diff --git a/gradle.properties b/gradle.properties index f92cda1395f..363f05eec53 100644 --- a/gradle.properties +++ b/gradle.properties @@ -44,7 +44,7 @@ commonsLangVersion = 3.12.0 commonsTextVersion = 1.10.0 # Corda API libs revision (change in 4th digit indicates a breaking change) # Change to 5.2.0.xx-SNAPSHOT to pick up maven local published copy -cordaApiVersion=5.2.0.20-alpha-1703002553817 +cordaApiVersion=5.2.0.21-alpha-1703075132231 disruptorVersion=3.4.4 felixConfigAdminVersion=1.9.26 diff --git a/libs/permissions/permission-storage-writer-impl/src/test/kotlin/net/corda/libs/permissions/storage/writer/impl/user/UserWriterImplTest.kt b/libs/permissions/permission-storage-writer-impl/src/test/kotlin/net/corda/libs/permissions/storage/writer/impl/user/UserWriterImplTest.kt index 0b922a90cf8..fd48428c025 100644 --- a/libs/permissions/permission-storage-writer-impl/src/test/kotlin/net/corda/libs/permissions/storage/writer/impl/user/UserWriterImplTest.kt +++ b/libs/permissions/permission-storage-writer-impl/src/test/kotlin/net/corda/libs/permissions/storage/writer/impl/user/UserWriterImplTest.kt @@ -1,6 +1,7 @@ package net.corda.libs.permissions.storage.writer.impl.user import net.corda.data.permissions.management.user.AddRoleToUserRequest +import net.corda.data.permissions.management.user.ChangeUserPasswordRequest import net.corda.data.permissions.management.user.CreateUserRequest import net.corda.data.permissions.management.user.RemoveRoleFromUserRequest import net.corda.libs.permissions.common.exception.EntityAlreadyExistsException @@ -150,6 +151,51 @@ internal class UserWriterImplTest { assertEquals(requestUserId, audit.actorUser) } + @Test + fun `changing user password successfully changes password`() { + // Arrange + val changeUserPasswordRequest = ChangeUserPasswordRequest().apply { + requestedBy = "existingUser" + hashedNewPassword = "newHashedPassword" + saltValue = "newSalt" + passwordExpiry = Instant.now() + } + + val existingUser = User( + id = "userId", + fullName = "Existing User", + loginName = "existingUser", + enabled = true, + hashedPassword = "oldHashedPassword", + saltValue = "oldSalt", + passwordExpiry = Instant.now(), + updateTimestamp = Instant.now(), + parentGroup = mock() + ) + + val typedQueryMock = mock>() + whenever(entityManager.createQuery(any(), eq(User::class.java))).thenReturn(typedQueryMock) + whenever(typedQueryMock.setParameter(eq("loginName"), eq("existingUser"))).thenReturn(typedQueryMock) + whenever(typedQueryMock.resultList).thenReturn(listOf(existingUser)) + + userWriter.changeUserPassword(changeUserPasswordRequest, requestUserId) + + verify(entityManager).merge(existingUser) + assertEquals("newHashedPassword", existingUser.hashedPassword) + assertEquals("newSalt", existingUser.saltValue) + + val auditCaptor = argumentCaptor() + verify(entityManager).persist(auditCaptor.capture()) + + val capturedAudit = auditCaptor.firstValue + assertNotNull(capturedAudit) + assertEquals(RestPermissionOperation.USER_UPDATE, capturedAudit.changeType) + assertEquals("Password for user 'existingUser' changed by '$requestUserId'.", capturedAudit.details) + + verify(entityTransaction).begin() + verify(entityTransaction).commit() + } + @Test fun `add role to user fails when user does not exist`() { whenever(entityManager.createQuery(any(), eq(User::class.java))).thenReturn(userQuery)