FileFighter · open-schnick · Nov 17, 2020 · Nov 15, 2020 · Nov 15, 2020 · Nov 16, 2020
diff --git a/src/main/java/de/filefighter/rest/domain/user/data/persistance/UserEntity.java b/src/main/java/de/filefighter/rest/domain/user/data/persistance/UserEntity.java
@@ -2,6 +2,7 @@
 
 import lombok.Builder;
 import lombok.Getter;
+import lombok.Setter;
 import lombok.ToString;
 import org.springframework.data.mongodb.core.mapping.Document;
 import org.springframework.data.mongodb.core.mapping.MongoId;
@@ -10,15 +11,16 @@
 @Getter
 @ToString
 @Builder
+@Setter
 public class UserEntity {
 
     @MongoId
     private final String _id;
-    private final long userId;
-    private final String username;
-    private final String lowercaseUsername; // Redundancy for performance tradeoff.
-    private final String password;
-    private final String refreshToken; //TODO: add valid_until for refreshToken
-    private final long[] groupIds;
+    private long userId;
+    private String username;
+    private String lowercaseUsername; // Redundancy for performance tradeoff.
+    private String password;
+    private String refreshToken; //TODO: add valid_until for refreshToken
+    private long[] groupIds;
 
 }
diff --git a/src/test/java/de/filefighter/rest/RestApplicationIntegrationTest.java b/src/test/java/de/filefighter/rest/RestApplicationIntegrationTest.java
@@ -16,6 +16,7 @@
 import org.springframework.web.client.RestTemplate;
 
 import java.io.IOException;
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -108,4 +109,29 @@ public void handleError(@NotNull ClientHttpResponse response) throws IOException
             results = new ResponseResults(response);
         }
     }
-}
+
+    protected    static String serializeUser(String confirmationPassword,int[] groupIds, String password, String username){
+        StringBuilder jsonString=new StringBuilder("{");
+
+        if (confirmationPassword != null){
+            jsonString.append("\"confirmationPassword\": \"").append(confirmationPassword).append("\",");
+        }
+        if (groupIds!=null && groupIds.length>0){
+            jsonString.append("\"groupIds\": ").append(Arrays.toString(groupIds)).append(",");
+        }
+        if (password != null){
+            jsonString.append("\"password\": \"").append(password).append("\",");
+        }
+        if (username != null){
+            jsonString.append("\"username\": \"").append(username).append("\",");
+        }
+
+        jsonString.append("}");
+
+        return jsonString.toString();
+    }
+
+
+
+
+}
diff --git a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java
@@ -166,4 +166,12 @@ public void responseContainsKeyAndValueOfAtLeast(String key, int value) throws J
 
         assertTrue(actualValue >= value);
     }
+
+    @And("user with id {long} is in group with id {long}")
+    public void userWithIdIsInGroupWithId(long userId, long groupId) {
+        UserEntity userEntity=userRepository.findByUserId(userId);
+
+        userEntity.setGroupIds(new long[]{groupId});
+        userRepository.save(userEntity);
+    }
 }
diff --git a/src/test/java/de/filefighter/rest/cucumber/UserEditInformationSteps.java b/src/test/java/de/filefighter/rest/cucumber/UserEditInformationSteps.java
@@ -21,12 +21,8 @@ public void userRequestsChangeOfUsernameWithValueAndAccessTokenAndId(String newU
 
 
 
-        String postBody="{" +
-                "  \"groupIds\": [" +
-                "    0" +
-                "  ]," +
-                "  \"username\": \""+newUsername+"\"" +
-                "}";
+        String postBody=serializeUser(null,null,null,newUsername);
+
 
         executeRestApiCall(HttpMethod.PUT, url, authHeader,postBody);
     }
@@ -40,13 +36,8 @@ public void userRequestsChangeOfPasswordWithValueAndAccessTokenAndId(String newP
         authHeader.put("Authorization", authHeaderString);
 
 
-        String postBody="{\n" +
-                "  \"confirmationPassword\": \""+newPassword+"\"," +
-                "  \"groupIds\": [" +
-                "    0" +
-                "  ]," +
-                "  \"password\": \""+newPassword+"\"," +
-                "}";
+        String postBody=serializeUser(newPassword,null,newPassword,null);
+
 
         executeRestApiCall(HttpMethod.GET, url, authHeader,postBody);
     }

diff --git a/src/test/java/de/filefighter/rest/cucumber/UserRegistrationSteps.java b/src/test/java/de/filefighter/rest/cucumber/UserRegistrationSteps.java
@@ -0,0 +1,31 @@
+package de.filefighter.rest.cucumber;
+
+import de.filefighter.rest.RestApplicationIntegrationTest;
+import io.cucumber.java.en.When;
+import org.springframework.http.HttpMethod;
+
+import java.util.HashMap;
+
+import static de.filefighter.rest.configuration.RestConfiguration.*;
+
+public class UserRegistrationSteps extends RestApplicationIntegrationTest {
+    @When("user requests registration with username {string}, password {string} and password confirmation {string} with accessToken {string}")
+    public void userRequestsRegistrationWithUsernamePasswordAndPasswordConfirmationWithAccessToken(String username, String password, String passwordConfirmation, String accessToken) {
+
+        String authHeaderString = AUTHORIZATION_BEARER_PREFIX + accessToken;
+        String url = BASE_API_URI + USER_BASE_URI + "register";
+
+
+        HashMap<String, String> authHeader = new HashMap<>();
+        authHeader.put("Authorization", authHeaderString);
+
+
+
+
+        String postBody=serializeUser(password,null,password,username);
+
+        executeRestApiCall(HttpMethod.POST, url, authHeader,postBody);
+
+
+    }
+}
diff --git a/src/test/resources/UserRegistration.feature b/src/test/resources/UserRegistration.feature
@@ -1,61 +1,61 @@
-#Feature: User Registration
-#  As a user (/admin)
-#  I want to be able to register (users) with username and password
-#
-#  Background:
-#    Given database is empty
-#    And user with id 1234 exists and has username "user", password "secure_password"
-#    And accessToken with value "accessToken" exists for user 1234
-#    And user with id 1234 is in group with id 1
-#
-#  Scenario: Successful registration with username, password and password confirmation.
-#    When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken"
-#    Then response status code is 201
-#    And response contains key "message" and value "User successfully created."
-#    And response contains key "status" and value "created"
-#
-#  Scenario: Successful registration with username, password and password confirmation; password matches password of other users.
-#    When user requests registration with username "kangaroo", password "secure_password" and password confirmation "secure_password" with accessToken "accessToken"
-#    Then response status code is 201
-#    And response contains key "message" and value "User successfully created."
-#    And response contains key "status" and value "created"
-#
-#  Scenario: Failed registration with used username, arbitrary password and password confirmation.
-#    When user requests registration with username "user", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken"
-#    Then response status code is 409
-#    And response contains key "message" and value "User already exists."
-#    And response contains key "status" and value "conflict"
-#
-#  Scenario: Failed registration with used username (other case), arbitrary password and password confirmation.
-#    When user requests registration with username "User", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken"
-#    Then response status code is 409
-#    And response contains key "message" and value "User already exists."
-#    And response contains key "status" and value "conflict"
-#
-#  Scenario: Failed registration with username, password and deviating password confirmation.
-#    When user requests registration with username "kangaroo", password "pig-system" and password confirmation "i-love-capitalism" with accessToken "accessToken"
-#    Then response status code is 409
-#    And response contains key "message" and value "Passwords do not match."
-#    And response contains key "status" and value "conflict"
-#
-#  Scenario: Failed registration with username, password and password confirmation; username is part of password.
-#    When user requests registration with username "kangaroo", password "kangaroo-system" and password confirmation "kangaroo-system" with accessToken "accessToken"
-#    Then response status code is 409
-#    And response contains key "message" and value "Username must not appear in password."
-#    And response contains key "status" and value "conflict"
-#
-#  Scenario: Failed registration with username, password and password confirmation; password appears in list of top 10k passwords
-#    When user requests registration with username "kangaroo", password "vietnam" and password confirmation "vietnam" with accessToken "accessToken"
-#    Then response status code is 409
-#    And response contains key "message" and value "Password must not appear in the top 10000 most common passwords."
-#    And response contains key "status" and value "conflict"
-#    #https://github.com/iryndin/10K-Most-Popular-Passwords/blob/master/passwords.txt
-#
-#  Scenario: Failed registration with username, password and password confirmation; not in group ADMIN
-#    Given user with id 1236 exists
-#    And user with id 1236 is in group with id -1
-#    And accessToken with value "wrongAccessToken" exists for user 1236
-#    When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "wrongAccessToken"
-#    Then response status code is 401
-#    And response contains key "message" and value "User must not register new users."
-#    And response contains key "status" and value "unauthorized"
+Feature: User Registration
+  As a user (/admin)
+  I want to be able to register (users) with username and password
+
+  Background:
+    Given database is empty
+    And user with id 1234 exists and has username "user", password "secure_password"
+    And accessToken with value "accessToken" exists for user 1234
+    And user with id 1234 is in group with id 1
+
+  Scenario: Successful registration with username, password and password confirmation.
+    When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken"
+    Then response status code is 201
+    And response contains key "message" and value "User successfully created."
+    And response contains key "status" and value "created"
+
+  Scenario: Successful registration with username, password and password confirmation; password matches password of other users.
+    When user requests registration with username "kangaroo", password "secure_password" and password confirmation "secure_password" with accessToken "accessToken"
+    Then response status code is 201
+    And response contains key "message" and value "User successfully created."
+    And response contains key "status" and value "created"
+
+  Scenario: Failed registration with used username, arbitrary password and password confirmation.
+    When user requests registration with username "user", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken"
+    Then response status code is 409
+    And response contains key "message" and value "User already exists."
+    And response contains key "status" and value "conflict"
+
+  Scenario: Failed registration with used username (other case), arbitrary password and password confirmation.
+    When user requests registration with username "User", password "pig-system" and password confirmation "pig-system" with accessToken "accessToken"
+    Then response status code is 409
+    And response contains key "message" and value "User already exists."
+    And response contains key "status" and value "conflict"
+
+  Scenario: Failed registration with username, password and deviating password confirmation.
+    When user requests registration with username "kangaroo", password "pig-system" and password confirmation "i-love-capitalism" with accessToken "accessToken"
+    Then response status code is 409
+    And response contains key "message" and value "Passwords do not match."
+    And response contains key "status" and value "conflict"
+
+  Scenario: Failed registration with username, password and password confirmation; username is part of password.
+    When user requests registration with username "kangaroo", password "kangaroo-system" and password confirmation "kangaroo-system" with accessToken "accessToken"
+    Then response status code is 409
+    And response contains key "message" and value "Username must not appear in password."
+    And response contains key "status" and value "conflict"
+
+  Scenario: Failed registration with username, password and password confirmation; password appears in list of top 10k passwords
+    When user requests registration with username "kangaroo", password "vietnam" and password confirmation "vietnam" with accessToken "accessToken"
+    Then response status code is 409
+    And response contains key "message" and value "Password must not appear in the top 10000 most common passwords."
+    And response contains key "status" and value "conflict"
+    #https://github.com/iryndin/10K-Most-Popular-Passwords/blob/master/passwords.txt
+
+  Scenario: Failed registration with username, password and password confirmation; not in group ADMIN
+    Given user 1236 exists
+    And user with id 1236 is in group with id -1
+    And accessToken with value "wrongAccessToken" exists for user 1236
+    When user requests registration with username "kangaroo", password "pig-system" and password confirmation "pig-system" with accessToken "wrongAccessToken"
+    Then response status code is 401
+    And response contains key "message" and value "User must not register new users."
+    And response contains key "status" and value "unauthorized"