diff options
| author | Aurelien Poscia <aurelien.poscia@sonarsource.com> | 2025-01-03 10:49:08 +0100 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2025-01-03 20:03:01 +0000 |
| commit | 71052b32e1b5e6068fb5920f27ebb753071dcb0d (patch) | |
| tree | 9329ce1ac2977615274fa4b25ba39862d63b25f6 /sonar-ws | |
| parent | a9a04c333c33e8bdb54b6fa033a42971f25caab1 (diff) | |
| download | sonarqube-71052b32e1b5e6068fb5920f27ebb753071dcb0d.tar.gz sonarqube-71052b32e1b5e6068fb5920f27ebb753071dcb0d.zip | |
SONAR-23021 Enforce password complexity in the backend
Diffstat (limited to 'sonar-ws')
| -rw-r--r-- | sonar-ws/src/testFixtures/java/org/sonarqube/ws/tester/Tester.java | 22 |
1 files changed, 20 insertions, 2 deletions
diff --git a/sonar-ws/src/testFixtures/java/org/sonarqube/ws/tester/Tester.java b/sonar-ws/src/testFixtures/java/org/sonarqube/ws/tester/Tester.java index f33b3bea89f..ce40e639d47 100644 --- a/sonar-ws/src/testFixtures/java/org/sonarqube/ws/tester/Tester.java +++ b/sonar-ws/src/testFixtures/java/org/sonarqube/ws/tester/Tester.java @@ -69,10 +69,10 @@ import static org.sonarqube.ws.client.HttpConnector.DEFAULT_READ_TIMEOUT_MILLISE * <li>clean-up system administrators/roots</li> * <li>clean-up the properties that are not defined (no PropertyDefinition)</li> * </ul> - * * When used with JUnit5, the tester can be started and stopped in the same pattern as Junit4 for @ClassRule or @Rule using the flag #useJunit5ClassInitialization */ public class Tester extends ExternalResource implements TesterSession, BeforeEachCallback, AfterEachCallback, BeforeAllCallback, AfterAllCallback { + private static final String ADMIN_CRYPTED_PASSWORD = "$2a$12$uCkkXmhW5ThVK8mpBvnXOOJRLd64LJeHTeCkSuB3lfaR2N0AYBaSi"; static final String FORCE_AUTHENTICATION_PROPERTY_NAME = "sonar.forceAuthentication"; private final Orchestrator orchestrator; @@ -138,6 +138,12 @@ public class Tester extends ExternalResource implements TesterSession, BeforeEac beforeCalled = true; } + public void updateRootSession(String userName, String password) { + rootSession = new TesterSessionImpl(orchestrator, + httpConnectorBuilder -> httpConnectorBuilder.readTimeoutMilliseconds(readTimeoutMilliseconds), + httpConnectorBuilder -> httpConnectorBuilder.credentials(userName, password)); + } + @Override public void after() { waitForCeTasksToFinish(); @@ -167,7 +173,7 @@ public class Tester extends ExternalResource implements TesterSession, BeforeEac public void deactivateScim() { try (Connection connection = orchestrator.getDatabase().openConnection(); - PreparedStatement preparedStatement = connection.prepareStatement("delete from internal_properties where kee = ?")) { + PreparedStatement preparedStatement = connection.prepareStatement("delete from internal_properties where kee = ?")) { preparedStatement.setString(1, "sonar.scim.enabled"); preparedStatement.execute(); } catch (SQLException e) { @@ -175,6 +181,18 @@ public class Tester extends ExternalResource implements TesterSession, BeforeEac } } + public void resetRootPassword() { + try (Connection connection = orchestrator.getDatabase().openConnection(); + PreparedStatement preparedStatement = connection.prepareStatement("update users set crypted_password=?, hash_method='BCRYPT', salt=null, reset_password=? where login =?")) { + preparedStatement.setString(1, ADMIN_CRYPTED_PASSWORD); + preparedStatement.setBoolean(2, true); + preparedStatement.setString(3, "admin"); + preparedStatement.execute(); + } catch (SQLException e) { + throw new IllegalStateException(e); + } + } + private void setForceAuthentication(boolean enableForceAuthentication) { String serverProperty = orchestrator.getDistribution().getServerProperty(FORCE_AUTHENTICATION_PROPERTY_NAME); if (serverProperty != null) { |