diff options
author | Wouter Admiraal <wouter.admiraal@sonarsource.com> | 2024-02-01 10:53:08 +0100 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2024-02-01 20:02:46 +0000 |
commit | 95f9d0ec9698724e9785b871ac6dd5df0af1f800 (patch) | |
tree | f0814f21067e3d0b19b6f5d70f090d3e25c58792 | |
parent | 4e1bbcab2cfbe2c100d52e3f984a157d91a4f3ae (diff) | |
download | sonarqube-95f9d0ec9698724e9785b871ac6dd5df0af1f800.tar.gz sonarqube-95f9d0ec9698724e9785b871ac6dd5df0af1f800.zip |
SONAR-21559 Fix SSF-553
4 files changed, 8 insertions, 5 deletions
diff --git a/server/sonar-web/src/main/js/api/settings.ts b/server/sonar-web/src/main/js/api/settings.ts index bfcaddbf1b1..981f1202ce1 100644 --- a/server/sonar-web/src/main/js/api/settings.ts +++ b/server/sonar-web/src/main/js/api/settings.ts @@ -20,7 +20,7 @@ import { omitBy } from 'lodash'; import { isCategoryDefinition } from '../apps/settings/utils'; import { throwGlobalError } from '../helpers/error'; -import { getJSON, post, RequestData } from '../helpers/request'; +import { getJSON, post, postJSON, RequestData } from '../helpers/request'; import { BranchParameters } from '../types/branch-like'; import { ExtendedSettingDefinition, @@ -109,7 +109,7 @@ export function generateSecretKey(): Promise<{ secretKey: string }> { } export function encryptValue(value: string): Promise<{ encryptedValue: string }> { - return getJSON('/api/settings/encrypt', { value }).catch(throwGlobalError); + return postJSON('/api/settings/encrypt', { value }).catch(throwGlobalError); } export function getLoginMessage(): Promise<{ message: string }> { diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/EncryptAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/EncryptAction.java index 863eaef4e04..b41359cc4ed 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/EncryptAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/setting/ws/EncryptAction.java @@ -21,6 +21,7 @@ package org.sonar.server.setting.ws; import org.sonar.api.config.internal.Encryption; import org.sonar.api.config.internal.Settings; +import org.sonar.api.server.ws.Change; import org.sonar.api.server.ws.Request; import org.sonar.api.server.ws.Response; import org.sonar.api.server.ws.WebService; @@ -46,9 +47,11 @@ public class EncryptAction implements SettingsWsAction { .setDescription("Encrypt a setting value.<br>" + "Requires 'Administer System' permission.") .setSince("6.1") + .setPost(true) .setHandler(this) .setInternal(true) - .setResponseExample(getClass().getResource("encrypt-example.json")); + .setResponseExample(getClass().getResource("encrypt-example.json")) + .setChangelog(new Change("9.9.4", "Move from GET to POST.")); action.createParam(PARAM_VALUE) .setRequired(true) diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java index 2c53a6aebb5..c8cbcd43aa6 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/setting/ws/EncryptActionTest.java @@ -76,7 +76,7 @@ public class EncryptActionTest { WebService.Action definition = ws.getDef(); assertThat(definition.key()).isEqualTo("encrypt"); - assertThat(definition.isPost()).isFalse(); + assertThat(definition.isPost()).isTrue(); assertThat(definition.isInternal()).isTrue(); assertThat(definition.responseExampleAsString()).isNotEmpty(); assertThat(definition.params()).hasSize(1); diff --git a/sonar-ws/src/main/java/org/sonarqube/ws/client/settings/SettingsService.java b/sonar-ws/src/main/java/org/sonarqube/ws/client/settings/SettingsService.java index bdb60cf61a7..cbe98cb3c27 100644 --- a/sonar-ws/src/main/java/org/sonarqube/ws/client/settings/SettingsService.java +++ b/sonar-ws/src/main/java/org/sonarqube/ws/client/settings/SettingsService.java @@ -64,7 +64,7 @@ public class SettingsService extends BaseService { */ public EncryptWsResponse encrypt(EncryptRequest request) { return call( - new GetRequest(path("encrypt")) + new PostRequest(path("encrypt")) .setParam("value", request.getValue()), EncryptWsResponse.parser()); } |