verdnatura/salix
verdnatura
/
salix
3
5
Fork 0
Code Issues Pull Requests 66 Releases Wiki Activity

5472-user_passExpired #1594

Merged
alexm merged 34 commits from 5472-user_passExpired into dev 2023-06-12 10:38:25 +00:00
Conversation 0 Commits 34 Files Changed 34 +92 -49
5 changed files with 92 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit cb50c617ee - Show all commits

8
back/models/vn-user.json
View File

@ -25,10 +25,7 @@
}, },
"password": { "password": {
"type": "string", "type": "string",
"required": true, "required": true
"mysql": {
"columnName": "bcryptPassword"
}
}, },
"roleFk": { "roleFk": {
"type": "number", "type": "number",
@ -42,9 +39,6 @@
"lang": { "lang": {
"type": "string" "type": "string"
}, },
"bcryptPassword": {
"type": "string"
},
"active": { "active": {
"type": "boolean" "type": "boolean"
}, },

88
db/changes/232401/00-userPassExpired.sql
View File

@ -1,22 +1,76 @@
ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL; ALTER TABLE `account`.`user` ADD passExpired DATE DEFAULT NULL;
-- DROP TRIGGER IF EXISTS `account`.`user_beforeUpdate`; DROP PROCEDURE `account`.`myUser_changePassword`;
-- USE account; DROP PROCEDURE `account`.`myUser_restorePassword`;
DROP PROCEDURE `account`.`user_changePassword`;
DROP PROCEDURE `account`.`user_restorePassword`;
DROP PROCEDURE `account`.`user_setPassword`;
-- DELIMITER $$ ALTER TABLE account.`user` CHANGE password password__ char(64) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci NOT NULL COMMENT 'Deprecated';
-- $$ ALTER TABLE account.`user` CHANGE bcryptPassword password varchar(512) CHARACTER SET utf8mb3 COLLATE utf8mb3_unicode_ci DEFAULT NULL NULL;
-- CREATE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
-- BEFORE UPDATE ON `user`
-- FOR EACH ROW
-- BEGIN
-- SET NEW.editorFk = account.myUser_getId();
-- IF !(NEW.`name` <=> OLD.`name`) THEN DELIMITER $$
-- CALL user_checkName (NEW.`name`); $$
-- END IF; CREATE OR REPLACE DEFINER=`root`@`localhost` TRIGGER `account`.`user_beforeUpdate`
BEFORE UPDATE ON `user`
FOR EACH ROW
BEGIN
SET NEW.editorFk = account.myUser_getId();
-- IF !(NEW.`password` <=> OLD.`password`) THEN IF !(NEW.`name` <=> OLD.`name`) THEN
-- SET NEW.lastPassChange = util.VN_NOW(); CALL user_checkName (NEW.`name`);
-- END IF; END IF;
-- END$$
-- DELIMITER ; IF !(NEW.`password` <=> OLD.`password`) THEN
SET NEW.lastPassChange = util.VN_NOW();
END IF;
END$$
DELIMITER ;
CREATE OR REPLACE DEFINER=`root`@`localhost`
SQL SECURITY DEFINER
VIEW `account`.`accountDovecot` AS
select
`u`.`name` AS `name`,
`u`.`password` AS `password`
from
(`account`.`user` `u`
join `account`.`account` `a` on
(`a`.`id` = `u`.`id`))
where
`u`.`active` <> 0;
CREATE OR REPLACE DEFINER=`root`@`localhost`
SQL SECURITY DEFINER
VIEW `salix`.`User` AS
select
`account`.`user`.`id` AS `id`,
`account`.`user`.`realm` AS `realm`,
`account`.`user`.`name` AS `username`,
`account`.`user`.`password` AS `password`,
`account`.`user`.`email` AS `email`,
`account`.`user`.`emailVerified` AS `emailVerified`,
`account`.`user`.`verificationToken` AS `verificationToken`
from
`account`.`user`;
CREATE OR REPLACE DEFINER=`root`@`localhost`
SQL SECURITY DEFINER
VIEW `vn`.`workerTimeControlUserInfo` AS
select
`u`.`id` AS `userFk`,
`w`.`firstName` AS `name`,
`w`.`lastName` AS `surname`,
`u`.`name` AS `user`,
`u`.`password` AS `password`,
`wd`.`departmentFk` AS `departmentFk`,
left(`c`.`fi`,
8) AS `dni`
from
(((`account`.`user` `u`
join `vn`.`worker` `w` on
(`w`.`userFk` = `u`.`id`))
join `vn`.`client` `c` on
(`c`.`id` = `u`.`id`))
left join `vn`.`workerDepartment` `wd` on
(`wd`.`workerFk` = `w`.`id`));

6
db/dump/fixtures.sql
View File

@ -71,8 +71,8 @@ INSERT INTO `account`.`roleConfig`(`id`, `mysqlPassword`, `rolePrefix`, `userPre
CALL `account`.`role_sync`; CALL `account`.`role_sync`;
INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `password`,`role`,`active`,`email`, `lang`, `image`, `bcryptPassword`) INSERT INTO `account`.`user`(`id`,`name`, `nickname`, `role`,`active`,`email`, `lang`, `image`, `password`)
SELECT id, name, CONCAT(name, 'Nick'),MD5('nightmare'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2' SELECT id, name, CONCAT(name, 'Nick'), id, 1, CONCAT(name, '@mydomain.com'), 'en', '4fa3ada0-3ac4-11eb-9ab8-27f6fc3b85fd', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2'
FROM `account`.`role` WHERE id <> 20 FROM `account`.`role` WHERE id <> 20
ORDER BY id; ORDER BY id;
@ -98,7 +98,7 @@ INSERT INTO `hedera`.`tpvConfig`(`id`, `currency`, `terminal`, `transactionType`
VALUES VALUES
(1, 978, 1, 0, 2000, 9, 0); (1, 978, 1, 0, 2000, 9, 0);
INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `bcryptPassword`, `password`,`role`,`active`,`email`,`lang`, `image`) INSERT INTO `account`.`user`(`id`,`name`,`nickname`, `password`, `password`,`role`,`active`,`email`,`lang`, `image`)
VALUES VALUES
(1101, 'BruceWayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'), (1101, 'BruceWayne', 'Bruce Wayne', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'BruceWayne@mydomain.com', 'es', 'e7723f0b24ff05b32ed09d95196f2f29'),
(1102, 'PetterParker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'), (1102, 'PetterParker', 'Petter Parker', '$2b$10$UzQHth.9UUQ1T5aiQJ21lOU0oVlbxoqH4PFM9V8T90KNSAcg0eEL2', 'ac754a330530832ba1bf7687f577da91', 2, 1, 'PetterParker@mydomain.com', 'en', 'e7723f0b24ff05b32ed09d95196f2f29'),

37
e2e/paths/01-salix/05_changePassword.spec.js
View File

@ -18,63 +18,58 @@ fdescribe('ChangePassword path', async() => {
const toExpects = []; const toExpects = [];
async function saveExpets(message, expectMessage, expectState) { async function saveExpets(message, expectMessage, expectState) {
console.log(message); if (!message && expectMessage) message = await page.waitForSnackbar();
if (!message) message = await page.waitForSnackbar();
if (expectState) if (expectState)
toExpects.push({value: await page.getState(), expected: toExpects.length + expectState}); toExpects.push({value: await page.getState(), expected: expectState});
if (expectMessage) if (expectMessage)
toExpects.push({value: message.text, expected: toExpects.length + expectMessage}); toExpects.push({value: message.text, expected: expectMessage});
}
function expects() {
for (let toExpect of toExpects)
expect(toExpect.expected).toContain(toExpect.value); // eslint-disable-line
} }
const oldPassword = 'nightmare'; const oldPassword = 'nightmare';
const newPassword = 'newPass.1234'; const newPassword = 'newPass.1234';
describe('Bad login', async() => { describe('Bad login', async() => {
it('should receive an error when the password is expired', async() => { it('should receive an error when the password is expired', async() => {
alexm marked this conversation as resolved Outdated
alexm commented 2023-06-08 08:23:04 +00:00
Outdated
Review
Copy Link

cambiar te2e

cambiar te2e
// 0 Expired login // Expired login
await saveExpets(await page.doLogin( await saveExpets(await page.doLogin(
'maintenance', 'Maintenance',
oldPassword oldPassword
), 'The password has expired, change it from Salix', 'change-password'); ), 'The password has expired, change it from Salix', 'change-password');
// 1 Bad attempt: incorrect current password // Bad attempt: incorrect current password
await saveExpets(await page.sendForm($.form, { await saveExpets(await page.sendForm($.form, {
oldPassword: newPassword, oldPassword: newPassword,
newPassword: oldPassword, newPassword: oldPassword,
repeatPassword: oldPassword repeatPassword: oldPassword
}), 'Invalid current password'); }), 'Invalid current password');
// 2 Bad attempt: password not meet requirements // Bad attempt: password not meet requirements
await saveExpets(await page.sendForm($.form, { await saveExpets(await page.sendForm($.form, {
oldPassword: oldPassword, oldPassword: oldPassword,
newPassword: oldPassword, newPassword: oldPassword,
repeatPassword: oldPassword repeatPassword: oldPassword
}), 'Password does not meet requirements'); }), 'Password does not meet requirements');
// 3 Correct attempt: change password // Correct attempt: change password
await saveExpets(await page.sendForm($.form, { await saveExpets(await page.sendForm($.form, {
oldPassword: oldPassword, oldPassword: oldPassword,
newPassword: newPassword, newPassword: newPassword,
repeatPassword: newPassword repeatPassword: newPassword
}), 'Password updated!', 'login'); }), 'Password updated!', 'login');
// 4 Bad login, old password // Bad login, old password
await saveExpets(await page.doLogin( await saveExpets(await page.doLogin(
'maintenance', 'Maintenance',
oldPassword oldPassword
), 'The password has expired, change it from Salix'); ), 'Invalid login');
// 5 Correct login, new password // Correct login, new password
await saveExpets(await page.doLogin( await saveExpets(await page.doLogin(
'maintenance', 'Maintenance',
newPassword newPassword
), null, 'change-password'); ), null, 'login');
expects(); for (let toExpect of toExpects)
expect(toExpect.value).toContain(toExpect.expected); // eslint-disable-line
}); });
}); });
}); });

2
modules/account/back/models/account-config.js
View File

@ -111,7 +111,7 @@ module.exports = Self => {
'sync', 'sync',
'active', 'active',
'created', 'created',
'bcryptPassword', 'password',
'updated' 'updated'
], ],
include: [ include: [