Changing password reset API v2

2020-09-24 17:08:52 +02:00 · 2020-09-24 17:08:52 +02:00 · 06b7ef2d39
parent 10089e215a
commit 06b7ef2d39
4 changed files with 64 additions and 4 deletions
--- a/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
+++ b/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
@ -60,6 +60,8 @@ public interface RedbackRoleConstants

    public static final String USER_MANAGEMENT_USER_LIST_OPERATION = "user-management-user-list";

+    public static final String USER_MANAGEMENT_USER_VIEW_OPERATION = "user-management-user-view";
+
    // operations against user assignment.
    public static final String USER_MANAGEMENT_ROLE_GRANT_OPERATION = "user-management-role-grant";

--- a/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
+++ b/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
@ -76,6 +76,12 @@
          <description>list users</description>
          <permanent>true</permanent>
        </operation>
+        <operation>
+          <id>user-management-user-view</id>
+          <name>user-management-user-view</name>
+          <description>view user information</description>
+          <permanent>true</permanent>
+        </operation>
        <operation>
          <id>user-management-role-grant</id>
          <name>user-management-role-grant</name>
@ -195,6 +201,13 @@
              <resource>global</resource>
              <permanent>true</permanent>
            </permission>
+            <permission>
+              <id>access-user-data</id>
+              <name>Access User Data</name>
+              <operation>user-management-user-view</operation>
+              <resource>global</resource>
+              <permanent>true</permanent>
+            </permission>
          </permissions>
        </role>
        <role>
@ -210,6 +223,13 @@
              <resource>username</resource>
              <permanent>true</permanent>
            </permission>
+            <permission>
+              <id>view-user-by-username</id>
+              <name>View User Data by Username</name>
+              <operation>user-management-user-view</operation>
+              <resource>username</resource>
+              <permanent>true</permanent>
+            </permission>
          </permissions>
        </role>
        <role>
--- a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
@ -386,8 +386,8 @@ public interface UserService
        throws RedbackServiceException;

    /**
-     *
-     * @param resetPasswordRequest contains username for send a password reset email
+     * Asks for a password reset of the given User. Normally this results in a password reset email sent to the
+     * stored email address for the given user.
     */
    @Path( "{userId}/password/reset" )
    @POST
@ -410,11 +410,11 @@ public interface UserService
    @Path( "{userId}/permissions" )
    @GET
    @Produces( { MediaType.APPLICATION_JSON } )
-    @RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION,
+    @RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_VIEW_OPERATION,
        resource = "{userId}")
    @io.swagger.v3.oas.annotations.Operation( summary = "Returns a list of permissions assigned to the given user.",
        security = {
-            @SecurityRequirement( name = RedbackRoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION )
+            @SecurityRequirement( name = RedbackRoleConstants.USER_MANAGEMENT_USER_VIEW_OPERATION )
        },
        responses = {
            @ApiResponse( responseCode = "200",
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
@ -1025,4 +1025,42 @@ public class NativeUserServiceTest extends AbstractNativeRestServices
                .then( ).statusCode( 200 );
        }
    }
+
+
+    @Test
+    void getUserPermissions( )
+    {
+        String adminToken = getAdminToken( );
+        Map<String, Object> jsonAsMap = new HashMap<>( );
+        jsonAsMap.put( "user_id", "aragorn" );
+        jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
+        jsonAsMap.put( "fullName", "Aragorn King of Gondor" );
+        jsonAsMap.put( "validated", true );
+        jsonAsMap.put( "password", "pAssw0rD" );
+        given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
+            .body( jsonAsMap )
+            .when( )
+            .post( )
+            .then( ).statusCode( 201 );
+        try
+        {
+
+            String token = getUserToken( "aragorn", "pAssw0rD" );
+            Response response = given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+                .when( )
+                .get( "aragorn/permissions" )
+                .prettyPeek()
+                .then( ).statusCode( 200 ).extract( ).response( );
+            assertEquals( 2, response.getBody( ).jsonPath().getList( "" ).size() );
+
+
+        }
+        finally
+        {
+            given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
+                .delete( "aragorn" )
+                .then( ).statusCode( 200 );
+        }
+    }
+
 }