Merge pull request #37 from jenkinsci/security_fix_and-_test

Security fix and testcase

Author: ankit-patil-hubs

src/main/java/io/jenkins/plugins/constant/Constant.java

@@ -6,7 +6,7 @@ public class Constant {
     public static final String UNIQUE_FILE_NAME = "delphix-VDB-";
     public static final String PROPERTIES = ".properties";
     public static final String FILE_NAME = "delphix-VDB";
-    public static final String USER_AGENT = "Jenkins-3.1.0";
+    public static final String USER_AGENT = "Jenkins-3.1.1";
     public static final String CLIENT_NAME = "Jenkins";
     public static final String CLIENT_NAME_HEADER = "x-dct-client-name";
     public static final long WAIT_TIME = 20000;

src/main/java/io/jenkins/plugins/delphix/DelphixGlobalConfiguration.java

@@ -13,7 +13,7 @@ public static DelphixGlobalConfiguration get() {
     }
 
     private String dctUrl;
-    private boolean sslCheck;
+    private boolean disableSsl;
 
     public DelphixGlobalConfiguration() {
         load();
@@ -29,13 +29,13 @@ public void setDctUrl(String dctUrl) {
         save();
     }
 
-    public boolean getSslCheck() {
-        return sslCheck;
+    public boolean getDisableSsl() {
+        return disableSsl;
     }
 
     @DataBoundSetter
-    public void setSslCheck(boolean sslCertificate) {
-        this.sslCheck = sslCertificate;
+    public void setDisableSsl(boolean disableSsl) {
+        this.disableSsl = disableSsl;
         save();
     }
 }

src/main/java/io/jenkins/plugins/util/DctSdkUtil.java

@@ -38,9 +38,7 @@ public DctSdkUtil(Run<?, ?> run, TaskListener listener, String credId) {
             return;
         }
         this.defaultClient = Configuration.getDefaultApiClient();
-        if (DelphixGlobalConfiguration.get().getSslCheck()) {
-            this.defaultClient.setVerifyingSsl(false);
-        }
+        this.defaultClient.setVerifyingSsl(!DelphixGlobalConfiguration.get().getDisableSsl()); 
         this.defaultClient.setConnectTimeout(Constant.TIMEOUT);
         this.defaultClient.setReadTimeout(Constant.TIMEOUT);
         this.defaultClient.setWriteTimeout(Constant.TIMEOUT);

src/main/resources/io/jenkins/plugins/delphix/DelphixGlobalConfiguration/config.jelly

@@ -5,7 +5,7 @@
       <f:textbox />
     </f:entry>
 
-    <f:entry title="Disable SSL Certificate Validation" field="sslCheck" help="/plugin/delphix/help-sslCheck.html">
+    <f:entry title="Disable SSL Certificate Validation" field="disableSsl" help="/plugin/delphix/help-sslCheck.html">
         <f:checkbox default="false" />
     </f:entry>
   </f:section>

src/test/java/io/jenkins/plugins/delphix/DeleteVDBTest.java

@@ -0,0 +1,72 @@
+package io.jenkins.plugins.delphix;
+
+import com.cloudbees.plugins.credentials.CredentialsProvider;
+import com.cloudbees.plugins.credentials.CredentialsScope;
+import com.cloudbees.plugins.credentials.domains.Domain;
+import hudson.model.FreeStyleBuild;
+import hudson.model.FreeStyleProject;
+import hudson.util.Secret;
+import hudson.model.Result;
+import jenkins.model.GlobalConfiguration;
+import org.jenkinsci.plugins.plaincredentials.impl.StringCredentialsImpl;
+import org.junit.Rule;
+import org.junit.Test;
+import org.jvnet.hudson.test.JenkinsRule;
+
+public class GlobalConfigurationTest {
+
+  @Rule
+  public JenkinsRule jenkins = new JenkinsRule();
+
+  @Test
+  public void GlobalConfigSSLDisable() throws Exception {
+    DelphixGlobalConfiguration globalConfig1 =
+        GlobalConfiguration.all().get(DelphixGlobalConfiguration.class);
+    globalConfig1.setDctUrl("https://self-signed.badssl.com");
+    globalConfig1.setDisableSsl(true); //disable ssl
+    globalConfig1.save();
+
+    StringCredentialsImpl c =
+        new StringCredentialsImpl(CredentialsScope.USER, "test123", "description",
+            Secret.fromString("api key"));
+    CredentialsProvider.lookupStores(jenkins).iterator().next().addCredentials(Domain.global(), c);
+
+    FreeStyleProject project = jenkins.createFreeStyleProject();
+    ProvisionVDBFromSnapshot builder = new ProvisionVDBFromSnapshot();
+    builder.setSourceDataId("4-ORACLE_DB_CONTAINER-6");
+    builder.setCredentialId("test123");
+    builder.setAutoSelectRepository(true);
+    project.getBuildersList().add(builder);
+
+    FreeStyleBuild b1 = project.scheduleBuild2(0).get();
+    System.out.println(b1.toString());
+    jenkins.assertLogContains("<head><title>404 Not Found</title></head>", b1);
+    jenkins.assertBuildStatus(Result.FAILURE, b1);
+  }
+
+
+  @Test
+  public void GlobalConfigDefault() throws Exception {
+    DelphixGlobalConfiguration globalConfig1 =
+        GlobalConfiguration.all().get(DelphixGlobalConfiguration.class);
+    globalConfig1.setDctUrl("https://self-signed.badssl.com");
+    globalConfig1.save();
+
+    StringCredentialsImpl c =
+        new StringCredentialsImpl(CredentialsScope.USER, "test123", "description",
+            Secret.fromString("api key"));
+    CredentialsProvider.lookupStores(jenkins).iterator().next().addCredentials(Domain.global(), c);
+
+    FreeStyleProject project = jenkins.createFreeStyleProject();
+    ProvisionVDBFromSnapshot builder = new ProvisionVDBFromSnapshot();
+    builder.setSourceDataId("4-ORACLE_DB_CONTAINER-6");
+    builder.setCredentialId("test123");
+    builder.setAutoSelectRepository(true);
+    project.getBuildersList().add(builder);
+
+    FreeStyleBuild b1 = project.scheduleBuild2(0).get();
+    System.out.println(b1.toString());
+    jenkins.assertLogContains("javax.net.ssl.SSLHandshakeException:", b1);
+    jenkins.assertBuildStatus(Result.FAILURE, b1);
+  }
+}