MGR-103 make sure password is updated

appNG · Oct 27, 2020 · 707d987 · 707d987
1 parent 970074f
commit 707d987
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/src/main/java/org/appng/application/manager/service/ManagerService.java b/src/main/java/org/appng/application/manager/service/ManagerService.java
@@ -1299,7 +1299,7 @@ public Boolean updateSubject(Request request, SubjectForm subjectForm, FieldProc
 				}
 				if (!StringUtils.isEmpty(subjectForm.getPassword())
 						&& !StringUtils.isEmpty(subjectForm.getPasswordConfirmation())) {
-					passwordUpdated = updatePassword(policy, null, subjectForm.getPassword().toCharArray(), subject).isValid();
+					passwordUpdated = updatePassword(policy, null, subjectForm.getPassword().toCharArray(), currentSubject).isValid();
 				}
 				assignGroupsToSubject(request, subject.getId(), subjectForm.getGroupIds(), fp);
 				request.setPropertyValues(subjectForm, new SubjectForm(currentSubject), fp.getMetaData());

diff --git a/src/test/java/org/appng/application/manager/business/SubjectsTest.java b/src/test/java/org/appng/application/manager/business/SubjectsTest.java
@@ -19,18 +19,23 @@
 
 import org.appng.api.FieldProcessor;
 import org.appng.api.ProcessingException;
+import org.appng.api.model.Subject;
 import org.appng.api.model.UserType;
 import org.appng.api.support.CallableAction;
 import org.appng.api.support.CallableDataSource;
 import org.appng.application.manager.form.SubjectForm;
+import org.appng.application.manager.service.ManagerService;
 import org.appng.core.domain.GroupImpl;
 import org.appng.core.domain.SubjectImpl;
+import org.appng.core.security.BCryptPasswordHandler;
 import org.appng.testsupport.validation.DifferenceHandler;
 import org.custommonkey.xmlunit.Difference;
 import org.custommonkey.xmlunit.DifferenceListener;
+import org.junit.Assert;
 import org.junit.FixMethodOrder;
 import org.junit.Test;
 import org.junit.runners.MethodSorters;
+import org.springframework.beans.factory.annotation.Autowired;
 
 @FixMethodOrder(MethodSorters.NAME_ASCENDING)
 public class SubjectsTest extends AbstractTest {
@@ -39,6 +44,9 @@ public class SubjectsTest extends AbstractTest {
 
 	private DifferenceListener differenceListener;
 
+	@Autowired
+	private ManagerService managerService;
+
 	public SubjectsTest() {
 		// since different JVMs may return a different amount of Timezones, ignore content
 		// of /data[1]/selection[4]/optionGroup
@@ -91,8 +99,8 @@ public void testCreate() throws Exception {
 		anotherForm.setPassword(password);
 		anotherForm.setPasswordConfirmation(password);
 		anotherForm.getGroupIds().add(1);
-		callableAction = getAction(SUBJECT_EVENT, "create").withParam(FORM_ACTION, "create").getCallableAction(
-				anotherForm);
+		callableAction = getAction(SUBJECT_EVENT, "create").withParam(FORM_ACTION, "create")
+				.getCallableAction(anotherForm);
 
 		callableAction.perform();
 	}
@@ -172,6 +180,10 @@ public void testUpdate() throws Exception {
 		FieldProcessor fieldProcessor = callableAction.perform();
 		validate(callableAction.getAction(), "-action", differenceListener);
 		validate(fieldProcessor.getMessages(), "-messages");
+
+		Subject subjectByEmail = managerService.getSubjectByEmail(s.getEmail());
+		boolean validPassword = new BCryptPasswordHandler(subjectByEmail).isValidPassword(password);
+		Assert.assertTrue(validPassword);
 	}
 
 	private SubjectImpl getSubject() {