Improve test coverage

2 files changed, 50 insertions, 8 deletions

diff --git a/server/sonar-webserver/src/main/java/org/sonar/server/app/WebSecurityManager.java b/server/sonar-webserver/src/main/java/org/sonar/server/app/WebSecurityManager.java
new file mode 100644
index 00000000000..f17b076b9ba
--- /dev/null
+++ b/server/sonar-webserver/src/main/java/org/sonar/server/app/WebSecurityManager.java
@@ -0,0 +1,49 @@
+/*
+ * SonarQube
+ * Copyright (C) 2009-2021 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
+ */
+package org.sonar.server.app;
+
+import org.sonar.process.PluginFileWriteRule;
+import org.sonar.process.PluginSecurityManager;
+import org.sonar.process.ProcessProperties;
+import org.sonar.process.Props;
+
+public class WebSecurityManager {
+  private final PluginSecurityManager pluginSecurityManager;
+  private final Props props;
+
+  private boolean applied;
+
+  public WebSecurityManager(PluginSecurityManager pluginSecurityManager, Props props) {
+    this.pluginSecurityManager = pluginSecurityManager;
+    this.props = props;
+  }
+
+  public void apply() {
+    if (applied) {
+      throw new IllegalStateException("can't apply twice");
+    }
+    applied = true;
+
+    PluginFileWriteRule writeRule = new PluginFileWriteRule(
+      props.nonNullValueAsFile(ProcessProperties.Property.PATH_HOME.getKey()).toPath(),
+      props.nonNullValueAsFile(ProcessProperties.Property.PATH_TEMP.getKey()).toPath());
+    pluginSecurityManager.restrictPlugins(writeRule);
+  }
+}
diff --git a/server/sonar-webserver/src/main/java/org/sonar/server/app/WebServer.java b/server/sonar-webserver/src/main/java/org/sonar/server/app/WebServer.java
index a3ddfc67900..12c959c986d 100644
--- a/server/sonar-webserver/src/main/java/org/sonar/server/app/WebServer.java
+++ b/server/sonar-webserver/src/main/java/org/sonar/server/app/WebServer.java
@@ -24,11 +24,9 @@ import java.io.File;
 import org.slf4j.LoggerFactory;
 import org.sonar.process.MinimumViableSystem;
 import org.sonar.process.Monitored;
-import org.sonar.process.PluginFileWriteRule;
 import org.sonar.process.PluginSecurityManager;
 import org.sonar.process.ProcessEntryPoint;
 import org.sonar.process.ProcessId;
-import org.sonar.process.ProcessProperties;
 import org.sonar.process.Props;
 import org.sonar.process.sharedmemoryfile.DefaultProcessCommands;
 
@@ -98,12 +96,7 @@ public class WebServer implements Monitored {
     ProcessEntryPoint entryPoint = ProcessEntryPoint.createForArguments(args);
     Props props = entryPoint.getProps();
     new WebServerProcessLogging().configure(props);
-
-
-    PluginFileWriteRule writeRule = new PluginFileWriteRule(
-      props.nonNullValueAsFile(ProcessProperties.Property.PATH_HOME.getKey()).toPath(),
-      props.nonNullValueAsFile(ProcessProperties.Property.PATH_TEMP.getKey()).toPath());
-    PluginSecurityManager.restrictPlugins(writeRule);
+    new WebSecurityManager(new PluginSecurityManager(), props).apply();
 
     WebServer server = new WebServer(props);
     entryPoint.launch(server);