inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-08-14 17:58:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merged 5.2.0 (5.2.0) to HEAD (5.2)

Browse Source 
133856 rmunteanu: REPO-1746: Merge fixes for 5.2 GA issues to 5.2.0 branch
      Merged 5.2.N (5.2.1) to 5.2.0 (5.2.0)
         133307 jvonka: V1 REST API - update person (password)
         - REPO-1627 - Update password for a person with empty string
         - REPO-1643 - Missing 'oldPassword' field accompanies 403 status code, but should be 400


git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/HEAD/root@134189 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
Alan Davis
2017-01-11 10:35:09 +00:00
parent 2b55561d4a
commit 4a4ba28e80
2 changed files with 94 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
source/test-java/org/alfresco/rest/api/tests/TestPeople.java
View File

@@ -1163,11 +1163,14 @@ public class TestPeople extends EnterpriseTestApi
people.update(me.getId(), qjson("{ `oldPassword`:`password123`, `password`:`newpassword456` }"), 403);
// update with no oldPassword
people.update(me.getId(), qjson("{ `password`:`newpassword456` }"), 403);
people.update(me.getId(), qjson("{ `password`:`newpassword456` }"), 400);
people.update(me.getId(), qjson("{ `oldPassword`:``, `password`:`newpassword456` }"), 400);
people.update(me.getId(), qjson("{ `oldPassword`:null, `password`:`newpassword456` }"), 400);
// update with no password
people.update(me.getId(), qjson("{ `oldPassword`:`newpassword456`, `password`:`` }"), 400);
// update with no new password
people.update(me.getId(), qjson("{ `oldPassword`:`newpassword456` }"), 400);
people.update(me.getId(), qjson("{ `oldPassword`:`newpassword456`, `password`:`` }"), 400);
people.update(me.getId(), qjson("{ `oldPassword`:`newpassword456`, `password`:null }"), 400);
}
@Test
@@ -1197,6 +1200,30 @@ public class TestPeople extends EnterpriseTestApi
publicApiClient.setRequestContext(new RequestContext(networkId, personId, updatedPassword));
this.people.getPerson(personId);
publicApiClient.setRequestContext(new RequestContext(networkId, account3Admin, "admin"));
// update with another new password but note that oldPassword is ignored (even if sent by admin)
String updatedPassword2 = "newPassword2";
people.update(personId, qjson("{ `password`:`" + updatedPassword2 + "`, `oldPassword`:`rubbish` }"), 200);
publicApiClient.setRequestContext(new RequestContext(networkId, personId, updatedPassword));
try
{
this.people.getPerson(personId);
fail("");
}
catch (PublicApiException e)
{
assertEquals(HttpStatus.SC_UNAUTHORIZED, e.getHttpResponse().getStatusCode());
}
publicApiClient.setRequestContext(new RequestContext(networkId, personId, updatedPassword2));
this.people.getPerson(personId);
// -ve: update with no new password
people.update(personId, qjson("{ `password`:`` }"), 400);
people.update(personId, qjson("{ `password`:null }"), 400);
}
@Test