diff options
author | Zipeng WU <zipeng.wu@sonarsource.com> | 2021-03-23 08:32:29 +0100 |
---|---|---|
committer | sonartech <sonartech@sonarsource.com> | 2021-04-15 20:03:44 +0000 |
commit | 8b518c6bccb19f5416991dd05b0924ddd0838526 (patch) | |
tree | a78a21e78c20d769db312223a3aa102dc904e549 /server/sonar-webserver-api | |
parent | a3ae9a82c4f2b99e68a2bc837b8fa318e7d410a1 (diff) | |
download | sonarqube-8b518c6bccb19f5416991dd05b0924ddd0838526.tar.gz sonarqube-8b518c6bccb19f5416991dd05b0924ddd0838526.zip |
SONAR-14606 make consent required when startup with external plugins
Diffstat (limited to 'server/sonar-webserver-api')
2 files changed, 211 insertions, 0 deletions
diff --git a/server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java b/server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java new file mode 100644 index 00000000000..8bb031476d8 --- /dev/null +++ b/server/sonar-webserver-api/src/main/java/org/sonar/server/plugins/PluginConsentVerifier.java @@ -0,0 +1,73 @@ +/* + * SonarQube + * Copyright (C) 2009-2021 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.server.plugins; + +import java.util.Optional; + +import org.picocontainer.Startable; +import org.sonar.core.extension.PluginRiskConsent; +import org.sonar.db.DbClient; +import org.sonar.db.DbSession; +import org.sonar.db.property.PropertyDto; + +import static org.sonar.core.config.CorePropertyDefinitions.PLUGINS_RISK_CONSENT; +import static org.sonar.core.extension.PluginRiskConsent.NOT_ACCEPTED; +import static org.sonar.core.extension.PluginRiskConsent.REQUIRED; + +public class PluginConsentVerifier implements Startable { + private final ServerPluginRepository pluginRepository; + private final DbClient dbClient; + + public PluginConsentVerifier(ServerPluginRepository pluginRepository, DbClient dbClient) { + this.pluginRepository = pluginRepository; + this.dbClient = dbClient; + } + + @Override + public void start() { + boolean hasExternalPlugins = pluginRepository.getPlugins().stream().anyMatch(plugin -> plugin.getType().equals(PluginType.EXTERNAL)); + try (DbSession session = dbClient.openSession(false)) { + PropertyDto property = Optional.ofNullable(dbClient.propertiesDao().selectGlobalProperty(session, PLUGINS_RISK_CONSENT)) + .orElse(defaultPluginRiskConsentProperty()); + if (hasExternalPlugins && NOT_ACCEPTED == PluginRiskConsent.valueOf(property.getValue())) { + property.setValue(REQUIRED.name()); + dbClient.propertiesDao().saveProperty(session, property); + session.commit(); + } else if (!hasExternalPlugins && REQUIRED == PluginRiskConsent.valueOf(property.getValue())) { + property.setValue(NOT_ACCEPTED.name()); + dbClient.propertiesDao().saveProperty(session, property); + session.commit(); + } + } + } + + private static PropertyDto defaultPluginRiskConsentProperty() { + PropertyDto property = new PropertyDto(); + property.setKey(PLUGINS_RISK_CONSENT); + property.setValue(NOT_ACCEPTED.name()); + return property; + } + + @Override + public void stop() { + // Nothing to do + } + +} diff --git a/server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java b/server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java new file mode 100644 index 00000000000..e77d71e7936 --- /dev/null +++ b/server/sonar-webserver-api/src/test/java/org/sonar/server/plugins/PluginConsentVerifierTest.java @@ -0,0 +1,138 @@ +/* + * SonarQube + * Copyright (C) 2009-2021 SonarSource SA + * mailto:info AT sonarsource DOT com + * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 3 of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public License + * along with this program; if not, write to the Free Software Foundation, + * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. + */ +package org.sonar.server.plugins; + +import org.junit.Rule; +import org.junit.Test; +import org.sonar.api.utils.System2; +import org.sonar.core.extension.PluginRiskConsent; +import org.sonar.db.DbClient; +import org.sonar.db.DbTester; +import org.sonar.db.property.PropertyDto; + +import static java.util.Arrays.asList; +import static org.assertj.core.api.Assertions.assertThat; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.when; +import static org.sonar.core.config.CorePropertyDefinitions.PLUGINS_RISK_CONSENT; +import static org.sonar.core.extension.PluginRiskConsent.ACCEPTED; +import static org.sonar.core.extension.PluginRiskConsent.NOT_ACCEPTED; +import static org.sonar.core.extension.PluginRiskConsent.REQUIRED; +import static org.sonar.server.plugins.PluginType.BUNDLED; +import static org.sonar.server.plugins.PluginType.EXTERNAL; + +public class PluginConsentVerifierTest { + @Rule + public DbTester db = DbTester.create(System2.INSTANCE); + + private DbClient dbClient = db.getDbClient(); + private ServerPluginRepository pluginRepository = mock(ServerPluginRepository.class); + private PluginConsentVerifier underTest = new PluginConsentVerifier(pluginRepository, dbClient); + + @Test + public void require_consent_when_exist_external_plugins_and_not_accepted() { + setupExternalPluginConsent(NOT_ACCEPTED); + setupExternalPlugin(); + + underTest.start(); + + assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) + .extracting(PropertyDto::getValue) + .isEqualTo(REQUIRED.name()); + } + + @Test + public void require_consent_when_exist_external_plugins_and_consent_property_not_exist() { + setupExternalPlugin(); + + underTest.start(); + + assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) + .extracting(PropertyDto::getValue) + .isEqualTo(REQUIRED.name()); + } + + @Test + public void consent_does_not_change_when_value_is_accepted() { + setupExternalPluginConsent(ACCEPTED); + setupExternalPlugin(); + + underTest.start(); + + assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) + .extracting(PropertyDto::getValue) + .isEqualTo(ACCEPTED.name()); + } + + @Test + public void consent_does_not_change_when_value_is_required() { + setupExternalPluginConsent(REQUIRED); + setupExternalPlugin(); + + underTest.start(); + + assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) + .extracting(PropertyDto::getValue) + .isEqualTo(REQUIRED.name()); + } + + @Test + public void consent_should_be_not_accepted_when_there_is_no_external_plugin_and_never_been_accepted() { + setupExternalPluginConsent(REQUIRED); + setupBundledPlugin(); + + underTest.start(); + + assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) + .extracting(PropertyDto::getValue) + .isEqualTo(NOT_ACCEPTED.name()); + } + + @Test + public void do_nothing_when_there_is_no_external_plugin() { + setupExternalPluginConsent(NOT_ACCEPTED); + setupBundledPlugin(); + + underTest.start(); + + assertThat(dbClient.propertiesDao().selectGlobalProperty(PLUGINS_RISK_CONSENT)) + .extracting(PropertyDto::getValue) + .isEqualTo(NOT_ACCEPTED.name()); + } + + private void setupExternalPluginConsent(PluginRiskConsent pluginRiskConsent) { + dbClient.propertiesDao().saveProperty(new PropertyDto() + .setKey(PLUGINS_RISK_CONSENT) + .setValue(pluginRiskConsent.name())); + } + + private void setupExternalPlugin() { + ServerPlugin plugin = mock(ServerPlugin.class); + when(plugin.getType()).thenReturn(EXTERNAL); + when(pluginRepository.getPlugins()).thenReturn(asList(plugin)); + } + + private void setupBundledPlugin() { + ServerPlugin plugin = mock(ServerPlugin.class); + when(plugin.getType()).thenReturn(BUNDLED); + when(pluginRepository.getPlugins()).thenReturn(asList(plugin)); + } + +} |