mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
31334 Commits
59 Branches
Tree: 215f8403a6
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '215f8403a6'
${ noResults }
sonarqube/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/ResetPasswordFilterTest.java

ResetPasswordFilterTest.java 4.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2021 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.authentication;

  21. 

  22. import com.tngtech.java.junit.dataprovider.DataProvider;

  23. import com.tngtech.java.junit.dataprovider.DataProviderRunner;

  24. import com.tngtech.java.junit.dataprovider.UseDataProvider;

  25. import javax.servlet.FilterChain;

  26. import javax.servlet.FilterConfig;

  27. import javax.servlet.http.HttpServletRequest;

  28. import javax.servlet.http.HttpServletResponse;

  29. import org.junit.Before;

  30. import org.junit.Test;

  31. import org.junit.runner.RunWith;

  32. import org.sonar.server.user.ThreadLocalUserSession;

  33. 

  34. import static org.mockito.ArgumentMatchers.any;

  35. import static org.mockito.ArgumentMatchers.eq;

  36. import static org.mockito.Mockito.mock;

  37. import static org.mockito.Mockito.never;

  38. import static org.mockito.Mockito.verify;

  39. import static org.mockito.Mockito.verifyNoInteractions;

  40. import static org.mockito.Mockito.when;

  41. 

  42. @RunWith(DataProviderRunner.class)

  43. public class ResetPasswordFilterTest {

  44. 

  45.   private final HttpServletRequest request = mock(HttpServletRequest.class);

  46.   private final HttpServletResponse response = mock(HttpServletResponse.class);

  47.   private final FilterChain chain = mock(FilterChain.class);

  48.   private final ThreadLocalUserSession session = mock(ThreadLocalUserSession.class);

  49. 

  50.   private final ResetPasswordFilter underTest = new ResetPasswordFilter(session);

  51. 

  52.   @Before

  53.   public void before() {

  54.     // set URI to valid for redirect

  55.     when(request.getRequestURI()).thenReturn("/");

  56.     when(request.getContextPath()).thenReturn("");

  57. 

  58.     // set reset password conditions

  59.     when(session.hasSession()).thenReturn(true);

  60.     when(session.isLoggedIn()).thenReturn(true);

  61.     when(session.shouldResetPassword()).thenReturn(true);

  62.   }

  63. 

  64.   @Test

  65.   public void verify_other_methods() {

  66.     underTest.init(mock(FilterConfig.class));

  67.     underTest.destroy();

  68. 

  69.     verifyNoInteractions(request, response, chain, session);

  70.   }

  71. 

  72.   @Test

  73.   public void redirect_if_reset_password_set() throws Exception {

  74.     underTest.doFilter(request, response, chain);

  75. 

  76.     verify(response).sendRedirect("/account/reset_password");

  77.   }

  78. 

  79.   @Test

  80.   public void redirect_if_reset_password_set_and_web_context_configured() throws Exception {

  81.     when(request.getContextPath()).thenReturn("/sonarqube");

  82. 

  83.     underTest.doFilter(request, response, chain);

  84. 

  85.     verify(response).sendRedirect("/sonarqube/account/reset_password");

  86.   }

  87. 

  88.   @Test

  89.   public void redirect_if_request_uri_ends_with_slash() throws Exception {

  90.     when(request.getRequestURI()).thenReturn("/projects/");

  91.     when(request.getContextPath()).thenReturn("/sonarqube");

  92. 

  93.     underTest.doFilter(request, response, chain);

  94. 

  95.     verify(response).sendRedirect("/sonarqube/account/reset_password");

  96.   }

  97. 

  98.   @Test

  99.   public void do_not_redirect_if_no_session() throws Exception {

  100.     when(session.hasSession()).thenReturn(false);

  101. 

  102.     underTest.doFilter(request, response, chain);

  103. 

  104.     verify(response, never()).sendRedirect(any());

  105.   }

  106. 

  107.   @Test

  108.   public void do_not_redirect_if_not_logged_in() throws Exception {

  109.     when(session.isLoggedIn()).thenReturn(false);

  110. 

  111.     underTest.doFilter(request, response, chain);

  112. 

  113.     verify(response, never()).sendRedirect(any());

  114.   }

  115. 

  116.   @Test

  117.   public void do_not_redirect_if_reset_password_not_set() throws Exception {

  118.     when(session.shouldResetPassword()).thenReturn(false);

  119. 

  120.     underTest.doFilter(request, response, chain);

  121. 

  122.     verify(response, never()).sendRedirect(any());

  123.   }

  124. 

  125.   @Test

  126.   @UseDataProvider("skipped_urls")

  127.   public void doGetPattern_verify(String urltoSkip) throws Exception {

  128.     when(request.getRequestURI()).thenReturn(urltoSkip);

  129.     when(request.getContextPath()).thenReturn("");

  130.     underTest.doGetPattern().matches(urltoSkip);

  131. 

  132.     verify(response, never()).sendRedirect(any());

  133.   }

  134. 

  135.   @DataProvider

  136.   public static Object[][] skipped_urls() {

  137.     return new Object[][] {

  138.       {"/batch/index"},

  139.       {"/batch/file"},

  140.       {"/api/issues"},

  141.       {"/api/issues/"},

  142.       {"/api/*"},

  143.       {"/account/reset_password"},

  144.     };

  145.   }

  146. 

  147. }