This is an automated email from the ASF dual-hosted git repository. xxyu pushed a commit to branch kylin5 in repository https://gitbox.apache.org/repos/asf/kylin.git
commit 4989854945e1ba3dfe3b49e51a5c921c71227e31 Author: KmCherry0 <86766775+kmcher...@users.noreply.github.com> AuthorDate: Thu Oct 13 15:18:44 2022 +0800 KYLIN-5312 Add verification to the parameters about update password --- .../org/apache/kylin/rest/controller/NUserController.java | 13 +++++-------- .../apache/kylin/rest/controller/NUserControllerTest.java | 6 +++--- 2 files changed, 8 insertions(+), 11 deletions(-) diff --git a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java index baf08f0375..5321112578 100644 --- a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java +++ b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java @@ -54,6 +54,7 @@ import org.apache.kylin.common.persistence.transaction.AclTCRRevokeEventNotifier import org.apache.kylin.common.scheduler.EventBusFactory; import org.apache.kylin.common.util.RandomUtil; import org.apache.kylin.metadata.MetadataConstants; +import org.apache.kylin.metadata.user.ManagedUser; import org.apache.kylin.rest.config.initialize.AfterMetadataReadyEvent; import org.apache.kylin.rest.constant.Constant; import org.apache.kylin.rest.exception.UnauthorizedException; @@ -101,7 +102,6 @@ import org.springframework.web.bind.annotation.ResponseBody; import com.google.common.collect.Lists; import com.google.common.collect.Sets; -import org.apache.kylin.metadata.user.ManagedUser; import io.swagger.annotations.ApiOperation; import lombok.SneakyThrows; import lombok.val; @@ -423,21 +423,15 @@ public class NUserController extends NBasicController implements ApplicationList throw new KylinException(PERMISSION_DENIED, msg.getPermissionDenied()); } accessService.checkDefaultAdmin(username, true); - val oldPassword = pwdBase64Decode(StringUtils.isEmpty(user.getPassword()) ? StringUtils.EMPTY : user.getPassword()); - val newPassword = pwdBase64Decode(user.getNewPassword()); checkUsername(username); - checkPasswordLength(newPassword); - - checkPasswordCharacter(newPassword); - ManagedUser existingUser = getManagedUser(username); if (existingUser == null) { throw new KylinException(USER_NOT_EXIST, String.format(Locale.ROOT, msg.getUserNotFound(), username)); } val actualOldPassword = existingUser.getPassword(); - + val oldPassword = pwdBase64Decode(StringUtils.isEmpty(user.getPassword()) ? StringUtils.EMPTY : user.getPassword()); // when reset oneself's password (includes ADMIN users), check old password if (StringUtils.equals(getPrincipal(), username)) { checkRequiredArg("password", user.getPassword()); @@ -447,6 +441,9 @@ public class NUserController extends NBasicController implements ApplicationList } checkRequiredArg("new_password", user.getNewPassword()); + val newPassword = pwdBase64Decode(StringUtils.isEmpty(user.getNewPassword()) ? StringUtils.EMPTY : user.getNewPassword()); + checkPasswordLength(newPassword); + checkPasswordCharacter(newPassword); if (newPassword.equals(oldPassword)) { throw new KylinException(FAILED_UPDATE_PASSWORD, msg.getNewPasswordSameAsOld()); diff --git a/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java b/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java index 06fa4416f7..74a4f4b467 100644 --- a/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java +++ b/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java @@ -42,6 +42,7 @@ import org.apache.kylin.common.msg.Message; import org.apache.kylin.common.util.JsonUtil; import org.apache.kylin.common.util.NLocalFileMetadataTestCase; import org.apache.kylin.junit.rule.ClearKEPropertiesRule; +import org.apache.kylin.metadata.user.ManagedUser; import org.apache.kylin.rest.request.PasswordChangeRequest; import org.apache.kylin.rest.request.UserRequest; import org.apache.kylin.rest.response.EnvelopeResponse; @@ -79,7 +80,6 @@ import org.springframework.web.accept.ContentNegotiationManager; import com.google.common.collect.Lists; import com.google.common.collect.Maps; -import org.apache.kylin.metadata.user.ManagedUser; import lombok.val; public class NUserControllerTest extends NLocalFileMetadataTestCase { @@ -408,7 +408,7 @@ public class NUserControllerTest extends NLocalFileMetadataTestCase { @Test public void testUpdatePassword_InvalidPasswordPattern() throws Exception { - val user = new ManagedUser(); + val user = new ManagedUser("ADMIN", pwdEncoder.encode("KYLIN"), false); val request = new PasswordChangeRequest(); request.setUsername("ADMIN"); @@ -427,7 +427,7 @@ public class NUserControllerTest extends NLocalFileMetadataTestCase { @Test public void testUpdatePassword_InvalidPasswordLength() throws Exception { - val user = new ManagedUser(); + val user = new ManagedUser("ADMIN", pwdEncoder.encode("KYLIN"), false); val request = new PasswordChangeRequest(); request.setUsername("ADMIN");