[New] it is now possible for a user to change their own password
This commit is contained in:
parent
bb515756cb
commit
058e67f10e
|
@ -452,8 +452,17 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler {
|
|||
@Override
|
||||
public void setUserPassword(Certificate certificate, String username, String password) {
|
||||
|
||||
// validate who is doing this
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
// check if certificate is for same user, in which case user is changing their own password
|
||||
if (certificate.getUsername().equals(username)) {
|
||||
|
||||
// validate the certificate
|
||||
isCertificateValid(certificate);
|
||||
|
||||
} else {
|
||||
|
||||
// otherwise validate the the certificate is for a privilege admin
|
||||
validateIsPrivilegeAdmin(certificate);
|
||||
}
|
||||
|
||||
// get User
|
||||
User user = this.persistenceHandler.getUser(username);
|
||||
|
|
|
@ -227,9 +227,15 @@ public interface PrivilegeHandler {
|
|||
throws AccessDeniedException, PrivilegeException;
|
||||
|
||||
/**
|
||||
* <p>
|
||||
* Changes the password for the {@link User} with the given username. If the password is null, then the {@link User}
|
||||
* can not login anymore. Otherwise the password must meet the requirements of the implementation under
|
||||
* {@link PrivilegeHandler#validatePassword(String)}
|
||||
* </p>
|
||||
*
|
||||
* <p>
|
||||
* It should be possible for a user to change their own password
|
||||
* </p>
|
||||
*
|
||||
* @param certificate
|
||||
* the {@link Certificate} of the user which has the privilege to perform this action
|
||||
|
|
|
@ -64,7 +64,9 @@ public class PrivilegeTest {
|
|||
private static final String PASS_BOB = "admin1";
|
||||
private static final String ROLE_FEATHERLITE_USER = "FeatherliteUser";
|
||||
private static final String ROLE_USER = "user";
|
||||
private static final String PASS_DEF = "def";
|
||||
private static final String PASS_BAD = "123";
|
||||
private static final String PASS_TED = "12345";
|
||||
|
||||
private static final Logger logger = Logger.getLogger(PrivilegeTest.class);
|
||||
|
||||
|
@ -269,10 +271,50 @@ public class PrivilegeTest {
|
|||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// let's add a new user ted
|
||||
UserRep userRep = new UserRep("2", TED, "Ted", "Newman", UserState.NEW, new HashSet<String>(), null,
|
||||
HashSet<String> roles = new HashSet<String>();
|
||||
roles.add(ROLE_USER);
|
||||
UserRep userRep = new UserRep("2", TED, "Ted", "Newman", UserState.ENABLED, roles, null,
|
||||
new HashMap<String, String>());
|
||||
privilegeHandler.addOrReplaceUser(certificate, userRep, null);
|
||||
logger.info("Added user " + TED);
|
||||
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws Exception
|
||||
* if something goes wrong
|
||||
*/
|
||||
@Test
|
||||
public void testSetTedPwdAsBob() throws Exception {
|
||||
|
||||
Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB);
|
||||
org.junit.Assert.assertTrue("Certificate is null!", certificate != null);
|
||||
|
||||
// set ted's password to default
|
||||
privilegeHandler.setUserPassword(certificate, TED, PASS_DEF);
|
||||
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws Exception
|
||||
* if something goes wrong
|
||||
*/
|
||||
@Test
|
||||
public void testTedChangesOwnPwd() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(TED, PASS_DEF);
|
||||
privilegeHandler.setUserPassword(certificate, TED, PASS_TED);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
/**
|
||||
* @throws Exception
|
||||
* if something goes wrong
|
||||
*/
|
||||
@Test
|
||||
public void testAuthAsTed() throws Exception {
|
||||
Certificate certificate = privilegeHandler.authenticate(TED, PASS_TED);
|
||||
privilegeHandler.invalidateSession(certificate);
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue