mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
29584 Commits
59 Branches
Tree: a5e56c8d40
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a5e56c8d40'
${ noResults }
sonarqube/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/SettingsSection.java

SettingsSection.java 3.0KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2020 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.platform.monitoring;

  21. 

  22. import java.util.Map;

  23. import java.util.TreeMap;

  24. import org.sonar.api.PropertyType;

  25. import org.sonar.api.config.PropertyDefinition;

  26. import org.sonar.api.config.PropertyDefinitions;

  27. import org.sonar.api.config.internal.Settings;

  28. import org.sonar.api.server.ServerSide;

  29. import org.sonar.process.systeminfo.Global;

  30. import org.sonar.process.systeminfo.SystemInfoSection;

  31. import org.sonar.process.systeminfo.protobuf.ProtobufSystemInfo;

  32. 

  33. import static org.apache.commons.lang.StringUtils.abbreviate;

  34. import static org.apache.commons.lang.StringUtils.containsIgnoreCase;

  35. import static org.apache.commons.lang.StringUtils.endsWithIgnoreCase;

  36. import static org.sonar.process.ProcessProperties.Property.AUTH_JWT_SECRET;

  37. import static org.sonar.process.systeminfo.SystemInfoUtils.setAttribute;

  38. 

  39. @ServerSide

  40. public class SettingsSection implements SystemInfoSection, Global {

  41. 

  42.   private static final int MAX_VALUE_LENGTH = 500;

  43.   private static final String PASSWORD_VALUE = "xxxxxxxx";

  44.   private final Settings settings;

  45. 

  46.   public SettingsSection(Settings settings) {

  47.     this.settings = settings;

  48.   }

  49. 

  50.   @Override

  51.   public ProtobufSystemInfo.Section toProtobuf() {

  52.     ProtobufSystemInfo.Section.Builder protobuf = ProtobufSystemInfo.Section.newBuilder();

  53.     protobuf.setName("Settings");

  54. 

  55.     PropertyDefinitions definitions = settings.getDefinitions();

  56.     TreeMap<String, String> orderedProps = new TreeMap<>(settings.getProperties());

  57.     for (Map.Entry<String, String> prop : orderedProps.entrySet()) {

  58.       String key = prop.getKey();

  59.       String value = obfuscateValue(definitions, key, prop.getValue());

  60.       setAttribute(protobuf, key, value);

  61.     }

  62.     return protobuf.build();

  63.   }

  64. 

  65.   private static String obfuscateValue(PropertyDefinitions definitions, String key, String value) {

  66.     PropertyDefinition def = definitions.get(key);

  67.     if (def != null && def.type() == PropertyType.PASSWORD) {

  68.       return PASSWORD_VALUE;

  69.     }

  70.     if (endsWithIgnoreCase(key, ".secured") ||

  71.       containsIgnoreCase(key, "password") ||

  72.       containsIgnoreCase(key, "passcode") ||

  73.       AUTH_JWT_SECRET.getKey().equals(key)) {

  74.       return PASSWORD_VALUE;

  75.     }

  76.     return abbreviate(value, MAX_VALUE_LENGTH);

  77.   }

  78. }