You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@archiva.apache.org by ma...@apache.org on 2022/04/16 14:00:06 UTC
[archiva] branch archiva-2.x updated: Adding manual test for user update
This is an automated email from the ASF dual-hosted git repository.
martin_s pushed a commit to branch archiva-2.x
in repository https://gitbox.apache.org/repos/asf/archiva.git
The following commit(s) were added to refs/heads/archiva-2.x by this push:
new 3d025a60b Adding manual test for user update
3d025a60b is described below
commit 3d025a60b88a5ba6d75a083198fdda11d8bde833
Author: Martin Schreier <ma...@apache.org>
AuthorDate: Sat Apr 16 16:00:01 2022 +0200
Adding manual test for user update
---
pom.xml | 3 +-
src/test/sh/test_user_update.sh | 91 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 93 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index 2dc6fc63f..b675a8e1b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -61,7 +61,7 @@
<maven-model-converter.version>2.1</maven-model-converter.version>
<maven.indexer.version>5.1.1</maven.indexer.version>
<wagon.version>2.9</wagon.version>
- <redback.version>2.6.1</redback.version>
+ <redback.version>2.6.2-SNAPSHOT</redback.version>
<redback.cache.version>2.2</redback.cache.version>
<redback.quartz.version>2.1</redback.quartz.version>
<redback.registry.version>2.4</redback.registry.version>
@@ -1828,6 +1828,7 @@
<exclude>*.sh</exclude>
<exclude>.git/**</exclude>
<exclude>src/test/resources/projects/compile/goal.txt</exclude>
+ <exclude>src/test/sh/*.sh</exclude>
<exclude>**/*.iml</exclude>
<exclude>build-number.txt</exclude>
<exclude>.idea/**</exclude>
diff --git a/src/test/sh/test_user_update.sh b/src/test/sh/test_user_update.sh
new file mode 100755
index 000000000..131bf4fc5
--- /dev/null
+++ b/src/test/sh/test_user_update.sh
@@ -0,0 +1,91 @@
+#!/bin/bash
+
+MY_USER="test"
+ADMIN_USER="admin"
+ARCHIVA_URL="http://localhost:8080"
+
+while [ ! -z "$1" ]; do
+ case $1 in
+ -u)
+ shift
+ MY_USER_PWD="$1"
+ ;;
+ -a)
+ shift
+ ADMIN_PWD="$1"
+ ;;
+ *)
+ ;;
+ esac
+ shift
+done
+
+if [ -z "${MY_USER_PWD}" ]; then
+ read -s -p "Enter Password of user ${MY_USER}: " MY_USER_PWD
+ echo " "
+fi
+if [ -z "${ADMIN_PWD}" ]; then
+ read -s -p "Enter Password of user ${ADMIN_USER}: " ADMIN_PWD
+ echo " "
+fi
+
+echo "Login with user ${MY_USER}"
+OUTPUT=$(curl -s -w '\nhttp_code=%{response_code}\n' --cookie-jar cookies.txt -H "Content-Type: application/xml" -H "Accept: application/json" -H "Origin: ${ARCHIVA_URL}" -d "<loginRequest><username>${MY_USER}</username><password>${MY_USER_PWD}</password></loginRequest>" "${ARCHIVA_URL}/restServices/redbackServices/loginService/logIn")
+
+CODE=$(echo $OUTPUT |sed -n -e 's/.*http_code=\(.*\)/\1/gp')
+TOKEN=$(echo $OUTPUT |sed -n -e 's/.*"validationToken":"\([^"]\+\)".*/\1/gp')
+
+if [ "$CODE" != "200" ]; then
+ echo "Login with user ${MY_USER} failed. HTTP Response: $CODE"
+ echo "$OUTPUT"
+ exit 1
+fi
+
+NEW_MY_USER_PWD="$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 10 | head -n 1)"
+echo "Updating user password with new value: ${NEW_MY_USER_PWD}"
+OUTPUT=$(curl -s --cookie cookies.txt -w '\nhttp_code=%{response_code}\n' -d "<user><username>${MY_USER}</username><password>${NEW_MY_USER_PWD}</password><validated>true</validated></user>" -H "X-XSRF-TOKEN: ${TOKEN}" -H "Content-Type: application/xml" -H "Origin: ${ARCHIVA_URL}" -H "Accept: application/json" "${ARCHIVA_URL}/restServices/redbackServices/userService/updateUser")
+
+CODE=$(echo $OUTPUT |sed -n -e 's/.*http_code=\(.*\)/\1/gp')
+if [ "${CODE}" != "200" ]; then
+ echo "Could not update user password"
+ echo "HTTP Response: $CODE"
+ echo "$OUTPUT"
+ exit 1
+fi
+
+NEW_ADMIN_PWD="$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 10 | head -n 1)"
+echo "Trying to update admin password with new value: ${NEW_ADMIN_PWD}"
+
+OUTPUT=$(curl -s --cookie cookies.txt -w '\nhttp_code=%{response_code}\n' -d "<user><username>${ADMIN_USER}</username><password>${NEW_ADMIN_PWD}</password><validated>true</validated></user>" -H "X-XSRF-TOKEN: ${TOKEN}" -H "Content-Type: application/xml" -H "Origin: ${ARCHIVA_URL}" -H "Accept: application/json" "${ARCHIVA_URL}/restServices/redbackServices/userService/updateUser")
+
+echo "$OUTPUT"
+
+CODE=$(echo $OUTPUT |sed -n -e 's/.*http_code=\(.*\)/\1/gp')
+if [ "${CODE}" == "200" ]; then
+ echo "Could update admin password as normal user! This should not happen."
+ exit 1
+elif [ "${CODE}" == "403" ]; then
+ echo "This is fine. Could not update admin password as normal user."
+else
+ echo "Unexpected response while updating admin password"
+ echo "$OUTPUT"
+ exit 1
+fi
+
+NEW_MY_USER_PWD="$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 10 | head -n 1)"
+echo "Setting password for user ${MY_USER} by using admin account to new value: ${NEW_MY_USER_PWD}"
+
+rm -f cookies.txt
+OUTPUT=$(curl -s -w '\nhttp_code=%{response_code}\n' --cookie-jar cookies.txt -H "Content-Type: application/xml" -H "Accept: application/json" -H "Origin: ${ARCHIVA_URL}" -d "<loginRequest><username>${ADMIN_USER}</username><password>${ADMIN_PWD}</password></loginRequest>" "${ARCHIVA_URL}/restServices/redbackServices/loginService/logIn")
+TOKEN=$(echo $OUTPUT |sed -n -e 's/.*"validationToken":"\([^"]\+\)".*/\1/gp')
+
+OUTPUT=$(curl -s --cookie cookies.txt -w '\nhttp_code=%{response_code}\n' -d "<user><username>${MY_USER}</username><password>${NEW_MY_USER_PWD}</password><validated>true</validated></user>" -H "X-XSRF-TOKEN: ${TOKEN}" -H "Content-Type: application/xml" -H "Origin: ${ARCHIVA_URL}" -H "Accept: application/json" "${ARCHIVA_URL}/restServices/redbackServices/userService/updateUser")
+
+CODE=$(echo $OUTPUT |sed -n -e 's/.*http_code=\(.*\)/\1/gp')
+if [ "$CODE" != "200" ]; then
+ echo "Error during user password update"
+ echo "$OUTPUT"
+ exit 1
+fi
+
+echo "Current password for user ${MY_USER}: ${NEW_MY_USER_PWD}"