Changing interface for password reset

This commit is contained in:
Martin Stockhammer 2020-09-23 17:04:37 +02:00
parent 2a8928e2db
commit 10089e215a
5 changed files with 42 additions and 10 deletions

View File

@ -29,6 +29,7 @@ public interface Constants
String ERR_USERMANAGER_FAIL = "redback:usermanager_error"; String ERR_USERMANAGER_FAIL = "redback:usermanager_error";
String ERR_ROLEMANAGER_FAIL = "redback:rolemanager_error"; String ERR_ROLEMANAGER_FAIL = "redback:rolemanager_error";
String ERR_RBACMANAGER_FAIL = "redback:rbacmanager_error"; String ERR_RBACMANAGER_FAIL = "redback:rbacmanager_error";
String ERR_INVALID_POST_DATA = "redback:invalid_post_data";
String ERR_USER_EXISTS = "redback:user.exists"; String ERR_USER_EXISTS = "redback:user.exists";
String ERR_USER_ID_EMPTY = "redback:user.id.empty"; String ERR_USER_ID_EMPTY = "redback:user.id.empty";

View File

@ -402,7 +402,7 @@ public interface UserService
@ApiResponse( responseCode = "404", description = "User does not exist" ), @ApiResponse( responseCode = "404", description = "User does not exist" ),
} }
) )
ActionStatus resetPassword( @PathParam( "userId" )String userId, ResetPasswordRequest resetPasswordRequest ) ActionStatus resetPassword( @PathParam( "userId" )String userId )
throws RedbackServiceException; throws RedbackServiceException;
/** /**

View File

@ -603,10 +603,10 @@ public class DefaultUserService
} }
@Override @Override
public ActionStatus resetPassword( String userId, ResetPasswordRequest resetPasswordRequest ) public ActionStatus resetPassword( String userId )
throws RedbackServiceException throws RedbackServiceException
{ {
String username = resetPasswordRequest.getUsername(); String username = userId;
if ( StringUtils.isEmpty( username ) ) if ( StringUtils.isEmpty( username ) )
{ {
throw new RedbackServiceException( new ErrorMessage( "username.cannot.be.empty" ) ); throw new RedbackServiceException( new ErrorMessage( "username.cannot.be.empty" ) );
@ -623,11 +623,7 @@ public class DefaultUserService
AuthenticationKey authkey = keyManager.createKey( username, "Password Reset Request", AuthenticationKey authkey = keyManager.createKey( username, "Password Reset Request",
policy.getUserValidationSettings().getEmailValidationTimeout() ); policy.getUserValidationSettings().getEmailValidationTimeout() );
String applicationUrl = resetPasswordRequest.getApplicationUrl(); String applicationUrl = getBaseUrl( );
if ( StringUtils.isBlank( applicationUrl ) )
{
applicationUrl = getBaseUrl();
}
mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, applicationUrl ); mailer.sendPasswordResetEmail( Arrays.asList( user.getEmail() ), authkey, applicationUrl );
log.info( "password reset request for username {}", username ); log.info( "password reset request for username {}", username );
@ -635,7 +631,7 @@ public class DefaultUserService
catch ( UserNotFoundException e ) catch ( UserNotFoundException e )
{ {
log.info( "Password Reset on non-existant user [{}].", username ); log.info( "Password Reset on non-existant user [{}].", username );
throw new RedbackServiceException( new ErrorMessage( "password.reset.failure" ) ); throw new RedbackServiceException( new ErrorMessage( ERR_USER_NOT_FOUND ), 404 );
} }
catch ( KeyManagerException e ) catch ( KeyManagerException e )
{ {

View File

@ -990,4 +990,39 @@ public class NativeUserServiceTest extends AbstractNativeRestServices
.then( ).statusCode( 422 ); .then( ).statusCode( 422 );
} }
@Test
void askForPasswordReset( )
{
String adminToken = getAdminToken( );
Map<String, Object> jsonAsMap = new HashMap<>( );
jsonAsMap.put( "user_id", "aragorn" );
jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
jsonAsMap.put( "fullName", "Aragorn King of Gondor" );
jsonAsMap.put( "validated", true );
jsonAsMap.put( "password", "pAssw0rD" );
given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
.body( jsonAsMap )
.when( )
.post( )
.then( ).statusCode( 201 );
try
{
given( ).spec( getRequestSpec(null) ).contentType( JSON )
.when( )
.post( "aragorn/password/reset" )
.then( ).statusCode( 200 );
given( ).spec( getRequestSpec(null) ).contentType( JSON )
.when( )
.post( "xxyy/password/reset" )
.then( ).statusCode( 404 );
}
finally
{
given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
.delete( "aragorn" )
.then( ).statusCode( 200 );
}
}
} }

View File

@ -419,7 +419,7 @@ public class UserServiceTest
// assertTrue( service.validateUserFromKey( key ).isSuccess( ) ); // assertTrue( service.validateUserFromKey( key ).isSuccess( ) );
assertTrue( service.resetPassword(u.getUserId(), new ResetPasswordRequest( "toto", "http://foo.fr/bar" ) ).isSuccess( ) ); assertTrue( service.resetPassword(u.getUserId() ).isSuccess( ) );
emailMessages = assertService.getEmailMessageSended( ); emailMessages = assertService.getEmailMessageSended( );
assertEquals( 2, emailMessages.size( ) ); assertEquals( 2, emailMessages.size( ) );