wsAction.start();
   }

sonar-testing-harness/src/main/java/org/sonar/test/JsonAssert.java

@@ -94,6 +94,18 @@ public class JsonAssert {
     return isSimilarTo(urlToString(expected));
   }
 
+  public JsonAssert isNotSimilarTo(String expected) {
+    boolean similar = comparison.areSimilar(expected, actualJson);
+    if (similar) {
+      throw new ComparisonFailure("It's a super-set of expected JSON -", pretty(expected), pretty(actualJson));
+    }
+    return this;
+  }
+
+  public JsonAssert isNotSimilarTo(URL expected) {
+    return isNotSimilarTo(urlToString(expected));
+  }
+
   public static JsonAssert assertJson(String actualJson) {
     return new JsonAssert(actualJson);
   }