verdnatura/salix
verdnatura
/
salix
3
4
Fork 0
Code Issues Pull Requests 57 Releases Wiki Activity

refs #5489 deprecate account.user.password
gitea/salix/pipeline/head There was a failure building this commit Details

This commit is contained in:
Alex Moreno 2023-06-06 15:09:01 +02:00
parent 5d6eaca6b8
commit cb50c617ee
5 changed files with 92 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
back/models/vn-user.json
View File

@ -25,10 +25,7 @@
},
"password": {
"type": "string",
"required": true,
"mysql": {
"columnName": "bcryptPassword"
}
"required": true
},
"roleFk": {
"type": "number",
@ -42,9 +39,6 @@
"lang": {
"type": "string"
},
"bcryptPassword": {
"type": "string"
},
"active": {
"type": "boolean"
},

88
db/changes/232401/00-userPassExpired.sql
View File

@ -1,22 +1,76 @@
ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;
-- DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`;
-- USE account;
DROP PROCEDURE `account`.`myUser_changePassword`;
DROP PROCEDURE `account`.`myUser_restorePassword`;
DROP PROCEDURE `account`.`user_changePassword`;
DROP PROCEDURE `account`.`user_restorePassword`;
DROP PROCEDURE `account`.`user_setPassword`;
-- DELIMITER $$
-- $$
-- CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
-- BEFORE UPDATE ON `user`
-- FOR EACH ROW
-- BEGIN
-- SET NEW.editorFk = account.myUser_getId();
ALTER TABLE account.`user` CHANGE password password__ char(64) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL COMMENT 'Deprecated';
ALTER TABLE account.`user` CHANGE bcryptPassword password varchar(512) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL NULL;
-- IF !(NEW.`name` <=> OLD.`name`) THEN
-- CALL user_checkName (NEW.`name`);
-- END IF;
DELIMITER $$
$$
CREATE OR REPLACE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
BEFORE UPDATE ON `user`
FOR EACH ROW
BEGIN
SET NEW.editorFk = account.myUser_getId();
-- IF !(NEW.`password` <=> OLD.`password`) THEN
-- SET NEW.lastPassChange = util.VN_NOW();
-- END IF;
-- END$$
-- DELIMITER ;
IF !(NEW.`name` <=> OLD.`name`) THEN
CALL user_checkName (NEW.`name`);
END IF;
IF !(NEW.`password` <=> OLD.`password`) THEN
SET NEW.lastPassChange = util.VN_NOW();
END IF;
END$$
DELIMITER ;
CREATE OR REPLACE DEFINER=`root`@`localhost`
SQL SECURITY DEFINER
VIEW `account`.`accountDovecot` AS
select
`u`.`name` AS `name`,
`u`.`password` AS `password`
from
(`account`.`user` `u`
join `account`.`account` `a` on
(`a`.`id` = `u`.`id`))
where
`u`.`active` <> 0;
CREATE OR REPLACE DEFINER=`root`@`localhost`
SQL SECURITY DEFINER
VIEW `salix`.`User` AS
select
`account`.`user`.`id` AS `id`,
`account`.`user`.`realm` AS `realm`,
`account`.`user`.`name` AS `username`,
`account`.`user`.`password` AS `password`,
`account`.`user`.`email` AS `email`,
`account`.`user`.`emailVerified` AS `emailVerified`,
`account`.`user`.`verificationToken` AS `verificationToken`
from
`account`.`user`;
CREATE OR REPLACE DEFINER=`root`@`localhost`
SQL SECURITY DEFINER
VIEW `vn`.`workerTimeControlUserInfo` AS
select
`u`.`id` AS `userFk`,
`w`.`firstName` AS `name`,
`w`.`lastName` AS `surname`,
`u`.`name` AS `user`,
`u`.`password` AS `password`,
`wd`.`departmentFk` AS `departmentFk`,
left(`c`.`fi`,
8) AS `dni`
from
(((`account`.`user` `u`
join `vn`.`worker` `w` on
(`w`.`userFk` = `u`.`id`))
join `vn`.`client` `c` on
(`c`.`id` = `u`.`id`))
left join `vn`.`workerDepartment` `wd` on
(`wd`.`workerFk` = `w`.`id`));

6
db/dump/fixtures.sql
View File

@ -71,8 +71,8 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre
CALL `account`.`role_sync`;
INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`)
SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2'
INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `role`,`active`,`email`, `lang`, `image`, `password`)
SELECT id, name, CONCAT(name, 'Nick'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2'
FROM `account`.`role` WHERE id <> 20
ORDER BY id;
@ -98,7 +98,7 @@ INSERT INTO `hedera`.`tpvConfig`(`id`, `currency`, `terminal`, `transactionType`
VALUES
(1, 978, 1, 0, 2000, 9, 0);
INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `bcryptPassword`, `password`,`role`,`active`,`email`,`lang`, `image`)
INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`, `password`,`role`,`active`,`email`,`lang`, `image`)
VALUES
(1101, 'BruceWayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1102, 'PetterParker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'),

37
e2e/paths/01-salix/05_changePassword.spec.js
View File

@ -18,63 +18,58 @@ fdescribe('ChangePassword path', async() => {
const toExpects = [];
async function saveExpets(message, expectMessage, expectState) {
console.log(message);
if (!message) message = await page.waitForSnackbar();
if (!message && expectMessage) message = await page.waitForSnackbar();
if (expectState)
toExpects.push({value: await page.getState(), expected: toExpects.length + expectState});
toExpects.push({value: await page.getState(), expected: expectState});
if (expectMessage)
toExpects.push({value: message.text, expected: toExpects.length + expectMessage});
}
function expects() {
for (let toExpect of toExpects)
expect(toExpect.expected).toContain(toExpect.value); // eslint-disable-line
toExpects.push({value: message.text, expected: expectMessage});
}
const oldPassword = 'nightmare';
const newPassword = 'newPass.1234';
describe('Bad login', async() => {
it('should receive an error when the password is expired', async() => {
// 0 Expired login
// Expired login
await saveExpets(await page.doLogin(
'maintenance',
'Maintenance',
oldPassword
), 'The password has expired, change it from Salix', 'change-password');
// 1 Bad attempt: incorrect current password
// Bad attempt: incorrect current password
await saveExpets(await page.sendForm($.form, {
oldPassword: newPassword,
newPassword: oldPassword,
repeatPassword: oldPassword
}), 'Invalid current password');
// 2 Bad attempt: password not meet requirements
// Bad attempt: password not meet requirements
await saveExpets(await page.sendForm($.form, {
oldPassword: oldPassword,
newPassword: oldPassword,
repeatPassword: oldPassword
}), 'Password does not meet requirements');
// 3 Correct attempt: change password
// Correct attempt: change password
await saveExpets(await page.sendForm($.form, {
oldPassword: oldPassword,
newPassword: newPassword,
repeatPassword: newPassword
}), 'Password updated!', 'login');
// 4 Bad login, old password
// Bad login, old password
await saveExpets(await page.doLogin(
'maintenance',
'Maintenance',
oldPassword
), 'The password has expired, change it from Salix');
), 'Invalid login');
// 5 Correct login, new password
// Correct login, new password
await saveExpets(await page.doLogin(
'maintenance',
'Maintenance',
newPassword
), null, 'change-password');
), null, 'login');
expects();
for (let toExpect of toExpects)
expect(toExpect.value).toContain(toExpect.expected); // eslint-disable-line
});
});
});

2
modules/account/back/models/account-config.js
View File

@ -111,7 +111,7 @@ module.exports = Self => {
'sync',
'active',
'created',
'bcryptPassword',
'password',
'updated'
],
include: [