Repository: usergrid Updated Branches: refs/heads/master 9141f8dc2 -> 3b1b0ca1c
Fix issue where default passwords are not being created when not provided ( you are allowed to create new admin users with just an email and it will invoke a reset password flow). Project: http://git-wip-us.apache.org/repos/asf/usergrid/repo Commit: http://git-wip-us.apache.org/repos/asf/usergrid/commit/3b1b0ca1 Tree: http://git-wip-us.apache.org/repos/asf/usergrid/tree/3b1b0ca1 Diff: http://git-wip-us.apache.org/repos/asf/usergrid/diff/3b1b0ca1 Branch: refs/heads/master Commit: 3b1b0ca1c093d03074c8dff86cf2d14deea96f79 Parents: 9141f8d Author: Michael Russo <[email protected]> Authored: Thu Mar 23 13:18:19 2017 -0700 Committer: Michael Russo <[email protected]> Committed: Thu Mar 23 13:18:19 2017 -0700 ---------------------------------------------------------------------- .../rest/management/OrganizationsIT.java | 32 ++++++++++++++++++++ .../cassandra/ManagementServiceImpl.java | 9 +++--- 2 files changed, 36 insertions(+), 5 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/usergrid/blob/3b1b0ca1/stack/rest/src/test/java/org/apache/usergrid/rest/management/OrganizationsIT.java ---------------------------------------------------------------------- diff --git a/stack/rest/src/test/java/org/apache/usergrid/rest/management/OrganizationsIT.java b/stack/rest/src/test/java/org/apache/usergrid/rest/management/OrganizationsIT.java index 29841a0..2bbdaaf 100644 --- a/stack/rest/src/test/java/org/apache/usergrid/rest/management/OrganizationsIT.java +++ b/stack/rest/src/test/java/org/apache/usergrid/rest/management/OrganizationsIT.java @@ -92,6 +92,38 @@ public class OrganizationsIT extends AbstractRestIT { assertEquals( "Apigee", returnedUser.getProperties().get( "company" ) ); } + // Admin users are allowed to be created with an email address only, in which a password reset flow is invoked + @Test + public void createNewOrgUserNoPassword() throws Exception { + + //User property to see if owner properties exist when created. + Map<String, Object> userProperties = new HashMap<String, Object>(); + userProperties.put( "company", "Usergrid" ); + + //Create organization + Organization organization = createOrgPayload( "createNewOrgUserNoPassword", userProperties ); + + //Get back organization response + Organization organizationResponse = clientSetup.getRestClient().management().orgs().post( organization ); + + assertNotNull( organizationResponse ); + + + //Creates token + Token token = + clientSetup.getRestClient().management().token().post(false,Token.class, new Token( "password", + organization.getUsername(), organization.getPassword() ) ,null); + this.management().token().setToken(token); + + assertNotNull( token ); + + + Map<String, Object> newUser = new HashMap<String, Object>(){{put("email", "[email protected]");}}; + clientSetup.getRestClient().management().orgs().org( organization.getOrganization() ).users().post(newUser); + + // the test will fail if any exception is thrown + } + /** * Creates a organization with an owner, then attempts to create an organization with the same name ( making sure it http://git-wip-us.apache.org/repos/asf/usergrid/blob/3b1b0ca1/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java ---------------------------------------------------------------------- diff --git a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java index c0915e4..2ba9bde 100644 --- a/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java +++ b/stack/services/src/main/java/org/apache/usergrid/management/cassandra/ManagementServiceImpl.java @@ -949,7 +949,7 @@ public class ManagementServiceImpl implements ManagementService { @Override public UserInfo createAdminFrom( UUID organizationId, User user, String password ) throws Exception { - Collection<String> policyVioliations = passwordPolicy.policyCheck( password, false ); + Collection<String> policyVioliations = passwordPolicy.policyCheck( password, true ); if ( !policyVioliations.isEmpty() ) { throw new PasswordPolicyViolationException( passwordPolicy.getDescription( true ), policyVioliations ); } @@ -1011,11 +1011,10 @@ public class ManagementServiceImpl implements ManagementService { throws Exception { - logger.info( "createAdminUserInternal: {}", username ); + logger.debug( "createAdminUserInternal - username: {}, email: {}, name: {}", username, email, name ); - Collection<String> policyVioliations = passwordPolicy.policyCheck( password, true ); - if ( !policyVioliations.isEmpty() ) { - throw new PasswordPolicyViolationException( passwordPolicy.getDescription( true ), policyVioliations ); + if ( isBlank( password ) ) { + password = encodeBase64URLSafeString( bytes( UUID.randomUUID() ) ); } if ( username == null ) {
