inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged 5.2.N (5.2.1) to HEAD (5.2)

Browse Source 
131939 mward: REPO-1503: allow setting of password


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@132326 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2016-11-03 14:02:51 +00:00
parent 3d481e8df0
commit 21356a4eaa
5 changed files with 69 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
source/test-java/org/alfresco/rest/api/tests/TestPeople.java
View File

@@ -41,8 +41,7 @@ import org.junit.Test;
import java.util.Iterator;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.junit.Assert.*;
public class TestPeople extends EnterpriseTestApi
{
@@ -180,38 +179,66 @@ public class TestPeople extends EnterpriseTestApi
@Test
public void testCreatePerson_canCreateDisabledPerson() throws PublicApiException
{
publicApiClient.setRequestContext(new RequestContext(account1.getId(), account1Admin, "admin"));
// Person disabled
{
publicApiClient.setRequestContext(new RequestContext(account1.getId(), account1Admin, "admin"));
PersonUpdate person = new PersonUpdate.Builder().
id("myUserName04@"+account1.getId()).
firstName("Firstname").
email("myUserName04@"+account1.getId()).
enabled(false).
password("hello").
build();
Person p = people.create(person);
assertEquals(false, p.isEnabled());
// It's very important that the password isn't exposed over the REST API.
assertNull(p.getPassword());
// Check that a freshly retrieved person exhibits the same result
p = people.getPerson(person.getUserName());
assertEquals(false, p.isEnabled());
assertNull(p.getPassword());
// Can the new user account be used?
publicApiClient.setRequestContext(new RequestContext(account1.getId(), person.getUserName(), "hello"));
try
{
people.getPerson(person.getUserName());
fail("It should not be possible to use a disabled account.");
}
catch (PublicApiException e)
{
assertEquals(401, e.getHttpResponse().getStatusCode());
}
}
// Person enabled
{
publicApiClient.setRequestContext(new RequestContext(account1.getId(), account1Admin, "admin"));
PersonUpdate person = new PersonUpdate.Builder().
id("myUserName05@"+account1.getId()).
firstName("Firstname").
email("myUserName05@"+account1.getId()).
enabled(true).
password("banana").
build();
Person p = people.create(person);
assertEquals(true, p.isEnabled());
// It's very important that the password isn't exposed over the REST API.
assertNull(p.getPassword());
// Check that a freshly retrieved person exhibits the same result
p = people.getPerson(person.getUserName());
assertEquals(true, p.isEnabled());
assertNull(p.getPassword());
// Can the new user account be used?
publicApiClient.setRequestContext(new RequestContext(account1.getId(), person.getUserName(), "banana"));
p = people.getPerson(person.getUserName());
assertNotNull(p);
assertNull(p.getPassword());
}
}
@@ -405,6 +432,7 @@ public class TestPeople extends EnterpriseTestApi
personJson.put("userStatus", personUpdate.getUserStatus());
personJson.put("enabled", personUpdate.isEnabled());
personJson.put("emailNotificationsEnabled", personUpdate.isEmailNotificationsEnabled());
personJson.put("password", personUpdate.getPassword());
return personJson;
}