Automatic merge from branch-6.0

* origin/branch-6.0:
  do not display 0 on overview page when no profiles
  SONAR-7492 display rating tooltips on measures page
  Improve Authentication ITs
  SONAR-7761 Restore error in login page when not even privilege
  [maven-release-plugin] prepare for next development iteration
  [maven-release-plugin] prepare release 6.0-RC1

4 files changed, 178 insertions, 59 deletions

diff --git a/it/it-tests/src/test/java/it/user/ForceAuthenticationTest.java b/it/it-tests/src/test/java/it/user/ForceAuthenticationTest.java
index 58788abf9bf..f0b9c074d4d 100644
--- a/it/it-tests/src/test/java/it/user/ForceAuthenticationTest.java
+++ b/it/it-tests/src/test/java/it/user/ForceAuthenticationTest.java
@@ -21,21 +21,20 @@ package it.user;
 
 import com.sonar.orchestrator.Orchestrator;
 import it.Category4Suite;
-import java.io.IOException;
-import org.apache.http.HttpResponse;
-import org.apache.http.client.HttpClient;
-import org.apache.http.client.methods.HttpGet;
-import org.apache.http.impl.client.DefaultHttpClient;
-import org.apache.http.util.EntityUtils;
+import org.junit.AfterClass;
+import org.junit.BeforeClass;
 import org.junit.ClassRule;
 import org.junit.Test;
 import org.junit.experimental.categories.Category;
-import org.sonar.wsclient.base.HttpException;
-import org.sonar.wsclient.services.PropertyDeleteQuery;
-import org.sonar.wsclient.services.PropertyUpdateQuery;
+import org.sonarqube.ws.client.GetRequest;
+import org.sonarqube.ws.client.WsClient;
+import org.sonarqube.ws.client.WsResponse;
 import util.QaOnly;
 
 import static org.assertj.core.api.Assertions.assertThat;
+import static util.ItUtils.newAdminWsClient;
+import static util.ItUtils.newWsClient;
+import static util.ItUtils.setServerProperty;
 
 @Category(QaOnly.class)
 public class ForceAuthenticationTest {
@@ -43,48 +42,43 @@ public class ForceAuthenticationTest {
   @ClassRule
   public static final Orchestrator orchestrator = Category4Suite.ORCHESTRATOR;
 
-  /**
-   * SONAR-5542
-   */
-  @Test
-  public void force_authentication_should_be_used_on_java_web_services_but_not_on_batch_index_and_file() throws IOException {
-    try {
-      orchestrator.getServer().getAdminWsClient().update(new PropertyUpdateQuery("sonar.forceAuthentication", "true"));
+  static WsClient wsClient;
+  static WsClient adminWsClient;
 
-      // /batch/index should never need authentication
-      String batchIndex = orchestrator.getServer().wsClient().get("/batch/index");
-      assertThat(batchIndex).isNotEmpty();
+  @BeforeClass
+  public static void setUp() throws Exception {
+    setServerProperty(orchestrator, "sonar.forceAuthentication", "true");
+    wsClient = newWsClient(orchestrator);
+    adminWsClient = newAdminWsClient(orchestrator);
+  }
 
-      String jar = batchIndex.split("\\|")[0];
+  @AfterClass
+  public static void tearDown() throws Exception {
+    setServerProperty(orchestrator, "sonar.forceAuthentication", null);
+  }
 
-      // /batch/file should never need authentication
-      HttpClient httpclient = new DefaultHttpClient();
-      try {
-        HttpGet get = new HttpGet(orchestrator.getServer().getUrl() + "/batch/file?name=" + jar);
-        HttpResponse response = httpclient.execute(get);
-        assertThat(response.getStatusLine().getStatusCode()).isEqualTo(200);
-        EntityUtils.consume(response.getEntity());
+  @Test
+  public void batch_ws_does_not_require_authentication() throws Exception {
+    WsResponse batchIndex = wsClient.wsConnector().call(new GetRequest("/batch/index")).failIfNotSuccessful();
+    String batchIndexContent = batchIndex.content();
 
-        // As Sonar runner is still using /batch/key, we have to also verify it
-        get = new HttpGet(orchestrator.getServer().getUrl() + "/batch/" + jar);
-        response = httpclient.execute(get);
-        assertThat(response.getStatusLine().getStatusCode()).isEqualTo(200);
-        EntityUtils.consume(response.getEntity());
+    assertThat(batchIndexContent).isNotEmpty();
+    String jar = batchIndexContent.split("\\|")[0];
 
-      } finally {
-        httpclient.getConnectionManager().shutdown();
-      }
+    assertThat(wsClient.wsConnector().call(
+      new GetRequest("/batch/file").setParam("name", jar)).failIfNotSuccessful().contentStream()).isNotNull();
 
-      // but other java web services should need authentication
-      try {
-        orchestrator.getServer().wsClient().get("/api");
-      } catch (HttpException e) {
-        assertThat(e.getMessage()).contains("401");
-      }
+    // As sonar-runner is still using deprecated /batch/key, we have to also verify it
+    assertThat(wsClient.wsConnector().call(new GetRequest("/batch/" + jar)).failIfNotSuccessful().contentStream()).isNotNull();
+  }
+
+  @Test
+  public void other_ws_require_authentication() throws Exception {
+    assertThat(wsClient.wsConnector().call(new GetRequest("/api/issues/search")).code()).isEqualTo(401);
+    assertThat(adminWsClient.wsConnector().call(new GetRequest("/api/issues/search")).code()).isEqualTo(200);
 
-    } finally {
-      orchestrator.getServer().getAdminWsClient().delete(new PropertyDeleteQuery("sonar.forceAuthentication"));
-    }
+    assertThat(wsClient.wsConnector().call(new GetRequest("/api/rules/search")).code()).isEqualTo(401);
+    assertThat(adminWsClient.wsConnector().call(new GetRequest("/api/rules/search")).code()).isEqualTo(200);
   }
 
 }
diff --git a/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java b/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java
index 83019aecd2f..8026250318b 100644
--- a/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java
+++ b/it/it-tests/src/test/java/it/user/LocalAuthenticationTest.java
@@ -86,6 +86,8 @@ public class LocalAuthenticationTest {
     userRule.createUser(LOGIN, "123456");
     addUserPermission(LOGIN, "admin");
     addUserPermission(LOGIN, "scan");
+
+    userRule.createUser("simple-user", "password");
   }
 
   @AfterClass
@@ -204,18 +206,18 @@ public class LocalAuthenticationTest {
     new SeleneseTest(Selenese.builder().setHtmlTestsInClasspath("authentication",
       "/user/LocalAuthenticationTest/login_successful.html",
       "/user/LocalAuthenticationTest/login_wrong_password.html",
+      "/user/LocalAuthenticationTest/should_not_be_unlogged_when_going_to_login_page.html",
+      "/user/LocalAuthenticationTest/redirect_to_login_when_not_enough_privilege.html",
       // SONAR-2132
       "/user/LocalAuthenticationTest/redirect_to_original_url_after_direct_login.html",
       // SONAR-2009
-      "/user/LocalAuthenticationTest/redirect_to_original_url_after_indirect_login.html"
-      ).build()).runOn(ORCHESTRATOR);
+      "/user/LocalAuthenticationTest/redirect_to_original_url_after_indirect_login.html").build()).runOn(ORCHESTRATOR);
 
     setServerProperty(ORCHESTRATOR, "sonar.forceAuthentication", "true");
 
     new SeleneseTest(Selenese.builder().setHtmlTestsInClasspath("force-authentication",
       // SONAR-3473
-      "/user/LocalAuthenticationTest/force-authentication.html"
-      ).build()).runOn(ORCHESTRATOR);
+      "/user/LocalAuthenticationTest/force-authentication.html").build()).runOn(ORCHESTRATOR);
   }
 
   @Test
@@ -238,19 +240,19 @@ public class LocalAuthenticationTest {
    */
   @Test
   public void authentication_with_any_ws() throws Exception {
-    assertThat(checkAuthenticationWithAnyWebService("admin", "admin").code()).isEqualTo(200);
-    assertThat(checkAuthenticationWithAnyWebService("wrong", "admin").code()).isEqualTo(401);
-    assertThat(checkAuthenticationWithAnyWebService("admin", "wrong").code()).isEqualTo(401);
-    assertThat(checkAuthenticationWithAnyWebService("admin", null).code()).isEqualTo(401);
-    assertThat(checkAuthenticationWithAnyWebService(null, null).code()).isEqualTo(200);
+    assertThat(checkAuthenticationWithAnyWS("admin", "admin").code()).isEqualTo(200);
+    assertThat(checkAuthenticationWithAnyWS("wrong", "admin").code()).isEqualTo(401);
+    assertThat(checkAuthenticationWithAnyWS("admin", "wrong").code()).isEqualTo(401);
+    assertThat(checkAuthenticationWithAnyWS("admin", null).code()).isEqualTo(401);
+    assertThat(checkAuthenticationWithAnyWS(null, null).code()).isEqualTo(200);
 
     setServerProperty(ORCHESTRATOR, "sonar.forceAuthentication", "true");
 
-    assertThat(checkAuthenticationWithAnyWebService("admin", "admin").code()).isEqualTo(200);
-    assertThat(checkAuthenticationWithAnyWebService("wrong", "admin").code()).isEqualTo(401);
-    assertThat(checkAuthenticationWithAnyWebService("admin", "wrong").code()).isEqualTo(401);
-    assertThat(checkAuthenticationWithAnyWebService("admin", null).code()).isEqualTo(401);
-    assertThat(checkAuthenticationWithAnyWebService(null, null).code()).isEqualTo(401);
+    assertThat(checkAuthenticationWithAnyWS("admin", "admin").code()).isEqualTo(200);
+    assertThat(checkAuthenticationWithAnyWS("wrong", "admin").code()).isEqualTo(401);
+    assertThat(checkAuthenticationWithAnyWS("admin", "wrong").code()).isEqualTo(401);
+    assertThat(checkAuthenticationWithAnyWS("admin", null).code()).isEqualTo(401);
+    assertThat(checkAuthenticationWithAnyWS(null, null).code()).isEqualTo(401);
   }
 
   private boolean checkAuthenticationWithAuthenticateWebService(String login, String password) {
@@ -258,7 +260,7 @@ public class LocalAuthenticationTest {
     return result.contains("{\"valid\":true}");
   }
 
-  private WsResponse checkAuthenticationWithAnyWebService(String login, String password) {
+  private WsResponse checkAuthenticationWithAnyWS(String login, String password) {
     WsClient wsClient = WsClientFactories.getDefault().newClient(HttpConnector.newBuilder().url(ORCHESTRATOR.getServer().getUrl()).credentials(login, password).build());
     // Call any WS
     return wsClient.wsConnector().call(new GetRequest("api/rules/search"));
diff --git a/it/it-tests/src/test/resources/user/LocalAuthenticationTest/redirect_to_login_when_not_enough_privilege.html b/it/it-tests/src/test/resources/user/LocalAuthenticationTest/redirect_to_login_when_not_enough_privilege.html
new file mode 100644
index 00000000000..3fbb9ddb8ac
--- /dev/null
+++ b/it/it-tests/src/test/resources/user/LocalAuthenticationTest/redirect_to_login_when_not_enough_privilege.html
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+  <title>redirect-to-original-url-after-direct-login</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+  <tbody>
+  <tr>
+	<td>open</td>
+	<td>/sessions/new</td>
+	<td></td>
+</tr>
+<tr>
+	<td>waitForText</td>
+	<td>content</td>
+	<td>*Log In to SonarQube*</td>
+</tr>
+<tr>
+	<td>type</td>
+	<td>id=login</td>
+	<td>simple-user</td>
+</tr>
+<tr>
+	<td>type</td>
+	<td>id=password</td>
+	<td>password</td>
+</tr>
+<tr>
+	<td>clickAndWait</td>
+	<td>commit</td>
+	<td></td>
+</tr>
+<tr>
+	<td>waitForElementPresent</td>
+	<td>css=.js-user-authenticated</td>
+	<td></td>
+</tr>
+<tr>
+	<td>open</td>
+	<td>/settings</td>
+	<td></td>
+</tr>
+<tr>
+	<td>waitForText</td>
+	<td>content</td>
+	<td>*Log In to SonarQube*</td>
+</tr>
+<tr>
+	<td>assertText</td>
+	<td>content</td>
+	<td>*You are not authorized to access this page. Please log in with more privileges and try again.*</td>
+</tr>
+</tbody>
+</table>
+</body>
+</html>
diff --git a/it/it-tests/src/test/resources/user/LocalAuthenticationTest/should_not_be_unlogged_when_going_to_login_page.html b/it/it-tests/src/test/resources/user/LocalAuthenticationTest/should_not_be_unlogged_when_going_to_login_page.html
new file mode 100644
index 00000000000..66a0ab89a51
--- /dev/null
+++ b/it/it-tests/src/test/resources/user/LocalAuthenticationTest/should_not_be_unlogged_when_going_to_login_page.html
@@ -0,0 +1,64 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+<head profile="http://selenium-ide.openqa.org/profiles/test-case">
+  <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
+  <title>redirect-to-original-url-after-direct-login</title>
+</head>
+<body>
+<table cellpadding="1" cellspacing="1" border="1">
+  <tbody>
+  <tr>
+	<td>open</td>
+	<td>/sessions/new</td>
+	<td></td>
+</tr>
+<tr>
+	<td>waitForText</td>
+	<td>content</td>
+	<td>*Log In to SonarQube*</td>
+</tr>
+<tr>
+	<td>type</td>
+	<td>id=login</td>
+	<td>simple-user</td>
+</tr>
+<tr>
+	<td>type</td>
+	<td>id=password</td>
+	<td>password</td>
+</tr>
+<tr>
+	<td>clickAndWait</td>
+	<td>commit</td>
+	<td></td>
+</tr>
+<tr>
+	<td>waitForElementPresent</td>
+	<td>css=.js-user-authenticated</td>
+	<td></td>
+</tr>
+<tr>
+	<td>open</td>
+	<td>/sessions/new</td>
+	<td></td>
+</tr>
+<tr>
+	<td>waitForText</td>
+	<td>content</td>
+	<td>*Log In to SonarQube*</td>
+</tr>
+<tr>
+	<td>open</td>
+	<td>/</td>
+	<td></td>
+</tr>
+<tr>
+	<td>waitForText</td>
+	<td>css=.js-user-authenticated</td>
+	<td>*simple-user*</td>
+</tr>
+</tbody>
+</table>
+</body>
+</html>