From b2136c9b41e3f854dba613fa97f506fb5fcb05f9 Mon Sep 17 00:00:00 2001 From: JuliaGalabut Date: Tue, 9 Jan 2024 13:54:36 +0200 Subject: [PATCH 1/2] PLT-1046 updated validation --- .../java/oap/ws/account/OrganizationWS.java | 39 ++++++++++--------- .../account/testing/OrganizationWSTest.java | 8 +--- pom.xml | 2 +- 3 files changed, 23 insertions(+), 26 deletions(-) diff --git a/oap-ws-account/src/main/java/oap/ws/account/OrganizationWS.java b/oap-ws-account/src/main/java/oap/ws/account/OrganizationWS.java index e0def7ed..55018124 100644 --- a/oap-ws-account/src/main/java/oap/ws/account/OrganizationWS.java +++ b/oap-ws-account/src/main/java/oap/ws/account/OrganizationWS.java @@ -32,7 +32,8 @@ import java.util.Objects; import java.util.Optional; -import static io.undertow.util.StatusCodes.NO_CONTENT; +import static io.undertow.util.StatusCodes.BAD_REQUEST; +import static io.undertow.util.StatusCodes.NOT_FOUND; import static oap.http.Http.StatusCode.FORBIDDEN; import static oap.http.server.nio.HttpServerExchange.HttpMethod.GET; import static oap.http.server.nio.HttpServerExchange.HttpMethod.POST; @@ -315,12 +316,7 @@ public Response validateTfaCode( @WsParam( from = PATH ) String email, public Optional changeDefaultOrganization( @WsParam( from = PATH ) String email, @WsParam( from = PATH ) String organizationId, @WsParam( from = SESSION ) UserData loggedUser ) { - Optional user = accounts.getUser( email ); - - if( user.isPresent() && email.equals( loggedUser.user.email ) ) { - return accounts.updateUser( email, u -> u.defaultOrganization = organizationId ).map( u -> u.view ); - } - return Optional.empty(); + return accounts.updateUser( email, u -> u.defaultOrganization = organizationId ).map( u -> u.view ); } @WsMethod( method = GET, path = "/{organizationId}/users/{email}/default-account/{accountId}", description = "Set default account in organization to user" ) @@ -330,12 +326,7 @@ public Optional changeDefaultAccount( @WsParam( from = PATH ) Str @WsParam( from = PATH ) String email, @WsParam( from = PATH ) String accountId, @WsParam( from = SESSION ) UserData loggedUser ) { - Optional user = accounts.getUser( email ); - - if( user.isPresent() && email.equals( loggedUser.user.email ) ) { - return accounts.updateUser( email, u -> u.defaultAccounts.put( organizationId, accountId ) ).map( u -> u.view ); - } - return Optional.empty(); + return accounts.updateUser( email, u -> u.defaultAccounts.put( organizationId, accountId ) ).map( u -> u.view ); } @WsMethod( method = GET, path = "/{organizationId}/add", description = "Add user to existing organization" ) @@ -444,15 +435,25 @@ protected ValidationErrors validateAdminOrganizationAccess( String email, UserDa return empty(); } - protected ValidationErrors validateDefaultOrganization( UserData loggedUser, String organizationId ) { - if( loggedUser.user.defaultOrganization.equals( organizationId ) ) - return error( NO_CONTENT, "Organization (%s) is already marked as default", organizationId ); + protected ValidationErrors validateDefaultOrganization( String email, String organizationId ) { + Optional user = accounts.getUser( email ); + if( user.isEmpty() ) { + return error( NOT_FOUND, String.format( "User (%s) doesn't exist", email ) ); + } + if( organizationId.equals( user.get().user.defaultOrganization ) ) { + return error( BAD_REQUEST, String.format( "Organization (%s) is already marked as default", organizationId ) ); + } return empty(); } - protected ValidationErrors validateDefaultAccount( UserData loggedUser, String organizationId, String accountId ) { - if( accountId.equals( loggedUser.user.defaultAccounts.get( organizationId ) ) ) - return error( NO_CONTENT, "Account (%s) is already marked as default in organization (%s)", accountId, organizationId ); + protected ValidationErrors validateDefaultAccount( String email, String organizationId, String accountId ) { + Optional user = accounts.getUser( email ); + if( user.isEmpty() ) { + return error( NOT_FOUND, String.format( "User (%s) doesn't exist", email ) ); + } + if( accountId.equals( user.get().user.defaultAccounts.get( organizationId ) ) ) { + return error( BAD_REQUEST, String.format( "Account (%s) is already marked as default in organization (%s)", accountId, organizationId ) ); + } return empty(); } diff --git a/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java b/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java index 30e51c36..006a5633 100644 --- a/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java +++ b/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java @@ -539,14 +539,10 @@ public void changeDefaultAccountUser() { @Test public void setTheSameDefaultAccountToUser() { OrganizationData org1 = accountFixture.accounts().storeOrganization( new Organization( "First", "test" ) ); - OrganizationData org2 = accountFixture.accounts().storeOrganization( new Organization( "Second", "test" ) ); final String orgId = org1.organization.id; accountFixture.accounts().storeAccount( orgId, new Account( "acc1", "acc1" ) ); accountFixture.accounts().storeAccount( orgId, new Account( "acc2", "acc2" ) ); - accountFixture.accounts().storeAccount( org2.organization.id, new Account( "acc3", "acc3" ) ); - accountFixture.accounts().storeAccount( org2.organization.id, new Account( "acc4", "acc4" ) ); - final String mail = "user@usr.com"; UserData user = new UserData( new User( mail, "John", "Smith", "pass123", true ), Map.of( orgId, USER ) ); user.addAccount( orgId, "acc1" ); @@ -576,7 +572,7 @@ public void setAccountToNonExistingUser() { } @Test - public void setNonExistentDefaultAccountToUser() { + public void setNonExistingDefaultAccountToUser() { OrganizationData org1 = accountFixture.accounts().storeOrganization( new Organization( "First", "test" ) ); final String orgId = org1.organization.id; accountFixture.accounts().storeAccount( orgId, new Account( "acc1", "acc1" ) ); @@ -640,7 +636,7 @@ public void addOrganizationToUserByAdminInSeveralOrganizations() { } @Test - public void addOrganizationToUserByUserWithDIfferentRolesInOrganizations() { + public void addOrganizationToUserByUserWithDifferentRolesInOrganizations() { OrganizationData org1 = accountFixture.accounts().storeOrganization( new Organization( "First", "test" ) ); OrganizationData org2 = accountFixture.accounts().storeOrganization( new Organization( "Second", "test" ) ); diff --git a/pom.xml b/pom.xml index 196652d1..ed517eb3 100644 --- a/pom.xml +++ b/pom.xml @@ -71,7 +71,7 @@ - 21.1.7 + 21.1.8 21.1.8 From 475f7c28c776a4a7c10380197fe9c64d3ff30f27 Mon Sep 17 00:00:00 2001 From: JuliaGalabut Date: Tue, 9 Jan 2024 13:59:24 +0200 Subject: [PATCH 2/2] fixed test --- .../test/java/oap/ws/account/testing/OrganizationWSTest.java | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java b/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java index 006a5633..df975410 100644 --- a/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java +++ b/oap-ws-testing/src/test/java/oap/ws/account/testing/OrganizationWSTest.java @@ -24,9 +24,9 @@ import java.util.HashMap; import java.util.Map; +import static oap.http.Http.StatusCode.BAD_REQUEST; import static oap.http.Http.StatusCode.FORBIDDEN; import static oap.http.Http.StatusCode.NOT_FOUND; -import static oap.http.Http.StatusCode.NO_CONTENT; import static oap.http.Http.StatusCode.OK; import static oap.http.testng.HttpAsserts.assertGet; import static oap.http.testng.HttpAsserts.assertPost; @@ -552,7 +552,7 @@ public void setTheSameDefaultAccountToUser() { assertEquals( "acc1", accountFixture.userStorage().getUser( mail ).get().getDefaultAccount( orgId ).get() ); accountFixture.assertLogin( "user@usr.com", "pass123" ); assertGet( accountFixture.httpUrl( "/organizations/" + orgId + "/users/" + mail + "/default-account/acc2" ) ).hasCode( OK ); - assertGet( accountFixture.httpUrl( "/organizations/" + orgId + "/users/" + mail + "/default-account/acc2" ) ).hasCode( NO_CONTENT ); + assertGet( accountFixture.httpUrl( "/organizations/" + orgId + "/users/" + mail + "/default-account/acc2" ) ).hasCode( BAD_REQUEST ); assertEquals( "acc2", accountFixture.userStorage().getUser( mail ).get().getDefaultAccount( orgId ).get() ); }