@Test
public void mustChangePassword() {
// PRE: reset vivaldi's password
UserPatch userPatch = new UserPatch();
userPatch.setKey("b3cbc78d-32e6-4bd4-92e0-bbe07566a2ee");
userPatch.setPassword(new PasswordPatch.Builder().value("password321").build());
userService.update(userPatch);
// 0. access as vivaldi -> succeed
SyncopeClient vivaldiClient = clientFactory.create("vivaldi", "password321");
Pair<Map<String, Set<String>>, UserTO> self = vivaldiClient.self();
assertFalse(self.getRight().isMustChangePassword());
// 1. update user vivaldi (3) requirig password update
userPatch = new UserPatch();
userPatch.setKey("b3cbc78d-32e6-4bd4-92e0-bbe07566a2ee");
userPatch.setMustChangePassword(new BooleanReplacePatchItem.Builder().value(true).build());
UserTO vivaldi = updateUser(userPatch).getEntity();
assertTrue(vivaldi.isMustChangePassword());
// 2. attempt to access -> fail
try {
vivaldiClient.getService(ResourceService.class).list();
fail();
} catch (AccessControlException e) {
assertNotNull(e);
assertEquals("Please change your password first", e.getMessage());
}
// 3. change password
vivaldiClient.getService(UserSelfService.class).changePassword("password123");
// 4. verify it worked
self = clientFactory.create("vivaldi", "password123").self();
assertFalse(self.getRight().isMustChangePassword());
}
