Merge branch '601-hashed-password' into 'devel_12.1.x'

hashed passwords are not stored in local db when creating user from LDAP connection See merge request !526

Merge branch '601-hashed-password' into 'devel_12.1.x'
hashed passwords are not stored in local db when creating user from LDAP connection See merge request !526
0e87bbaa · Piotr Gawron · e1e932c0 · 747fd616 · 0e87bbaa · 0e87bbaa
Commit 0e87bbaa authored 6 years ago by Piotr Gawron
--- a/service/src/main/java/lcsb/mapviewer/services/impl/UserService.java
+++ b/service/src/main/java/lcsb/mapviewer/services/impl/UserService.java
@@ -537,7 +537,9 @@ public class UserService implements IUserService {
        if (user == null) {
          user = new User();
          user.setLogin(login);
-          user.setCryptedPassword(passwordEncoder.encode(password));
+          // this password will disable local logins (it should be a hash for valid
+          // logins)
+          user.setCryptedPassword("");
          user.setName(ldapUserData.getFirstName());
          user.setSurname(ldapUserData.getLastName());
          user.setEmail(ldapUserData.getEmail());

--- a/service/src/test/java/lcsb/mapviewer/services/impl/UserServiceTest.java
+++ b/service/src/test/java/lcsb/mapviewer/services/impl/UserServiceTest.java
@@ -72,8 +72,13 @@ public class UserServiceTest extends ServiceTestFunctions {
      assertNotNull("User from LDAP wasn't authenticated", userService.login(login, passwd));

      User user = userService.getUserByLogin(login);
+      assertTrue("LDAP user password should be empty",
+          user.getCryptedPassword() == null || user.getCryptedPassword().isEmpty());
      assertNotNull("After authentication from LDAP user is not present in the system", user);
      assertTrue(user.isConnectedToLdap());
+
+      assertNotNull("User from LDAP couldn't be authenticate for the second time", userService.login(login, passwd));
+
    } catch (Exception e) {
      e.printStackTrace();
      throw e;