Examples with UserAccount com.github.nkonev.aaa.entity.jdbc.UserAccount used on opensource projects

Search in sources :

Example 1 with UserAccount

use of com.github.nkonev.aaa.entity.jdbc.UserAccount in project videochat by nkonev.

the class RegistrationControllerTest method testAttackerCannotStealLockedUserAccount.

@Test
public void testAttackerCannotStealLockedUserAccount() throws Exception {
    String bobEmail = "bob@example.com";
    UserAccount bob = userAccountRepository.findByEmail(bobEmail).orElseThrow(() -> new RuntimeException("bob not found in test"));
    bob = bob.withLocked(true);
    bob = userAccountRepository.save(bob);
    // attacker
    long tokenCountBeforeResend = userConfirmationTokenRepository.count();
    mockMvc.perform(post(Constants.Urls.API + Constants.Urls.RESEND_CONFIRMATION_EMAIL + "?email=" + bobEmail).with(csrf())).andExpect(status().isOk());
    Assertions.assertEquals(tokenCountBeforeResend, userConfirmationTokenRepository.count(), "new token shouldn't appear when attacker attempts reactivate banned(locked) user");
}
Also used : UserAccount(com.github.nkonev.aaa.entity.jdbc.UserAccount) Test(org.junit.jupiter.api.Test) ServerSetupTest(com.icegreen.greenmail.util.ServerSetupTest)

Example 2 with UserAccount

use of com.github.nkonev.aaa.entity.jdbc.UserAccount in project videochat by nkonev.

the class RegistrationControllerTest method testRegistrationUserWithSameEmailAlreadyPresent.

@Test
public void testRegistrationUserWithSameEmailAlreadyPresent() throws Exception {
    final String email = "alice@example.com";
    final String username = "newbie";
    final String password = "password";
    UserAccount userAccountBefore = userAccountRepository.findByEmail(email).orElseThrow(() -> new RuntimeException("user account not found in test"));
    EditUserDTO createUserDTO = new EditUserDTO(username, null, null, password, email);
    // register
    MvcResult createAccountResult = mockMvc.perform(post(Constants.Urls.API + Constants.Urls.REGISTER).content(objectMapper.writeValueAsString(createUserDTO)).contentType(MediaType.APPLICATION_JSON_UTF8_VALUE).with(csrf())).andExpect(status().isOk()).andReturn();
    String stringResponse = createAccountResult.getResponse().getContentAsString();
    LOGGER.info(stringResponse);
    UserAccount userAccountAfter = userAccountRepository.findByEmail(email).orElseThrow(() -> new RuntimeException("user account not found in test"));
    // check that initial user account is not affected
    Assertions.assertEquals(userAccountBefore.id(), userAccountAfter.id());
    Assertions.assertEquals(userAccountBefore.avatar(), userAccountAfter.avatar());
    Assertions.assertEquals(TestConstants.USER_ALICE, userAccountBefore.username());
    Assertions.assertEquals(userAccountBefore.username(), userAccountAfter.username());
    Assertions.assertEquals(userAccountBefore.password(), userAccountAfter.password());
    Assertions.assertEquals(userAccountBefore.role(), userAccountAfter.role());
}
Also used : EditUserDTO(com.github.nkonev.aaa.dto.EditUserDTO) MvcResult(org.springframework.test.web.servlet.MvcResult) UserAccount(com.github.nkonev.aaa.entity.jdbc.UserAccount) Test(org.junit.jupiter.api.Test) ServerSetupTest(com.icegreen.greenmail.util.ServerSetupTest)

Example 3 with UserAccount

use of com.github.nkonev.aaa.entity.jdbc.UserAccount in project videochat by nkonev.

the class UserProfileControllerTest method fullyAuthenticatedUserCanChangeHerProfile.

@WithUserDetails(TestConstants.USER_ALICE)
@org.junit.jupiter.api.Test
public void fullyAuthenticatedUserCanChangeHerProfile() throws Exception {
    receiver.clear();
    UserAccount userAccount = getUserFromBd(TestConstants.USER_ALICE);
    final String initialPassword = userAccount.password();
    final String newLogin = "new_alice";
    EditUserDTO edit = UserAccountConverter.convertToEditUserDto(userAccount);
    edit = edit.withLogin(newLogin);
    MvcResult mvcResult = mockMvc.perform(post(Constants.Urls.API + Constants.Urls.PROFILE).content(objectMapper.writeValueAsString(edit)).contentType(MediaType.APPLICATION_JSON_UTF8).with(csrf())).andExpect(status().isOk()).andExpect(jsonPath("$.login").value(newLogin)).andExpect(jsonPath("$.password").doesNotExist()).andReturn();
    LOGGER.info(mvcResult.getResponse().getContentAsString());
    Assertions.assertEquals(initialPassword, getUserFromBd(newLogin).password(), "password shouldn't be affected if there isn't set explicitly");
    MvcResult getPostsRequest = mockMvc.perform(get(Constants.Urls.API + Constants.Urls.PROFILE)).andExpect(status().isOk()).andExpect(jsonPath("$.login").value(newLogin)).andExpect(jsonPath("$.password").doesNotExist()).andReturn();
    for (int i = 0; i < 10; ++i) {
        if (receiver.size() > 0) {
            break;
        } else {
            Uninterruptibles.sleepUninterruptibly(Duration.of(1, ChronoUnit.SECONDS));
        }
    }
    Assertions.assertEquals(1, receiver.size());
    final UserAccountDTO userAccountEvent = receiver.getLast();
    Assertions.assertEquals(newLogin, userAccountEvent.login());
}
Also used : UserAccountDTO(com.github.nkonev.aaa.dto.UserAccountDTO) EditUserDTO(com.github.nkonev.aaa.dto.EditUserDTO) MvcResult(org.springframework.test.web.servlet.MvcResult) UserAccount(com.github.nkonev.aaa.entity.jdbc.UserAccount) Test(org.junit.jupiter.api.Test) WithUserDetails(org.springframework.security.test.context.support.WithUserDetails)

Example 4 with UserAccount

use of com.github.nkonev.aaa.entity.jdbc.UserAccount in project videochat by nkonev.

the class UserProfileControllerTest method createUserForDelete.

private long createUserForDelete(String login) {
    UserAccount userAccount = new UserAccount(null, CreationType.REGISTRATION, login, null, null, null, false, false, true, UserRole.ROLE_USER, login + "@example.com", null, null);
    userAccount = userAccountRepository.save(userAccount);
    return userAccount.id();
}
Also used : UserAccount(com.github.nkonev.aaa.entity.jdbc.UserAccount)

Example 5 with UserAccount

use of com.github.nkonev.aaa.entity.jdbc.UserAccount in project videochat by nkonev.

the class UserProfileControllerTest method fullyAuthenticatedUserCannotBringForeignEmail.

@WithUserDetails(TestConstants.USER_ALICE)
@Test
public void fullyAuthenticatedUserCannotBringForeignEmail() throws Exception {
    UserAccount userAccount = getUserFromBd(TestConstants.USER_ALICE);
    final String newEmail = TestConstants.USER_BOB + "@example.com";
    final Optional<UserAccount> foreignBobAccountOptional = userAccountRepository.findByEmail(newEmail);
    final UserAccount foreignBobAccount = foreignBobAccountOptional.orElseThrow(() -> new RuntimeException("foreign email '" + newEmail + "' must be present"));
    final long foreingId = foreignBobAccount.id();
    final String foreignPassword = foreignBobAccount.password();
    final String foreignEmail = foreignBobAccount.email();
    EditUserDTO edit = UserAccountConverter.convertToEditUserDto(userAccount);
    edit = edit.withEmail(newEmail);
    MvcResult mvcResult = mockMvc.perform(post(Constants.Urls.API + Constants.Urls.PROFILE).content(objectMapper.writeValueAsString(edit)).contentType(MediaType.APPLICATION_JSON_UTF8).with(csrf())).andExpect(// we care for emails
    status().isOk()).andReturn();
    LOGGER.info(mvcResult.getResponse().getContentAsString());
    UserAccount foreignAccountAfter = getUserFromBd(TestConstants.USER_BOB);
    Assertions.assertEquals(foreingId, foreignAccountAfter.id().longValue());
    Assertions.assertEquals(foreignEmail, foreignAccountAfter.email());
    Assertions.assertEquals(foreignPassword, foreignAccountAfter.password());
}
Also used : EditUserDTO(com.github.nkonev.aaa.dto.EditUserDTO) MvcResult(org.springframework.test.web.servlet.MvcResult) UserAccount(com.github.nkonev.aaa.entity.jdbc.UserAccount) Test(org.junit.jupiter.api.Test) WithUserDetails(org.springframework.security.test.context.support.WithUserDetails)

Aggregations

UserAccount (com.github.nkonev.aaa.entity.jdbc.UserAccount)41 Test (org.junit.jupiter.api.Test)18 MvcResult (org.springframework.test.web.servlet.MvcResult)10 WithUserDetails (org.springframework.security.test.context.support.WithUserDetails)9 EditUserDTO (com.github.nkonev.aaa.dto.EditUserDTO)7 UserRole (com.github.nkonev.aaa.dto.UserRole)6 URI (java.net.URI)4 RequestEntity (org.springframework.http.RequestEntity)4 UserConfirmationToken (com.github.nkonev.aaa.entity.redis.UserConfirmationToken)3 UserAccountDetailsDTO (com.github.nkonev.aaa.dto.UserAccountDetailsDTO)2 PasswordResetToken (com.github.nkonev.aaa.entity.redis.PasswordResetToken)2 ServerSetupTest (com.icegreen.greenmail.util.ServerSetupTest)2 PostMapping (org.springframework.web.bind.annotation.PostMapping)2 WebResponse (com.gargoylesoftware.htmlunit.WebResponse)1 Cookie (com.gargoylesoftware.htmlunit.util.Cookie)1 LockDTO (com.github.nkonev.aaa.dto.LockDTO)1 UserAccountDTO (com.github.nkonev.aaa.dto.UserAccountDTO)1 BadRequestException (com.github.nkonev.aaa.exception.BadRequestException)1 OAuth2IdConflictException (com.github.nkonev.aaa.exception.OAuth2IdConflictException)1 PasswordResetTokenNotFoundException (com.github.nkonev.aaa.exception.PasswordResetTokenNotFoundException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial