Skip to content
This repository has been archived by the owner on Jul 29, 2021. It is now read-only.

Commit

Permalink
feat(anonymization): User's information and search for users are more…
Browse files Browse the repository at this point in the history 
… secured than previously

Closes gravitee-io/issues#1053
  • Loading branch information
@brasseld @NicolasGeraud
brasseld authored and NicolasGeraud committed Feb 19, 2018
1 parent 10b03ba commit 484af1f
Show file tree
Hide file tree
Showing 6 changed files with 17 additions and 10 deletions.
2 changes: 1 addition & 1 deletion pom.xml
View file
Expand Up @@ -32,7 +32,7 @@
<name>Gravitee.io APIM - Repository - Test</name>

<properties>
<gravitee-repository.version>1.13.0</gravitee-repository.version>
<gravitee-repository.version>1.14.0-SNAPSHOT</gravitee-repository.version>
<commons-io.version>1.3.2</commons-io.version>
<jackson-mapper-asl.version>1.9.13</jackson-mapper-asl.version>
<javax.inject.version>1</javax.inject.version>
Expand Down
2 changes: 1 addition & 1 deletion src/test/java/io/gravitee/repository/AuditRepositoryTest.java
View file
Expand Up @@ -52,7 +52,7 @@ public void shouldFindById() throws TechnicalException {
assertEquals("referenceType", Audit.AuditReferenceType.API, audit.getReferenceType());
assertEquals("event", Plan.AuditEvent.PLAN_CREATED.name(), audit.getEvent());
assertEquals("properties", Collections.singletonMap(Audit.AuditProperties.PLAN.name(), "123"), audit.getProperties());
assertEquals("username", "JohnDoe", audit.getUsername());
assertEquals("user", "JohnDoe", audit.getUser());
assertEquals("createdAt", new Date(1439022010883L), audit.getCreatedAt());
assertEquals("patch", "diff", audit.getPatch());
}
Expand Down
4 changes: 2 additions & 2 deletions src/test/java/io/gravitee/repository/UserRepositoryTest.java
View file
Expand Up @@ -93,7 +93,7 @@ public void findUserByNameTest() throws Exception {

@Test
public void findUserByNamesTest() throws Exception {
Set<User> usernames = userRepository.findByUsernames(Arrays.asList("user0", "user4"));
Set<User> usernames = userRepository.findByIds(Arrays.asList("user0", "user4"));
Assert.assertNotNull(usernames);
Assert.assertFalse(usernames.isEmpty());
Assert.assertEquals(2, usernames.size());
Expand All @@ -102,7 +102,7 @@ public void findUserByNamesTest() throws Exception {
@Test(expected = IllegalStateException.class)
public void shouldNotUpdateUnknownUser() throws Exception {
User unknownUser = new User();
unknownUser.setUsername("unknown");
unknownUser.setId("unknown");
userRepository.update(unknownUser);
fail("An unknown user should not be updated");
}
Expand Down
7 changes: 4 additions & 3 deletions src/test/java/io/gravitee/repository/config/MockTestRepositoryConfiguration.java
View file
Expand Up @@ -53,7 +53,7 @@ public AuditRepository auditRepository() throws Exception {
when(newAudit.getReferenceId()).thenReturn("1");
when(newAudit.getEvent()).thenReturn(Plan.AuditEvent.PLAN_CREATED.name());
when(newAudit.getProperties()).thenReturn(singletonMap(Audit.AuditProperties.PLAN.name(), "123"));
when(newAudit.getUsername()).thenReturn("JohnDoe");
when(newAudit.getUser()).thenReturn("JohnDoe");
when(newAudit.getPatch()).thenReturn("diff");
when(newAudit.getCreatedAt()).thenReturn(new Date(1439022010883L));
when(auditRepository.findById("new")).thenReturn(of(newAudit));
Expand Down Expand Up @@ -502,14 +502,15 @@ public UserRepository userRepository() throws Exception {
when(userRepository.create(any(User.class))).thenReturn(user);
when(userRepository.findByUsername("createuser1")).thenReturn(of(user));
when(userRepository.findByUsername("user0")).thenReturn(of(user));
when(userRepository.findByUsernames(asList("user0", "user4"))).thenReturn(new HashSet<>(asList(user, user4)));
when(userRepository.findByIds(asList("user0", "user4"))).thenReturn(new HashSet<>(asList(user, user4)));
when(user.getUsername()).thenReturn("createuser1");
when(user.getId()).thenReturn("createuser1");
when(user.getEmail()).thenReturn("createuser1@gravitee.io");

when(userRepository.update(argThat(new ArgumentMatcher<User>() {
@Override
public boolean matches(Object o) {
return o == null || (o instanceof User && ((User) o).getUsername().equals("unknown"));
return o == null || (o instanceof User && ((User) o).getId().equals("unknown"));
}
}))).thenThrow(new IllegalStateException());

Expand Down
6 changes: 3 additions & 3 deletions src/test/resources/data/audit-tests/audits.json
View file
Expand Up @@ -7,7 +7,7 @@
"properties": {
"PLAN": "123"
},
"username": "JohnDoe",
"user": "JohnDoe",
"createdAt": 1439022010883,
"patch": "diff"
},
Expand All @@ -19,7 +19,7 @@
"properties": {
"PLAN": "123"
},
"username": "JohnDoe",
"user": "JohnDoe",
"createdAt": 1000000000000,
"patch": "diff"
},
Expand All @@ -31,7 +31,7 @@
"properties": {
"PLAN": "456"
},
"username": "JohnDoe",
"user": "JohnDoe",
"createdAt": 2000000000000,
"patch": "diff"
}
Expand Down
6 changes: 6 additions & 0 deletions src/test/resources/data/user-tests/users.json
View file
@@ -1,35 +1,41 @@
[
{
"id": "user0",
"username":"user0",
"email":"user0@gravitee.io",
"createdAt": 1439022010883,
"updatedAt": 1439022010883
},
{
"id": "user1",
"username":"user1",
"email":"user1@gravitee.io",
"createdAt": 1439022010883,
"updatedAt": 1439022010883
},
{
"id": "user2",
"username":"user2",
"email":"user2@gravitee.io",
"createdAt": 1439022010883,
"updatedAt": 1439022010883
},
{
"id": "user3",
"username":"user3",
"email":"user3@gravitee.io",
"createdAt": 1439022010883,
"updatedAt": 1439022010883
},
{
"id": "user4",
"username":"user4",
"email":"user4@gravitee.io",
"createdAt": 1439022010883,
"updatedAt": 1439022010883
},
{
"id": "user5",
"username":"user5",
"email":"user5@gravitee.io",
"createdAt": 1439022010883,
Expand Down

0 comments on commit 484af1f

Please sign in to comment.