Changing interface for password reset

2020-09-23 17:04:37 +02:00 · 2020-09-23 17:04:37 +02:00 · 10089e215a
parent 2a8928e2db
commit 10089e215a
5 changed files with 42 additions and 10 deletions
--- a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/Constants.java
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/Constants.java
@ -29,6 +29,7 @@ public interface Constants
    String ERR_USERMANAGER_FAIL = "redback:usermanager_error";
    String ERR_ROLEMANAGER_FAIL = "redback:rolemanager_error";
    String ERR_RBACMANAGER_FAIL = "redback:rbacmanager_error";
+    String ERR_INVALID_POST_DATA = "redback:invalid_post_data";

    String ERR_USER_EXISTS = "redback:user.exists";
    String ERR_USER_ID_EMPTY = "redback:user.id.empty";
--- a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
@ -402,7 +402,7 @@ public interface UserService
            @ApiResponse( responseCode = "404", description = "User does not exist" ),
        }
    )
-    ActionStatus resetPassword( @PathParam( "userId" )String userId, ResetPasswordRequest resetPasswordRequest )
+    ActionStatus resetPassword( @PathParam( "userId" )String userId )
        throws RedbackServiceException;

    /**
--- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
@ -603,10 +603,10 @@ public class DefaultUserService
    }

    @Override
-    public ActionStatus resetPassword( String userId, ResetPasswordRequest resetPasswordRequest )
+    public ActionStatus resetPassword( String userId )
        throws RedbackServiceException
    {
-        String username = resetPasswordRequest.getUsername();
+        String username = userId;
        if ( StringUtils.isEmpty( username ) )
        {
            throw new RedbackServiceException( new ErrorMessage( "username.cannot.be.empty" ) );
@ -623,11 +623,7 @@ public class DefaultUserService
            AuthenticationKey authkey = keyManager.createKey( username, "Password Reset Request",
                                                              policy.getUserValidationSettings().getEmailValidationTimeout() );

-            String applicationUrl = resetPasswordRequest.getApplicationUrl();
-            if ( StringUtils.isBlank( applicationUrl ) )
-            {
-                applicationUrl = getBaseUrl();
-            }
+            String applicationUrl = getBaseUrl( );

            mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, applicationUrl );
            log.info( "password reset request for username {}", username );
@ -635,7 +631,7 @@ public class DefaultUserService
        catch ( UserNotFoundException e )
        {
            log.info( "Password Reset on non-existant user [{}].", username );
-            throw new RedbackServiceException( new ErrorMessage( "password.reset.failure" ) );
+            throw new RedbackServiceException( new ErrorMessage( ERR_USER_NOT_FOUND ), 404 );
        }
        catch ( KeyManagerException e )
        {
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
@ -990,4 +990,39 @@ public class NativeUserServiceTest extends AbstractNativeRestServices
            .then( ).statusCode( 422 );
    }

+    @Test
+    void askForPasswordReset( )
+    {
+        String adminToken = getAdminToken( );
+        Map<String, Object> jsonAsMap = new HashMap<>( );
+        jsonAsMap.put( "user_id", "aragorn" );
+        jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
+        jsonAsMap.put( "fullName", "Aragorn King of Gondor" );
+        jsonAsMap.put( "validated", true );
+        jsonAsMap.put( "password", "pAssw0rD" );
+        given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
+            .body( jsonAsMap )
+            .when( )
+            .post( )
+            .then( ).statusCode( 201 );
+        try
+        {
+
+            given( ).spec( getRequestSpec(null) ).contentType( JSON )
+                .when( )
+                .post( "aragorn/password/reset" )
+                .then( ).statusCode( 200 );
+
+            given( ).spec( getRequestSpec(null) ).contentType( JSON )
+                .when( )
+                .post( "xxyy/password/reset" )
+                .then( ).statusCode( 404 );
+        }
+        finally
+        {
+            given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
+                .delete( "aragorn" )
+                .then( ).statusCode( 200 );
+        }
+    }
 }
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/UserServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/UserServiceTest.java
@ -419,7 +419,7 @@ public class UserServiceTest

            // assertTrue( service.validateUserFromKey( key ).isSuccess( ) );

-            assertTrue( service.resetPassword(u.getUserId(),  new ResetPasswordRequest( "toto", "http://foo.fr/bar" ) ).isSuccess( ) );
+            assertTrue( service.resetPassword(u.getUserId() ).isSuccess( ) );

            emailMessages = assertService.getEmailMessageSended( );
            assertEquals( 2, emailMessages.size( ) );