aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAntoine Vigneau <antoine.vigneau@sonarsource.com>2024-03-19 11:58:22 +0100
committersonartech <sonartech@sonarsource.com>2024-03-20 20:02:43 +0000
commit0ae8d1634c2369bc24e71d2f46e6193c0db5caa4 (patch)
tree9c03df0836c89351405f20018ac5f5aff337f791
parent4eec8f1729f8566b9c553d17b09801ba15cccc36 (diff)
downloadsonarqube-0ae8d1634c2369bc24e71d2f46e6193c0db5caa4.tar.gz
sonarqube-0ae8d1634c2369bc24e71d2f46e6193c0db5caa4.zip
SONAR-21879 Fix SSF-568
-rw-r--r--server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx11
-rw-r--r--server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap15
-rw-r--r--server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java12
-rw-r--r--server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java4
-rw-r--r--server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java23
-rw-r--r--sonar-core/src/main/resources/org/sonar/l10n/core.properties5
6 files changed, 49 insertions, 21 deletions
diff --git a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx
index 3bc4c0bbf36..946974835ec 100644
--- a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx
+++ b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/BitbucketServerForm.tsx
@@ -47,11 +47,12 @@ export default function BitbucketServerForm(props: BitbucketServerFormProps) {
/>
<AlmBindingDefinitionFormField
help={
- <FormattedMessage
- defaultMessage={translate('settings.almintegration.form.url.bitbucket.help')}
- id="settings.almintegration.form.url.bitbucket.help"
- values={{ example: 'https://bitbucket-server.your-company.com' }}
- />
+ <>
+ {translate('settings.almintegration.form.url.bitbucket.help')}
+ <br />
+ <br />
+ {translate('settings.almintegration.form.url.bitbucket.pat_warning')}
+ </>
}
id="url.bitbucket"
maxLength={2000}
diff --git a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap
index c937fdb2eb8..7b392e018eb 100644
--- a/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap
+++ b/server/sonar-web/src/main/js/apps/settings/components/almIntegration/__tests__/__snapshots__/BitbucketServerForm-test.tsx.snap
@@ -13,15 +13,12 @@ exports[`should render correctly 1`] = `
/>
<AlmBindingDefinitionFormField
help={
- <FormattedMessage
- defaultMessage="settings.almintegration.form.url.bitbucket.help"
- id="settings.almintegration.form.url.bitbucket.help"
- values={
- {
- "example": "https://bitbucket-server.your-company.com",
- }
- }
- />
+ <React.Fragment>
+ settings.almintegration.form.url.bitbucket.help
+ <br />
+ <br />
+ settings.almintegration.form.url.bitbucket.pat_warning
+ </React.Fragment>
}
id="url.bitbucket"
maxLength={2000}
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java
index df9d6287c38..e10272d2612 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/AlmSettingsSupport.java
@@ -117,8 +117,16 @@ public class AlmSettingsSupport {
}
public void checkPrivateKeyOnUrlUpdate(AlmSettingDto almSettingDto, String url, @Nullable String privateKey) {
- if (!url.equals(almSettingDto.getUrl()) && isEmpty(privateKey)) {
- throw new IllegalArgumentException("Please provide the Private Key to update the URL.");
+ checkCredentialArtifactOnUrlUpdate(url, almSettingDto, privateKey, "Please provide the Private Key to update the URL.");
+ }
+
+ public void checkPatOnUrlUpdate(AlmSettingDto almSettingDto, String url, @Nullable String pat) {
+ checkCredentialArtifactOnUrlUpdate(url, almSettingDto, pat, "Please provide the Personal Access Token to update the URL.");
+ }
+
+ private static void checkCredentialArtifactOnUrlUpdate(String url, AlmSettingDto almSettingDto, @Nullable String credentialArtifact, String errorMessage) {
+ if (!url.equals(almSettingDto.getUrl()) && isEmpty(credentialArtifact)) {
+ throw new IllegalArgumentException(errorMessage);
}
}
}
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java
index fc2bc34beab..24e17c187f0 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/almsettings/ws/UpdateBitbucketAction.java
@@ -85,7 +85,6 @@ public class UpdateBitbucketAction implements AlmSettingsWsAction {
private void doHandle(Request request) {
String key = request.mandatoryParam(PARAM_KEY);
String newKey = request.param(PARAM_NEW_KEY);
- String url = request.mandatoryParam(PARAM_URL);
String pat = request.param(PARAM_PERSONAL_ACCESS_TOKEN);
try (DbSession dbSession = dbClient.openSession(false)) {
@@ -94,6 +93,9 @@ public class UpdateBitbucketAction implements AlmSettingsWsAction {
almSettingsSupport.checkAlmSettingDoesNotAlreadyExist(dbSession, newKey);
}
+ String url = request.mandatoryParam(PARAM_URL);
+ almSettingsSupport.checkPatOnUrlUpdate(almSettingDto, url, pat);
+
if (isNotBlank(pat)) {
almSettingDto.setPersonalAccessToken(pat);
}
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java
index 86972538b10..0a8162b36eb 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/almsettings/ws/UpdateBitbucketActionTest.java
@@ -31,6 +31,7 @@ import org.sonar.server.component.ComponentFinder;
import org.sonar.server.exceptions.ForbiddenException;
import org.sonar.server.exceptions.NotFoundException;
import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.ws.TestRequest;
import org.sonar.server.ws.WsActionTester;
import static java.lang.String.format;
@@ -88,7 +89,23 @@ public class UpdateBitbucketActionTest {
}
@Test
- public void update_without_pat() {
+ public void fail_when_url_updated_without_pat() {
+ UserDto user = db.users().insertUser();
+ userSession.logIn(user).setSystemAdministrator();
+
+ AlmSettingDto almSettingDto = db.almSettings().insertBitbucketAlmSetting();
+
+ TestRequest request = ws.newRequest()
+ .setParam("key", almSettingDto.getKey())
+ .setParam("url", "https://bitbucket.enterprise-unicorn.com");
+
+ assertThatThrownBy(() -> request.execute())
+ .isInstanceOf(IllegalArgumentException.class)
+ .hasMessage("Please provide the Personal Access Token to update the URL.");
+ }
+
+ @Test
+ public void update_with_url_change_needs_path() {
UserDto user = db.users().insertUser();
userSession.logIn(user).setSystemAdministrator();
@@ -97,10 +114,12 @@ public class UpdateBitbucketActionTest {
ws.newRequest()
.setParam("key", almSettingDto.getKey())
.setParam("url", "https://bitbucket.enterprise-unicorn.com")
+ .setParam("personalAccessToken", "0123456789")
.execute();
+
assertThat(db.getDbClient().almSettingDao().selectAll(db.getSession()))
.extracting(AlmSettingDto::getKey, AlmSettingDto::getUrl, s -> s.getDecryptedPersonalAccessToken(encryption))
- .containsOnly(tuple(almSettingDto.getKey(), "https://bitbucket.enterprise-unicorn.com", almSettingDto.getDecryptedPersonalAccessToken(encryption)));
+ .containsOnly(tuple(almSettingDto.getKey(), "https://bitbucket.enterprise-unicorn.com", "0123456789"));
}
@Test
diff --git a/sonar-core/src/main/resources/org/sonar/l10n/core.properties b/sonar-core/src/main/resources/org/sonar/l10n/core.properties
index 4cb6ae9a39b..c2195410c72 100644
--- a/sonar-core/src/main/resources/org/sonar/l10n/core.properties
+++ b/sonar-core/src/main/resources/org/sonar/l10n/core.properties
@@ -1228,11 +1228,12 @@ settings.almintegration.form.url.azure=Azure DevOps URL
settings.almintegration.form.url.azure.help1=For Azure DevOps Server, provide the full collection URL:
settings.almintegration.form.url.azure.help2=For Azure DevOps Services, provide the full organization URL:
settings.almintegration.form.url.bitbucket=Bitbucket Server URL
-settings.almintegration.form.url.bitbucket.help=Example: {example}
+settings.almintegration.form.url.bitbucket.help=Example: https://bitbucket-server.your-company.com
+settings.almintegration.form.url.bitbucket.pat_warning=For security reasons, please make sure to provide the Personal Access Token to update the URL.
settings.almintegration.form.url.github=GitHub API URL
settings.almintegration.form.url.github.help1=Example for Github Enterprise:
settings.almintegration.form.url.github.help2=If using GitHub.com:
-settings.almintegration.form.url.github.private_key_warning=Please make sure to provide the GitHub App private key for updating the URL.
+settings.almintegration.form.url.github.private_key_warning=For security reasons, please make sure to provide the GitHub App private key to update the URL.
settings.almintegration.form.url.gitlab=GitLab API URL
settings.almintegration.form.url.gitlab.help=Provide the GitLab API URL. For example:
settings.almintegration.form.app_id=GitHub App ID