SONAR-9739 drop authentication on api/system/health

11 files changed, 79 insertions, 287 deletions

diff --git a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java
index 4cedd539219..e2a45829e09 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/authentication/UserSessionInitializer.java
@@ -59,7 +59,7 @@ public class UserSessionInitializer {
     "/batch/index", "/batch/file",
     "/maintenance/*", "/setup/*",
     "/sessions/*", "/oauth2/callback/*",
-    "/api/system/db_migration_status", "/api/system/status", "/api/system/migrate_db",
+    "/api/system/db_migration_status", "/api/system/status", "/api/system/migrate_db", "/api/system/health",
     "/api/server/version",
     "/api/users/identity_providers", "/api/l10n/index",
     LOGIN_URL, LOGOUT_URL, VALIDATE_URL);
diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/AbstractHealthAction.java b/server/sonar-server/src/main/java/org/sonar/server/platform/ws/AbstractHealthAction.java
deleted file mode 100644
index c0a878b8b5e..00000000000
--- a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/AbstractHealthAction.java
+++ /dev/null
@@ -1,68 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2017 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.platform.ws;
-
-import com.google.common.io.Resources;
-import org.sonar.api.server.ws.Request;
-import org.sonar.api.server.ws.Response;
-import org.sonar.api.server.ws.WebService;
-import org.sonar.server.health.Health;
-import org.sonar.server.health.HealthChecker;
-import org.sonar.server.ws.WsUtils;
-import org.sonarqube.ws.WsSystem;
-
-public abstract class AbstractHealthAction implements SystemWsAction {
-  private final HealthChecker healthChecker;
-
-  public AbstractHealthAction(HealthChecker healthChecker) {
-    this.healthChecker = healthChecker;
-  }
-
-  @Override
-  public void define(WebService.NewController controller) {
-    controller.createAction("health")
-      .setDescription("Provide health status of the current SonarQube instance." +
-        "<p>status: the health status" +
-        " <ul>" +
-        " <li>GREEN: SonarQube is fully operational</li>" +
-        " <li>YELLOW: SonarQube is operational but something must be fixed to be fully operational</li>" +
-        " <li>RED: SonarQube is not operational</li>" +
-        " </ul>" +
-        "</p>")
-      .setSince("6.6")
-      .setResponseExample(Resources.getResource(this.getClass(), "example-health.json"))
-      .setHandler(this);
-  }
-
-  @Override
-  public void handle(Request request, Response response) throws Exception {
-    performAuthenticationChecks();
-
-    Health check = healthChecker.check();
-    WsSystem.HealthResponse.Builder responseBuilder = WsSystem.HealthResponse.newBuilder()
-      .setHealth(WsSystem.Health.valueOf(check.getStatus().name()));
-    WsSystem.Cause.Builder causeBuilder = WsSystem.Cause.newBuilder();
-    check.getCauses().forEach(str -> responseBuilder.addCauses(causeBuilder.clear().setMessage(str).build()));
-
-    WsUtils.writeProtobuf(responseBuilder.build(), request, response);
-  }
-
-  abstract void performAuthenticationChecks();
-}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/HealthAction.java b/server/sonar-server/src/main/java/org/sonar/server/platform/ws/HealthAction.java
index ab160d65e57..24487852997 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/HealthAction.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/platform/ws/HealthAction.java
@@ -19,21 +19,47 @@
  */
 package org.sonar.server.platform.ws;
 
+import com.google.common.io.Resources;
+import org.sonar.api.server.ws.Request;
+import org.sonar.api.server.ws.Response;
+import org.sonar.api.server.ws.WebService;
+import org.sonar.server.health.Health;
 import org.sonar.server.health.HealthChecker;
-import org.sonar.server.user.UserSession;
+import org.sonar.server.ws.WsUtils;
+import org.sonarqube.ws.WsSystem;
 
-public class HealthAction extends AbstractHealthAction {
-  private final UserSession userSession;
+public class HealthAction implements SystemWsAction {
+  private final HealthChecker healthChecker;
 
-  public HealthAction(UserSession userSession, HealthChecker healthChecker) {
-    super(healthChecker);
-    this.userSession = userSession;
+  public HealthAction(HealthChecker healthChecker) {
+    this.healthChecker = healthChecker;
   }
 
   @Override
-  void performAuthenticationChecks() {
-    userSession
-      .checkLoggedIn()
-      .checkIsSystemAdministrator();
+  public void define(WebService.NewController controller) {
+    controller.createAction("health")
+      .setDescription("Provide health status of the current SonarQube instance." +
+        "<p>status: the health status" +
+        " <ul>" +
+        " <li>GREEN: SonarQube is fully operational</li>" +
+        " <li>YELLOW: SonarQube is operational but something must be fixed to be fully operational</li>" +
+        " <li>RED: SonarQube is not operational</li>" +
+        " </ul>" +
+        "</p>")
+      .setSince("6.6")
+      .setResponseExample(Resources.getResource(this.getClass(), "example-health.json"))
+      .setHandler(this);
   }
+
+  @Override
+  public void handle(Request request, Response response) throws Exception {
+    Health check = healthChecker.check();
+    WsSystem.HealthResponse.Builder responseBuilder = WsSystem.HealthResponse.newBuilder()
+      .setHealth(WsSystem.Health.valueOf(check.getStatus().name()));
+    WsSystem.Cause.Builder causeBuilder = WsSystem.Cause.newBuilder();
+    check.getCauses().forEach(str -> responseBuilder.addCauses(causeBuilder.clear().setMessage(str).build()));
+
+    WsUtils.writeProtobuf(responseBuilder.build(), request, response);
+  }
+
 }
diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/SafeModeHealthAction.java b/server/sonar-server/src/main/java/org/sonar/server/platform/ws/SafeModeHealthAction.java
deleted file mode 100644
index f3248871603..00000000000
--- a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/SafeModeHealthAction.java
+++ /dev/null
@@ -1,33 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2017 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.platform.ws;
-
-import org.sonar.server.health.HealthChecker;
-
-public class SafeModeHealthAction extends AbstractHealthAction {
-  public SafeModeHealthAction(HealthChecker healthChecker) {
-    super(healthChecker);
-  }
-
-  @Override
-  void performAuthenticationChecks() {
-    // no authentication check in safemode
-  }
-}
diff --git a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/SafeModeHealthActionModule.java b/server/sonar-server/src/main/java/org/sonar/server/platform/ws/SafeModeHealthActionModule.java
index a11df47a697..5a950a02fbb 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/platform/ws/SafeModeHealthActionModule.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/platform/ws/SafeModeHealthActionModule.java
@@ -35,6 +35,6 @@ public class SafeModeHealthActionModule extends Module {
       EsStatusCheck.class,
 
       HealthCheckerImpl.class,
-      SafeModeHealthAction.class);
+      HealthAction.class);
   }
 }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java
index b8fcf9fd7ce..7697b6ff590 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/authentication/UserSessionInitializerTest.java
@@ -110,6 +110,7 @@ public class UserSessionInitializerTest {
     assertPathIsIgnored("/api/system/db_migration_status");
     assertPathIsIgnored("/api/system/status");
     assertPathIsIgnored("/api/system/migrate_db");
+    assertPathIsIgnored("/api/system/health");
     assertPathIsIgnored("/api/server/version");
     assertPathIsIgnored("/api/users/identity_providers");
     assertPathIsIgnored("/api/l10n/index");
diff --git a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/AbstractHealthActionTestSupport.java b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/AbstractHealthActionTestSupport.java
deleted file mode 100644
index 91985e5f063..00000000000
--- a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/AbstractHealthActionTestSupport.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2017 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.platform.ws;
-
-import java.util.Random;
-import java.util.stream.IntStream;
-import org.apache.commons.lang.RandomStringUtils;
-import org.sonar.api.server.ws.WebService;
-import org.sonar.server.health.Health;
-import org.sonar.server.health.HealthChecker;
-import org.sonar.server.ws.TestRequest;
-import org.sonar.server.ws.WsActionTester;
-import org.sonar.test.JsonAssert;
-import org.sonarqube.ws.WsSystem;
-
-import static org.assertj.core.api.Assertions.assertThat;
-import static org.mockito.Mockito.mock;
-import static org.mockito.Mockito.when;
-import static org.sonar.server.health.Health.newHealthCheckBuilder;
-
-public class AbstractHealthActionTestSupport {
-  HealthChecker mockedHealthChecker = mock(HealthChecker.class);
-
-  void verifyDefinition(WebService.Action definition) {
-    assertThat(definition.key()).isEqualTo("health");
-    assertThat(definition.isPost()).isFalse();
-    assertThat(definition.description()).isNotEmpty();
-    assertThat(definition.since()).isEqualTo("6.6");
-    assertThat(definition.isInternal()).isFalse();
-    assertThat(definition.responseExample()).isNotNull();
-    assertThat(definition.params()).isEmpty();
-  }
-
-  void verifyExample(WsActionTester underTest) {
-    when(mockedHealthChecker.check()).thenReturn(
-        newHealthCheckBuilder()
-            .setStatus(Health.Status.YELLOW)
-            .addCause("Elasticsearch status is YELLOW")
-            .build());
-    TestRequest request = underTest.newRequest();
-
-    JsonAssert.assertJson(request.execute().getInput())
-        .isSimilarTo(underTest.getDef().responseExampleAsString());
-  }
-
-  void requestReturnsStatusAndCausesFromHealthCheckerCheckMethod(WsActionTester underTest) {
-    Health.Status randomStatus = Health.Status.values()[new Random().nextInt(Health.Status.values().length)];
-    Health.Builder builder = newHealthCheckBuilder()
-        .setStatus(randomStatus);
-    IntStream.range(0, new Random().nextInt(5)).mapToObj(i -> RandomStringUtils.randomAlphanumeric(3)).forEach(builder::addCause);
-    Health health = builder.build();
-    when(mockedHealthChecker.check()).thenReturn(health);
-    TestRequest request = underTest.newRequest();
-
-    WsSystem.HealthResponse healthResponse = request.executeProtobuf(WsSystem.HealthResponse.class);
-    assertThat(healthResponse.getHealth().name()).isEqualTo(randomStatus.name());
-    assertThat(health.getCauses()).isEqualTo(health.getCauses());
-  }
-}
diff --git a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionModuleTest.java b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionModuleTest.java
index f1bdfec0e7c..25489794d54 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionModuleTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionModuleTest.java
@@ -45,8 +45,7 @@ public class HealthActionModuleTest {
 
     assertThat(classesAddedToContainer(container))
       .contains(HealthCheckerImpl.class)
-      .contains(HealthAction.class)
-      .doesNotContain(SafeModeHealthAction.class);
+      .contains(HealthAction.class);
   }
 
   @Test
diff --git a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionTest.java
index 201b34fd328..cb45a2d029d 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/HealthActionTest.java
@@ -20,74 +20,65 @@
 package org.sonar.server.platform.ws;
 
 import java.util.Random;
-import org.junit.Rule;
+import java.util.stream.IntStream;
+import org.apache.commons.lang.RandomStringUtils;
 import org.junit.Test;
-import org.junit.rules.ExpectedException;
 import org.sonar.api.server.ws.WebService;
-import org.sonar.server.exceptions.ForbiddenException;
-import org.sonar.server.exceptions.UnauthorizedException;
-import org.sonar.server.tester.UserSessionRule;
+import org.sonar.server.health.Health;
+import org.sonar.server.health.HealthChecker;
 import org.sonar.server.ws.TestRequest;
 import org.sonar.server.ws.WsActionTester;
+import org.sonar.test.JsonAssert;
+import org.sonarqube.ws.WsSystem;
 
-public class HealthActionTest {
-  @Rule
-  public UserSessionRule userSessionRule = UserSessionRule.standalone();
-  @Rule
-  public ExpectedException expectedException = ExpectedException.none();
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+import static org.sonar.server.health.Health.newHealthCheckBuilder;
 
-  private AbstractHealthActionTestSupport healthActionTestSupport = new AbstractHealthActionTestSupport();
-  private WsActionTester underTest = new WsActionTester(new HealthAction(userSessionRule, healthActionTestSupport.mockedHealthChecker));
+public class HealthActionTest {
+  private HealthChecker mockedHealthChecker = mock(HealthChecker.class);
+  private WsActionTester underTest = new WsActionTester(new HealthAction(mockedHealthChecker));
 
   @Test
   public void verify_definition() {
     WebService.Action definition = underTest.getDef();
 
-    healthActionTestSupport.verifyDefinition(definition);
-  }
-
-  @Test
-  public void execute_fails_with_UnauthorizedException_if_user_is_not_logged_in() {
-    TestRequest request = underTest.newRequest();
-
-    expectedException.expect(UnauthorizedException.class);
-    expectedException.expectMessage("Authentication is required");
-
-    request.execute();
-  }
-
-  @Test
-  public void execute_fails_with_ForbiddenException_if_user_logged_in_but_not_root() {
-    TestRequest request = underTest.newRequest();
-    userSessionRule.logIn();
-
-    expectedException.expect(ForbiddenException.class);
-    expectedException.expectMessage("Insufficient privileges");
-
-    request.execute();
+    assertThat(definition.key()).isEqualTo("health");
+    assertThat(definition.isPost()).isFalse();
+    assertThat(definition.description()).isNotEmpty();
+    assertThat(definition.since()).isEqualTo("6.6");
+    assertThat(definition.isInternal()).isFalse();
+    assertThat(definition.responseExample()).isNotNull();
+    assertThat(definition.params()).isEmpty();
   }
 
   @Test
   public void verify_example() {
-    userSessionRule.logIn();
-    rootOrSystemAdmin();
+    when(mockedHealthChecker.check()).thenReturn(
+        newHealthCheckBuilder()
+            .setStatus(Health.Status.YELLOW)
+            .addCause("Elasticsearch status is YELLOW")
+            .build());
+    TestRequest request = underTest.newRequest();
 
-    healthActionTestSupport.verifyExample(underTest);
+    JsonAssert.assertJson(request.execute().getInput())
+        .isSimilarTo(underTest.getDef().responseExampleAsString());
   }
 
   @Test
   public void request_returns_status_and_causes_from_HealthChecker_check_method() {
-    userSessionRule.logIn();
-    rootOrSystemAdmin();
+    Health.Status randomStatus = Health.Status.values()[new Random().nextInt(Health.Status.values().length)];
+    Health.Builder builder = newHealthCheckBuilder()
+        .setStatus(randomStatus);
+    IntStream.range(0, new Random().nextInt(5)).mapToObj(i -> RandomStringUtils.randomAlphanumeric(3)).forEach(builder::addCause);
+    Health health = builder.build();
+    when(mockedHealthChecker.check()).thenReturn(health);
+    TestRequest request = underTest.newRequest();
 
-    healthActionTestSupport.requestReturnsStatusAndCausesFromHealthCheckerCheckMethod(underTest);
+    WsSystem.HealthResponse healthResponse = request.executeProtobuf(WsSystem.HealthResponse.class);
+    assertThat(healthResponse.getHealth().name()).isEqualTo(randomStatus.name());
+    assertThat(health.getCauses()).isEqualTo(health.getCauses());
   }
 
-  private void rootOrSystemAdmin() {
-    if (new Random().nextBoolean()) {
-      userSessionRule.setRoot();
-    } else {
-      userSessionRule.setSystemAdministrator();
-    }
-  }
 }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/SafeModeHealthActionModuleTest.java b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/SafeModeHealthActionModuleTest.java
index f99fa201a33..a6e9f01e112 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/SafeModeHealthActionModuleTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/SafeModeHealthActionModuleTest.java
@@ -44,8 +44,7 @@ public class SafeModeHealthActionModuleTest {
 
     assertThat(classesAddedToContainer(container))
       .contains(HealthCheckerImpl.class)
-      .contains(SafeModeHealthAction.class)
-      .doesNotContain(HealthAction.class);
+      .contains(HealthAction.class);
   }
 
   @Test
diff --git a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/SafeModeHealthActionTest.java b/server/sonar-server/src/test/java/org/sonar/server/platform/ws/SafeModeHealthActionTest.java
deleted file mode 100644
index 0cec5200305..00000000000
--- a/server/sonar-server/src/test/java/org/sonar/server/platform/ws/SafeModeHealthActionTest.java
+++ /dev/null
@@ -1,47 +0,0 @@
-/*
- * SonarQube
- * Copyright (C) 2009-2017 SonarSource SA
- * mailto:info AT sonarsource DOT com
- *
- * This program is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 3 of the License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
- *
- * You should have received a copy of the GNU Lesser General Public License
- * along with this program; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
- */
-package org.sonar.server.platform.ws;
-
-import org.junit.Test;
-import org.sonar.api.server.ws.WebService;
-import org.sonar.server.ws.WsActionTester;
-
-public class SafeModeHealthActionTest {
-  private AbstractHealthActionTestSupport healthActionTestSupport = new AbstractHealthActionTestSupport();
-  private WsActionTester underTest = new WsActionTester(new SafeModeHealthAction(healthActionTestSupport.mockedHealthChecker));
-
-  @Test
-  public void verify_definition() {
-    WebService.Action definition = underTest.getDef();
-
-    healthActionTestSupport.verifyDefinition(definition);
-  }
-
-  @Test
-  public void verify_example() {
-    healthActionTestSupport.verifyExample(underTest);
-  }
-
-  @Test
-  public void request_returns_status_and_causes_from_HealthChecker_check_method() {
-    healthActionTestSupport.requestReturnsStatusAndCausesFromHealthCheckerCheckMethod(underTest);
-  }
-
-}