You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2018/03/09 14:46:26 UTC
[2/2] syncope git commit: Review fields usable for search and orderBy
Review fields usable for search and orderBy
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/44a5ca0f
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/44a5ca0f
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/44a5ca0f
Branch: refs/heads/1_2_X
Commit: 44a5ca0fbd357b8b5d81aa9313fb01cca30d8ad3
Parents: 726231f
Author: Francesco Chicchiriccò <il...@apache.org>
Authored: Thu Mar 8 17:25:37 2018 +0100
Committer: Francesco Chicchiriccò <il...@apache.org>
Committed: Fri Mar 9 14:49:52 2018 +0100
----------------------------------------------------------------------
.../syncope/common/search/SearchableFields.java | 2 +-
.../dao/impl/SubjectSearchDAOImpl.java | 20 ++++++++++++++++++--
.../syncope/core/rest/SearchTestITCase.java | 17 +++++++++++++++++
3 files changed, 36 insertions(+), 3 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/syncope/blob/44a5ca0f/common/src/main/java/org/apache/syncope/common/search/SearchableFields.java
----------------------------------------------------------------------
diff --git a/common/src/main/java/org/apache/syncope/common/search/SearchableFields.java b/common/src/main/java/org/apache/syncope/common/search/SearchableFields.java
index ce06934..b61dfc8 100644
--- a/common/src/main/java/org/apache/syncope/common/search/SearchableFields.java
+++ b/common/src/main/java/org/apache/syncope/common/search/SearchableFields.java
@@ -33,7 +33,7 @@ public class SearchableFields {
protected static final String[] ATTRIBUTES_NOTINCLUDED = {
"attrs", "derAttrs", "virAttrs",
"serialVersionUID", "memberships", "entitlements", "resources", "password",
- "propagationTOs", "propagationStatusMap"
+ "propagationTOs", "propagationStatusMap", "securityAnswer", "token", "tokenExpireTime"
};
public static final List<String> get(final SubjectType subjectType) {
http://git-wip-us.apache.org/repos/asf/syncope/blob/44a5ca0f/core/src/main/java/org/apache/syncope/core/persistence/dao/impl/SubjectSearchDAOImpl.java
----------------------------------------------------------------------
diff --git a/core/src/main/java/org/apache/syncope/core/persistence/dao/impl/SubjectSearchDAOImpl.java b/core/src/main/java/org/apache/syncope/core/persistence/dao/impl/SubjectSearchDAOImpl.java
index d901bdf..7b03b83 100644
--- a/core/src/main/java/org/apache/syncope/core/persistence/dao/impl/SubjectSearchDAOImpl.java
+++ b/core/src/main/java/org/apache/syncope/core/persistence/dao/impl/SubjectSearchDAOImpl.java
@@ -63,6 +63,10 @@ public class SubjectSearchDAOImpl extends AbstractDAOImpl implements SubjectSear
private static final String[] SUBJECT_FIELDS = new String[] { "parent", "userOwner", "roleOwner" };
+ private static final String[] ORDER_BY_NOT_ALLOWED = {
+ "serialVersionUID", "password", "securityQuestion", "securityAnswer", "token", "tokenExpireTime"
+ };
+
@Autowired
private UserDAO userDAO;
@@ -285,12 +289,24 @@ public class SubjectSearchDAOImpl extends AbstractDAOImpl implements SubjectSear
return orderBy;
}
- private OrderBySupport parseOrderBy(final SearchSupport svs, final List<OrderByClause> orderByClauses) {
+ protected List<OrderByClause> filterOrderBy(final List<OrderByClause> orderBy) {
+ List<OrderByClause> result = new ArrayList<OrderByClause>();
+
+ for (OrderByClause clause : orderBy) {
+ if (!ArrayUtils.contains(ORDER_BY_NOT_ALLOWED, clause.getField())) {
+ result.add(clause);
+ }
+ }
+
+ return result;
+ }
+
+ private OrderBySupport parseOrderBy(final SearchSupport svs, final List<OrderByClause> orderBy) {
final AttributableUtil attrUtil = AttributableUtil.getInstance(svs.type.asAttributableType());
OrderBySupport obs = new OrderBySupport();
- for (OrderByClause clause : orderByClauses) {
+ for (OrderByClause clause : filterOrderBy(orderBy)) {
OrderBySupport.Item item = new OrderBySupport.Item();
Field subjectField = ReflectionUtils.findField(attrUtil.attributableClass(), clause.getField());
http://git-wip-us.apache.org/repos/asf/syncope/blob/44a5ca0f/core/src/test/java/org/apache/syncope/core/rest/SearchTestITCase.java
----------------------------------------------------------------------
diff --git a/core/src/test/java/org/apache/syncope/core/rest/SearchTestITCase.java b/core/src/test/java/org/apache/syncope/core/rest/SearchTestITCase.java
index e1626b4..974edd8 100644
--- a/core/src/test/java/org/apache/syncope/core/rest/SearchTestITCase.java
+++ b/core/src/test/java/org/apache/syncope/core/rest/SearchTestITCase.java
@@ -27,6 +27,7 @@ import static org.junit.Assert.assertTrue;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
+import org.apache.commons.lang3.RandomStringUtils;
import org.apache.syncope.client.SyncopeClient;
import org.apache.syncope.common.reqres.PagedResult;
import org.apache.syncope.common.services.UserSelfService;
@@ -200,6 +201,22 @@ public class SearchTestITCase extends AbstractTest {
}
@Test
+ public void searchBySecurityAnswer() {
+ String securityAnswer = RandomStringUtils.randomAlphanumeric(10);
+ UserTO userTO = UserTestITCase.getUniqueSampleTO("securityAnswer@syncope.apache.org");
+ userTO.setSecurityQuestion(1L);
+ userTO.setSecurityAnswer(securityAnswer);
+
+ userTO = createUser(userTO);
+ assertNotNull(userTO.getSecurityQuestion());
+
+ PagedResult<UserTO> matchingUsers = userService.search(SyncopeClient.getUserSearchConditionBuilder().
+ is("securityAnswer").equalTo(securityAnswer).query());
+ assertNotNull(matchingUsers);
+ assertTrue(matchingUsers.getResult().isEmpty());
+ }
+
+ @Test
public void orderBy() {
PagedResult<UserTO> users = userService.search(
SyncopeClient.getUserSearchConditionBuilder().is("userId").equalTo("*@apache.org").query(),