SONAR-8715 Allow provisioning of non-local users

author: Julien Lancelot <julien.lancelot@sonarsource.com> 2017-02-02 17:00:22 +0100
committer: Julien Lancelot <julien.lancelot@sonarsource.com> 2017-02-03 11:59:06 +0100
commit: 9c20e9ec5ded65dbe2f63ae9e0eb93a61eb50cb0 (patch)
tree: 1e7f57af123d5ed709824986d8c018aa2e772aa4 /it/it-tests
parent: c33ccac8f6ada16178b90a905e6192980462a582 (diff)
download: sonarqube-9c20e9ec5ded65dbe2f63ae9e0eb93a61eb50cb0.tar.gz
sonarqube-9c20e9ec5ded65dbe2f63ae9e0eb93a61eb50cb0.zip
4 files changed, 98 insertions, 15 deletions
diff --git a/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java b/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java
index 7a8a51f2d2c..6b5f43f512c 100644
--- a/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java
+++ b/it/it-tests/src/test/java/it/user/BaseIdentityProviderTest.java
@@ -31,6 +31,7 @@ import org.junit.ClassRule;
 import org.junit.Test;
 import org.sonarqube.ws.client.GetRequest;
 import org.sonarqube.ws.client.WsClient;
+import org.sonarqube.ws.client.user.CreateRequest;
 import util.user.UserRule;
 import util.user.Users;
 
@@ -124,10 +125,11 @@ public class BaseIdentityProviderTest {
     setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
     userRule.createUser("another", "Another", USER_EMAIL, "another");
 
-    runSelenese(ORCHESTRATOR,"/user/BaseIdentityProviderTest/fail_when_email_already_exists.html");
+    runSelenese(ORCHESTRATOR, "/user/BaseIdentityProviderTest/fail_when_email_already_exists.html");
 
     File logFile = ORCHESTRATOR.getServer().getWebLogs();
-    assertThat(FileUtils.readFileToString(logFile)).doesNotContain("You can't sign up because email 'john@email.com' is already used by an existing user. This means that you probably already registered with another account");
+    assertThat(FileUtils.readFileToString(logFile))
+      .doesNotContain("You can't sign up because email 'john@email.com' is already used by an existing user. This means that you probably already registered with another account");
   }
 
   @Test
@@ -198,7 +200,7 @@ public class BaseIdentityProviderTest {
     setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.throwUnauthorizedMessage", "true");
 
     runSelenese(ORCHESTRATOR,
-        "/user/BaseIdentityProviderTest/display_message_in_ui_but_not_in_log_when_unauthorized_exception.html");
+      "/user/BaseIdentityProviderTest/display_message_in_ui_but_not_in_log_when_unauthorized_exception.html");
 
     File logFile = ORCHESTRATOR.getServer().getWebLogs();
     assertThat(FileUtils.readFileToString(logFile)).doesNotContain("A functional error has happened");
@@ -267,6 +269,30 @@ public class BaseIdentityProviderTest {
     userRule.verifyUserExists(login, USER_NAME, USER_EMAIL, false);
   }
 
+  @Test
+  public void provision_user_before_authentication() {
+    enablePlugin();
+    setUserCreatedByAuthPlugin(USER_LOGIN, USER_PROVIDER_ID, USER_NAME, USER_EMAIL);
+
+    // Provision none local user in database
+    newAdminWsClient(ORCHESTRATOR).users().create(CreateRequest.builder()
+      .setLogin(USER_LOGIN)
+      .setName(USER_NAME)
+      .setEmail(USER_EMAIL)
+      .setLocal(false)
+      .build());
+    assertThat(userRule.getUserByLogin(USER_LOGIN).get())
+      .extracting(Users.User::isLocal, Users.User::getExternalIdentity, Users.User::getExternalProvider)
+      .containsOnly(false, USER_LOGIN, "sonarqube");
+
+    // Authenticate with external system -> It will update external provider info
+    authenticateWithFakeAuthProvider();
+
+    assertThat(userRule.getUserByLogin(USER_LOGIN).get())
+      .extracting(Users.User::isLocal, Users.User::getExternalIdentity, Users.User::getExternalProvider)
+      .containsOnly(false, USER_PROVIDER_ID, FAKE_PROVIDER_KEY);
+  }
+
   private static void enablePlugin() {
     setServerProperty(ORCHESTRATOR, "sonar.auth.fake-base-id-provider.enabled", "true");
   }
@@ -284,7 +310,7 @@ public class BaseIdentityProviderTest {
 
   private static void authenticateWithFakeAuthProvider() {
     adminWsClient.wsConnector().call(
-      new GetRequest(("/sessions/init/" + FAKE_PROVIDER_KEY)))
+      new GetRequest("/sessions/init/" + FAKE_PROVIDER_KEY))
       .failIfNotSuccessful();
   }
 
diff --git a/it/it-tests/src/test/java/it/user/OAuth2IdentityProviderTest.java b/it/it-tests/src/test/java/it/user/OAuth2IdentityProviderTest.java
index 41dddd73041..89b2abe040e 100644
--- a/it/it-tests/src/test/java/it/user/OAuth2IdentityProviderTest.java
+++ b/it/it-tests/src/test/java/it/user/OAuth2IdentityProviderTest.java
@@ -35,7 +35,9 @@ import org.junit.Test;
 import org.sonarqube.ws.client.GetRequest;
 import org.sonarqube.ws.client.WsClient;
 import org.sonarqube.ws.client.WsResponse;
+import org.sonarqube.ws.client.user.CreateRequest;
 import util.user.UserRule;
+import util.user.Users;
 
 import static org.assertj.core.api.Assertions.assertThat;
 import static util.ItUtils.newAdminWsClient;
@@ -166,6 +168,30 @@ public class OAuth2IdentityProviderTest {
     assertThat(FileUtils.readFileToString(logFile)).doesNotContain("You can't sign up because email 'john@email.com' is already used by an existing user. This means that you probably already registered with another account");
   }
 
+  @Test
+  public void provision_user_before_authentication() {
+    simulateRedirectionToCallback();
+    enablePlugin();
+
+    // Provision none local user in database
+    newAdminWsClient(ORCHESTRATOR).users().create(CreateRequest.builder()
+      .setLogin(USER_LOGIN)
+      .setName(USER_NAME)
+      .setEmail(USER_EMAIL)
+      .setLocal(false)
+      .build());
+    assertThat(userRule.getUserByLogin(USER_LOGIN).get())
+      .extracting(Users.User::isLocal, Users.User::getExternalIdentity, Users.User::getExternalProvider)
+      .containsOnly(false, USER_LOGIN, "sonarqube");
+
+    // Authenticate with external system -> It will update external provider info
+    authenticateWithFakeAuthProvider();
+
+    assertThat(userRule.getUserByLogin(USER_LOGIN).get())
+      .extracting(Users.User::isLocal, Users.User::getExternalIdentity, Users.User::getExternalProvider)
+      .containsOnly(false, USER_PROVIDER_ID, FAKE_PROVIDER_KEY);
+  }
+
   private void authenticateWithFakeAuthProvider() {
     WsResponse response = adminWsClient.wsConnector().call(
       new GetRequest(("/sessions/init/" + FAKE_PROVIDER_KEY)));
diff --git a/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java b/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java
index 504842ce2c5..bbf78cb077e 100644
--- a/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java
+++ b/it/it-tests/src/test/java/it/user/RealmAuthenticationTest.java
@@ -38,16 +38,17 @@ import org.sonar.wsclient.connectors.HttpClient4Connector;
 import org.sonar.wsclient.services.AuthenticationQuery;
 import org.sonar.wsclient.user.UserParameters;
 import org.sonarqube.ws.client.GetRequest;
-import org.sonarqube.ws.client.HttpConnector;
-import org.sonarqube.ws.client.WsClient;
-import org.sonarqube.ws.client.WsClientFactories;
 import org.sonarqube.ws.client.WsResponse;
+import org.sonarqube.ws.client.user.CreateRequest;
 import util.user.UserRule;
+import util.user.Users;
 
 import static java.net.HttpURLConnection.HTTP_OK;
 import static java.net.HttpURLConnection.HTTP_UNAUTHORIZED;
 import static org.assertj.core.api.Assertions.assertThat;
 import static org.junit.Assert.fail;
+import static util.ItUtils.newAdminWsClient;
+import static util.ItUtils.newUserWsClient;
 import static util.ItUtils.pluginArtifact;
 import static util.ItUtils.setServerProperty;
 import static util.selenium.Selenese.runSelenese;
@@ -165,7 +166,6 @@ public class RealmAuthenticationTest {
     // Then
     verifyAuthenticationIsOk(login, password);
 
-
     // When external system does not work
     users.remove(login + ".password");
     updateUsersInExtAuth(users);
@@ -319,10 +319,31 @@ public class RealmAuthenticationTest {
     updateUsersInExtAuth(ImmutableMap.of(username + ".password", password));
 
     verifyAuthenticationIsOk(username, password);
-    ;
   }
 
-  protected void verifyHttpException(Exception e, int expectedCode) {
+  @Test
+  public void provision_user_before_authentication() {
+    newAdminWsClient(orchestrator).users().create(CreateRequest.builder()
+      .setLogin(USER_LOGIN)
+      .setName("Tester Testerovich")
+      .setEmail("tester@example.org")
+      .setLocal(false)
+      .build());
+    // The user is created in SonarQube but doesn't exist yet in external authentication system
+    verifyAuthenticationIsNotOk(USER_LOGIN, "123");
+
+    updateUsersInExtAuth(ImmutableMap.of(
+      USER_LOGIN + ".password", "123",
+      USER_LOGIN + ".name", "Tester Testerovich",
+      USER_LOGIN + ".email", "tester@example.org"));
+
+    verifyAuthenticationIsOk(USER_LOGIN, "123");
+    assertThat(USER_RULE.getUserByLogin(USER_LOGIN).get())
+      .extracting(Users.User::isLocal, Users.User::getExternalIdentity, Users.User::getExternalProvider)
+      .containsOnly(false, USER_LOGIN, "sonarqube");
+  }
+
+  private void verifyHttpException(Exception e, int expectedCode) {
     assertThat(e).isInstanceOf(HttpException.class);
     HttpException exception = (HttpException) e;
     assertThat(exception.status()).isEqualTo(expectedCode);
@@ -377,9 +398,8 @@ public class RealmAuthenticationTest {
   }
 
   private WsResponse checkAuthenticationWithWebService(String login, String password) {
-    WsClient wsClient = WsClientFactories.getDefault().newClient(HttpConnector.newBuilder().url(orchestrator.getServer().getUrl()).credentials(login, password).build());
     // Call any WS
-    return wsClient.wsConnector().call(new GetRequest("api/rules/search"));
+    return newUserWsClient(orchestrator, login, password).wsConnector().call(new GetRequest("api/rules/search"));
   }
 
 }
diff --git a/it/it-tests/src/test/java/util/user/Users.java b/it/it-tests/src/test/java/util/user/Users.java
index 965815fca21..3848d18176d 100644
--- a/it/it-tests/src/test/java/util/user/Users.java
+++ b/it/it-tests/src/test/java/util/user/Users.java
@@ -43,15 +43,20 @@ public class Users {
     private final String login;
     private final String name;
     private final String email;
+    private final String externalIdentity;
+    private final String externalProvider;
     private final List<String> groups;
     private final List<String> scmAccounts;
     private final boolean active;
     private final boolean local;
     private int tokensCount;
 
-    private User(String login, String name, String email, List<String> groups, List<String> scmAccounts, boolean active, boolean local, int tokensCount) {
+    private User(String login, String name, String email, String externalIdentity, String externalProvider, List<String> groups, List<String> scmAccounts,
+                 boolean active, boolean local, int tokensCount) {
       this.login = login;
       this.name = name;
+      this.externalIdentity = externalIdentity;
+      this.externalProvider = externalProvider;
       this.email = email;
       this.groups = groups;
       this.scmAccounts = scmAccounts;
@@ -91,7 +96,13 @@ public class Users {
     public int getTokensCount() {
       return tokensCount;
     }
-  }
-}
 
+    public String getExternalIdentity() {
+      return externalIdentity;
+    }
 
+    public String getExternalProvider() {
+      return externalProvider;
+    }
+  }
+}
author	Julien Lancelot <julien.lancelot@sonarsource.com>	2017-02-02 17:00:22 +0100
committer	Julien Lancelot <julien.lancelot@sonarsource.com>	2017-02-03 11:59:06 +0100
commit	9c20e9ec5ded65dbe2f63ae9e0eb93a61eb50cb0 (patch)
tree	1e7f57af123d5ed709824986d8c018aa2e772aa4 /it/it-tests
parent	c33ccac8f6ada16178b90a905e6192980462a582 (diff)
download	sonarqube-9c20e9ec5ded65dbe2f63ae9e0eb93a61eb50cb0.tar.gz sonarqube-9c20e9ec5ded65dbe2f63ae9e0eb93a61eb50cb0.zip