diff options
| author | Wouter Admiraal <wouter.admiraal@sonarsource.com> | 2021-03-11 14:30:39 +0100 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2021-03-18 20:08:12 +0000 |
| commit | 434951a0bf4f7165fecda893ee0ea9771784791d (patch) | |
| tree | fb5475d5bd1012ec8c7b5ff71b1b0e868ce067e5 /server/sonar-webserver-core/src/test | |
| parent | bd1f5a9348146f88b3bd250817c3302b935f9a34 (diff) | |
| download | sonarqube-434951a0bf4f7165fecda893ee0ea9771784791d.tar.gz sonarqube-434951a0bf4f7165fecda893ee0ea9771784791d.zip | |
SONAR-14586 Move DefaultAdminCredentialsVerifier to sonar-webserver-auth
Diffstat (limited to 'server/sonar-webserver-core/src/test')
3 files changed, 0 insertions, 293 deletions
diff --git a/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java b/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java deleted file mode 100644 index 7c7ebbd1c9f..00000000000 --- a/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationHandlerTest.java +++ /dev/null @@ -1,120 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2021 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -package org.sonar.server.authentication; - -import java.util.Set; -import org.junit.Before; -import org.junit.Rule; -import org.junit.Test; -import org.mockito.stubbing.Answer; -import org.sonar.db.DbTester; -import org.sonar.db.user.GroupDto; -import org.sonar.db.user.UserDto; -import org.sonar.server.notification.email.EmailNotificationChannel; - -import static java.util.Collections.singletonList; -import static org.assertj.core.api.Assertions.assertThat; -import static org.mockito.ArgumentMatchers.anySet; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.verifyNoMoreInteractions; -import static org.mockito.Mockito.when; -import static org.sonar.db.permission.GlobalPermission.ADMINISTER; - -public class DefaultAdminCredentialsVerifierNotificationHandlerTest { - - @Rule - public DbTester db = DbTester.create(); - - private EmailNotificationChannel emailNotificationChannel = mock(EmailNotificationChannel.class); - - private DefaultAdminCredentialsVerifierNotificationHandler underTest = new DefaultAdminCredentialsVerifierNotificationHandler(db.getDbClient(), - emailNotificationChannel); - - @Before - public void setUp() { - when(emailNotificationChannel.deliverAll(anySet())) - .then((Answer<Integer>) invocationOnMock -> ((Set<EmailNotificationChannel.EmailDeliveryRequest>) invocationOnMock.getArguments()[0]).size()); - } - - @Test - public void deliver_to_all_admins_having_emails() { - when(emailNotificationChannel.isActivated()).thenReturn(true); - DefaultAdminCredentialsVerifierNotification detectActiveAdminAccountWithDefaultCredentialNotification = mock(DefaultAdminCredentialsVerifierNotification.class); - // Users granted admin permission directly - UserDto admin1 = db.users().insertUser(u -> u.setEmail("admin1")); - UserDto adminWithNoEmail = db.users().insertUser(u -> u.setEmail(null)); - db.users().insertPermissionOnUser(admin1, ADMINISTER); - db.users().insertPermissionOnUser(adminWithNoEmail, ADMINISTER); - // User granted admin permission by group membership - UserDto admin2 = db.users().insertUser(u -> u.setEmail("admin2")); - GroupDto adminGroup = db.users().insertGroup(); - db.users().insertPermissionOnGroup(adminGroup, ADMINISTER); - db.users().insertMember(adminGroup, admin2); - db.users().insertUser(u -> u.setEmail("otherUser")); - - int deliver = underTest.deliver(singletonList(detectActiveAdminAccountWithDefaultCredentialNotification)); - - // Only 2 admins have there email defined - assertThat(deliver).isEqualTo(2); - verify(emailNotificationChannel).isActivated(); - verify(emailNotificationChannel).deliverAll(anySet()); - verifyNoMoreInteractions(detectActiveAdminAccountWithDefaultCredentialNotification); - } - - @Test - public void deliver_to_no_one_when_no_admins() { - when(emailNotificationChannel.isActivated()).thenReturn(true); - DefaultAdminCredentialsVerifierNotification detectActiveAdminAccountWithDefaultCredentialNotification = mock(DefaultAdminCredentialsVerifierNotification.class); - db.users().insertUser(u -> u.setEmail("otherUser")); - - int deliver = underTest.deliver(singletonList(detectActiveAdminAccountWithDefaultCredentialNotification)); - - assertThat(deliver).isZero(); - verify(emailNotificationChannel).isActivated(); - verifyNoMoreInteractions(emailNotificationChannel); - verifyNoMoreInteractions(detectActiveAdminAccountWithDefaultCredentialNotification); - } - - @Test - public void do_nothing_if_emailNotificationChannel_is_disabled() { - when(emailNotificationChannel.isActivated()).thenReturn(false); - DefaultAdminCredentialsVerifierNotification detectActiveAdminAccountWithDefaultCredentialNotification = mock( - DefaultAdminCredentialsVerifierNotification.class); - - int deliver = underTest.deliver(singletonList(detectActiveAdminAccountWithDefaultCredentialNotification)); - - assertThat(deliver).isZero(); - verify(emailNotificationChannel).isActivated(); - verifyNoMoreInteractions(emailNotificationChannel); - verifyNoMoreInteractions(detectActiveAdminAccountWithDefaultCredentialNotification); - } - - @Test - public void getMetadata_returns_empty() { - assertThat(underTest.getMetadata()).isEmpty(); - } - - @Test - public void getNotificationClass() { - assertThat(underTest.getNotificationClass()).isEqualTo(DefaultAdminCredentialsVerifierNotification.class); - } - -} diff --git a/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationTemplateTest.java b/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationTemplateTest.java deleted file mode 100644 index 73b16ca5f25..00000000000 --- a/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierNotificationTemplateTest.java +++ /dev/null @@ -1,49 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2021 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -package org.sonar.server.authentication; - -import org.junit.Test; -import org.sonar.api.notifications.Notification; -import org.sonar.server.issue.notification.EmailMessage; - -import static org.assertj.core.api.Assertions.assertThat; - -public class DefaultAdminCredentialsVerifierNotificationTemplateTest { - - private DefaultAdminCredentialsVerifierNotificationTemplate underTest = new DefaultAdminCredentialsVerifierNotificationTemplate(); - - @Test - public void do_not_format_other_notifications() { - assertThat(underTest.format(new Notification("foo"))).isNull(); - } - - @Test - public void format_notification() { - Notification notification = new Notification(DefaultAdminCredentialsVerifierNotification.TYPE); - - EmailMessage emailMessage = underTest.format(notification); - - assertThat(emailMessage.getSubject()).isEqualTo("Default Administrator credentials are still used"); - assertThat(emailMessage.getMessage()).isEqualTo("Hello,\n\n" + - "Your SonarQube instance is still using default administrator credentials.\n" + - "Make sure to change the password for the 'admin' account or deactivate this account."); - } - -} diff --git a/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierTest.java b/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierTest.java deleted file mode 100644 index a307fa0475f..00000000000 --- a/server/sonar-webserver-core/src/test/java/org/sonar/server/authentication/DefaultAdminCredentialsVerifierTest.java +++ /dev/null @@ -1,124 +0,0 @@ -/* - * SonarQube - * Copyright (C) 2009-2021 SonarSource SA - * mailto:info AT sonarsource DOT com - * - * This program is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 3 of the License, or (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public License - * along with this program; if not, write to the Free Software Foundation, - * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - */ -package org.sonar.server.authentication; - -import org.junit.After; -import org.junit.Rule; -import org.junit.Test; -import org.sonar.api.notifications.Notification; -import org.sonar.api.utils.log.LogTester; -import org.sonar.api.utils.log.LoggerLevel; -import org.sonar.db.DbTester; -import org.sonar.db.user.UserDto; -import org.sonar.server.notification.NotificationManager; - -import static org.assertj.core.api.Assertions.assertThat; -import static org.mockito.ArgumentMatchers.any; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.verifyNoMoreInteractions; -import static org.sonar.server.property.InternalProperties.DEFAULT_ADMIN_CREDENTIAL_USAGE_EMAIL; - -public class DefaultAdminCredentialsVerifierTest { - - private static final String ADMIN_LOGIN = "admin"; - - @Rule - public DbTester db = DbTester.create(); - @Rule - public LogTester logTester = new LogTester(); - - private final CredentialsLocalAuthentication localAuthentication = new CredentialsLocalAuthentication(db.getDbClient()); - private final NotificationManager notificationManager = mock(NotificationManager.class); - - private final DefaultAdminCredentialsVerifier underTest = new DefaultAdminCredentialsVerifier(db.getDbClient(), localAuthentication, notificationManager); - - @After - public void after() { - underTest.stop(); - } - - @Test - public void set_reset_flag_to_true_and_add_log_when_admin_account_with_default_credential_is_detected() { - UserDto admin = db.users().insertUser(u -> u.setLogin(ADMIN_LOGIN)); - changePassword(admin, "admin"); - - underTest.start(); - - assertThat(db.users().selectUserByLogin(admin.getLogin()).get().isResetPassword()).isTrue(); - assertThat(logTester.logs(LoggerLevel.WARN)).contains("Default Administrator credentials are still being used. Make sure to change the password or deactivate the account."); - assertThat(db.getDbClient().internalPropertiesDao().selectByKey(db.getSession(), DEFAULT_ADMIN_CREDENTIAL_USAGE_EMAIL).get()).isEqualTo("true"); - verify(notificationManager).scheduleForSending(any(Notification.class)); - } - - @Test - public void do_not_send_email_to_admins_when_already_sent() { - UserDto admin = db.users().insertUser(u -> u.setLogin(ADMIN_LOGIN)); - changePassword(admin, "admin"); - db.getDbClient().internalPropertiesDao().save(db.getSession(), DEFAULT_ADMIN_CREDENTIAL_USAGE_EMAIL, "true"); - db.commit(); - - underTest.start(); - - verifyNoMoreInteractions(notificationManager); - } - - @Test - public void do_nothing_when_admin_is_not_using_default_credential() { - UserDto admin = db.users().insertUser(u -> u.setLogin(ADMIN_LOGIN)); - changePassword(admin, "something_else"); - - underTest.start(); - - assertThat(db.users().selectUserByLogin(admin.getLogin()).get().isResetPassword()).isFalse(); - assertThat(logTester.logs()).isEmpty(); - verifyNoMoreInteractions(notificationManager); - } - - @Test - public void do_nothing_when_no_admin_account_with_default_credential_detected() { - UserDto otherUser = db.users().insertUser(); - changePassword(otherUser, "admin"); - - underTest.start(); - - assertThat(db.users().selectUserByLogin(otherUser.getLogin()).get().isResetPassword()).isFalse(); - assertThat(logTester.logs()).isEmpty(); - verifyNoMoreInteractions(notificationManager); - } - - @Test - public void do_nothing_when_admin_account_with_default_credential_is_disabled() { - UserDto admin = db.users().insertUser(u -> u.setLogin(ADMIN_LOGIN).setActive(false)); - changePassword(admin, "admin"); - - underTest.start(); - - assertThat(db.users().selectUserByLogin(admin.getLogin()).get().isResetPassword()).isFalse(); - assertThat(logTester.logs()).isEmpty(); - verifyNoMoreInteractions(notificationManager); - } - - private void changePassword(UserDto user, String password) { - localAuthentication.storeHashPassword(user, password); - db.getDbClient().userDao().update(db.getSession(), user); - db.commit(); - } -} |