Archives/Athou_commafeed
1
0
Fork 1
mirror of https://github.com/Athou/commafeed.git synced 2026-03-21 21:37:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

enforce user password validation when created in the admin view (#1937)

Browse Source
This commit is contained in:
Athou
2025-10-17 10:00:27 +02:00
parent 8871ae894f
commit 7e825192d0
4 changed files with 10 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
commafeed-server/src/main/java/com/commafeed/frontend/model/request/AdminSaveUserRequest.java
View File

@@ -4,6 +4,8 @@ import java.io.Serializable;
import org.eclipse.microprofile.openapi.annotations.media.Schema;
import com.commafeed.security.password.ValidPassword;
import lombok.Data;
@SuppressWarnings("serial")
@@ -21,6 +23,7 @@ public class AdminSaveUserRequest implements Serializable {
private String email;
@Schema(description = "user password")
@ValidPassword
private String password;
@Schema(description = "account status", required = true)

2
commafeed-server/src/main/java/com/commafeed/frontend/model/request/RegistrationRequest.java
View File

@@ -22,7 +22,7 @@ public class RegistrationRequest implements Serializable {
@Size(min = 3, max = 32)
private String name;
@Schema(description = "password, minimum 6 characters", required = true)
@Schema(description = "password", required = true)
@NotEmpty
@ValidPassword
private String password;

3
commafeed-server/src/main/java/com/commafeed/frontend/resource/AdminREST.java
View File

@@ -9,6 +9,7 @@ import java.util.Set;
import jakarta.annotation.security.RolesAllowed;
import jakarta.inject.Singleton;
import jakarta.transaction.Transactional;
import jakarta.validation.Valid;
import jakarta.ws.rs.Consumes;
import jakarta.ws.rs.GET;
import jakarta.ws.rs.POST;
@@ -65,7 +66,7 @@ public class AdminREST {
@Operation(
summary = "Save or update a user",
description = "Save or update a user. If the id is not specified, a new user will be created")
public Response adminSaveUser(@Parameter(required = true) AdminSaveUserRequest req) {
public Response adminSaveUser(@Valid @Parameter(required = true) AdminSaveUserRequest req) {
Preconditions.checkNotNull(req);
Preconditions.checkNotNull(req.getName());

7
commafeed-server/src/test/java/com/commafeed/integration/rest/AdminIT.java
View File

@@ -9,8 +9,8 @@ import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import com.commafeed.backend.model.User;
import com.commafeed.frontend.model.UserModel;
import com.commafeed.frontend.model.request.AdminSaveUserRequest;
import com.commafeed.frontend.model.request.IDRequest;
import com.commafeed.integration.BaseIT;
@@ -51,10 +51,11 @@ class AdminIT extends BaseIT {
}
private long createUser() {
User user = new User();
AdminSaveUserRequest user = new AdminSaveUserRequest();
user.setName("test");
user.setPassword("test".getBytes());
user.setPassword("Test1234!");
user.setEmail("test@test.com");
user.setEnabled(true);
String response = RestAssured.given()
.body(user)
.contentType(ContentType.JSON)