You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@kylin.apache.org by xx...@apache.org on 2022/12/05 10:20:55 UTC
[kylin] 03/22: KYLIN-5312 Add verification to the parameters about update password
This is an automated email from the ASF dual-hosted git repository.
xxyu pushed a commit to branch kylin5
in repository https://gitbox.apache.org/repos/asf/kylin.git
commit 4989854945e1ba3dfe3b49e51a5c921c71227e31
Author: KmCherry0 <86...@users.noreply.github.com>
AuthorDate: Thu Oct 13 15:18:44 2022 +0800
KYLIN-5312 Add verification to the parameters about update password
---
.../org/apache/kylin/rest/controller/NUserController.java | 13 +++++--------
.../apache/kylin/rest/controller/NUserControllerTest.java | 6 +++---
2 files changed, 8 insertions(+), 11 deletions(-)
diff --git a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java
index baf08f0375..5321112578 100644
--- a/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java
+++ b/src/metadata-server/src/main/java/org/apache/kylin/rest/controller/NUserController.java
@@ -54,6 +54,7 @@ import org.apache.kylin.common.persistence.transaction.AclTCRRevokeEventNotifier
import org.apache.kylin.common.scheduler.EventBusFactory;
import org.apache.kylin.common.util.RandomUtil;
import org.apache.kylin.metadata.MetadataConstants;
+import org.apache.kylin.metadata.user.ManagedUser;
import org.apache.kylin.rest.config.initialize.AfterMetadataReadyEvent;
import org.apache.kylin.rest.constant.Constant;
import org.apache.kylin.rest.exception.UnauthorizedException;
@@ -101,7 +102,6 @@ import org.springframework.web.bind.annotation.ResponseBody;
import com.google.common.collect.Lists;
import com.google.common.collect.Sets;
-import org.apache.kylin.metadata.user.ManagedUser;
import io.swagger.annotations.ApiOperation;
import lombok.SneakyThrows;
import lombok.val;
@@ -423,21 +423,15 @@ public class NUserController extends NBasicController implements ApplicationList
throw new KylinException(PERMISSION_DENIED, msg.getPermissionDenied());
}
accessService.checkDefaultAdmin(username, true);
- val oldPassword = pwdBase64Decode(StringUtils.isEmpty(user.getPassword()) ? StringUtils.EMPTY : user.getPassword());
- val newPassword = pwdBase64Decode(user.getNewPassword());
checkUsername(username);
- checkPasswordLength(newPassword);
-
- checkPasswordCharacter(newPassword);
-
ManagedUser existingUser = getManagedUser(username);
if (existingUser == null) {
throw new KylinException(USER_NOT_EXIST, String.format(Locale.ROOT, msg.getUserNotFound(), username));
}
val actualOldPassword = existingUser.getPassword();
-
+ val oldPassword = pwdBase64Decode(StringUtils.isEmpty(user.getPassword()) ? StringUtils.EMPTY : user.getPassword());
// when reset oneself's password (includes ADMIN users), check old password
if (StringUtils.equals(getPrincipal(), username)) {
checkRequiredArg("password", user.getPassword());
@@ -447,6 +441,9 @@ public class NUserController extends NBasicController implements ApplicationList
}
checkRequiredArg("new_password", user.getNewPassword());
+ val newPassword = pwdBase64Decode(StringUtils.isEmpty(user.getNewPassword()) ? StringUtils.EMPTY : user.getNewPassword());
+ checkPasswordLength(newPassword);
+ checkPasswordCharacter(newPassword);
if (newPassword.equals(oldPassword)) {
throw new KylinException(FAILED_UPDATE_PASSWORD, msg.getNewPasswordSameAsOld());
diff --git a/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java b/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java
index 06fa4416f7..74a4f4b467 100644
--- a/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java
+++ b/src/metadata-server/src/test/java/org/apache/kylin/rest/controller/NUserControllerTest.java
@@ -42,6 +42,7 @@ import org.apache.kylin.common.msg.Message;
import org.apache.kylin.common.util.JsonUtil;
import org.apache.kylin.common.util.NLocalFileMetadataTestCase;
import org.apache.kylin.junit.rule.ClearKEPropertiesRule;
+import org.apache.kylin.metadata.user.ManagedUser;
import org.apache.kylin.rest.request.PasswordChangeRequest;
import org.apache.kylin.rest.request.UserRequest;
import org.apache.kylin.rest.response.EnvelopeResponse;
@@ -79,7 +80,6 @@ import org.springframework.web.accept.ContentNegotiationManager;
import com.google.common.collect.Lists;
import com.google.common.collect.Maps;
-import org.apache.kylin.metadata.user.ManagedUser;
import lombok.val;
public class NUserControllerTest extends NLocalFileMetadataTestCase {
@@ -408,7 +408,7 @@ public class NUserControllerTest extends NLocalFileMetadataTestCase {
@Test
public void testUpdatePassword_InvalidPasswordPattern() throws Exception {
- val user = new ManagedUser();
+ val user = new ManagedUser("ADMIN", pwdEncoder.encode("KYLIN"), false);
val request = new PasswordChangeRequest();
request.setUsername("ADMIN");
@@ -427,7 +427,7 @@ public class NUserControllerTest extends NLocalFileMetadataTestCase {
@Test
public void testUpdatePassword_InvalidPasswordLength() throws Exception {
- val user = new ManagedUser();
+ val user = new ManagedUser("ADMIN", pwdEncoder.encode("KYLIN"), false);
val request = new PasswordChangeRequest();
request.setUsername("ADMIN");