SONAR-14159 enforce user authentication by default

author: Jacek <jacek.poreda@sonarsource.com> 2020-11-18 10:08:33 +0100
committer: sonartech <sonartech@sonarsource.com> 2020-11-26 20:06:29 +0000
commit: 6e18f97ab530ffc932b1b2a2888e31e112b4be96 (patch)
tree: c6a84fec314040d252d1b12725fa6ac8996a1566 /server/sonar-webserver-core
parent: 6424be5625e272f415067c9cd39af5fa07689c9a (diff)
download: sonarqube-6e18f97ab530ffc932b1b2a2888e31e112b4be96.tar.gz
sonarqube-6e18f97ab530ffc932b1b2a2888e31e112b4be96.zip
4 files changed, 33 insertions, 3 deletions
diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/StandaloneSystemSection.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/StandaloneSystemSection.java
index 869cb8eb1c3..0ce16ba4de9 100644
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/StandaloneSystemSection.java
+++ b/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/StandaloneSystemSection.java
@@ -36,6 +36,7 @@ import org.sonar.server.platform.DockerSupport;
 import org.sonar.server.platform.OfficialDistribution;
 import org.sonar.server.user.SecurityRealmFactory;
 
+import static org.sonar.api.CoreProperties.CORE_FORCE_AUTHENTICATION_DEFAULT_VALUE;
 import static org.sonar.process.ProcessProperties.Property.PATH_DATA;
 import static org.sonar.process.ProcessProperties.Property.PATH_HOME;
 import static org.sonar.process.ProcessProperties.Property.PATH_TEMP;
@@ -104,7 +105,7 @@ public class StandaloneSystemSection extends BaseSectionMBean implements SystemS
   }
 
   private boolean getForceAuthentication() {
-    return config.getBoolean(CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY).orElse(false);
+    return config.getBoolean(CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY).orElse(CORE_FORCE_AUTHENTICATION_DEFAULT_VALUE);
   }
 
   @Override
diff --git a/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSection.java b/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSection.java
index fc52bc1b527..0b90fee89da 100644
--- a/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSection.java
+++ b/server/sonar-webserver-core/src/main/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSection.java
@@ -37,6 +37,7 @@ import org.sonar.server.authentication.IdentityProviderRepository;
 import org.sonar.server.platform.DockerSupport;
 import org.sonar.server.user.SecurityRealmFactory;
 
+import static org.sonar.api.CoreProperties.CORE_FORCE_AUTHENTICATION_DEFAULT_VALUE;
 import static org.sonar.process.systeminfo.SystemInfoUtils.setAttribute;
 
 @ServerSide
@@ -91,7 +92,7 @@ public class GlobalSystemSection implements SystemInfoSection, Global {
   }
 
   private boolean getForceAuthentication() {
-    return config.getBoolean(CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY).orElse(false);
+    return config.getBoolean(CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY).orElse(CORE_FORCE_AUTHENTICATION_DEFAULT_VALUE);
   }
 
   private static void addIfNotEmpty(ProtobufSystemInfo.Section.Builder protobuf, String key, @Nullable List<String> values) {
diff --git a/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/StandaloneSystemSectionTest.java b/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/StandaloneSystemSectionTest.java
index a5bdc13d06d..2c9f613c4ac 100644
--- a/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/StandaloneSystemSectionTest.java
+++ b/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/StandaloneSystemSectionTest.java
@@ -26,6 +26,7 @@ import org.junit.Before;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.sonar.api.CoreProperties;
 import org.sonar.api.config.internal.MapSettings;
 import org.sonar.api.platform.Server;
 import org.sonar.api.security.SecurityRealm;
@@ -154,7 +155,20 @@ public class StandaloneSystemSectionTest {
   @Test
   public void return_nb_of_processors() {
     ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
-    assertThat(attribute(protobuf, "Processors").getLongValue()).isGreaterThan(0);
+    assertThat(attribute(protobuf, "Processors").getLongValue()).isPositive();
+  }
+
+  @Test
+  public void get_force_authentication_defaults_to_true() {
+    ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
+    assertThatAttributeIs(protobuf, "Force authentication", true);
+  }
+
+  @Test
+  public void get_force_authentication() {
+    settings.setProperty(CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY, false);
+    ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
+    assertThatAttributeIs(protobuf, "Force authentication", false);
   }
 
   @Test
diff --git a/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSectionTest.java b/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSectionTest.java
index d3a1ff6b768..49fbff69fd6 100644
--- a/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSectionTest.java
+++ b/server/sonar-webserver-core/src/test/java/org/sonar/server/platform/monitoring/cluster/GlobalSystemSectionTest.java
@@ -25,6 +25,7 @@ import com.tngtech.java.junit.dataprovider.UseDataProvider;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
+import org.sonar.api.CoreProperties;
 import org.sonar.api.config.internal.MapSettings;
 import org.sonar.api.platform.Server;
 import org.sonar.api.security.SecurityRealm;
@@ -119,6 +120,19 @@ public class GlobalSystemSectionTest {
   }
 
   @Test
+  public void get_force_authentication_defaults_to_true() {
+    ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
+    assertThatAttributeIs(protobuf, "Force authentication", true);
+  }
+
+  @Test
+  public void get_force_authentication() {
+    settings.setProperty(CoreProperties.CORE_FORCE_AUTHENTICATION_PROPERTY, false);
+    ProtobufSystemInfo.Section protobuf = underTest.toProtobuf();
+    assertThatAttributeIs(protobuf, "Force authentication", false);
+  }
+
+  @Test
   @UseDataProvider("trueOrFalse")
   public void get_docker_flag(boolean flag) {
     when(dockerSupport.isRunningInDocker()).thenReturn(flag);
author	Jacek <jacek.poreda@sonarsource.com>	2020-11-18 10:08:33 +0100
committer	sonartech <sonartech@sonarsource.com>	2020-11-26 20:06:29 +0000
commit	6e18f97ab530ffc932b1b2a2888e31e112b4be96 (patch)
tree	c6a84fec314040d252d1b12725fa6ac8996a1566 /server/sonar-webserver-core
parent	6424be5625e272f415067c9cd39af5fa07689c9a (diff)
download	sonarqube-6e18f97ab530ffc932b1b2a2888e31e112b4be96.tar.gz sonarqube-6e18f97ab530ffc932b1b2a2888e31e112b4be96.zip