diff options
author | Antoine Vigneau <antoine.vigneau@sonarsource.com> | 2024-03-19 11:58:22 +0100 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2024-03-20 20:02:43 +0000 |
commit | 0ae8d1634c2369bc24e71d2f46e6193c0db5caa4 (patch) | |
tree | 9c03df0836c89351405f20018ac5f5aff337f791 | |
parent | 4eec8f1729f8566b9c553d17b09801ba15cccc36 (diff) | |
download | sonarqube-0ae8d1634c2369bc24e71d2f46e6193c0db5caa4.tar.gz sonarqube-0ae8d1634c2369bc24e71d2f46e6193c0db5caa4.zip |
SONAR-21879 Fix SSF-568
6 files changed, 49 insertions, 21 deletions
diff --git a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx index 3bc4c0bbf36..946974835ec 100644 --- a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx +++ b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx @@ -47,11 +47,12 @@ export default function BitbucketServerForm(props: BitbucketServerFormProps) { /> <AlmBindingDefinitionFormField help={ - <FormattedMessage - defaultMessage={translate('settings.almintegration.form.url.bitbucket.help')} - id="settings.almintegration.form.url.bitbucket.help" - values={{ example: 'https://bitbucket-server.your-company.com' }} - /> + <> + {translate('settings.almintegration.form.url.bitbucket.help')} + <br /> + <br /> + {translate('settings.almintegration.form.url.bitbucket.pat_warning')} + </> } id="url.bitbucket" maxLength={2000} diff --git a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap index c937fdb2eb8..7b392e018eb 100644 --- a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap +++ b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap @@ -13,15 +13,12 @@ exports[`should render correctly 1`] = ` /> <AlmBindingDefinitionFormField help={ - <FormattedMessage - defaultMessage="settings.almintegration.form.url.bitbucket.help" - id="settings.almintegration.form.url.bitbucket.help" - values={ - { - "example": "https://bitbucket-server.your-company.com", - } - } - /> + <React.Fragment> + settings.almintegration.form.url.bitbucket.help + <br /> + <br /> + settings.almintegration.form.url.bitbucket.pat_warning + </React.Fragment> } id="url.bitbucket" maxLength={2000} diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java index df9d6287c38..e10272d2612 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java @@ -117,8 +117,16 @@ public class AlmSettingsSupport { } public void checkPrivateKeyOnUrlUpdate(AlmSettingDto almSettingDto, String url, @Nullable String privateKey) { - if (!url.equals(almSettingDto.getUrl()) && isEmpty(privateKey)) { - throw new IllegalArgumentException("Please provide the Private Key to update the URL."); + checkCredentialArtifactOnUrlUpdate(url, almSettingDto, privateKey, "Please provide the Private Key to update the URL."); + } + + public void checkPatOnUrlUpdate(AlmSettingDto almSettingDto, String url, @Nullable String pat) { + checkCredentialArtifactOnUrlUpdate(url, almSettingDto, pat, "Please provide the Personal Access Token to update the URL."); + } + + private static void checkCredentialArtifactOnUrlUpdate(String url, AlmSettingDto almSettingDto, @Nullable String credentialArtifact, String errorMessage) { + if (!url.equals(almSettingDto.getUrl()) && isEmpty(credentialArtifact)) { + throw new IllegalArgumentException(errorMessage); } } } diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java index fc2bc34beab..24e17c187f0 100644 --- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java +++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java @@ -85,7 +85,6 @@ public class UpdateBitbucketAction implements AlmSettingsWsAction { private void doHandle(Request request) { String key = request.mandatoryParam(PARAM_KEY); String newKey = request.param(PARAM_NEW_KEY); - String url = request.mandatoryParam(PARAM_URL); String pat = request.param(PARAM_PERSONAL_ACCESS_TOKEN); try (DbSession dbSession = dbClient.openSession(false)) { @@ -94,6 +93,9 @@ public class UpdateBitbucketAction implements AlmSettingsWsAction { almSettingsSupport.checkAlmSettingDoesNotAlreadyExist(dbSession, newKey); } + String url = request.mandatoryParam(PARAM_URL); + almSettingsSupport.checkPatOnUrlUpdate(almSettingDto, url, pat); + if (isNotBlank(pat)) { almSettingDto.setPersonalAccessToken(pat); } diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java index 86972538b10..0a8162b36eb 100644 --- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java +++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java @@ -31,6 +31,7 @@ import org.sonar.server.component.ComponentFinder; import org.sonar.server.exceptions.ForbiddenException; import org.sonar.server.exceptions.NotFoundException; import org.sonar.server.tester.UserSessionRule; +import org.sonar.server.ws.TestRequest; import org.sonar.server.ws.WsActionTester; import static java.lang.String.format; @@ -88,7 +89,23 @@ public class UpdateBitbucketActionTest { } @Test - public void update_without_pat() { + public void fail_when_url_updated_without_pat() { + UserDto user = db.users().insertUser(); + userSession.logIn(user).setSystemAdministrator(); + + AlmSettingDto almSettingDto = db.almSettings().insertBitbucketAlmSetting(); + + TestRequest request = ws.newRequest() + .setParam("key", almSettingDto.getKey()) + .setParam("url", "https://bitbucket.enterprise-unicorn.com"); + + assertThatThrownBy(() -> request.execute()) + .isInstanceOf(IllegalArgumentException.class) + .hasMessage("Please provide the Personal Access Token to update the URL."); + } + + @Test + public void update_with_url_change_needs_path() { UserDto user = db.users().insertUser(); userSession.logIn(user).setSystemAdministrator(); @@ -97,10 +114,12 @@ public class UpdateBitbucketActionTest { ws.newRequest() .setParam("key", almSettingDto.getKey()) .setParam("url", "https://bitbucket.enterprise-unicorn.com") + .setParam("personalAccessToken", "0123456789") .execute(); + assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession())) .extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, s -> s.getDecryptedPersonalAccessToken(encryption)) - .containsOnly(tuple(almSettingDto.getKey(), "https://bitbucket.enterprise-unicorn.com", almSettingDto.getDecryptedPersonalAccessToken(encryption))); + .containsOnly(tuple(almSettingDto.getKey(), "https://bitbucket.enterprise-unicorn.com", "0123456789")); } @Test diff --git a/sonar-core/src/main/resources/org/sonar/l10n/core.properties b/sonar-core/src/main/resources/org/sonar/l10n/core.properties index 4cb6ae9a39b..c2195410c72 100644 --- a/sonar-core/src/main/resources/org/sonar/l10n/core.properties +++ b/sonar-core/src/main/resources/org/sonar/l10n/core.properties @@ -1228,11 +1228,12 @@ settings.almintegration.form.url.azure=Azure DevOps URL settings.almintegration.form.url.azure.help1=For Azure DevOps Server, provide the full collection URL: settings.almintegration.form.url.azure.help2=For Azure DevOps Services, provide the full organization URL: settings.almintegration.form.url.bitbucket=Bitbucket Server URL -settings.almintegration.form.url.bitbucket.help=Example: {example} +settings.almintegration.form.url.bitbucket.help=Example: https://bitbucket-server.your-company.com +settings.almintegration.form.url.bitbucket.pat_warning=For security reasons, please make sure to provide the Personal Access Token to update the URL. settings.almintegration.form.url.github=GitHub API URL settings.almintegration.form.url.github.help1=Example for Github Enterprise: settings.almintegration.form.url.github.help2=If using GitHub.com: -settings.almintegration.form.url.github.private_key_warning=Please make sure to provide the GitHub App private key for updating the URL. +settings.almintegration.form.url.github.private_key_warning=For security reasons, please make sure to provide the GitHub App private key to update the URL. settings.almintegration.form.url.gitlab=GitLab API URL settings.almintegration.form.url.gitlab.help=Provide the GitLab API URL. For example: settings.almintegration.form.app_id=GitHub App ID |