aboutsummaryrefslogtreecommitdiffstats
path: root/server/sonar-webserver-auth
diff options
context:
space:
mode:
authorAurelien Poscia <aurelien.poscia@sonarsource.com>2023-10-04 11:18:45 +0200
committersonartech <sonartech@sonarsource.com>2023-10-05 20:02:47 +0000
commit5410c2b5221ad4a93346fe48b36a0eaf66ee40f4 (patch)
tree1dbe24822b0c4f75d6d97dbeeb1491253e1f3261 /server/sonar-webserver-auth
parent50039e6c422bb7e2ced8fe20e37be5314ce43e34 (diff)
downloadsonarqube-5410c2b5221ad4a93346fe48b36a0eaf66ee40f4.tar.gz
sonarqube-5410c2b5221ad4a93346fe48b36a0eaf66ee40f4.zip
SONAR-20630 Discriminate between UI and API calls for projects creation
Diffstat (limited to 'server/sonar-webserver-auth')
-rw-r--r--server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java3
-rw-r--r--server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java1
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/BaseContextFactory.java2
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/OAuth2ContextFactory.java2
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/RequestAuthenticatorImpl.java3
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java5
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java5
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java5
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java9
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java5
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java2
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java2
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactory.java2
-rw-r--r--server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactoryImpl.java6
-rw-r--r--server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/RequestAuthenticatorImplTest.java37
-rw-r--r--server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java1
-rw-r--r--server/sonar-webserver-auth/src/test/java/org/sonar/server/user/DoPrivilegedTest.java1
-rw-r--r--server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java5
-rw-r--r--server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java1
-rw-r--r--server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java2
-rw-r--r--server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AnonymousMockUserSession.java10
-rw-r--r--server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/MockUserSession.java11
-rw-r--r--server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java16
-rw-r--r--server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java7
24 files changed, 122 insertions, 21 deletions
diff --git a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java
index e7e6c7fed36..f42132423b9 100644
--- a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java
+++ b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/ServerUserSessionIT.java
@@ -58,6 +58,7 @@ public class ServerUserSessionIT {
assertThat(session.getLogin()).isNull();
assertThat(session.getUuid()).isNull();
assertThat(session.isLoggedIn()).isFalse();
+ assertThat(session.isAuthenticatedBrowserSession()).isFalse();
}
@Test
@@ -804,7 +805,7 @@ public class ServerUserSessionIT {
}
private ServerUserSession newUserSession(@Nullable UserDto userDto) {
- return new ServerUserSession(dbClient, userDto);
+ return new ServerUserSession(dbClient, userDto, false);
}
private ServerUserSession newAnonymousSession() {
diff --git a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java
index 3d172a3086a..f492b07993f 100644
--- a/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java
+++ b/server/sonar-webserver-auth/src/it/java/org/sonar/server/user/TokenUserSessionIT.java
@@ -55,6 +55,7 @@ public class TokenUserSessionIT {
assertThat(userSession.getUserToken().getName()).isEqualTo("User Token");
assertThat(userSession.getUserToken().getUserUuid()).isEqualTo("userUid");
assertThat(userSession.getUserToken().getType()).isEqualTo("USER_TOKEN");
+ assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
}
@Test
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/BaseContextFactory.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/BaseContextFactory.java
index 890c110e0e0..862bf301f97 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/BaseContextFactory.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/BaseContextFactory.java
@@ -99,7 +99,7 @@ public class BaseContextFactory {
.setSource(Source.external(identityProvider))
.build());
jwtHttpHandler.generateToken(userDto, request, response);
- threadLocalUserSession.set(userSessionFactory.create(userDto));
+ threadLocalUserSession.set(userSessionFactory.create(userDto, true));
}
}
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/OAuth2ContextFactory.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/OAuth2ContextFactory.java
index 7fc0db4073c..361bb501abb 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/OAuth2ContextFactory.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/OAuth2ContextFactory.java
@@ -156,7 +156,7 @@ public class OAuth2ContextFactory {
.setSource(AuthenticationEvent.Source.oauth2(identityProvider))
.build());
jwtHttpHandler.generateToken(userDto, request, response);
- threadLocalUserSession.set(userSessionFactory.create(userDto));
+ threadLocalUserSession.set(userSessionFactory.create(userDto, true));
}
}
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/RequestAuthenticatorImpl.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/RequestAuthenticatorImpl.java
index 861c14d6d0b..137c77c2f5b 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/RequestAuthenticatorImpl.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/RequestAuthenticatorImpl.java
@@ -70,7 +70,8 @@ public class RequestAuthenticatorImpl implements RequestAuthenticator {
if (TOKEN.equals(userAuthResult.getAuthType())) {
return userSessionFactory.create(userAuthResult.getUserDto(), userAuthResult.getTokenDto());
}
- return userSessionFactory.create(userAuthResult.getUserDto());
+ boolean isAuthenticatedBrowserSession = JWT.equals(userAuthResult.getAuthType());
+ return userSessionFactory.create(userAuthResult.getUserDto(), isAuthenticatedBrowserSession);
} else if (GITHUB_WEBHOOK.equals(userAuthResult.getAuthType())) {
return userSessionFactory.createGithubWebhookUserSession();
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java
index 574241488ea..6c3815c0bff 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/authentication/SafeModeUserSession.java
@@ -108,4 +108,9 @@ public class SafeModeUserSession extends AbstractUserSession {
public boolean isActive() {
return false;
}
+
+ @Override
+ public boolean isAuthenticatedBrowserSession() {
+ return false;
+ }
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java
index b7c9b3b8fb9..c77ad3e29c9 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/DoPrivileged.java
@@ -148,6 +148,11 @@ public final class DoPrivileged {
return true;
}
+ @Override
+ public boolean isAuthenticatedBrowserSession() {
+ return false;
+ }
+
}
private void start() {
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java
index a145e270002..b38194d91ba 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/GithubWebhookUserSession.java
@@ -81,6 +81,11 @@ public class GithubWebhookUserSession extends AbstractUserSession {
}
@Override
+ public boolean isAuthenticatedBrowserSession() {
+ return false;
+ }
+
+ @Override
protected boolean hasPermissionImpl(GlobalPermission permission) {
return false;
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
index 75e1a4826d1..00d6b657fe5 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ServerUserSession.java
@@ -62,6 +62,7 @@ public class ServerUserSession extends AbstractUserSession {
@CheckForNull
private final UserDto userDto;
+ private final boolean isAuthenticatedBrowserSession;
private final DbClient dbClient;
private final Map<String, String> entityUuidByComponentUuid = new HashMap<>();
private final Map<String, Set<String>> permissionsByEntityUuid = new HashMap<>();
@@ -70,9 +71,10 @@ public class ServerUserSession extends AbstractUserSession {
private Boolean isSystemAdministrator;
private Set<GlobalPermission> permissions;
- public ServerUserSession(DbClient dbClient, @Nullable UserDto userDto) {
+ public ServerUserSession(DbClient dbClient, @Nullable UserDto userDto, boolean isAuthenticatedBrowserSession) {
this.dbClient = dbClient;
this.userDto = userDto;
+ this.isAuthenticatedBrowserSession = isAuthenticatedBrowserSession;
}
private Collection<GroupDto> loadGroups() {
@@ -400,6 +402,11 @@ public class ServerUserSession extends AbstractUserSession {
return userDto.isActive();
}
+ @Override
+ public boolean isAuthenticatedBrowserSession() {
+ return isAuthenticatedBrowserSession;
+ }
+
private boolean loadIsSystemAdministrator() {
return hasPermission(GlobalPermission.ADMINISTER);
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
index b4493f22ec3..ade0910f945 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/ThreadLocalUserSession.java
@@ -169,6 +169,11 @@ public class ThreadLocalUserSession implements UserSession {
}
@Override
+ public boolean isAuthenticatedBrowserSession() {
+ return get().isAuthenticatedBrowserSession();
+ }
+
+ @Override
public boolean hasComponentPermission(String permission, ComponentDto component) {
return get().hasComponentPermission(permission, component);
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java
index b33a5909a25..bea57034229 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/TokenUserSession.java
@@ -34,7 +34,7 @@ public class TokenUserSession extends ServerUserSession {
private final UserTokenDto userToken;
public TokenUserSession(DbClient dbClient, UserDto user, UserTokenDto userToken) {
- super(dbClient, user);
+ super(dbClient, user, false);
this.userToken = userToken;
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
index d5d8f083036..57f0832dd40 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSession.java
@@ -227,4 +227,6 @@ public interface UserSession {
UserSession checkIsSystemAdministrator();
boolean isActive();
+
+ boolean isAuthenticatedBrowserSession();
}
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactory.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactory.java
index 8b37dc67f82..a1a808a3cf1 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactory.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactory.java
@@ -26,7 +26,7 @@ import org.sonar.db.user.UserTokenDto;
@ServerSide
public interface UserSessionFactory {
- UserSession create(UserDto user);
+ UserSession create(UserDto user, boolean isAuthenticatedGuiSession);
UserSession create(UserDto user, UserTokenDto userToken);
diff --git a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactoryImpl.java b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactoryImpl.java
index e9789bfeb6b..997e145a2bf 100644
--- a/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactoryImpl.java
+++ b/server/sonar-webserver-auth/src/main/java/org/sonar/server/user/UserSessionFactoryImpl.java
@@ -39,10 +39,10 @@ public class UserSessionFactoryImpl implements UserSessionFactory {
}
@Override
- public ServerUserSession create(UserDto user) {
+ public ServerUserSession create(UserDto user, boolean isAuthenticatedGuiSession) {
requireNonNull(user, "UserDto must not be null");
userLastConnectionDatesUpdater.updateLastConnectionDateIfNeeded(user);
- return new ServerUserSession(dbClient, user);
+ return new ServerUserSession(dbClient, user, isAuthenticatedGuiSession);
}
@Override
@@ -60,6 +60,6 @@ public class UserSessionFactoryImpl implements UserSessionFactory {
@Override
public ServerUserSession createAnonymous() {
- return new ServerUserSession(dbClient, null);
+ return new ServerUserSession(dbClient, null, false);
}
}
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/RequestAuthenticatorImplTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/RequestAuthenticatorImplTest.java
index e4dcfb40ce3..e6d16b99631 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/RequestAuthenticatorImplTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/RequestAuthenticatorImplTest.java
@@ -22,6 +22,7 @@ package org.sonar.server.authentication;
import java.util.Optional;
import org.junit.Before;
import org.junit.Test;
+import org.mockito.stubbing.Answer;
import org.sonar.api.server.http.HttpRequest;
import org.sonar.api.server.http.HttpResponse;
import org.sonar.db.user.UserDto;
@@ -34,7 +35,9 @@ import org.sonar.server.user.UserSessionFactory;
import org.sonar.server.usertoken.UserTokenAuthentication;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.ArgumentMatchers.anyBoolean;
import static org.mockito.ArgumentMatchers.anyInt;
+import static org.mockito.ArgumentMatchers.eq;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.never;
import static org.mockito.Mockito.verify;
@@ -62,7 +65,16 @@ public class RequestAuthenticatorImplTest {
@Before
public void setUp() {
- when(sessionFactory.create(A_USER)).thenReturn(new MockUserSession(A_USER));
+ when(sessionFactory.create(eq(A_USER), anyBoolean())).thenAnswer((Answer<UserSession>) invocation -> {
+ MockUserSession mockUserSession = new MockUserSession(A_USER);
+ Boolean isAuthenticatedBrowserSession = invocation.getArgument(1, Boolean.class);
+ if (isAuthenticatedBrowserSession) {
+ mockUserSession.flagAsBrowserSession();
+ }
+ return mockUserSession;
+ })
+
+ .thenReturn(new MockUserSession(A_USER));
when(sessionFactory.create(A_USER, A_USER_TOKEN)).thenReturn(new MockUserSession(A_USER));
when(sessionFactory.createAnonymous()).thenReturn(new AnonymousMockUserSession());
when(sessionFactory.createGithubWebhookUserSession()).thenReturn(githubWebhookMockUserSession);
@@ -73,7 +85,10 @@ public class RequestAuthenticatorImplTest {
when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.empty());
when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.of(A_USER));
- assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+ UserSession userSession = underTest.authenticate(request, response);
+ assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+ assertThat(userSession.isAuthenticatedBrowserSession()).isTrue();
+
verify(response, never()).setStatus(anyInt());
}
@@ -83,7 +98,9 @@ public class RequestAuthenticatorImplTest {
when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
when(githubWebhookAuthentication.authenticate(request)).thenReturn(Optional.of(UserAuthResult.withGithubWebhook()));
- assertThat(underTest.authenticate(request, response)).isInstanceOf(GithubWebhookUserSession.class);
+ UserSession userSession = underTest.authenticate(request, response);
+ assertThat(userSession).isInstanceOf(GithubWebhookUserSession.class);
+ assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
verify(response, never()).setStatus(anyInt());
}
@@ -93,7 +110,9 @@ public class RequestAuthenticatorImplTest {
when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.empty());
when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
- assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+ UserSession userSession = underTest.authenticate(request, response);
+ assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+ assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
verify(jwtHttpHandler).validateToken(request, response);
verify(basicAuthentication).authenticate(request);
@@ -108,7 +127,9 @@ public class RequestAuthenticatorImplTest {
when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.empty());
when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
- assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+ UserSession userSession = underTest.authenticate(request, response);
+ assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+ assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
verify(jwtHttpHandler).validateToken(request, response);
verify(userTokenAuthentication).authenticate(request);
@@ -120,7 +141,9 @@ public class RequestAuthenticatorImplTest {
when(httpHeadersAuthentication.authenticate(request, response)).thenReturn(Optional.of(A_USER));
when(jwtHttpHandler.validateToken(request, response)).thenReturn(Optional.empty());
- assertThat(underTest.authenticate(request, response).getUuid()).isEqualTo(A_USER.getUuid());
+ UserSession userSession = underTest.authenticate(request, response);
+ assertThat(userSession.getUuid()).isEqualTo(A_USER.getUuid());
+ assertThat(userSession.isAuthenticatedBrowserSession()).isFalse();
verify(httpHeadersAuthentication).authenticate(request, response);
verify(jwtHttpHandler, never()).validateToken(request, response);
@@ -136,6 +159,8 @@ public class RequestAuthenticatorImplTest {
UserSession session = underTest.authenticate(request, response);
assertThat(session.isLoggedIn()).isFalse();
assertThat(session.getUuid()).isNull();
+ assertThat(session.isAuthenticatedBrowserSession()).isFalse();
+
verify(response, never()).setStatus(anyInt());
}
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java
index 86176b403b0..bf9ee5dc4d2 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/authentication/SafeModeUserSessionTest.java
@@ -38,6 +38,7 @@ public class SafeModeUserSessionTest {
assertThat(underTest.getName()).isNull();
assertThat(underTest.getGroups()).isEmpty();
assertThat(underTest.isActive()).isFalse();
+ assertThat(underTest.isAuthenticatedBrowserSession()).isFalse();
}
@Test
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/DoPrivilegedTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/DoPrivilegedTest.java
index 7d38a5c4733..96312da0889 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/DoPrivilegedTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/DoPrivilegedTest.java
@@ -54,6 +54,7 @@ public class DoPrivilegedTest {
assertThat(catcher.userSession.isActive()).isTrue();
assertThat(catcher.userSession.hasChildProjectsPermission(USER, new ComponentDto().setUuid("uuid"))).isTrue();
assertThat(catcher.userSession.hasPortfolioChildProjectsPermission(USER, new ComponentDto())).isTrue();
+ assertThat(catcher.userSession.isAuthenticatedBrowserSession()).isFalse();
// verify session in place after task is done
assertThat(threadLocalUserSession.get()).isSameAs(session);
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java
index f5471a5f84d..0d9751cba7f 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/GithubWebhookUserSessionTest.java
@@ -113,4 +113,9 @@ public class GithubWebhookUserSessionTest {
public void hasComponentUuidPermission_returnsAlwaysTrue() {
assertThat(githubWebhookUserSession.hasComponentUuidPermission("perm", "project")).isTrue();
}
+
+ @Test
+ public void isAuthenticatedGuiSession_isAlwaysFalse() {
+ assertThat(githubWebhookUserSession.isAuthenticatedBrowserSession()).isFalse();
+ }
}
diff --git a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
index 0771d7b1e6a..e28fe9215bb 100644
--- a/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
+++ b/server/sonar-webserver-auth/src/test/java/org/sonar/server/user/ThreadLocalUserSessionTest.java
@@ -75,6 +75,7 @@ public class ThreadLocalUserSessionTest {
assertThat(threadLocalUserSession.hasChildProjectsPermission(USER, new ProjectDto())).isFalse();
assertThat(threadLocalUserSession.hasPortfolioChildProjectsPermission(USER, new ComponentDto())).isFalse();
assertThat(threadLocalUserSession.hasEntityPermission(USER, new ProjectDto().getUuid())).isFalse();
+ assertThat(threadLocalUserSession.isAuthenticatedBrowserSession()).isFalse();
}
@Test
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
index fec1d77b4b6..ca3a1466641 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AbstractMockUserSession.java
@@ -236,4 +236,6 @@ public abstract class AbstractMockUserSession<T extends AbstractMockUserSession>
public boolean shouldResetPassword() {
return resetPassword;
}
+
+ public abstract void flagAsBrowserSession();
}
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AnonymousMockUserSession.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AnonymousMockUserSession.java
index 550c24e62b6..1eb14aedc30 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AnonymousMockUserSession.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/AnonymousMockUserSession.java
@@ -36,6 +36,11 @@ public class AnonymousMockUserSession extends AbstractMockUserSession<AnonymousM
}
@Override
+ public boolean isAuthenticatedBrowserSession() {
+ return false;
+ }
+
+ @Override
public String getLogin() {
return null;
}
@@ -69,4 +74,9 @@ public class AnonymousMockUserSession extends AbstractMockUserSession<AnonymousM
public Optional<ExternalIdentity> getExternalIdentity() {
return Optional.empty();
}
+
+ @Override
+ public void flagAsBrowserSession() {
+ throw new UnsupportedOperationException("An anonymous session can't be authenticated");
+ }
}
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/MockUserSession.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/MockUserSession.java
index d9809a28fa0..c4148758394 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/MockUserSession.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/MockUserSession.java
@@ -44,6 +44,8 @@ public class MockUserSession extends AbstractMockUserSession<MockUserSession> {
private UserSession.ExternalIdentity externalIdentity;
private Long lastSonarlintConnectionDate;
+ private boolean isAuthenticatedBrowserSession = false;
+
public MockUserSession(String login) {
super(MockUserSession.class);
checkArgument(!login.isEmpty());
@@ -86,6 +88,11 @@ public class MockUserSession extends AbstractMockUserSession<MockUserSession> {
}
@Override
+ public boolean isAuthenticatedBrowserSession() {
+ return isAuthenticatedBrowserSession;
+ }
+
+ @Override
public String getLogin() {
return this.login;
}
@@ -141,4 +148,8 @@ public class MockUserSession extends AbstractMockUserSession<MockUserSession> {
return Optional.ofNullable(externalIdentity);
}
+ @Override
+ public void flagAsBrowserSession() {
+ isAuthenticatedBrowserSession = true;
+ }
}
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
index 6f9daa71c4a..688fb1ad77d 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/tester/UserSessionRule.java
@@ -81,7 +81,7 @@ import static com.google.common.base.Preconditions.checkState;
public class UserSessionRule implements TestRule, UserSession {
private static final String DEFAULT_LOGIN = "default_login";
- private UserSession currentUserSession;
+ private AbstractMockUserSession<?> currentUserSession;
private UserSessionRule() {
anonymous();
@@ -170,7 +170,7 @@ public class UserSessionRule implements TestRule, UserSession {
this.currentUserSession = null;
}
- public void set(UserSession userSession) {
+ public void set(AbstractMockUserSession<?> userSession) {
checkNotNull(userSession);
setCurrentUserSession(userSession);
}
@@ -220,7 +220,6 @@ public class UserSessionRule implements TestRule, UserSession {
return this;
}
-
public UserSessionRule addPortfolioPermission(String portfolioPermission, PortfolioDto... portfolioDto) {
ensureAbstractMockUserSession().addPortfolioPermission(portfolioPermission, portfolioDto);
return this;
@@ -255,7 +254,7 @@ public class UserSessionRule implements TestRule, UserSession {
return (MockUserSession) currentUserSession;
}
- private void setCurrentUserSession(UserSession userSession) {
+ private void setCurrentUserSession(AbstractMockUserSession<?> userSession) {
this.currentUserSession = Preconditions.checkNotNull(userSession);
}
@@ -415,4 +414,13 @@ public class UserSessionRule implements TestRule, UserSession {
public boolean isActive() {
return currentUserSession.isActive();
}
+
+ @Override
+ public boolean isAuthenticatedBrowserSession() {
+ return currentUserSession.isAuthenticatedBrowserSession();
+ }
+
+ public void flagSessionAsGui() {
+ currentUserSession.flagAsBrowserSession();
+ }
}
diff --git a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
index 934d6390842..2be04e54a66 100644
--- a/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
+++ b/server/sonar-webserver-auth/src/testFixtures/java/org/sonar/server/user/TestUserSessionFactory.java
@@ -42,7 +42,7 @@ public class TestUserSessionFactory implements UserSessionFactory {
}
@Override
- public UserSession create(UserDto user) {
+ public UserSession create(UserDto user, boolean isAuthenticatedGuiSession) {
return new TestUserSession(requireNonNull(user));
}
@@ -145,6 +145,11 @@ public class TestUserSessionFactory implements UserSessionFactory {
throw notImplemented();
}
+ @Override
+ public boolean isAuthenticatedBrowserSession() {
+ return false;
+ }
+
private static RuntimeException notImplemented() {
return new UnsupportedOperationException("not implemented");
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-03 18:52:56 +0000