SONAR-14586 Add a new uses default credentials flag to api/navigation/global for system administrators

author: Wouter Admiraal <wouter.admiraal@sonarsource.com> 2021-03-11 14:51:09 +0100
committer: sonartech <sonartech@sonarsource.com> 2021-03-18 20:08:12 +0000
commit: dab939698e737075f7e9467552911a2591f3e846 (patch)
tree: 823be5eb113a496ad8979de3035b080da9e11e25 /server
parent: 66249573d70075f5238ecc23ae80baf09af949d4 (diff)
download: sonarqube-dab939698e737075f7e9467552911a2591f3e846.tar.gz
sonarqube-dab939698e737075f7e9467552911a2591f3e846.zip
3 files changed, 32 insertions, 2 deletions
diff --git a/server/sonar-webserver-webapi/build.gradle b/server/sonar-webserver-webapi/build.gradle
index 36c65449122..d514e24c911 100644
--- a/server/sonar-webserver-webapi/build.gradle
+++ b/server/sonar-webserver-webapi/build.gradle
@@ -13,6 +13,7 @@ dependencies {
   compile project(':server:sonar-ce-task')
   compile project(':server:sonar-db-dao')
   compile project(':server:sonar-process')
+  compile project(':server:sonar-webserver-auth')
   compile project(':server:sonar-webserver-es')
   compile project(':server:sonar-webserver-ws')
   compile project(':server:sonar-alm-client')
diff --git a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/ui/ws/GlobalAction.java b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/ui/ws/GlobalAction.java
index 7b53996a872..28ed4f35898 100644
--- a/server/sonar-webserver-webapi/src/main/java/org/sonar/server/ui/ws/GlobalAction.java
+++ b/server/sonar-webserver-webapi/src/main/java/org/sonar/server/ui/ws/GlobalAction.java
@@ -39,6 +39,7 @@ import org.sonar.db.DbClient;
 import org.sonar.db.DbSession;
 import org.sonar.db.dialect.H2;
 import org.sonar.server.almsettings.MultipleAlmFeatureProvider;
+import org.sonar.server.authentication.DefaultAdminCredentialsVerifier;
 import org.sonar.server.branch.BranchFeatureProxy;
 import org.sonar.server.issue.index.IssueIndexSyncProgressChecker;
 import org.sonar.server.platform.WebServer;
@@ -83,10 +84,12 @@ public class GlobalAction implements NavigationWsAction, Startable {
   private final MultipleAlmFeatureProvider multipleAlmFeatureProvider;
   private final WebAnalyticsLoader webAnalyticsLoader;
   private final IssueIndexSyncProgressChecker issueIndexSyncChecker;
+  private final DefaultAdminCredentialsVerifier defaultAdminCredentialsVerifier;
 
   public GlobalAction(PageRepository pageRepository, Configuration config, ResourceTypes resourceTypes, Server server,
     WebServer webServer, DbClient dbClient, BranchFeatureProxy branchFeature, UserSession userSession, PlatformEditionProvider editionProvider,
-    MultipleAlmFeatureProvider multipleAlmFeatureProvider, WebAnalyticsLoader webAnalyticsLoader, IssueIndexSyncProgressChecker issueIndexSyncChecker) {
+    MultipleAlmFeatureProvider multipleAlmFeatureProvider, WebAnalyticsLoader webAnalyticsLoader, IssueIndexSyncProgressChecker issueIndexSyncChecker,
+    DefaultAdminCredentialsVerifier defaultAdminCredentialsVerifier) {
     this.pageRepository = pageRepository;
     this.config = config;
     this.resourceTypes = resourceTypes;
@@ -100,6 +103,7 @@ public class GlobalAction implements NavigationWsAction, Startable {
     this.webAnalyticsLoader = webAnalyticsLoader;
     this.systemSettingValuesByKey = new HashMap<>();
     this.issueIndexSyncChecker = issueIndexSyncChecker;
+    this.defaultAdminCredentialsVerifier = defaultAdminCredentialsVerifier;
   }
 
   @Override
@@ -140,6 +144,7 @@ public class GlobalAction implements NavigationWsAction, Startable {
       writeVersion(json);
       writeDatabaseProduction(json);
       writeBranchSupport(json);
+      writeInstanceUsesDefaultAdminCredentials(json);
       writeMultipleAlmEnabled(json);
       editionProvider.get().ifPresent(e -> json.prop("edition", e.name().toLowerCase(Locale.ENGLISH)));
       writeNeedIssueSync(json);
@@ -197,6 +202,12 @@ public class GlobalAction implements NavigationWsAction, Startable {
     json.prop("branchesEnabled", branchFeature.isEnabled());
   }
 
+  private void writeInstanceUsesDefaultAdminCredentials(JsonWriter json) {
+    if (userSession.isSystemAdministrator()) {
+      json.prop("instanceUsesDefaultAdminCredentials", defaultAdminCredentialsVerifier.hasDefaultCredentialUser());
+    }
+  }
+
   private void writeMultipleAlmEnabled(JsonWriter json) {
     json.prop("multipleAlmEnabled", multipleAlmFeatureProvider.enabled());
   }
diff --git a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ui/ws/GlobalActionTest.java b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ui/ws/GlobalActionTest.java
index 8b0c4a7cd54..7acb72b8df3 100644
--- a/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ui/ws/GlobalActionTest.java
+++ b/server/sonar-webserver-webapi/src/test/java/org/sonar/server/ui/ws/GlobalActionTest.java
@@ -38,6 +38,7 @@ import org.sonar.db.DbClient;
 import org.sonar.db.dialect.H2;
 import org.sonar.db.dialect.PostgreSql;
 import org.sonar.server.almsettings.MultipleAlmFeatureProvider;
+import org.sonar.server.authentication.DefaultAdminCredentialsVerifier;
 import org.sonar.server.issue.index.IssueIndexSyncProgressChecker;
 import org.sonar.server.platform.WebServer;
 import org.sonar.server.tester.UserSessionRule;
@@ -68,6 +69,7 @@ public class GlobalActionTest {
   private final PlatformEditionProvider editionProvider = mock(PlatformEditionProvider.class);
   private final MultipleAlmFeatureProvider multipleAlmFeatureProvider = mock(MultipleAlmFeatureProvider.class);
   private final WebAnalyticsLoader webAnalyticsLoader = mock(WebAnalyticsLoader.class);
+  private final DefaultAdminCredentialsVerifier defaultAdminCredentialsVerifier = mock(DefaultAdminCredentialsVerifier.class);
 
   private WsActionTester ws;
 
@@ -271,6 +273,22 @@ public class GlobalActionTest {
   }
 
   @Test
+  public void instance_uses_default_admin_credentials() {
+    init();
+
+    when(defaultAdminCredentialsVerifier.hasDefaultCredentialUser()).thenReturn(true);
+
+    // Even if the default credentials are used, if the current user it not a system admin, the flag is not returned.
+    assertJson(call()).isNotSimilarTo("{\"instanceUsesDefaultAdminCredentials\":true}");
+
+    userSession.logIn().setSystemAdministrator();
+    assertJson(call()).isSimilarTo("{\"instanceUsesDefaultAdminCredentials\":true}");
+
+    when(defaultAdminCredentialsVerifier.hasDefaultCredentialUser()).thenReturn(false);
+    assertJson(call()).isSimilarTo("{\"instanceUsesDefaultAdminCredentials\":false}");
+  }
+
+  @Test
   public void standalone_flag() {
     init();
     userSession.logIn().setRoot();
@@ -374,7 +392,7 @@ public class GlobalActionTest {
     pageRepository.start();
     GlobalAction wsAction = new GlobalAction(pageRepository, settings.asConfig(), new ResourceTypes(resourceTypeTrees), server,
       webServer, dbClient, branchFeature, userSession, editionProvider, multipleAlmFeatureProvider, webAnalyticsLoader,
-      indexSyncProgressChecker);
+      indexSyncProgressChecker, defaultAdminCredentialsVerifier);
     ws = new WsActionTester(wsAction);
     wsAction.start();
   }
author	Wouter Admiraal <wouter.admiraal@sonarsource.com>	2021-03-11 14:51:09 +0100
committer	sonartech <sonartech@sonarsource.com>	2021-03-18 20:08:12 +0000
commit	dab939698e737075f7e9467552911a2591f3e846 (patch)
tree	823be5eb113a496ad8979de3035b080da9e11e25 /server
parent	66249573d70075f5238ecc23ae80baf09af949d4 (diff)
download	sonarqube-dab939698e737075f7e9467552911a2591f3e846.tar.gz sonarqube-dab939698e737075f7e9467552911a2591f3e846.zip