SONAR-10830 Allow passcode even if forceAuthentication is true

1 files changed, 16 insertions, 0 deletions

diff --git a/tests/src/test/java/org/sonarqube/tests/authorization/SystemPasscodeTest.java b/tests/src/test/java/org/sonarqube/tests/authorization/SystemPasscodeTest.java
index b6c9d71acd9..fbdafe3697c 100644
--- a/tests/src/test/java/org/sonarqube/tests/authorization/SystemPasscodeTest.java
+++ b/tests/src/test/java/org/sonarqube/tests/authorization/SystemPasscodeTest.java
@@ -20,6 +20,7 @@
 package org.sonarqube.tests.authorization;
 
 import com.sonar.orchestrator.Orchestrator;
+import java.util.Arrays;
 import org.junit.ClassRule;
 import org.junit.Rule;
 import org.junit.Test;
@@ -70,6 +71,21 @@ public class SystemPasscodeTest {
     assertThat(response.code()).isEqualTo(401);
   }
 
+  @Test
+  public void system_access_is_granted_even_with_forceAuthentication_is_set_to_true() {
+    tester.settings().setGlobalSetting("sonar.forceAuthentication", "true");
+    Arrays.asList("/api/ce/pause", "/api/ce/resume", "/api/system/health", "/api/system/info")
+      .forEach(url -> {
+          WsRequest request = new GetRequest("api/system/health")
+            .setHeader(PASSCODE_HEADER, VALID_PASSCODE);
+
+          WsResponse response = tester.asAnonymous().wsClient().wsConnector().call(request);
+          assertThat(response.code()).isEqualTo(200);
+        }
+      );
+    tester.settings().setGlobalSetting("sonar.forceAuthentication", "false");
+  }
+
   private static GetRequest newRequest() {
     return new GetRequest("api/system_passcode/check");
   }