Skip to content
This repository was archived by the owner on Apr 5, 2024. It is now read-only.

Feature/FF-255 RestApi now uses a runtime user. #66

Merged
merged 6 commits into from
Jan 8, 2021
Merged

Feature/FF-255 RestApi now uses a runtime user. #66

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
1762df6
FF-255 Added user to runtime user.
open-schnick Jan 7, 2021
16b9e4b
FF-255 Added System group.
open-schnick Jan 7, 2021
cc43192
FF-255 Added remaining logic.
open-schnick Jan 7, 2021
7eea17a
FF-255 Added remaining logic.
open-schnick Jan 7, 2021
f40d804
FF-255 updated tests.
open-schnick Jan 7, 2021
5a512b7
Unified Logging.
open-schnick Jan 8, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
66 changes: 41 additions & 25 deletions src/main/java/de/filefighter/rest/configuration/PrepareDataBase.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,6 @@

import de.filefighter.rest.domain.filesystem.data.persistence.FileSystemEntity;
import de.filefighter.rest.domain.filesystem.data.persistence.FileSystemRepository;
import de.filefighter.rest.domain.filesystem.type.FileSystemType;
import de.filefighter.rest.domain.token.business.AccessTokenBusinessService;
import de.filefighter.rest.domain.token.data.persistence.AccessTokenEntity;
import de.filefighter.rest.domain.token.data.persistence.AccessTokenRepository;
Expand All @@ -17,6 +16,10 @@

import java.time.Instant;

import static de.filefighter.rest.domain.filesystem.type.FileSystemType.FOLDER;
import static de.filefighter.rest.domain.filesystem.type.FileSystemType.TEXT;
import static de.filefighter.rest.domain.user.group.Groups.*;

@Log4j2
@Configuration
public class PrepareDataBase {
Expand Down Expand Up @@ -70,18 +73,31 @@ CommandLineRunner cleanDataBase(UserRepository userRepository, FileSystemReposit
};
}

@Bean
CommandLineRunner createRuntimeUser(UserRepository userRepository) {
return args -> log.info("Preloading system runtime user. {}", userRepository.save(UserEntity
.builder()
.userId(0L)
.username("FileFighter")
.lowercaseUsername("filefighter")
.password(null)
.refreshToken(null)
.groupIds(new long[]{SYSTEM.getGroupId()})
.build()));
}

@Bean
@Profile("prod")
CommandLineRunner initDataBaseProd(UserRepository userRepository, FileSystemRepository fileSystemRepository) {
return args -> {
log.info("Preloading default admin user: {}.", userRepository.save(UserEntity
.builder()
.userId(0L)
.userId(1L)
.username("Admin")
.lowercaseUsername("admin")
.password("admin")
.refreshToken("refreshToken1234")
.groupIds(new long[]{0, 1})
.groupIds(new long[]{FAMILY.getGroupId(), ADMIN.getGroupId()})
.build()));

log.info("Preloading default fsStructure: {} {}.", fileSystemRepository.save(FileSystemEntity
Expand All @@ -92,22 +108,22 @@ CommandLineRunner initDataBaseProd(UserRepository userRepository, FileSystemRepo
.path("/")
.itemIds(new long[0])
.lastUpdated(Instant.now().getEpochSecond())
.name("root")
.name("HOME_Admin")
.size(0)
.typeId(FileSystemType.FOLDER.getId())
.visibleForGroupIds(new long[]{-1, 0, 1})
.typeId(FOLDER.getId())
.visibleForGroupIds(new long[]{UNDEFINED.getGroupId(), FAMILY.getGroupId(), ADMIN.getGroupId()})
.itemIds(new long[]{1})
.build()),
fileSystemRepository.save(FileSystemEntity.builder()
.createdByUserId(0)
.createdByUserId(1)
.fileSystemId(1)
.isFile(true)
.lastUpdated(Instant.now().getEpochSecond())
.name("dummyFile.txt")
.size(420)
.typeId(FileSystemType.TEXT.getId())
.editableFoGroupIds(new long[]{0})
.visibleForGroupIds(new long[]{0})
.typeId(TEXT.getId())
.editableFoGroupIds(new long[]{FAMILY.getGroupId()})
.visibleForGroupIds(new long[]{FAMILY.getGroupId()})
.build()));

log.info("Inserting Users {}", (userRepository.findAll().size() == 1 ? MESSAGE_ON_SUCCESS : MESSAGE_ON_FAILURE));
Expand All @@ -122,33 +138,33 @@ CommandLineRunner initDataBaseDev(UserRepository userRepository, AccessTokenRepo
log.info("Preloading default users: {} {}.",
userRepository.save(UserEntity
.builder()
.userId(0)
.userId(1)
.username("user")
.lowercaseUsername("user")
.password("1234")
.refreshToken("rft1234")
.groupIds(new long[]{1})
.groupIds(new long[]{ADMIN.getGroupId()})
.build()),
userRepository.save(UserEntity
.builder()
.userId(1)
.userId(2)
.username("user1")
.lowercaseUsername("user1")
.password("12345")
.refreshToken("rft")
.groupIds(new long[]{0})
.groupIds(new long[]{FAMILY.getGroupId()})
.build()));

log.info("Preloading default tokens: {} {}",
accessTokenRepository.save(AccessTokenEntity
.builder()
.userId(0)
.userId(1)
.value("token")
.validUntil(Instant.now().getEpochSecond() + AccessTokenBusinessService.ACCESS_TOKEN_DURATION_IN_SECONDS)
.build()),
accessTokenRepository.save(AccessTokenEntity
.builder()
.userId(1)
.userId(2)
.value("token1234")
.validUntil(Instant.now().getEpochSecond() + AccessTokenBusinessService.ACCESS_TOKEN_DURATION_IN_SECONDS)
.build()));
Expand All @@ -163,30 +179,30 @@ CommandLineRunner initDataBaseDev(UserRepository userRepository, AccessTokenRepo
.lastUpdated(Instant.now().getEpochSecond())
.name("HOME_User")
.size(420)
.typeId(FileSystemType.FOLDER.getId())
.visibleForGroupIds(new long[]{0, 1})
.typeId(FOLDER.getId())
.visibleForGroupIds(new long[]{FAMILY.getGroupId(), ADMIN.getGroupId()})
.build()),
fileSystemRepository.save(FileSystemEntity.builder()
.createdByUserId(1)
.createdByUserId(0)
.fileSystemId(1)
.isFile(false)
.path("/")
.lastUpdated(Instant.now().getEpochSecond())
.name("HOME_User1")
.size(420)
.typeId(FileSystemType.FOLDER.getId())
.visibleForGroupIds(new long[]{-1, 0, 1})
.typeId(FOLDER.getId())
.visibleForGroupIds(new long[]{UNDEFINED.getGroupId(), FAMILY.getGroupId(), ADMIN.getGroupId()})
.build()),
fileSystemRepository.save(FileSystemEntity.builder()
.createdByUserId(0)
.createdByUserId(1)
.fileSystemId(2)
.isFile(true)
.lastUpdated(Instant.now().getEpochSecond())
.name("dummyFile.txt")
.size(420)
.typeId(FileSystemType.TEXT.getId())
.editableFoGroupIds(new long[]{0})
.visibleForGroupIds(new long[]{0})
.typeId(TEXT.getId())
.editableFoGroupIds(new long[]{FAMILY.getGroupId()})
.visibleForGroupIds(new long[]{FAMILY.getGroupId()})
.build()));

log.info("Inserting FileSystemItems {}", (fileSystemRepository.findAll().size() == 3 ? MESSAGE_ON_SUCCESS : MESSAGE_ON_FAILURE));
Expand Down
9 changes: 8 additions & 1 deletion src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,9 @@ public UserEntity registerNewUser(UserRegisterForm newUser) {

for (long id : userGroups) {
try {
if (id == Groups.SYSTEM.getGroupId())
throw new UserNotRegisteredException("New users cannot be in group '" + Groups.SYSTEM.getDisplayName() + "'.");

groupRepository.getGroupById(id);
} catch (IllegalArgumentException exception) {
throw new UserNotRegisteredException("One or more groups do not exist.");
Expand Down Expand Up @@ -162,10 +165,12 @@ public void updateUser(long userId, UserRegisterForm userToUpdate, User authenti
if (null == userEntityToUpdate)
throw new UserNotUpdatedException("User does not exist, use register endpoint.");

if (Arrays.stream(userEntityToUpdate.getGroupIds()).asDoubleStream().anyMatch(id -> id == Groups.SYSTEM.getGroupId()))
throw new UserNotUpdatedException("Runtime users cannot be modified.");

Update newUpdate = new Update();

boolean changesWereMade = updateUserName(newUpdate, userToUpdate.getUsername());

boolean usernameIsValid = stringIsValid(userToUpdate.getUsername());
String lowerCaseUsername = usernameIsValid ? userToUpdate.getUsername().toLowerCase() : userEntityToUpdate.getLowercaseUsername();
boolean passwordWasUpdated = updatePassword(newUpdate, userToUpdate.getPassword(), userToUpdate.getConfirmationPassword(), lowerCaseUsername);
Expand All @@ -186,6 +191,8 @@ private boolean updateGroups(Update newUpdate, long[] groupIds, boolean authenti
if (null != groupIds && groupIds.length != 0) {
try {
for (Groups group : groupRepository.getGroupsByIds(groupIds)) {
if (group == Groups.SYSTEM)
throw new UserNotUpdatedException("Users cannot be added to the '" + Groups.SYSTEM.getDisplayName() + "' Group");
if (group == Groups.ADMIN && !authenticatedUserIsAdmin)
throw new UserNotUpdatedException("Only admins can add users to group " + Groups.ADMIN.getDisplayName() + ".");
}
Expand Down
3 changes: 2 additions & 1 deletion src/main/java/de/filefighter/rest/domain/user/group/Groups.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,8 @@
public enum Groups {
UNDEFINED(-1, "No group"),
FAMILY(0, "Family"),
ADMIN(1, "Admin");
ADMIN(1, "Admin"),
SYSTEM(999, "FileFighter System Users");

private final long groupId;
private final String displayName;
Expand Down
17 changes: 17 additions & 0 deletions src/test/java/de/filefighter/rest/domain/user/business/UserBusinessServiceUnitTest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -250,6 +250,11 @@ void registerNewUserThrows() {
ex = assertThrows(UserNotRegisteredException.class, () ->
userBusinessService.registerNewUser(userRegisterForm));
assertEquals("User could not be registered. One or more groups do not exist.", ex.getMessage());

userRegisterForm.setGroupIds(new long[]{Groups.SYSTEM.getGroupId()});
ex = assertThrows(UserNotRegisteredException.class, () ->
userBusinessService.registerNewUser(userRegisterForm));
assertEquals("User could not be registered. New users cannot be in group '" + Groups.SYSTEM.getDisplayName() + "'.", ex.getMessage());
}

@Test
Expand Down Expand Up @@ -299,6 +304,11 @@ void updateUserThrows() {
userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
assertEquals("User could not get updated. User does not exist, use register endpoint.", ex.getMessage());

when(userRepositoryMock.findByUserId(userId)).thenReturn(UserEntity.builder().groupIds(new long[]{Groups.SYSTEM.getGroupId()}).build());
ex = assertThrows(UserNotUpdatedException.class, () ->
userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
assertEquals("User could not get updated. Runtime users cannot be modified.", ex.getMessage());

when(userRepositoryMock.findByUserId(userId)).thenReturn(userEntityMock);
ex = assertThrows(UserNotUpdatedException.class, () ->
userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
Expand Down Expand Up @@ -414,6 +424,13 @@ void updateGroupsThrows() {
ex = assertThrows(UserNotUpdatedException.class, () ->
userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
assertEquals("User could not get updated. One or more groups do not exist.", ex.getMessage());

long[] systemUser = new long[]{Groups.SYSTEM.getGroupId()};
userRegisterForm.setGroupIds(systemUser);
when(groupRepositoryMock.getGroupsByIds(systemUser)).thenReturn(new Groups[]{Groups.SYSTEM});
ex = assertThrows(UserNotUpdatedException.class, () ->
userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
assertEquals("User could not get updated. Users cannot be added to the '" + Groups.SYSTEM.getDisplayName() + "' Group", ex.getMessage());
}

@Test
Expand Down