@Test
public void shouldCreateActiveUserByDefault() {
motechUserService.register(
"userName", "password", "1234", "", asList("IT_ADMIN", "DB_ADMIN"), Locale.ENGLISH);
MotechUser motechUser = usersDataService.findByUserName("userName");
assertEquals(UserStatus.ACTIVE, motechUser.getUserStatus());
}
private void prepareUser() {
user = new MotechUser();
user.setLastPasswordChange(
DateUtil.now().minusDays(DAYS_TO_CHANGE_PASSWORD - DAYS_FOR_REMINDER));
user.setUserName("FooUsername");
user.setEmail("*****@*****.**");
}
@Test
public void shouldNotChangePasswordWithoutOldPassword() {
motechUserService.register(
"userName", "password", "1234", "", asList("IT_ADMIN", "DB_ADMIN"), Locale.ENGLISH);
motechUserService.changePassword("userName", "foo", "newPassword");
MotechUser motechUser = usersDataService.findByUserName("userName");
assertTrue(passwordEncoder.isPasswordValid(motechUser.getPassword(), "password"));
}
@Test
public void testPasswordEncoding() {
String plainTextPassword = "******";
motechUserService.register(
"testuser", plainTextPassword, "entity1", "", asList("ADMIN"), Locale.ENGLISH);
MotechUser motechUser = usersDataService.findByUserName("testuser");
assertTrue(passwordEncoder.isPasswordValid(motechUser.getPassword(), plainTextPassword));
}
@Test
public void findByUserName() {
MotechUser motechUser =
new MotechUserCouchdbImpl("testuser", "testpassword", "", "id", asList("ADMIN"), "");
allMotechUsers.add(motechUser);
MotechUser testUser = allMotechUsers.findByUserName("testuser");
assertEquals("testuser", testUser.getUserName());
}
@Test
public void testRegister() {
motechUserService.register(
"userName", "password", "1234", "", asList("IT_ADMIN", "DB_ADMIN"), Locale.ENGLISH);
MotechUser motechUser = usersDataService.findByUserName("userName");
assertNotNull(motechUser);
assertTrue(motechUser.getRoles().contains("IT_ADMIN"));
assertTrue(motechUser.getRoles().contains("DB_ADMIN"));
}
@Test
public void shouldCreateBlockedUser() {
motechUserService.register(
"userName",
"password",
"1234",
"",
asList("IT_ADMIN", "DB_ADMIN"),
Locale.ENGLISH,
UserStatus.BLOCKED,
null);
MotechUser motechUser = usersDataService.findByUserName("userName");
assertEquals(UserStatus.BLOCKED, motechUser.getUserStatus());
}
@Test
public void shouldNotActivateInvalidUser() {
motechUserService.register(
"userName",
"password",
"1234",
"",
asList("IT_ADMIN", "DB_ADMIN"),
Locale.ENGLISH,
UserStatus.BLOCKED,
null);
motechUserService.activateUser("userName1");
MotechUser motechUser = usersDataService.findByUserName("userName");
assertFalse(motechUser.isActive());
}
@Override
public void updateRole(RoleDto role) {
MotechRole motechRole = allMotechRoles.findByRoleName(role.getOriginalRoleName());
motechRole.setRoleName(role.getRoleName());
motechRole.setPermissionNames(role.getPermissionNames());
List<MotechUser> users =
(List<MotechUser>) allMotechUsers.findByRole(role.getOriginalRoleName());
for (MotechUser user : users) {
List<String> roleList = user.getRoles();
roleList.remove(role.getOriginalRoleName());
roleList.add(role.getRoleName());
allMotechUsers.update(user);
}
allMotechRoles.update(motechRole);
}
@Test
public void shouldNotCreateNewAccountIfUserAlreadyExists() {
String userName = "******";
allMotechUsers.add(
new MotechUserCouchdbImpl(userName, "testpassword", "", "id", asList("ADMIN"), ""));
allMotechUsers.add(
new MotechUserCouchdbImpl(userName, "testpassword1", "", "id2", asList("ADMIN"), ""));
MotechUser motechUser = allMotechUsers.findByUserName("userName");
final List<MotechUserCouchdbImpl> allWebUsers =
((AllMotechUsersCouchdbImpl) allMotechUsers).getAll();
final int numberOfUsersWithSameUserName =
Lambda.select(allWebUsers, HasPropertyWithValue.hasProperty("userName", equalTo(userName)))
.size();
assertEquals(1, numberOfUsersWithSameUserName);
assertEquals("testpassword", motechUser.getPassword());
assertEquals("id", motechUser.getExternalId());
}
@Override
@Transactional
public void onAuthenticationFailure(
HttpServletRequest request, HttpServletResponse response, AuthenticationException exception)
throws IOException, ServletException {
// Wrong password or username
if (exception instanceof BadCredentialsException) {
MotechUser motechUser =
motechUsersDao.findByUserName(exception.getAuthentication().getName());
int failureLoginLimit = settingService.getFailureLoginLimit();
if (motechUser != null && failureLoginLimit > 0) {
int failureLoginCounter = motechUser.getFailureLoginCounter();
failureLoginCounter++;
if (failureLoginCounter > failureLoginLimit && motechUser.isActive()) {
motechUser.setUserStatus(UserStatus.BLOCKED);
failureLoginCounter = 0;
LOGGER.debug("User {} has been blocked", motechUser.getUserName());
}
motechUser.setFailureLoginCounter(failureLoginCounter);
motechUsersDao.update(motechUser);
}
if (motechUser != null && !motechUser.isActive()) {
LOGGER.debug("Redirecting to " + userBlockedUrl);
redirectStrategy.sendRedirect(request, response, userBlockedUrl);
return;
}
}
super.onAuthenticationFailure(request, response, exception);
}
private void prepareEvent() {
Map<String, Object> params = new HashMap<>();
params.put(EMAIL_PARAM_FROM_ADDRESS, SENDER_ADDRESS);
params.put(EMAIL_PARAM_TO_ADDRESS, user.getEmail());
params.put(EMAIL_PARAM_MESSAGE, EMAIL_MESSAGE);
params.put(
EMAIL_PARAM_SUBJECT,
messageSource.getMessage(PASSWORD_CHANGE_REMINDER_MESSAGE_SUBJECT, null, Locale.ENGLISH));
event = new MotechEvent("SendEMail", params);
}
private void prepareEvent() {
Map<String, Object> params = new HashMap<>();
params.put(TEMPLATE_PARAM_USERNAME, user.getUserName());
params.put(EMAIL_PARAM_TO_ADDRESS, user.getEmail());
params.put(
TEMPLATE_PARAM_EXPIRATION_DATE,
user.getSafeLastPasswordChange().plusDays(DAYS_TO_CHANGE_PASSWORD));
params.put(TEMPLATE_PARAM_LOCALE, user.getLocale());
params.put(TEMPLATE_PARAM_LAST_PASSWORD_CHANGE, user.getSafeLastPasswordChange());
params.put(TEMPLATE_PARAM_EXTERNAL_ID, user.getExternalId());
params.put(TEMPLATE_PARAM_DAYS_TILL_EXPIRE, DAYS_FOR_REMINDER);
event = new MotechEvent(PASSWORD_CHANGE_REMINDER_EVENT, params);
}
private void prepareParams() {
params = new HashMap<>();
params.put(TEMPLATE_PARAM_USERNAME, user.getUserName());
params.put(EMAIL_PARAM_TO_ADDRESS, user.getEmail());
params.put(
TEMPLATE_PARAM_EXPIRATION_DATE,
user.getSafeLastPasswordChange().plusDays(DAYS_TO_CHANGE_PASSWORD));
params.put(TEMPLATE_PARAM_LOCALE, user.getLocale());
params.put(TEMPLATE_PARAM_LAST_PASSWORD_CHANGE, user.getSafeLastPasswordChange());
params.put(TEMPLATE_PARAM_EXTERNAL_ID, user.getExternalId());
params.put(TEMPLATE_PARAM_DAYS_TILL_EXPIRE, DAYS_FOR_REMINDER);
params.put(TEMPLATE_PARAM_SERVER_URL, SERVER_URL);
params.put(TEMPLATE_PARAM_MESSAGES, messageSource);
}
