mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29967 Commits
59 Branches
Tree: 4cd0180440
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '4cd0180440'
${ noResults }
sonarqube/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java

EncryptActionTest.java 4.7KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.setting.ws;

  21. 

  22. import java.io.File;

  23. import java.nio.charset.StandardCharsets;

  24. import javax.annotation.Nullable;

  25. import org.apache.commons.io.FileUtils;

  26. import org.junit.Before;

  27. import org.junit.Rule;

  28. import org.junit.Test;

  29. import org.junit.rules.ExpectedException;

  30. import org.junit.rules.TemporaryFolder;

  31. import org.sonar.api.config.internal.Encryption;

  32. import org.sonar.api.config.internal.MapSettings;

  33. import org.sonar.api.server.ws.WebService;

  34. import org.sonar.server.exceptions.BadRequestException;

  35. import org.sonar.server.exceptions.ForbiddenException;

  36. import org.sonar.server.tester.UserSessionRule;

  37. import org.sonar.server.ws.TestRequest;

  38. import org.sonar.server.ws.WsActionTester;

  39. import org.sonarqube.ws.Settings.EncryptWsResponse;

  40. 

  41. import static org.assertj.core.api.Assertions.assertThat;

  42. import static org.sonar.server.setting.ws.SettingsWsParameters.PARAM_VALUE;

  43. import static org.sonar.test.JsonAssert.assertJson;

  44. 

  45. public class EncryptActionTest {

  46.   @Rule

  47.   public ExpectedException expectedException = ExpectedException.none();

  48.   @Rule

  49.   public UserSessionRule userSession = UserSessionRule.standalone();

  50.   @Rule

  51.   public TemporaryFolder folder = new TemporaryFolder();

  52. 

  53.   private MapSettings settings = new MapSettings();

  54.   private Encryption encryption = settings.getEncryption();

  55.   private EncryptAction underTest = new EncryptAction(userSession, settings);

  56.   private WsActionTester ws = new WsActionTester(underTest);

  57. 

  58.   @Before

  59.   public void setUpSecretKey() throws Exception {

  60.     logInAsSystemAdministrator();

  61. 

  62.     File secretKeyFile = folder.newFile();

  63.     FileUtils.writeStringToFile(secretKeyFile, "fCVFf/JHRi8Qwu5KLNva7g==", StandardCharsets.UTF_8);

  64. 

  65.     encryption.setPathToSecretKey(secretKeyFile.getAbsolutePath());

  66.   }

  67. 

  68.   @Test

  69.   public void json_example() {

  70.     logInAsSystemAdministrator();

  71. 

  72.     String result = ws.newRequest().setParam("value", "my value").execute().getInput();

  73. 

  74.     assertJson(result).isSimilarTo(ws.getDef().responseExampleAsString());

  75.   }

  76. 

  77.   @Test

  78.   public void encrypt() {

  79.     logInAsSystemAdministrator();

  80. 

  81.     EncryptWsResponse result = call("my value!");

  82. 

  83.     assertThat(result.getEncryptedValue()).isEqualTo("{aes}NoofntibpMBdhkMfXQxYcA==");

  84.   }

  85. 

  86.   @Test

  87.   public void definition() {

  88.     WebService.Action definition = ws.getDef();

  89. 

  90.     assertThat(definition.key()).isEqualTo("encrypt");

  91.     assertThat(definition.isPost()).isFalse();

  92.     assertThat(definition.isInternal()).isTrue();

  93.     assertThat(definition.responseExampleAsString()).isNotEmpty();

  94.     assertThat(definition.params()).hasSize(1);

  95.   }

  96. 

  97.   @Test

  98.   public void throw_ForbiddenException_if_not_system_administrator() {

  99.     userSession.logIn().setNonSystemAdministrator();

  100. 

  101.     expectedException.expect(ForbiddenException.class);

  102.     expectedException.expectMessage("Insufficient privileges");

  103. 

  104.     call("my value");

  105.   }

  106. 

  107.   @Test

  108.   public void fail_if_value_is_not_provided() {

  109.     logInAsSystemAdministrator();

  110. 

  111.     expectedException.expect(IllegalArgumentException.class);

  112. 

  113.     call(null);

  114.   }

  115. 

  116.   @Test

  117.   public void fail_if_value_is_empty() {

  118.     logInAsSystemAdministrator();

  119. 

  120.     expectedException.expect(IllegalArgumentException.class);

  121.     expectedException.expectMessage("The 'value' parameter is missing");

  122. 

  123.     call("  ");

  124.   }

  125. 

  126.   @Test

  127.   public void fail_if_no_secret_key_available() {

  128.     logInAsSystemAdministrator();

  129. 

  130.     encryption.setPathToSecretKey("unknown/path/to/secret/key");

  131. 

  132.     expectedException.expect(BadRequestException.class);

  133.     expectedException.expectMessage("No secret key available");

  134. 

  135.     call("my value");

  136.   }

  137. 

  138.   private EncryptWsResponse call(@Nullable String value) {

  139.     TestRequest request = ws.newRequest()

  140.       .setMethod("POST");

  141. 

  142.     if (value != null) {

  143.       request.setParam(PARAM_VALUE, value);

  144.     }

  145. 

  146.     return request.executeProtobuf(EncryptWsResponse.class);

  147.   }

  148. 

  149.   private void logInAsSystemAdministrator() {

  150.     userSession.logIn().setSystemAdministrator();

  151.   }

  152. }