inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

REPO-1503: allow setting of password

Browse Source 
git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@131939 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Matt Ward
2016-11-01 12:29:29 +00:00
parent a8d705bb8c
commit 247d2ad97a
5 changed files with 69 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
source/java/org/alfresco/rest/api/impl/PeopleImpl.java
View File

@@ -297,8 +297,8 @@ public class PeopleImpl implements People
Map<QName, Serializable> props = person.toProperties();
MutableAuthenticationService mas = (MutableAuthenticationService) authenticationService;
// TODO: very temporary code, until REPO-1503 (set password) implemented.
mas.createAuthentication(person.getUserName(), UUID.randomUUID().toString().toCharArray());
String password = person.getPassword() == null ? UUID.randomUUID().toString() : person.getPassword();
mas.createAuthentication(person.getUserName(), password.toCharArray());
mas.setAuthenticationEnabled(person.getUserName(), person.isEnabled());
NodeRef nodeRef = personService.createPerson(props);

14
source/java/org/alfresco/rest/api/model/Person.java
View File

@@ -65,6 +65,7 @@ public class Person
protected Boolean emailNotificationsEnabled;
protected String description;
protected Company company;
protected String password;
public Person()
{
@@ -202,6 +203,11 @@ public class Person
this.avatarId = avatarId;
}
public void setPassword(String password)
{
this.password = password;
}
public NodeRef getAvatarId()
{
return avatarId;
@@ -272,6 +278,11 @@ public class Person
return emailNotificationsEnabled;
}
public String getPassword()
{
return this.password;
}
@Override
public String toString()
{
@@ -347,9 +358,6 @@ public class Person
addToMap(properties, ContentModel.PROP_GOOGLEUSERNAME, getGoogleId());
addToMap(properties, ContentModel.PROP_SIZE_QUOTA, getQuota());
addToMap(properties, ContentModel.PROP_SIZE_CURRENT, getQuotaUsed());
// What's the correct behaviour here? Store it as "content" somehow?
// so that it can be 'inlined' by the code in PeopleImpl.processPersonProperties ?
addToMap(properties, ContentModel.PROP_PERSONDESC, getDescription());
}

25
source/java/org/alfresco/rest/api/model/PersonUpdate.java
View File

@@ -57,7 +57,7 @@ public class PersonUpdate
protected final String userStatus;
protected final Boolean enabled;
protected final Boolean emailNotificationsEnabled;
protected final String password;
private PersonUpdate(
String userName,
@@ -75,7 +75,8 @@ public class PersonUpdate
String telephone,
String userStatus,
Boolean enabled,
Boolean emailNotificationsEnabled)
Boolean emailNotificationsEnabled,
String password)
{
this.userName = userName;
this.firstName = firstName;
@@ -93,6 +94,7 @@ public class PersonUpdate
this.userStatus = userStatus;
this.enabled = enabled;
this.emailNotificationsEnabled = emailNotificationsEnabled;
this.password = password;
}
public Company getCompany()
@@ -176,6 +178,11 @@ public class PersonUpdate
return emailNotificationsEnabled;
}
public String getPassword()
{
return password;
}
@Override
public String toString()
{
@@ -194,7 +201,9 @@ public class PersonUpdate
+ ", googleId=" + googleId
+ ", emailNotificationsEnabled=" + emailNotificationsEnabled
+ ", description=" + description
+ ", company=" + company + "]";
+ ", company=" + company
+ ", password=(not shown)"
+ "]";
}
public Map<QName, Serializable> toProperties()
@@ -275,6 +284,7 @@ public class PersonUpdate
private String userStatus;
private Boolean enabled;
private Boolean emailNotificationsEnabled;
private String password;
public Builder id(String userId)
{
@@ -372,6 +382,12 @@ public class PersonUpdate
return this;
}
public Builder password(String password)
{
this.password = password;
return this;
}
public PersonUpdate build()
{
return new PersonUpdate(
@@ -390,7 +406,8 @@ public class PersonUpdate
telephone,
userStatus,
enabled,
emailNotificationsEnabled
emailNotificationsEnabled,
password
);
}
}

4
source/java/org/alfresco/rest/api/people/PeopleEntityResource.java
View File

@@ -126,7 +126,9 @@ public class PeopleEntityResource implements EntityResourceAction.ReadById<Perso
.telephone(p.getTelephone())
.userStatus(p.getUserStatus())
.enabled(p.isEnabled())
.emailNotificationsEnabled(p.isEmailNotificationsEnabled()).build();
.emailNotificationsEnabled(p.isEmailNotificationsEnabled())
.password(p.getPassword()).
build();
result.add(people.create(person));
return result;

36
source/test-java/org/alfresco/rest/api/tests/TestPeople.java
View File

@@ -41,8 +41,7 @@ import org.junit.Test;
import java.util.Iterator;
import static org.junit.Assert.assertEquals;
import static org.junit.Assert.fail;
import static org.junit.Assert.*;
public class TestPeople extends EnterpriseTestApi
{
@@ -180,38 +179,66 @@ public class TestPeople extends EnterpriseTestApi
@Test
public void testCreatePerson_canCreateDisabledPerson() throws PublicApiException
{
publicApiClient.setRequestContext(new RequestContext(account1.getId(), account1Admin, "admin"));
// Person disabled
{
publicApiClient.setRequestContext(new RequestContext(account1.getId(), account1Admin, "admin"));
PersonUpdate person = new PersonUpdate.Builder().
id("myUserName04@"+account1.getId()).
firstName("Firstname").
email("myUserName04@"+account1.getId()).
enabled(false).
password("hello").
build();
Person p = people.create(person);
assertEquals(false, p.isEnabled());
// It's very important that the password isn't exposed over the REST API.
assertNull(p.getPassword());
// Check that a freshly retrieved person exhibits the same result
p = people.getPerson(person.getUserName());
assertEquals(false, p.isEnabled());
assertNull(p.getPassword());
// Can the new user account be used?
publicApiClient.setRequestContext(new RequestContext(account1.getId(), person.getUserName(), "hello"));
try
{
people.getPerson(person.getUserName());
fail("It should not be possible to use a disabled account.");
}
catch (PublicApiException e)
{
assertEquals(401, e.getHttpResponse().getStatusCode());
}
}
// Person enabled
{
publicApiClient.setRequestContext(new RequestContext(account1.getId(), account1Admin, "admin"));
PersonUpdate person = new PersonUpdate.Builder().
id("myUserName05@"+account1.getId()).
firstName("Firstname").
email("myUserName05@"+account1.getId()).
enabled(true).
password("banana").
build();
Person p = people.create(person);
assertEquals(true, p.isEnabled());
// It's very important that the password isn't exposed over the REST API.
assertNull(p.getPassword());
// Check that a freshly retrieved person exhibits the same result
p = people.getPerson(person.getUserName());
assertEquals(true, p.isEnabled());
assertNull(p.getPassword());
// Can the new user account be used?
publicApiClient.setRequestContext(new RequestContext(account1.getId(), person.getUserName(), "banana"));
p = people.getPerson(person.getUserName());
assertNotNull(p);
assertNull(p.getPassword());
}
}
@@ -405,6 +432,7 @@ public class TestPeople extends EnterpriseTestApi
personJson.put("userStatus", personUpdate.getUserStatus());
personJson.put("enabled", personUpdate.isEnabled());
personJson.put("emailNotificationsEnabled", personUpdate.isEmailNotificationsEnabled());
personJson.put("password", personUpdate.getPassword());
return personJson;
}