Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

#180 fix symbol character set used in temporary password generation #181

Merged
merged 9 commits into from
Nov 29, 2023
Merged

#180 fix symbol character set used in temporary password generation #181

Show file tree
Hide file tree
Changes from 7 commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
d205933
Fix #169
dewmini Jul 26, 2023
0ec2c52
Update travis config
dewmini Jul 26, 2023
99abd5e
Add test cases #169
dewmini Jul 27, 2023
8756c80
Merge pull request #170 from AtlasOfLivingAustralia/hotfix-3.0.3
yasima-csiro Aug 7, 2023
5aa6c3a
Release 3.0.3
dewmini Aug 7, 2023
192c9f4
Merge branch 'master' into dev
dewmini Aug 7, 2023
42df06a
#180 use custom character data for symbols (without extra special cha…
brucehyslop Nov 29, 2023
860f838
Merge branch 'epic/cognito/develop' into epic/cognito/180-admin-reset…
brucehyslop Nov 29, 2023
f842565
fixed import conflict
brucehyslop Nov 29, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .travis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ branches:
only:
- dev
- master
- hotfix
- /^hotfix.*$/
- grails3
- experimental_jwt
- /^feature.*$/
Expand Down
4 changes: 2 additions & 2 deletions grails-app/controllers/au/org/ala/userdetails/PropertyController.groovy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -89,7 +89,7 @@ class PropertyController extends BaseController {
)
@Path("getProperty")
@Produces("application/json")
@PreAuthorise(requiredScope = 'users/read')
@PreAuthorise(requiredScope = 'users/read', requiredRole = '')
def getProperty() {
String name = params.name
Long alaId = params.long('alaId')
Expand Down Expand Up @@ -166,7 +166,7 @@ class PropertyController extends BaseController {
)
@Path("saveProperty")
@Produces("application/json")
@PreAuthorise(requiredScope = 'users/write')
@PreAuthorise(requiredScope = 'users/write', requiredRole = '')
def saveProperty(){
String name = params.name;
String value = params.value;
Expand Down
3 changes: 2 additions & 1 deletion grails-app/services/au/org/ala/userdetails/PasswordService.groovy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@

package au.org.ala.userdetails

import au.org.ala.auth.EnglishCustomCharacterData
import au.org.ala.auth.PasswordPolicy
import au.org.ala.cas.encoding.BcryptPasswordEncoder
import au.org.ala.cas.encoding.LegacyPasswordEncoder
Expand Down Expand Up @@ -282,7 +283,7 @@ class PasswordService {
ruleGroup.rules.add(new CharacterRule(EnglishCharacterData.Digit, policy.charGroupMinDigit))
}
if (policy.charGroupMinSpecial > 0) {
ruleGroup.rules.add(new CharacterRule(EnglishCharacterData.Special, policy.charGroupMinSpecial))
ruleGroup.rules.add(new CharacterRule(EnglishCustomCharacterData.Special, policy.charGroupMinSpecial))
}
}

Expand Down
78 changes: 78 additions & 0 deletions src/test/groovy/au/org/ala/userdetails/PropertyControllerSpec.groovy
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,78 @@
/*
* Copyright (C) 2022 Atlas of Living Australia
* All Rights Reserved.
*
* The contents of this file are subject to the Mozilla Public
* License Version 1.1 (the "License"); you may not use this file
* except in compliance with the License. You may obtain a copy of
* the License at http://www.mozilla.org/MPL/
*
* Software distributed under the License is distributed on an "AS
* IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
* implied. See the License for the specific language governing
* rights and limitations under the License.
*/

package au.org.ala.userdetails

import au.org.ala.ws.security.JwtProperties
import grails.converters.JSON
import grails.testing.gorm.DataTest
import grails.testing.web.controllers.ControllerUnitTest

class PropertyControllerSpec extends UserDetailsSpec implements ControllerUnitTest<PropertyController>, DataTest{

def profileService = Mock(ProfileService)

static doWithSpring = {
jwtProperties(JwtProperties) {
enabled = true
fallbackToLegacyBehaviour = true
}
authorisedSystemService(UserDetailsSpec.Authorised)
}

private User user

void setupSpec() {
mockDomains(User, Role, UserRole, UserProperty)
}

void setup() {
registerMarshallers()
user = createUser()
controller.profileService = profileService
}

void "Get user property"() {
when:
request.method = 'GET'
params.alaId = Long.toString(user.id)
params.name = "prop1"
controller.getProperty()

then:
1 * profileService.getUserProperty(user, 'prop1') >> { [ new UserProperty(user: user, name: 'prop1', value:
user.userProperties.find {it.name == "prop1"}.value)] }

def deserializedJson = JSON.parse(response.text)
deserializedJson[0].name == 'prop1'
deserializedJson[0].value == user.userProperties.find {it.name == "prop1"}.value
}

void "Save user property"() {
when:
request.method = 'POST'
params.alaId = Long.toString(user.id)
params.name = "city"
params.value = "city"
controller.saveProperty()

then:
1 * profileService.saveUserProperty(user, 'city', 'city') >> { new UserProperty(user: user, name: 'city', value:'city') }

def deserializedJson = JSON.parse(response.text)
deserializedJson.name == 'city'
deserializedJson.value == 'city'
}
}