svn commit: r1880832 - in /jackrabbit/oak/trunk/oak-core/src: main/java/org/apache/jackrabbit/oak/security/user/PasswordHistory.java test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java

Thu, 13 Aug 2020 09:05:20 -0700 

Author: angela
Date: Thu Aug 13 16:05:02 2020
New Revision: 1880832

URL: http://svn.apache.org/viewvc?rev=1880832&view=rev
Log:
OAK-9178 : PasswordHistory.updatePasswordHistory may return false status

Modified:
    
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/PasswordHistory.java
    
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java

Modified: 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/PasswordHistory.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/PasswordHistory.java?rev=1880832&r1=1880831&r2=1880832&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/PasswordHistory.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/main/java/org/apache/jackrabbit/oak/security/user/PasswordHistory.java
 Thu Aug 13 16:05:02 2020
@@ -65,8 +65,7 @@ final class PasswordHistory implements U
         boolean updated = false;
         if (isEnabled) {
             checkPasswordInHistory(userTree, password);
-            shiftPasswordHistory(userTree);
-            updated = true;
+            updated = shiftPasswordHistory(userTree);
         }
         return updated;
     }
@@ -76,10 +75,11 @@ final class PasswordHistory implements U
      * and trim the list of hashes in the list according to the configured 
maxSize.
      *
      * @param userTree The user tree.
+     * @return true if the history was successfully adjusted, false otherwise
      * @throws AccessDeniedException If the editing session cannot access or
      * create the rep:pwd node.
      */
-    private void shiftPasswordHistory(@NotNull Tree userTree) throws 
AccessDeniedException {
+    private boolean shiftPasswordHistory(@NotNull Tree userTree) throws 
AccessDeniedException {
         String currentPasswordHash = TreeUtil.getString(userTree, 
UserConstants.REP_PASSWORD);
         if (currentPasswordHash != null) {
             Tree passwordTree = getPasswordTree(userTree, true);
@@ -97,6 +97,9 @@ final class PasswordHistory implements U
             }
 
             passwordTree.setProperty(UserConstants.REP_PWD_HISTORY, 
historyEntries, Type.STRINGS);
+            return true;
+        } else {
+            return false;
         }
     }
 

Modified: 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java
URL: 
http://svn.apache.org/viewvc/jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java?rev=1880832&r1=1880831&r2=1880832&view=diff
==============================================================================
--- 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java
 (original)
+++ 
jackrabbit/oak/trunk/oak-core/src/test/java/org/apache/jackrabbit/oak/security/user/PasswordHistoryTest.java
 Thu Aug 13 16:05:02 2020
@@ -307,4 +307,11 @@ public class PasswordHistoryTest extends
         assertTrue(pwdNode.getProperty(REP_PWD_HISTORY).isArray());
         assertTrue(pwdNode.getProperty(REP_PWD_HISTORY).getType().isArray());
     }
+
+    @Test
+    public void testUpdateMissingPwHash() throws Exception {
+        User u = getUserManager(root).createUser("uid", null);
+        PasswordHistory ph = new 
PasswordHistory(ConfigurationParameters.of(UserConstants.PARAM_PASSWORD_HISTORY_SIZE,
 UserConstants.PASSWORD_HISTORY_DISABLED_SIZE+1));
+        assertFalse(ph.updatePasswordHistory(root.getTree(u.getPath()), "pw"));
+    }
 }

Reply via email to