Skip to content
Permalink
Browse files Browse the repository at this point in the history
SCMMaterial changes #000
* SCMMaterial unlike SCMMaterialConfig objects are used for polling,
  they do not need to encrypt the password. Hence removing the
  encryptedPassword attribute.
  • Loading branch information
maheshp committed Dec 10, 2020
1 parent 830f2f6 commit 691b479
Show file tree
Hide file tree
Showing 18 changed files with 48 additions and 236 deletions.
Expand Up @@ -134,7 +134,7 @@ class MaintenanceModeInfoRepresenterTest {
"auto_update" : true,
"check_externals" : true,
"username" : "user",
"encrypted_password": svnMaterial.encryptedPassword
"encrypted_password": svnMaterial.config().getEncryptedPassword()
],
"mdu_start_time": "1970-01-01T08:20:00Z"
]
Expand Down
Expand Up @@ -97,31 +97,6 @@ void shouldNotDisplayPasswordInStringRepresentation() {
assertThat(p4.toString()).doesNotContain("loser");
}

@Test
void shouldEncryptP4Password() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.encrypt("password")).thenReturn("encrypted");

P4Material p4Material = new P4Material("example.com:1818", "view", mockGoCipher);
p4Material.setPassword("password");
p4Material.ensureEncrypted();

assertThat(p4Material.getEncryptedPassword()).isEqualTo("encrypted");
assertThat(p4Material.getPassword()).isNull();
}

@Test
void shouldDecryptP4Password() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.decrypt("encrypted")).thenReturn("password");

P4Material p4Material = new P4Material("example.com:1818", "view", mockGoCipher);
ReflectionUtil.setField(p4Material, "encryptedPassword", "encrypted");
p4Material.getPassword();

assertThat(p4Material.getPassword()).isEqualTo("password");
}

@Test
void shouldReturnEqualsEvenIfPasswordsAreDifferent() throws Exception {
P4Material material = MaterialsMother.p4Material();
Expand Down
Expand Up @@ -68,8 +68,8 @@ public class TfsMaterialTest {
@BeforeEach
void setUp() {
GoCipher goCipher = mock(GoCipher.class);
tfsMaterialFirstCollectionFirstProject = new TfsMaterial(goCipher, new UrlArgument(TFS_FIRST_COLLECTION_URL), USERNAME, DOMAIN, PASSWORD, TFS_FIRST_PROJECT);
tfsMaterialFirstCollectionSecondProject = new TfsMaterial(goCipher, new UrlArgument(TFS_FIRST_COLLECTION_URL), USERNAME, DOMAIN, PASSWORD, TFS_SECOND_PROJECT);
tfsMaterialFirstCollectionFirstProject = new TfsMaterial(new UrlArgument(TFS_FIRST_COLLECTION_URL), USERNAME, DOMAIN, PASSWORD, TFS_FIRST_PROJECT);
tfsMaterialFirstCollectionSecondProject = new TfsMaterial(new UrlArgument(TFS_FIRST_COLLECTION_URL), USERNAME, DOMAIN, PASSWORD, TFS_SECOND_PROJECT);
}

@Test
Expand Down Expand Up @@ -104,7 +104,7 @@ void shouldLoadAllModificationsSinceAGivenRevision() throws IOException {

@Test
void shouldInjectAllRelevantAttributesInSqlCriteriaMap() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("my-url"), "loser", DOMAIN, "foo_bar_baz", "/dev/null");
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("my-url"), "loser", DOMAIN, "foo_bar_baz", "/dev/null");
assertThat(tfsMaterial.getSqlCriteria()).isEqualTo(m(
SQL_CRITERIA_TYPE, (Object) "TfsMaterial",
"url", "my-url",
Expand All @@ -114,7 +114,7 @@ void shouldInjectAllRelevantAttributesInSqlCriteriaMap() {

@Test
void shouldInjectAllRelevantAttributesInAttributeMap() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("my-url"), "loser", DOMAIN, "foo_bar_baz", "/dev/null");
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("my-url"), "loser", DOMAIN, "foo_bar_baz", "/dev/null");
assertThat(tfsMaterial.getAttributesForXml()).isEqualTo(m(
AbstractMaterial.SQL_CRITERIA_TYPE, (Object) "TfsMaterial",
"url", "my-url",
Expand All @@ -124,56 +124,31 @@ void shouldInjectAllRelevantAttributesInAttributeMap() {

@Test
void shouldReturnUrlForCommandLine_asUrl_IfSet() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("http://foo:bar@my-url.com"), "loser", DOMAIN, "foo_bar_baz", "/dev/null"
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("http://foo:bar@my-url.com"), "loser", DOMAIN, "foo_bar_baz", "/dev/null"
);
assertThat(tfsMaterial.getUrl()).isEqualTo("http://foo:bar@my-url.com");

tfsMaterial = new TfsMaterial(new GoCipher(), null, "loser", DOMAIN, "foo_bar_baz", "/dev/null");
tfsMaterial = new TfsMaterial(null, "loser", DOMAIN, "foo_bar_baz", "/dev/null");
assertThat(tfsMaterial.getUrl()).isNull();
}

@Test
void shouldReturnUrlForCommandLine_asLocation_IfSet() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("http://foo:bar@my-url.com"), "loser", DOMAIN, "foo_bar_baz", "/dev/null"
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("http://foo:bar@my-url.com"), "loser", DOMAIN, "foo_bar_baz", "/dev/null"
);
assertThat(tfsMaterial.getLocation()).isEqualTo("http://foo:******@my-url.com");

tfsMaterial = new TfsMaterial(new GoCipher(), null, "loser", DOMAIN, "foo_bar_baz", "/dev/null");
tfsMaterial = new TfsMaterial(null, "loser", DOMAIN, "foo_bar_baz", "/dev/null");
assertThat(tfsMaterial.getLocation()).isNull();
}

@Test
void shouldEncryptTfsPasswordAndMarkPasswordAsNull() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.encrypt("password")).thenReturn("encrypted");

TfsMaterial tfsMaterial = new TfsMaterial(mockGoCipher, new UrlArgument("/foo"), "username", DOMAIN, "password", "");
tfsMaterial.ensureEncrypted();

assertThat(tfsMaterial.getPassword()).isNull();
assertThat(tfsMaterial.getEncryptedPassword()).isEqualTo("encrypted");
}

@Test
void shouldDecryptTfsPassword() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.decrypt("encrypted")).thenReturn("password");

TfsMaterial tfsMaterial = new TfsMaterial(mockGoCipher, new UrlArgument("/foo"), "username", DOMAIN, null, "");

ReflectionUtil.setField(tfsMaterial, "encryptedPassword", "encrypted");

tfsMaterial.ensureEncrypted();
assertThat(tfsMaterial.getPassword()).isEqualTo("password");
}

@Test
void shouldNotDecryptPasswordIfPasswordIsNotNull() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.encrypt("password")).thenReturn("encrypted");
when(mockGoCipher.decrypt("encrypted")).thenReturn("password");

TfsMaterial material = new TfsMaterial(mockGoCipher, new UrlArgument("/foo"), "username", DOMAIN, "password", "");
TfsMaterial material = new TfsMaterial(new UrlArgument("/foo"), "username", DOMAIN, "password", "");
material.ensureEncrypted();
when(mockGoCipher.encrypt("new_password")).thenReturn("new_encrypted");
material.setPassword("new_password");
Expand All @@ -182,33 +157,6 @@ void shouldNotDecryptPasswordIfPasswordIsNotNull() throws Exception {
assertThat(material.getPassword()).isEqualTo("new_password");
}

@Test
void shouldErrorOutIfDecryptionFails() throws CryptoException {
GoCipher mockGoCipher = mock(GoCipher.class);
String fakeCipherText = "fake cipher text";
when(mockGoCipher.decrypt(fakeCipherText)).thenThrow(new CryptoException("exception"));
TfsMaterial material = new TfsMaterial(mockGoCipher, new UrlArgument("/foo"), "username", DOMAIN, "password", "");
ReflectionUtil.setField(material, "encryptedPassword", fakeCipherText);
try {
material.getPassword();
fail("Should have thrown up");
} catch (Exception e) {
assertThat(e.getMessage()).isEqualTo("Could not decrypt the password to get the real password");
}
}

@Test
void shouldErrorOutIfEncryptionFails() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.encrypt("password")).thenThrow(new CryptoException("exception"));
try {
new TfsMaterial(mockGoCipher, new UrlArgument("/foo"), "username", DOMAIN, "password", "");
fail("Should have thrown up");
} catch (Exception e) {
assertThat(e.getMessage()).isEqualTo("Password encryption failed. Please verify your cipher key.");
}
}

@Test
void shouldBePasswordAware() {
assertThat(PasswordAwareMaterial.class.isAssignableFrom(TfsMaterial.class)).isTrue();
Expand Down Expand Up @@ -237,13 +185,13 @@ void shouldCheckConnection() {

@Test
void shouldGetLongDescriptionForMaterial() {
TfsMaterial material = new TfsMaterial(new GoCipher(), new UrlArgument("http://url/"), "user", "domain", "password", "$project/path/");
TfsMaterial material = new TfsMaterial(new UrlArgument("http://url/"), "user", "domain", "password", "$project/path/");
assertThat(material.getLongDescription()).isEqualTo("URL: http://url/, Username: user, Domain: domain, ProjectPath: $project/path/");
}

@Test
void shouldCopyOverPasswordWhenConvertingToConfig() throws Exception {
TfsMaterial material = new TfsMaterial(new GoCipher(), new UrlArgument("http://url/"), "user", "domain", "password", "$project/path/");
TfsMaterial material = new TfsMaterial(new UrlArgument("http://url/"), "user", "domain", "password", "$project/path/");

TfsMaterialConfig config = (TfsMaterialConfig) material.config();

Expand All @@ -253,7 +201,7 @@ void shouldCopyOverPasswordWhenConvertingToConfig() throws Exception {

@Test
void shouldGetAttributesWithSecureFields() {
TfsMaterial material = new TfsMaterial(new GoCipher(), new UrlArgument("http://username:password@tfsrepo.com"), "username", "domain", "password", "$project/path/");
TfsMaterial material = new TfsMaterial(new UrlArgument("http://username:password@tfsrepo.com"), "username", "domain", "password", "$project/path/");
Map<String, Object> attributes = material.getAttributes(true);

assertThat(attributes.get("type")).isEqualTo("tfs");
Expand All @@ -267,7 +215,7 @@ void shouldGetAttributesWithSecureFields() {

@Test
void shouldGetAttributesWithoutSecureFields() {
TfsMaterial material = new TfsMaterial(new GoCipher(), new UrlArgument("http://username:password@tfsrepo.com"), "username", "domain", "password", "$project/path/");
TfsMaterial material = new TfsMaterial(new UrlArgument("http://username:password@tfsrepo.com"), "username", "domain", "password", "$project/path/");
Map<String, Object> attributes = material.getAttributes(false);

assertThat(attributes.get("type")).isEqualTo("tfs");
Expand All @@ -283,14 +231,14 @@ void shouldGetAttributesWithoutSecureFields() {
class passwordForCommandLine {
@Test
void shouldReturnPasswordAsConfigured_IfNotDefinedAsSecretParam() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("some-url"), null, null, "badger", null);
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("some-url"), null, null, "badger", null);

assertThat(tfsMaterial.passwordForCommandLine()).isEqualTo("badger");
}

@Test
void shouldReturnAResolvedPassword_IfPasswordDefinedAsSecretParam() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("some-url"), null, null, "{{SECRET:[secret_config_id][lookup_pass]}}", null);
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("some-url"), null, null, "{{SECRET:[secret_config_id][lookup_pass]}}", null);

tfsMaterial.getSecretParams().findFirst("lookup_pass").ifPresent(secretParam -> secretParam.setValue("resolved_password"));

Expand All @@ -299,7 +247,7 @@ void shouldReturnAResolvedPassword_IfPasswordDefinedAsSecretParam() {

@Test
void shouldErrorOutWhenCalledOnAUnResolvedSecretParam_IfPasswordDefinedAsSecretParam() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("some-url"), null, null, "{{SECRET:[secret_config_id][lookup_pass]}}", null);
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("some-url"), null, null, "{{SECRET:[secret_config_id][lookup_pass]}}", null);

assertThatCode(tfsMaterial::passwordForCommandLine)
.isInstanceOf(UnresolvedSecretParamException.class)
Expand All @@ -311,7 +259,7 @@ void shouldErrorOutWhenCalledOnAUnResolvedSecretParam_IfPasswordDefinedAsSecretP
class setPassword {
@Test
void shouldParsePasswordString_IfDefinedAsSecretParam() {
TfsMaterial tfsMaterial = new TfsMaterial(new GoCipher(), new UrlArgument("some-url"), null, null, "{{SECRET:[secret_config_id][lookup_pass]}}", null);
TfsMaterial tfsMaterial = new TfsMaterial(new UrlArgument("some-url"), null, null, "{{SECRET:[secret_config_id][lookup_pass]}}", null);

assertThat(tfsMaterial.getSecretParams())
.hasSize(1)
Expand Down Expand Up @@ -339,7 +287,7 @@ void populateEnvContextShouldSetMaterialEnvVars() {

@Test
void shouldOnlyPopulateDomainEnvVarIfPresent() {
TfsMaterial material = new TfsMaterial(mock(GoCipher.class), new UrlArgument(TFS_FIRST_COLLECTION_URL), USERNAME, "", PASSWORD, TFS_FIRST_PROJECT);
TfsMaterial material = new TfsMaterial(new UrlArgument(TFS_FIRST_COLLECTION_URL), USERNAME, "", PASSWORD, TFS_FIRST_PROJECT);
EnvironmentVariableContext ctx = new EnvironmentVariableContext();
final ArrayList<Modification> modifications = new ArrayList<>();

Expand Down
Expand Up @@ -18,7 +18,6 @@
import com.thoughtworks.go.config.materials.ScmMaterial;
import com.thoughtworks.go.config.materials.SubprocessExecutionContext;
import com.thoughtworks.go.domain.MaterialInstance;
import com.thoughtworks.go.security.GoCipher;
import com.thoughtworks.go.util.command.ConsoleOutputStreamConsumer;
import com.thoughtworks.go.util.command.UrlArgument;

Expand All @@ -35,7 +34,7 @@ public final class DummyMaterial extends ScmMaterial {
private String url;

public DummyMaterial() {
super("DummyMaterial", new GoCipher());
super("DummyMaterial");
}

@Override
Expand Down
Expand Up @@ -328,30 +328,6 @@ void shouldNotUsePasswordForEquality() {
assertThat(svnBoozer).isEqualTo(svnZooser);
}

@Test
void shouldEncryptSvnPasswordAndMarkPasswordAsNull() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.encrypt("password")).thenReturn("encrypted");

SvnMaterial material = new SvnMaterial("/foo", "username", "password", false, mockGoCipher);
material.ensureEncrypted();

assertThat(material.getPassword()).isNull();
assertThat(material.getEncryptedPassword()).isEqualTo("encrypted");
}

@Test
void shouldDecryptSvnPassword() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.decrypt("encrypted")).thenReturn("password");

SvnMaterial material = new SvnMaterial("/foo", "username", null, false, mockGoCipher);
ReflectionUtil.setField(material, "encryptedPassword", "encrypted");

material.ensureEncrypted();
assertThat(material.getPassword()).isEqualTo("password");
}

@Test
void shouldNotDecryptSvnPasswordIfPasswordIsNotNull() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
Expand All @@ -367,33 +343,6 @@ void shouldNotDecryptSvnPasswordIfPasswordIsNotNull() throws Exception {
assertThat(material.getPassword()).isEqualTo("new_password");
}

@Test
void shouldErrorOutIfDecryptionFails() throws CryptoException {
GoCipher mockGoCipher = mock(GoCipher.class);
String fakeCipherText = "fake cipher text";
when(mockGoCipher.decrypt(fakeCipherText)).thenThrow(new CryptoException("exception"));
SvnMaterial material = new SvnMaterial("/foo", "username", null, false, mockGoCipher);
ReflectionUtil.setField(material, "encryptedPassword", fakeCipherText);
try {
material.getPassword();
fail("Should have thrown up");
} catch (Exception e) {
assertThat(e.getMessage()).isEqualTo("Could not decrypt the password to get the real password");
}
}

@Test
void shouldErrorOutIfEncryptionFails() throws Exception {
GoCipher mockGoCipher = mock(GoCipher.class);
when(mockGoCipher.encrypt("password")).thenThrow(new CryptoException("exception"));
try {
new SvnMaterial("/foo", "username", "password", false, mockGoCipher);
fail("Should have thrown up");
} catch (Exception e) {
assertThat(e.getMessage()).isEqualTo("Password encryption failed. Please verify your cipher key.");
}
}

@Test
void shouldGetLongDescriptionForMaterial() {
SvnMaterial material = new SvnMaterial("http://url/", "user", "password", true, "folder");
Expand Down
Expand Up @@ -180,8 +180,7 @@ private boolean isNotAConcrete_NonTest_MaterialConfigImplementation(Class aClass
private void assertPasswordIsCorrect(Material material) {
if (material instanceof PasswordAwareMaterial) {
assertThat("Password setting is wrong for: " + material.getClass(), ((PasswordAwareMaterial) material).getPassword(), is("pass"));
assertThat("Password setting is wrong for: " + material.getClass(), ReflectionUtil.getField(material, "password"), is(nullValue()));
assertThat("Password setting is wrong for: " + material.getClass(), ReflectionUtil.getField(material, "encryptedPassword"), is(not(nullValue())));
assertThat("Password setting is wrong for: " + material.getClass(), ReflectionUtil.getField(material, "password"), is("pass"));
}
}

Expand Down
Expand Up @@ -32,7 +32,6 @@
import com.thoughtworks.go.domain.ConfigVisitor;
import com.thoughtworks.go.domain.MaterialRevisions;
import com.thoughtworks.go.domain.materials.*;
import com.thoughtworks.go.security.GoCipher;
import com.thoughtworks.go.util.ArtifactLogUtil;
import com.thoughtworks.go.util.command.ConsoleOutputStreamConsumer;
import com.thoughtworks.go.util.command.UrlArgument;
Expand Down Expand Up @@ -205,7 +204,7 @@ public SvnMaterial getSvnMaterial() {
}

public TfsMaterial getTfsMaterial() {
return getExistingOrDefaultMaterial(new TfsMaterial(new GoCipher(), new UrlArgument(""), "", "", "", ""));
return getExistingOrDefaultMaterial(new TfsMaterial(new UrlArgument(""), "", "", "", ""));
}

public HgMaterial getHgMaterial() {
Expand Down

0 comments on commit 691b479

Please sign in to comment.