Switch show details default to ShowDetails.NEVER

Closes gh-11869
2018-02-20 16:43:11 -08:00 · 2018-02-20 16:43:11 -08:00 · 349987d9be
parent 46021928ba
commit 349987d9be
4 changed files with 42 additions and 7 deletions
--- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/health/HealthEndpointProperties.java
+++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/health/HealthEndpointProperties.java
@ -34,7 +34,7 @@ public class HealthEndpointProperties {
 	/**
 	 * When to show full health details.
 	 */
-	private ShowDetails showDetails = ShowDetails.WHEN_AUTHORIZED;
+	private ShowDetails showDetails = ShowDetails.NEVER;

 	/**
 	 * Roles used to determine whether or not a user is authorized to be shown details.
--- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/health/HealthEndpointWebExtensionTests.java
+++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/health/HealthEndpointWebExtensionTests.java
@ -90,17 +90,34 @@ public class HealthEndpointWebExtensionTests {
 	}

 	@Test
-	public void authenticatedUsersAreShownDetailsByDefault() {
+	public void authenticatedUsersAreNotShownDetailsByDefault() {
 		this.contextRunner.run((context) -> {
 			HealthEndpointWebExtension extension = context
 					.getBean(HealthEndpointWebExtension.class);
 			SecurityContext securityContext = mock(SecurityContext.class);
 			given(securityContext.getPrincipal()).willReturn(mock(Principal.class));
 			assertThat(extension.getHealth(securityContext).getBody().getDetails())
-					.isNotEmpty();
+					.isEmpty();
 		});
 	}

+	@Test
+	public void authenticatedUsersWhenAuthorizedCanBeShownDetails() {
+		this.contextRunner
+				.withPropertyValues(
+						"management.endpoint.health.show-details=when-authorized")
+				.run((context) -> {
+					HealthEndpointWebExtension extension = context
+							.getBean(HealthEndpointWebExtension.class);
+					SecurityContext securityContext = mock(SecurityContext.class);
+					given(securityContext.getPrincipal())
+							.willReturn(mock(Principal.class));
+					assertThat(
+							extension.getHealth(securityContext).getBody().getDetails())
+									.isNotEmpty();
+				});
+	}
+
 	@Test
 	public void unauthenticatedUsersCanBeShownDetails() {
 		this.contextRunner
--- a/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/health/ReactiveHealthEndpointWebExtensionTests.java
+++ b/spring-boot-project/spring-boot-actuator-autoconfigure/src/test/java/org/springframework/boot/actuate/autoconfigure/health/ReactiveHealthEndpointWebExtensionTests.java
@ -86,7 +86,9 @@ public class ReactiveHealthEndpointWebExtensionTests {

 	@Test
 	public void regularAndReactiveHealthIndicatorsMatch() {
-		this.contextRunner.withUserConfiguration(HealthIndicatorsConfiguration.class)
+		this.contextRunner
+				.withPropertyValues("management.endpoint.health.show-details=always")
+				.withUserConfiguration(HealthIndicatorsConfiguration.class)
 				.run((context) -> {
 					HealthEndpoint endpoint = context.getBean(HealthEndpoint.class);
 					ReactiveHealthEndpointWebExtension extension = context
@ -115,17 +117,33 @@ public class ReactiveHealthEndpointWebExtensionTests {
 	}

 	@Test
-	public void authenticatedUsersAreShownDetailsByDefault() {
+	public void authenticatedUsersAreNotShownDetailsByDefault() {
 		this.contextRunner.run((context) -> {
 			ReactiveHealthEndpointWebExtension extension = context
 					.getBean(ReactiveHealthEndpointWebExtension.class);
 			SecurityContext securityContext = mock(SecurityContext.class);
 			given(securityContext.getPrincipal()).willReturn(mock(Principal.class));
 			assertThat(extension.health(securityContext).block().getBody().getDetails())
-					.isNotEmpty();
+					.isEmpty();
 		});
 	}

+	@Test
+	public void authenticatedUsersWhenAuthorizedCanBeShownDetails() {
+		this.contextRunner
+				.withPropertyValues(
+						"management.endpoint.health.show-details=when-authorized")
+				.run((context) -> {
+					ReactiveHealthEndpointWebExtension extension = context
+							.getBean(ReactiveHealthEndpointWebExtension.class);
+					SecurityContext securityContext = mock(SecurityContext.class);
+					given(securityContext.getPrincipal())
+							.willReturn(mock(Principal.class));
+					assertThat(extension.health(securityContext).block().getBody()
+							.getDetails()).isNotEmpty();
+				});
+	}
+
 	@Test
 	public void unauthenticatedUsersCanBeShownDetails() {
 		this.contextRunner
--- a/spring-boot-project/spring-boot-docs/src/main/asciidoc/production-ready-features.adoc
+++ b/spring-boot-project/spring-boot-docs/src/main/asciidoc/production-ready-features.adoc
@ -531,7 +531,7 @@ following values:
 |Details are shown to all users.
 |===

-The default value is `when-authorized`. A user is considered to be authorized when they
+The default value is `never`. A user is considered to be authorized when they
 are in one or more of the endpoint's roles. If the endpoint has no configured roles
 (the default) all authenticated users are considered to be authorized. The roles can
 be configured using the `management.endpoint.health.roles` property.