From 058e67f10eeb2be95dd4fcc8f8d34bee9ad63b2a Mon Sep 17 00:00:00 2001 From: Robert von Burg Date: Sun, 7 Aug 2011 16:13:23 +0200 Subject: [PATCH] [New] it is now possible for a user to change their own password --- .../handler/DefaultPrivilegeHandler.java | 13 +++++- .../privilege/handler/PrivilegeHandler.java | 6 +++ .../privilege/test/PrivilegeTest.java | 44 ++++++++++++++++++- 3 files changed, 60 insertions(+), 3 deletions(-) diff --git a/src/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java b/src/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java index 5068b6ed0..55471cb63 100644 --- a/src/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java +++ b/src/ch/eitchnet/privilege/handler/DefaultPrivilegeHandler.java @@ -452,8 +452,17 @@ public class DefaultPrivilegeHandler implements PrivilegeHandler { @Override public void setUserPassword(Certificate certificate, String username, String password) { - // validate who is doing this - validateIsPrivilegeAdmin(certificate); + // check if certificate is for same user, in which case user is changing their own password + if (certificate.getUsername().equals(username)) { + + // validate the certificate + isCertificateValid(certificate); + + } else { + + // otherwise validate the the certificate is for a privilege admin + validateIsPrivilegeAdmin(certificate); + } // get User User user = this.persistenceHandler.getUser(username); diff --git a/src/ch/eitchnet/privilege/handler/PrivilegeHandler.java b/src/ch/eitchnet/privilege/handler/PrivilegeHandler.java index 2af410f25..03bda0c84 100644 --- a/src/ch/eitchnet/privilege/handler/PrivilegeHandler.java +++ b/src/ch/eitchnet/privilege/handler/PrivilegeHandler.java @@ -227,9 +227,15 @@ public interface PrivilegeHandler { throws AccessDeniedException, PrivilegeException; /** + *

* Changes the password for the {@link User} with the given username. If the password is null, then the {@link User} * can not login anymore. Otherwise the password must meet the requirements of the implementation under * {@link PrivilegeHandler#validatePassword(String)} + *

+ * + *

+ * It should be possible for a user to change their own password + *

* * @param certificate * the {@link Certificate} of the user which has the privilege to perform this action diff --git a/test/ch/eitchnet/privilege/test/PrivilegeTest.java b/test/ch/eitchnet/privilege/test/PrivilegeTest.java index 641ad883e..859ff4415 100644 --- a/test/ch/eitchnet/privilege/test/PrivilegeTest.java +++ b/test/ch/eitchnet/privilege/test/PrivilegeTest.java @@ -64,7 +64,9 @@ public class PrivilegeTest { private static final String PASS_BOB = "admin1"; private static final String ROLE_FEATHERLITE_USER = "FeatherliteUser"; private static final String ROLE_USER = "user"; + private static final String PASS_DEF = "def"; private static final String PASS_BAD = "123"; + private static final String PASS_TED = "12345"; private static final Logger logger = Logger.getLogger(PrivilegeTest.class); @@ -269,10 +271,50 @@ public class PrivilegeTest { org.junit.Assert.assertTrue("Certificate is null!", certificate != null); // let's add a new user ted - UserRep userRep = new UserRep("2", TED, "Ted", "Newman", UserState.NEW, new HashSet(), null, + HashSet roles = new HashSet(); + roles.add(ROLE_USER); + UserRep userRep = new UserRep("2", TED, "Ted", "Newman", UserState.ENABLED, roles, null, new HashMap()); privilegeHandler.addOrReplaceUser(certificate, userRep, null); logger.info("Added user " + TED); + + privilegeHandler.invalidateSession(certificate); + } + + /** + * @throws Exception + * if something goes wrong + */ + @Test + public void testSetTedPwdAsBob() throws Exception { + + Certificate certificate = privilegeHandler.authenticate(BOB, PASS_BOB); + org.junit.Assert.assertTrue("Certificate is null!", certificate != null); + + // set ted's password to default + privilegeHandler.setUserPassword(certificate, TED, PASS_DEF); + + privilegeHandler.invalidateSession(certificate); + } + + /** + * @throws Exception + * if something goes wrong + */ + @Test + public void testTedChangesOwnPwd() throws Exception { + Certificate certificate = privilegeHandler.authenticate(TED, PASS_DEF); + privilegeHandler.setUserPassword(certificate, TED, PASS_TED); + privilegeHandler.invalidateSession(certificate); + } + + /** + * @throws Exception + * if something goes wrong + */ + @Test + public void testAuthAsTed() throws Exception { + Certificate certificate = privilegeHandler.authenticate(TED, PASS_TED); privilegeHandler.invalidateSession(certificate); }