From 5c89b19428ad637e2825437b9b4dc64ddebf8303 Mon Sep 17 00:00:00 2001 From: open-schnick Date: Mon, 23 Nov 2020 11:13:14 +0100 Subject: [PATCH 1/2] FF-179 implemented new cucumber test. --- .../rest/cucumber/CommonCucumberSteps.java | 29 ++++++++++++------- .../resources/UserEditInformation.feature | 11 ++++++- 2 files changed, 28 insertions(+), 12 deletions(-) diff --git a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java index 9f4d7627..a83a16fd 100644 --- a/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java +++ b/src/test/java/de/filefighter/rest/cucumber/CommonCucumberSteps.java @@ -23,8 +23,7 @@ import java.io.IOException; import java.util.Arrays; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertTrue; +import static org.junit.jupiter.api.Assertions.*; public class CommonCucumberSteps extends RestApplicationIntegrationTest { @@ -80,6 +79,18 @@ public void userWithIdExistsAndHasUsernamePassword(long userId, String username, .build())); } + @Autowired + MongoTemplate mongoTemplate; + + @And("user with id {long} is in group with id {long}") + public void userWithIdIsInGroupWithId(long userId, long groupId) { + Query query = new Query(); + Update newUpdate = new Update().set("groupIds", new long[]{groupId}); + query.addCriteria(Criteria.where("userId").is(userId)); + + mongoTemplate.findAndModify(query, newUpdate, UserEntity.class); + } + // This step almost needs a unit test. @Given("{string} exists with id {long} and path {string}") public void fileOrFolderExistsWithIdAndPath(String fileOrFolder, long fsItemId, String path) { @@ -171,15 +182,11 @@ public void responseContainsKeyAndValueOfAtLeast(String key, int value) throws J assertTrue(actualValue >= value); } - @Autowired - MongoTemplate mongoTemplate; - - @And("user with id {long} is in group with id {long}") - public void userWithIdIsInGroupWithId(long userId, long groupId) { - Query query = new Query(); - Update newUpdate = new Update().set("groupIds", new long[]{groupId}); - query.addCriteria(Criteria.where("userId").is(userId)); + @And("response contains key {string} and a different value than {string}") + public void responseContainsKeyAndADifferentValueThan(String key, String differentValue) throws JsonProcessingException { + JsonNode rootNode = objectMapper.readTree(latestResponse.getBody()); + String actualValue = rootNode.get(key).asText(); - mongoTemplate.findAndModify(query, newUpdate, UserEntity.class); + assertNotEquals(differentValue, actualValue); } } diff --git a/src/test/resources/UserEditInformation.feature b/src/test/resources/UserEditInformation.feature index 8b0bbf5e..e7301a5b 100644 --- a/src/test/resources/UserEditInformation.feature +++ b/src/test/resources/UserEditInformation.feature @@ -4,7 +4,7 @@ Feature: Edit User Details Background: Given database is empty - And user with id 1234 exists and has username "user", password "secure_password" + And user with id 1234 exists and has username "user", password "secure_password" and refreshToken "refreshToken1234" And accessToken with value "accessToken" exists for user 1234 Scenario: Successful change of username @@ -37,3 +37,12 @@ Feature: Edit User Details Then response contains key "message" and value "User could not get updated. No changes were made." And response contains key "status" and value "Conflict" And response status code is 409 + + Scenario: RefreshToken of user is different after password change. + When user requests change of password with value "newValidPassword123" userId 1234 and accessToken "accessToken" + Then response contains key "message" and value "User successfully updated." + And response contains key "status" and value "Created" + And response status code is 201 + When user requests login with username "user" and password "newValidPassword123" + And response contains key "tokenValue" and a different value than "refreshToken1234" + Then response status code is 200 From 104835e981e00b6e709512721f25b0961d762d70 Mon Sep 17 00:00:00 2001 From: open-schnick Date: Mon, 23 Nov 2020 11:15:28 +0100 Subject: [PATCH 2/2] FF-179 Forgot to implement refreshToken Change on Pw change. --- .../rest/domain/user/business/UserBusinessService.java | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java b/src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java index 19ac21f1..7bff85f9 100644 --- a/src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java +++ b/src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java @@ -155,7 +155,7 @@ public void updateUser(long userId, UserRegisterForm userToUpdate, User authenti if (null == userToUpdate) throw new UserNotUpdatedException("No updates specified."); - if(null == authenticatedUser.getGroups()) + if (null == authenticatedUser.getGroups()) throw new UserNotUpdatedException("Authenticated User is not allowed"); boolean authenticatedUserIsAdmin = Arrays.stream(authenticatedUser.getGroups()).anyMatch(g -> g == Groups.ADMIN); @@ -205,6 +205,10 @@ public void updateUser(long userId, UserRegisterForm userToUpdate, User authenti changesWereMade = true; newUpdate.set("password", password); + + //update refreshToken + String newRefreshToken = AccessTokenBusinessService.generateRandomTokenValue(); + newUpdate.set("refreshToken", newRefreshToken); } // groups @@ -222,7 +226,7 @@ public void updateUser(long userId, UserRegisterForm userToUpdate, User authenti newUpdate.set("groupIds", userToUpdate.getGroupIds()); } - if(!changesWereMade) + if (!changesWereMade) throw new UserNotUpdatedException("No changes were made."); Query query = new Query();