Minor REST V2 changes for userservice
diff --git a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/v2/MeUser.java b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/v2/MeUser.java
new file mode 100644
index 0000000..e307618
--- /dev/null
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/model/v2/MeUser.java
@@ -0,0 +1,75 @@
+package org.apache.archiva.redback.rest.api.model.v2;
+
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+import javax.xml.bind.annotation.XmlRootElement;
+
+/**
+ * JSON object for updating own user data.
+ * Contains only the attributes, that a user is allowed to update. The user id is used from the logged in user principal.
+ */
+@XmlRootElement( name = "user" )
+public class MeUser
+{
+ private String email;
+ private String fullName;
+ private String password;
+ private String currentPassword;
+
+ public String getEmail( )
+ {
+ return email;
+ }
+
+ public void setEmail( String email )
+ {
+ this.email = email;
+ }
+
+ public String getFullName( )
+ {
+ return fullName;
+ }
+
+ public void setFullName( String fullName )
+ {
+ this.fullName = fullName;
+ }
+
+ public String getPassword( )
+ {
+ return password;
+ }
+
+ public void setPassword( String password )
+ {
+ this.password = password;
+ }
+
+ public String getCurrentPassword( )
+ {
+ return currentPassword;
+ }
+
+ public void setCurrentPassword( String currentPassword )
+ {
+ this.currentPassword = currentPassword;
+ }
+}
diff --git a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
index ba739e0..0ea3091 100644
--- a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
@@ -28,6 +28,7 @@
import org.apache.archiva.redback.rest.api.model.ActionStatus;
import org.apache.archiva.redback.rest.api.model.v2.AvailabilityStatus;
import org.apache.archiva.redback.rest.api.model.Operation;
+import org.apache.archiva.redback.rest.api.model.v2.MeUser;
import org.apache.archiva.redback.rest.api.model.v2.PagedResult;
import org.apache.archiva.redback.rest.api.model.Permission;
import org.apache.archiva.redback.rest.api.model.v2.PingResult;
@@ -168,7 +169,7 @@
/**
*/
- @Path( "{userId}/lock" )
+ @Path( "{userId}/lock/set" )
@POST
@Produces( { MediaType.APPLICATION_JSON } )
@RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION )
@@ -185,11 +186,11 @@
/**
*/
- @Path( "{userId}/unlock" )
+ @Path( "{userId}/lock/clear" )
@POST
@Produces( { MediaType.APPLICATION_JSON } )
@RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_EDIT_OPERATION )
- @io.swagger.v3.oas.annotations.Operation( summary = "Creates a user",
+ @io.swagger.v3.oas.annotations.Operation( summary = "Unlocks a user",
responses = {
@ApiResponse( responseCode = "200",
description = "If unlocking was successful"
@@ -255,7 +256,7 @@
@ApiResponse( responseCode = "400", description = "Provided data is not valid" )
}
)
- User updateMe( User user )
+ User updateMe( MeUser user )
throws RedbackServiceException;
@Path( "me" )
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
index 2273d00..5cde4ca 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/v2/DefaultUserService.java
@@ -48,6 +48,7 @@
import org.apache.archiva.redback.rest.api.model.ErrorMessage;
import org.apache.archiva.redback.rest.api.model.Operation;
import org.apache.archiva.redback.rest.api.model.Permission;
+import org.apache.archiva.redback.rest.api.model.v2.MeUser;
import org.apache.archiva.redback.rest.api.model.v2.RegistrationKey;
import org.apache.archiva.redback.rest.api.model.ResetPasswordRequest;
import org.apache.archiva.redback.rest.api.model.Resource;
@@ -362,28 +363,25 @@
}
@Override
- public User updateMe( User user )
+ public User updateMe( MeUser user )
throws RedbackServiceException
{
RedbackPrincipal principal = getPrincipal( );
if (principal==null) {
throw new RedbackServiceException( ErrorMessage.of( ERR_AUTH_UNAUTHORIZED_REQUEST ), 401 );
}
- if (StringUtils.isEmpty( user.getUserId() ) || !principal.getUser().getUsername().equals(user.getUserId())) {
- throw new RedbackServiceException( ErrorMessage.of( ERR_AUTH_UNAUTHORIZED_REQUEST ), Response.Status.FORBIDDEN.getStatusCode() );
- }
// check oldPassword with the current one
// only 3 fields to update
// ui can limit to not update password
- org.apache.archiva.redback.users.User foundUser = updateUser( user.getUserId( ), realUser -> {
+ org.apache.archiva.redback.users.User foundUser = updateUser( principal.getName(), realUser -> {
try
{
// current password is only needed, if password change is requested
if ( StringUtils.isNotBlank( user.getPassword( ) ) )
{
String previousEncodedPassword =
- securitySystem.getUserManager( ).findUser( user.getUserId( ), false ).getEncodedPassword( );
+ securitySystem.getUserManager( ).findUser( principal.getName(), false ).getEncodedPassword( );
// check oldPassword with the current one
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
index e8fd540..c05fa36 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
@@ -454,7 +454,7 @@
try
{
given( ).spec( getRequestSpec( token ) ).contentType( JSON )
- .post( "aragorn/lock" )
+ .post( "aragorn/lock/set" )
.then( ).statusCode( 200 );
Response response = given( ).spec( getRequestSpec( token ) ).contentType( JSON )
.get( "aragorn" )
@@ -474,7 +474,7 @@
{
String token = getAdminToken( );
given( ).spec( getRequestSpec( token ) ).contentType( JSON )
- .post( "aragorn/lock" )
+ .post( "aragorn/lock/set" )
.then( ).statusCode( 404 );
}
@@ -500,7 +500,7 @@
try
{
given( ).spec( getRequestSpec( token ) ).contentType( JSON )
- .post( "aragorn/unlock" )
+ .post( "aragorn/lock/clear" )
.then( ).statusCode( 200 );
response = given( ).spec( getRequestSpec( token ) ).contentType( JSON )
.get( "aragorn" )
@@ -617,7 +617,6 @@
String userToken = getUserToken( "aragorn", "pAssw0rD" );
Map<String, Object> updateMap = new HashMap<>( );
- updateMap.put( "user_id", "aragorn" );
updateMap.put( "email", "aragorn-swiss@lordoftherings.org" );
updateMap.put( "fullName", "Aragorn King of Switzerland" );
Response response = given( ).spec( getRequestSpec( userToken ) ).contentType( JSON )
@@ -637,54 +636,6 @@
}
@Test
- void updateMeInvalidUser( )
- {
- String token = getAdminToken( );
- Map<String, Object> jsonAsMap = new HashMap<>( );
- jsonAsMap.put( "user_id", "aragorn" );
- jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
- jsonAsMap.put( "fullName", "Aragorn King of Gondor" );
- jsonAsMap.put( "validated", true );
- jsonAsMap.put( "password", "pAssw0rDA" );
- given( ).spec( getRequestSpec( token ) ).contentType( JSON )
- .body( jsonAsMap )
- .when( )
- .post( )
- .then( ).statusCode( 201 );
-
- jsonAsMap.put( "user_id", "elrond" );
- jsonAsMap.put( "email", "elrond@lordoftherings.org" );
- jsonAsMap.put( "fullName", "Elrond King of Elves" );
- jsonAsMap.put( "validated", true );
- jsonAsMap.put( "password", "pAssw0rDE" );
- given( ).spec( getRequestSpec( token ) ).contentType( JSON )
- .body( jsonAsMap )
- .when( )
- .post( )
- .then( ).statusCode( 201 );
- try
- {
-
- String userToken = getUserToken( "aragorn", "pAssw0rDA" );
- Map<String, Object> updateMap = new HashMap<>( );
- updateMap.put( "user_id", "elrond" );
- updateMap.put( "email", "elrond-swiss@lordoftherings.org" );
- updateMap.put( "fullName", "Elrond King of Switzerland" );
- Response response = given( ).spec( getRequestSpec( userToken ) ).contentType( JSON )
- .body( updateMap )
- .when( )
- .put( "me" )
- .then( ).statusCode( 403 ).extract( ).response( );
- }
- finally
- {
- given( ).spec( getRequestSpec( token ) ).contentType( JSON )
- .delete( "aragorn" )
- .then( ).statusCode( 200 );
- }
- }
-
- @Test
void updateMeWithPassword( )
{
String token = getAdminToken( );
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/UserServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/UserServiceTest.java
index 0268452..2fc8431 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/UserServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/UserServiceTest.java
@@ -21,6 +21,7 @@
import org.apache.archiva.redback.rest.api.model.GrantType;
import org.apache.archiva.redback.rest.api.model.Operation;
+import org.apache.archiva.redback.rest.api.model.v2.MeUser;
import org.apache.archiva.redback.rest.api.model.v2.PagedResult;
import org.apache.archiva.redback.rest.api.model.Permission;
import org.apache.archiva.redback.rest.api.model.v2.PingResult;
@@ -504,21 +505,22 @@
u.setValidated( true );
getUserService( getAdminAuthzHeader( ) ).createUser( u );
- u.setFullName( "the toto123" );
- u.setEmail( "toto@titi.fr" );
- u.setPassword( "toto1234" );
- u.setCurrentPassword( "toto123" );
- getUserService( getUserAuthzHeader( "toto" ) ).updateMe( u );
+ MeUser meUser = new MeUser( );
+ meUser.setFullName( "the toto123" );
+ meUser.setEmail( "toto@titi.fr" );
+ meUser.setPassword( "toto1234" );
+ meUser.setCurrentPassword( "toto123" );
+ getUserService( getUserAuthzHeader( "toto" ) ).updateMe( meUser );
u = getUserService( getAdminAuthzHeader( ) ).getUser( "toto" );
assertEquals( "the toto123", u.getFullName( ) );
assertEquals( "toto@titi.fr", u.getEmail( ) );
- u.setFullName( "the toto1234" );
- u.setEmail( "toto@tititi.fr" );
- u.setPassword( "toto12345" );
- u.setCurrentPassword( "toto1234" );
- getUserService( getUserAuthzHeader( "toto" )) .updateMe( u );
+ meUser.setFullName( "the toto1234" );
+ meUser.setEmail( "toto@tititi.fr" );
+ meUser.setPassword( "toto12345" );
+ meUser.setCurrentPassword( "toto1234" );
+ getUserService( getUserAuthzHeader( "toto" )) .updateMe( meUser );
u = getUserService( getAdminAuthzHeader( ) ).getUser( "toto" );
assertEquals( "the toto1234", u.getFullName( ) );