inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-07-31 17:39:05 +00:00
Code Issues Packages Projects Releases Wiki Activity

revert changes

Browse Source
This commit is contained in:
Mohinish Sah
2023-04-10 14:18:17 +05:30
parent 2bdca1a4f5
commit 1458ef3311
5 changed files with 5 additions and 210 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
repository/src/main/java/org/alfresco/repo/security/authentication/ResetPasswordServiceImpl.java
View File

@@ -504,21 +504,6 @@ public class ResetPasswordServiceImpl implements ResetPasswordService
return UrlUtil.replaceShareUrlPlaceholder(url, sysAdminParams); return UrlUtil.replaceShareUrlPlaceholder(url, sysAdminParams);
} }
private String getRepoBaseUrl(String url, String propName)
{
if (url == null)
{
LOGGER.warn("The url for the property [" + propName + "] is not configured.");
return "";
}
if (url.endsWith("/"))
{
url = url.substring(0, url.length() - 1);
}
return UrlUtil.replaceRepoBaseUrlPlaceholder(url, sysAdminParams);
}
protected String getResetPasswordEmailTemplate(ClientApp clientApp) protected String getResetPasswordEmailTemplate(ClientApp clientApp)
{ {
return clientApp.getProperty("requestResetPasswordTemplatePath"); return clientApp.getProperty("requestResetPasswordTemplatePath");
@@ -537,16 +522,7 @@ public class ResetPasswordServiceImpl implements ResetPasswordService
StringBuilder sb = new StringBuilder(100); StringBuilder sb = new StringBuilder(100);
String pageUrl = clientApp.getProperty("resetPasswordPageUrl"); String pageUrl = clientApp.getProperty("resetPasswordPageUrl");
if (StringUtils.isEmpty(pageUrl))
if(!StringUtils.isEmpty(clientApp.getProperty("workspaceUrl")))
{
String workspaceUrlPlaceholder = clientApp.getProperty("workspaceUrl");
String workSpaceUrl = getRepoBaseUrl(workspaceUrlPlaceholder,"");
sb.append(UrlUtil.replaceWorkSpaceUrlPlaceholder(pageUrl,workSpaceUrl));
LOGGER.warn("Client Name is " + clientApp.getName() + " The url used is " + sb.toString());
}
else if(StringUtils.isEmpty(pageUrl))
{ {
sb.append(UrlUtil.getShareUrl(sysAdminParams)); sb.append(UrlUtil.getShareUrl(sysAdminParams));

70
repository/src/main/java/org/alfresco/util/UrlUtil.java
View File

@@ -41,12 +41,6 @@ public class UrlUtil
public static final Pattern PATTERN = Pattern.compile("\\$\\{shareUrl\\}"); public static final Pattern PATTERN = Pattern.compile("\\$\\{shareUrl\\}");
// ${alfrescoUrl} placeholder // ${alfrescoUrl} placeholder
public static final Pattern REPO_PATTERN = Pattern.compile("\\$\\{alfrescoUrl\\}"); public static final Pattern REPO_PATTERN = Pattern.compile("\\$\\{alfrescoUrl\\}");
public static final Pattern REPOBASE_PATTERN = Pattern.compile("\\$\\{repoBaseUrl\\}");
public static final Pattern WORKSPACE_PATTERN = Pattern.compile("\\$\\{workspaceUrl\\}");
/** /**
* Builds up the Url to Alfresco based on the settings in the * Builds up the Url to Alfresco based on the settings in the
* {@link SysAdminParams}. * {@link SysAdminParams}.
@@ -152,68 +146,4 @@ public class UrlUtil
url.append(context); url.append(context);
return url.toString(); return url.toString();
} }
/**
* Builds up the Url to Adw based on the settings in the
* {@link SysAdminParams}.
* @return Adw Url such as https://col.ab.or.ate/#/
* or http://localhost:8081/#/
*/
public static String getWorkspaceUrl(SysAdminParams sysAdminParams)
{
return buildWorkspaceUrl(
sysAdminParams.getAlfrescoProtocol(),
sysAdminParams.getAlfrescoHost(),
sysAdminParams.getAlfrescoPort());
}
protected static String buildWorkspaceUrl(String workSpaceProtocol, String workspaceHost, int workspacePort) {
StringBuilder workspaceUrl = new StringBuilder();
workspaceUrl.append(workSpaceProtocol);
workspaceUrl.append("://");
workspaceUrl.append(workspaceHost);
if ("http".equals(workSpaceProtocol) && workspacePort == 80)
{
// Not needed
}
else if ("https".equals(workSpaceProtocol) && workspacePort == 443)
{
// Not needed
}
else
{
workspaceUrl.append(':');
workspaceUrl.append(workspacePort);
}
return workspaceUrl.toString();
}
/**
* Replaces the repo base url placeholder, namely {@literal ${repoBaseUrl}}, with <b>workspace</b> url.
*
* @param value the string value which contains the repoBase url placeholder
* @param sysAdminParams the {@code SysAdminParams} object
* @return if the given {@code value} contains share url placeholder,
* the placeholder is replaced with share url; otherwise, the given {@code value} is simply returned
*/
public static String replaceRepoBaseUrlPlaceholder(String value, SysAdminParams sysAdminParams)
{
if (value != null)
{
return REPOBASE_PATTERN.matcher(value).replaceAll(getWorkspaceUrl(sysAdminParams));
}
return value;
}
public static String replaceWorkSpaceUrlPlaceholder(String pageUrl,String workspaceUrl)
{
if (pageUrl != null)
{
return WORKSPACE_PATTERN.matcher(pageUrl).replaceAll(workspaceUrl);
}
return pageUrl;
}
} }

15
repository/src/main/resources/alfresco/client/config/repo-clients-apps.properties
View File

@@ -20,15 +20,6 @@ repo.client-app.share.resetPasswordPageUrl=${shareUrl}/page/reset-password
repo.client-app.share.confirmResetPasswordTemplatePath= repo.client-app.share.confirmResetPasswordTemplatePath=
### Digital workspace template configurations ### Digital workspace template configurations
#repo.client-app.workspace.inviteModeratedTemplatePath= repo.client-app.workspace.inviteModeratedTemplatePath=
repo.client-app.workspace.workspaceUrl=workspace
repo.client-app.workspace.workspaceUrl=${repoBaseUrl}/workspace repo.client-app.workspace.templateAssetsUrl=${alfrescoUrl}/images
repo.client-app.workspace.templateAssetsUrl=${workspaceUrl}/images
# reset password request email template path
repo.client-app.workspace.requestResetPasswordTemplatePath=alfresco/templates/reset-password-email-templates/forgot-password-email-template.ftl
# reset password UI page url
repo.client-app.workspace.resetPasswordPageUrl=${workspaceUrl}/reset-password/
# reset password confirmation email template path
repo.client-app.workspace.confirmResetPasswordTemplatePath=

12
repository/src/main/resources/alfresco/templates/reset-password-email-templates/forgot-password-email-template.ftl
View File

@@ -1,12 +0,0 @@
<html>
<head>
<title>Forgot Password</title>
</head>
<body>
<p>You are receiving this email because you(or someone else) requested the password reset of your account.</p>
<p>Please click on the following link, or paste this url into your browser to complete the process:</p>
<p><a href="${reset_password_url}">${reset_password_url}</a></p>
<p>If you received this in error, you can safely ignore it.</p>
<p>Kind regards</p>
</body>
</html>

90
repository/src/test/java/org/alfresco/repo/security/authentication/ResetPasswordServiceImplTest.java
View File

@@ -91,7 +91,6 @@ public class ResetPasswordServiceImplTest
private static TestPerson testPerson; private static TestPerson testPerson;
private static EmailUtil emailUtil; private static EmailUtil emailUtil;
private static TestPerson testPersonForWorkspace;
@BeforeClass @BeforeClass
public static void initStaticData() throws Exception public static void initStaticData() throws Exception
@@ -115,18 +114,9 @@ public class ResetPasswordServiceImplTest
.setPassword("password") .setPassword("password")
.setEmail(userName + "@example.com"); .setEmail(userName + "@example.com");
String userNameForWorkspace = "shane.doe" + System.currentTimeMillis();
testPersonForWorkspace = new TestPerson()
.setUserName(userNameForWorkspace)
.setFirstName("Shane")
.setLastName("doe")
.setPassword("password")
.setEmail(userNameForWorkspace + "@example.com");
transactionHelper.doInTransaction((RetryingTransactionCallback<Void>) () -> transactionHelper.doInTransaction((RetryingTransactionCallback<Void>) () ->
{ {
createUser(testPerson); createUser(testPerson);
createUser(testPersonForWorkspace);
return null; return null;
}); });
@@ -504,84 +494,4 @@ public class ResetPasswordServiceImplTest
} }
} }
@Test
public void testResetPasswordForClientWorkspace() throws Exception
{
// Try the credential before change of password
authenticateUser(testPersonForWorkspace.userName, testPersonForWorkspace.password);
// Make sure to run as system
AuthenticationUtil.clearCurrentSecurityContext();
AuthenticationUtil.setRunAsUserSystem();
// Request password reset
resetPasswordService.requestReset(testPersonForWorkspace.userName, "workspace");
assertEquals("A reset password email should have been sent.", 1, emailUtil.getSentCount());
// Check the email
MimeMessage msg = emailUtil.getLastEmail();
assertNotNull("There should be an email.", msg);
assertEquals("Should've been only one email recipient.", 1, msg.getAllRecipients().length);
// Check the recipient is the person who requested the reset password
assertEquals(testPersonForWorkspace.email, msg.getAllRecipients()[0].toString());
//Check the sender is what we set as default
assertEquals(DEFAULT_SENDER, msg.getFrom()[0].toString());
// There should be a subject
assertNotNull("There should be a subject.", msg.getSubject());
// Check the default email subject - (check that we are sending the right email)
String emailSubjectKey = getDeclaredField(SendResetPasswordEmailDelegate.class, "EMAIL_SUBJECT_KEY");
assertNotNull(emailSubjectKey);
assertEquals(msg.getSubject(), I18NUtil.getMessage(emailSubjectKey));
// Check the reset password url.
String resetPasswordUrl = (String) emailUtil.getLastEmailTemplateModelValue("reset_password_url");
assertNotNull("Wrong email is sent.", resetPasswordUrl);
// Get the workflow id and key
Pair<String, String> pair = getWorkflowIdAndKeyFromUrl(resetPasswordUrl);
assertNotNull("Workflow Id can't be null.", pair.getFirst());
assertNotNull("Workflow Key can't be null.", pair.getSecond());
emailUtil.reset();
// Now that we have got the email, try to reset the password
ResetPasswordDetails passwordDetails = new ResetPasswordDetails()
.setUserId(testPersonForWorkspace.userName)
.setPassword("newPassword")
.setWorkflowId(pair.getFirst())
.setWorkflowKey(pair.getSecond());
resetPasswordService.initiateResetPassword(passwordDetails);
assertEquals("A reset password confirmation email should have been sent.", 1, emailUtil.getSentCount());
// Check the email
msg = emailUtil.getLastEmail();
assertNotNull("There should be an email.", msg);
assertEquals("Should've been only one email recipient.", 1, msg.getAllRecipients().length);
// Check the recipient is the person who requested the reset password
assertEquals(testPersonForWorkspace.email, msg.getAllRecipients()[0].toString());
// Check the sender is what we set as default
assertEquals(DEFAULT_SENDER, msg.getFrom()[0].toString());
// There should be a subject
assertNotNull("There should be a subject.", msg.getSubject());
// Check the default email subject - (check that we are sending the right email)
emailSubjectKey = getDeclaredField(SendResetPasswordConfirmationEmailDelegate.class, "EMAIL_SUBJECT_KEY");
assertNotNull(emailSubjectKey);
assertEquals(msg.getSubject(), I18NUtil.getMessage(emailSubjectKey));
// Try the old credential
TestHelper.assertThrows(() -> authenticateUser(testPersonForWorkspace.userName, testPersonForWorkspace.password),
AuthenticationException.class,
"As the user changed her password, the authentication should have failed.");
// Try the new credential
authenticateUser(testPersonForWorkspace.userName, "newPassword");
// Make sure to run as system
AuthenticationUtil.clearCurrentSecurityContext();
AuthenticationUtil.setRunAsUserSystem();
emailUtil.reset();
// Try reset again with the used workflow
TestHelper.assertThrows(() -> resetPasswordService.initiateResetPassword(passwordDetails),
InvalidResetPasswordWorkflowException.class,
"The workflow instance is not active (it has already been used).");
assertEquals("No email should have been sent.", 0, emailUtil.getSentCount());
}
} }