mirror of
https://github.com/Alfresco/alfresco-community-repo.git
synced 2025-10-08 14:51:49 +00:00
MNT-17199 - CSV user import: if password is left blank it should be randomly generated
Modified UserCSVUploadPost behaviour to use an empty string for password creation instead of the user's first name. Modified RepositoryAuthenticationDao > createUser behaviour to treat the case when the password is an empty string or null. Added a Unit test. git-svn-id: https://svn.alfresco.com/repos/alfresco-enterprise/alfresco/BRANCHES/DEV/5.2.N/root@136902 c4b6b30b-aa2e-2d43-bbcb-ca4b014f7261
This commit is contained in:
@@ -31,6 +31,7 @@ import java.util.Date;
|
|||||||
import java.util.HashMap;
|
import java.util.HashMap;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Map;
|
import java.util.Map;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
import net.sf.acegisecurity.GrantedAuthority;
|
import net.sf.acegisecurity.GrantedAuthority;
|
||||||
import net.sf.acegisecurity.GrantedAuthorityImpl;
|
import net.sf.acegisecurity.GrantedAuthorityImpl;
|
||||||
@@ -354,6 +355,13 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
|||||||
String salt = GUID.generate();
|
String salt = GUID.generate();
|
||||||
properties.put(ContentModel.PROP_SALT, salt);
|
properties.put(ContentModel.PROP_SALT, salt);
|
||||||
|
|
||||||
|
boolean emptyPassword = rawPassword != null ? "".equals(new String(rawPassword)) : true;
|
||||||
|
|
||||||
|
if (emptyPassword)
|
||||||
|
{
|
||||||
|
rawPassword = UUID.randomUUID().toString().toCharArray();
|
||||||
|
}
|
||||||
|
|
||||||
if (hashedPassword == null)
|
if (hashedPassword == null)
|
||||||
{
|
{
|
||||||
if (logger.isDebugEnabled())
|
if (logger.isDebugEnabled())
|
||||||
@@ -374,7 +382,7 @@ public class RepositoryAuthenticationDao implements MutableAuthenticationDao, In
|
|||||||
properties.put(ContentModel.PROP_HASH_INDICATOR, (Serializable) Arrays.asList(compositePasswordEncoder.getPreferredEncoding()));
|
properties.put(ContentModel.PROP_HASH_INDICATOR, (Serializable) Arrays.asList(compositePasswordEncoder.getPreferredEncoding()));
|
||||||
properties.put(ContentModel.PROP_ACCOUNT_EXPIRES, Boolean.valueOf(false));
|
properties.put(ContentModel.PROP_ACCOUNT_EXPIRES, Boolean.valueOf(false));
|
||||||
properties.put(ContentModel.PROP_CREDENTIALS_EXPIRE, Boolean.valueOf(false));
|
properties.put(ContentModel.PROP_CREDENTIALS_EXPIRE, Boolean.valueOf(false));
|
||||||
properties.put(ContentModel.PROP_ENABLED, Boolean.valueOf(true));
|
properties.put(ContentModel.PROP_ENABLED, Boolean.valueOf(!emptyPassword));
|
||||||
properties.put(ContentModel.PROP_ACCOUNT_LOCKED, Boolean.valueOf(false));
|
properties.put(ContentModel.PROP_ACCOUNT_LOCKED, Boolean.valueOf(false));
|
||||||
nodeService.createNode(typesNode, ContentModel.ASSOC_CHILDREN, QName.createQName(ContentModel.USER_MODEL_URI,
|
nodeService.createNode(typesNode, ContentModel.ASSOC_CHILDREN, QName.createQName(ContentModel.USER_MODEL_URI,
|
||||||
caseSensitiveUserName), ContentModel.TYPE_USER, properties);
|
caseSensitiveUserName), ContentModel.TYPE_USER, properties);
|
||||||
|
@@ -2155,4 +2155,62 @@ public class AuthenticationTest extends TestCase
|
|||||||
nspr.registerNamespace(NamespaceService.DEFAULT_PREFIX, defaultURI);
|
nspr.registerNamespace(NamespaceService.DEFAULT_PREFIX, defaultURI);
|
||||||
return nspr;
|
return nspr;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public void testCreatingUserWithEmptyPassword() throws Exception
|
||||||
|
{
|
||||||
|
String previousAuthenticatedUser = AuthenticationUtil.getFullyAuthenticatedUser();
|
||||||
|
String userName = GUID.generate();
|
||||||
|
String rawPass = "";
|
||||||
|
try
|
||||||
|
{
|
||||||
|
dao.createUser(userName, null, rawPass.toCharArray());
|
||||||
|
NodeRef userNodeRed = getRepositoryAuthenticationDao().getUserOrNull(userName);
|
||||||
|
assertNotNull(userNodeRed);
|
||||||
|
|
||||||
|
Map<QName, Serializable> properties = nodeService.getProperties(userNodeRed);
|
||||||
|
assertEquals(properties.get(ContentModel.PROP_ENABLED), false);
|
||||||
|
|
||||||
|
properties.remove(ContentModel.PROP_ENABLED);
|
||||||
|
properties.put(ContentModel.PROP_ENABLED, true);
|
||||||
|
nodeService.setProperties(userNodeRed, properties);
|
||||||
|
assertEquals(properties.get(ContentModel.PROP_ENABLED), true);
|
||||||
|
|
||||||
|
try
|
||||||
|
{
|
||||||
|
authenticationService.authenticate(userName, rawPass.toCharArray());
|
||||||
|
fail("Authentication should have been rejected");
|
||||||
|
}
|
||||||
|
catch (IllegalArgumentException e)
|
||||||
|
{
|
||||||
|
assertEquals(e.getMessage(), "rawPassword is a mandatory parameter");
|
||||||
|
}
|
||||||
|
|
||||||
|
rawPass = "newPassword";
|
||||||
|
dao.updateUser(userName, rawPass.toCharArray());
|
||||||
|
try
|
||||||
|
{
|
||||||
|
authenticationService.authenticate(userName, rawPass.toCharArray());
|
||||||
|
}
|
||||||
|
catch (AuthenticationException e)
|
||||||
|
{
|
||||||
|
fail("Authentication should have passed.");
|
||||||
|
}
|
||||||
|
assertEquals(authenticationService.getCurrentUserName(), userName);
|
||||||
|
}
|
||||||
|
finally
|
||||||
|
{
|
||||||
|
if (previousAuthenticatedUser != null)
|
||||||
|
{
|
||||||
|
AuthenticationUtil.setFullyAuthenticatedUser(previousAuthenticatedUser);
|
||||||
|
}
|
||||||
|
try
|
||||||
|
{
|
||||||
|
dao.deleteUser(userName);
|
||||||
|
}
|
||||||
|
catch (Exception e)
|
||||||
|
{
|
||||||
|
// Nothing to do here.
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Reference in New Issue
Block a user