Skip to content
This repository was archived by the owner on Apr 5, 2024. It is now read-only.

Commit f2b31c7

Browse files
open-schnickopen-schnick
authored
FF-255 RestApi now uses a runtime user. (#66)
* FF-255 Added user to runtime user. * FF-255 Added System group. * FF-255 Added remaining logic. * FF-255 Added remaining logic. * FF-255 updated tests. * Unified Logging.
1 parent fb61a92 commit f2b31c7

File tree

4 files changed

+68
-27
lines changed

4 files changed

+68
-27
lines changed

src/main/java/de/filefighter/rest/configuration/PrepareDataBase.java

Lines changed: 41 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,6 @@
22

33
import de.filefighter.rest.domain.filesystem.data.persistence.FileSystemEntity;
44
import de.filefighter.rest.domain.filesystem.data.persistence.FileSystemRepository;
5-
import de.filefighter.rest.domain.filesystem.type.FileSystemType;
65
import de.filefighter.rest.domain.token.business.AccessTokenBusinessService;
76
import de.filefighter.rest.domain.token.data.persistence.AccessTokenEntity;
87
import de.filefighter.rest.domain.token.data.persistence.AccessTokenRepository;
@@ -17,6 +16,10 @@
1716

1817
import java.time.Instant;
1918

19+
import static de.filefighter.rest.domain.filesystem.type.FileSystemType.FOLDER;
20+
import static de.filefighter.rest.domain.filesystem.type.FileSystemType.TEXT;
21+
import static de.filefighter.rest.domain.user.group.Groups.*;
22+
2023
@Log4j2
2124
@Configuration
2225
public class PrepareDataBase {
@@ -70,18 +73,31 @@ CommandLineRunner cleanDataBase(UserRepository userRepository, FileSystemReposit
7073
};
7174
}
7275

76+
@Bean
77+
CommandLineRunner createRuntimeUser(UserRepository userRepository) {
78+
return args -> log.info("Preloading system runtime user. {}", userRepository.save(UserEntity
79+
.builder()
80+
.userId(0L)
81+
.username("FileFighter")
82+
.lowercaseUsername("filefighter")
83+
.password(null)
84+
.refreshToken(null)
85+
.groupIds(new long[]{SYSTEM.getGroupId()})
86+
.build()));
87+
}
88+
7389
@Bean
7490
@Profile("prod")
7591
CommandLineRunner initDataBaseProd(UserRepository userRepository, FileSystemRepository fileSystemRepository) {
7692
return args -> {
7793
log.info("Preloading default admin user: {}.", userRepository.save(UserEntity
7894
.builder()
79-
.userId(0L)
95+
.userId(1L)
8096
.username("Admin")
8197
.lowercaseUsername("admin")
8298
.password("admin")
8399
.refreshToken("refreshToken1234")
84-
.groupIds(new long[]{0, 1})
100+
.groupIds(new long[]{FAMILY.getGroupId(), ADMIN.getGroupId()})
85101
.build()));
86102

87103
log.info("Preloading default fsStructure: {} {}.", fileSystemRepository.save(FileSystemEntity
@@ -92,22 +108,22 @@ CommandLineRunner initDataBaseProd(UserRepository userRepository, FileSystemRepo
92108
.path("/")
93109
.itemIds(new long[0])
94110
.lastUpdated(Instant.now().getEpochSecond())
95-
.name("root")
111+
.name("HOME_Admin")
96112
.size(0)
97-
.typeId(FileSystemType.FOLDER.getId())
98-
.visibleForGroupIds(new long[]{-1, 0, 1})
113+
.typeId(FOLDER.getId())
114+
.visibleForGroupIds(new long[]{UNDEFINED.getGroupId(), FAMILY.getGroupId(), ADMIN.getGroupId()})
99115
.itemIds(new long[]{1})
100116
.build()),
101117
fileSystemRepository.save(FileSystemEntity.builder()
102-
.createdByUserId(0)
118+
.createdByUserId(1)
103119
.fileSystemId(1)
104120
.isFile(true)
105121
.lastUpdated(Instant.now().getEpochSecond())
106122
.name("dummyFile.txt")
107123
.size(420)
108-
.typeId(FileSystemType.TEXT.getId())
109-
.editableFoGroupIds(new long[]{0})
110-
.visibleForGroupIds(new long[]{0})
124+
.typeId(TEXT.getId())
125+
.editableFoGroupIds(new long[]{FAMILY.getGroupId()})
126+
.visibleForGroupIds(new long[]{FAMILY.getGroupId()})
111127
.build()));
112128

113129
log.info("Inserting Users {}", (userRepository.findAll().size() == 1 ? MESSAGE_ON_SUCCESS : MESSAGE_ON_FAILURE));
@@ -122,33 +138,33 @@ CommandLineRunner initDataBaseDev(UserRepository userRepository, AccessTokenRepo
122138
log.info("Preloading default users: {} {}.",
123139
userRepository.save(UserEntity
124140
.builder()
125-
.userId(0)
141+
.userId(1)
126142
.username("user")
127143
.lowercaseUsername("user")
128144
.password("1234")
129145
.refreshToken("rft1234")
130-
.groupIds(new long[]{1})
146+
.groupIds(new long[]{ADMIN.getGroupId()})
131147
.build()),
132148
userRepository.save(UserEntity
133149
.builder()
134-
.userId(1)
150+
.userId(2)
135151
.username("user1")
136152
.lowercaseUsername("user1")
137153
.password("12345")
138154
.refreshToken("rft")
139-
.groupIds(new long[]{0})
155+
.groupIds(new long[]{FAMILY.getGroupId()})
140156
.build()));
141157

142158
log.info("Preloading default tokens: {} {}",
143159
accessTokenRepository.save(AccessTokenEntity
144160
.builder()
145-
.userId(0)
161+
.userId(1)
146162
.value("token")
147163
.validUntil(Instant.now().getEpochSecond() + AccessTokenBusinessService.ACCESS_TOKEN_DURATION_IN_SECONDS)
148164
.build()),
149165
accessTokenRepository.save(AccessTokenEntity
150166
.builder()
151-
.userId(1)
167+
.userId(2)
152168
.value("token1234")
153169
.validUntil(Instant.now().getEpochSecond() + AccessTokenBusinessService.ACCESS_TOKEN_DURATION_IN_SECONDS)
154170
.build()));
@@ -163,30 +179,30 @@ CommandLineRunner initDataBaseDev(UserRepository userRepository, AccessTokenRepo
163179
.lastUpdated(Instant.now().getEpochSecond())
164180
.name("HOME_User")
165181
.size(420)
166-
.typeId(FileSystemType.FOLDER.getId())
167-
.visibleForGroupIds(new long[]{0, 1})
182+
.typeId(FOLDER.getId())
183+
.visibleForGroupIds(new long[]{FAMILY.getGroupId(), ADMIN.getGroupId()})
168184
.build()),
169185
fileSystemRepository.save(FileSystemEntity.builder()
170-
.createdByUserId(1)
186+
.createdByUserId(0)
171187
.fileSystemId(1)
172188
.isFile(false)
173189
.path("/")
174190
.lastUpdated(Instant.now().getEpochSecond())
175191
.name("HOME_User1")
176192
.size(420)
177-
.typeId(FileSystemType.FOLDER.getId())
178-
.visibleForGroupIds(new long[]{-1, 0, 1})
193+
.typeId(FOLDER.getId())
194+
.visibleForGroupIds(new long[]{UNDEFINED.getGroupId(), FAMILY.getGroupId(), ADMIN.getGroupId()})
179195
.build()),
180196
fileSystemRepository.save(FileSystemEntity.builder()
181-
.createdByUserId(0)
197+
.createdByUserId(1)
182198
.fileSystemId(2)
183199
.isFile(true)
184200
.lastUpdated(Instant.now().getEpochSecond())
185201
.name("dummyFile.txt")
186202
.size(420)
187-
.typeId(FileSystemType.TEXT.getId())
188-
.editableFoGroupIds(new long[]{0})
189-
.visibleForGroupIds(new long[]{0})
203+
.typeId(TEXT.getId())
204+
.editableFoGroupIds(new long[]{FAMILY.getGroupId()})
205+
.visibleForGroupIds(new long[]{FAMILY.getGroupId()})
190206
.build()));
191207

192208
log.info("Inserting FileSystemItems {}", (fileSystemRepository.findAll().size() == 3 ? MESSAGE_ON_SUCCESS : MESSAGE_ON_FAILURE));

src/main/java/de/filefighter/rest/domain/user/business/UserBusinessService.java

Lines changed: 8 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -114,6 +114,9 @@ public UserEntity registerNewUser(UserRegisterForm newUser) {
114114

115115
for (long id : userGroups) {
116116
try {
117+
if (id == Groups.SYSTEM.getGroupId())
118+
throw new UserNotRegisteredException("New users cannot be in group '" + Groups.SYSTEM.getDisplayName() + "'.");
119+
117120
groupRepository.getGroupById(id);
118121
} catch (IllegalArgumentException exception) {
119122
throw new UserNotRegisteredException("One or more groups do not exist.");
@@ -162,10 +165,12 @@ public void updateUser(long userId, UserRegisterForm userToUpdate, User authenti
162165
if (null == userEntityToUpdate)
163166
throw new UserNotUpdatedException("User does not exist, use register endpoint.");
164167

168+
if (Arrays.stream(userEntityToUpdate.getGroupIds()).asDoubleStream().anyMatch(id -> id == Groups.SYSTEM.getGroupId()))
169+
throw new UserNotUpdatedException("Runtime users cannot be modified.");
170+
165171
Update newUpdate = new Update();
166172

167173
boolean changesWereMade = updateUserName(newUpdate, userToUpdate.getUsername());
168-
169174
boolean usernameIsValid = stringIsValid(userToUpdate.getUsername());
170175
String lowerCaseUsername = usernameIsValid ? userToUpdate.getUsername().toLowerCase() : userEntityToUpdate.getLowercaseUsername();
171176
boolean passwordWasUpdated = updatePassword(newUpdate, userToUpdate.getPassword(), userToUpdate.getConfirmationPassword(), lowerCaseUsername);
@@ -186,6 +191,8 @@ private boolean updateGroups(Update newUpdate, long[] groupIds, boolean authenti
186191
if (null != groupIds && groupIds.length != 0) {
187192
try {
188193
for (Groups group : groupRepository.getGroupsByIds(groupIds)) {
194+
if (group == Groups.SYSTEM)
195+
throw new UserNotUpdatedException("Users cannot be added to the '" + Groups.SYSTEM.getDisplayName() + "' Group");
189196
if (group == Groups.ADMIN && !authenticatedUserIsAdmin)
190197
throw new UserNotUpdatedException("Only admins can add users to group " + Groups.ADMIN.getDisplayName() + ".");
191198
}

src/main/java/de/filefighter/rest/domain/user/group/Groups.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,8 @@
33
public enum Groups {
44
UNDEFINED(-1, "No group"),
55
FAMILY(0, "Family"),
6-
ADMIN(1, "Admin");
6+
ADMIN(1, "Admin"),
7+
SYSTEM(999, "FileFighter System Users");
78

89
private final long groupId;
910
private final String displayName;

src/test/java/de/filefighter/rest/domain/user/business/UserBusinessServiceUnitTest.java

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -250,6 +250,11 @@ void registerNewUserThrows() {
250250
ex = assertThrows(UserNotRegisteredException.class, () ->
251251
userBusinessService.registerNewUser(userRegisterForm));
252252
assertEquals("User could not be registered. One or more groups do not exist.", ex.getMessage());
253+
254+
userRegisterForm.setGroupIds(new long[]{Groups.SYSTEM.getGroupId()});
255+
ex = assertThrows(UserNotRegisteredException.class, () ->
256+
userBusinessService.registerNewUser(userRegisterForm));
257+
assertEquals("User could not be registered. New users cannot be in group '" + Groups.SYSTEM.getDisplayName() + "'.", ex.getMessage());
253258
}
254259

255260
@Test
@@ -299,6 +304,11 @@ void updateUserThrows() {
299304
userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
300305
assertEquals("User could not get updated. User does not exist, use register endpoint.", ex.getMessage());
301306

307+
when(userRepositoryMock.findByUserId(userId)).thenReturn(UserEntity.builder().groupIds(new long[]{Groups.SYSTEM.getGroupId()}).build());
308+
ex = assertThrows(UserNotUpdatedException.class, () ->
309+
userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
310+
assertEquals("User could not get updated. Runtime users cannot be modified.", ex.getMessage());
311+
302312
when(userRepositoryMock.findByUserId(userId)).thenReturn(userEntityMock);
303313
ex = assertThrows(UserNotUpdatedException.class, () ->
304314
userBusinessService.updateUser(userId, userRegisterForm1, authenticatedUser));
@@ -414,6 +424,13 @@ void updateGroupsThrows() {
414424
ex = assertThrows(UserNotUpdatedException.class, () ->
415425
userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
416426
assertEquals("User could not get updated. One or more groups do not exist.", ex.getMessage());
427+
428+
long[] systemUser = new long[]{Groups.SYSTEM.getGroupId()};
429+
userRegisterForm.setGroupIds(systemUser);
430+
when(groupRepositoryMock.getGroupsByIds(systemUser)).thenReturn(new Groups[]{Groups.SYSTEM});
431+
ex = assertThrows(UserNotUpdatedException.class, () ->
432+
userBusinessService.updateUser(userId, userRegisterForm, authenticatedUser));
433+
assertEquals("User could not get updated. Users cannot be added to the '" + Groups.SYSTEM.getDisplayName() + "' Group", ex.getMessage());
417434
}
418435

419436
@Test

0 commit comments

Comments
 (0)