refined error check in changing and resetting password, added ut for changing password with incorrect old password.

2016-02-24 21:36:45 +08:00 · 2016-02-24 21:36:45 +08:00 · 273aea3c6d
parent be07274e33
commit 273aea3c6d
2 changed files with 31 additions and 6 deletions
--- a/dao/user.go
+++ b/dao/user.go
@ -142,16 +142,22 @@ func ChangeUserPassword(u models.User, oldPassword ...string) error {
 	var r sql.Result
 	if len(oldPassword) == 0 {
 		//In some cases, it may no need to check old password, just as Linux change password policies.
-		r, err = o.Raw(`update user set password=?, salt=? where user_id=?`, utils.Encrypt(u.Password, u.Salt), u.Salt, u.UserId).Exec()
+		_, err = o.Raw(`update user set password=?, salt=? where user_id=?`, utils.Encrypt(u.Password, u.Salt), u.Salt, u.UserId).Exec()
 	} else if len(oldPassword) == 1 {
 		r, err = o.Raw(`update user set password=?, salt=? where user_id=? and password = ?`, utils.Encrypt(u.Password, u.Salt), u.Salt, u.UserId, utils.Encrypt(oldPassword[0], u.Salt)).Exec()
+		if err != nil {
+			return err
+		}
+		count, err := r.RowsAffected()
+		if err != nil {
+			return err
+		}
+		if count == 0 {
+			return errors.New("No record be changed, change password failed.")
+		}
 	} else {
 		return errors.New("Wrong numbers of params.")
 	}
-	count, err := r.RowsAffected()
-	if count == 0 {
-		return errors.New("No record be changed, change password failed.")
-	}
 	return err
 }

@ -162,6 +168,9 @@ func ResetUserPassword(u models.User) error {
 		return err
 	}
 	count, err := r.RowsAffected()
+	if err != nil {
+		return err
+	}
 	if count == 0 {
 		return errors.New("No record be changed, reset password failed.")
 	}
--- a/tests/dao_test.go
+++ b/tests/dao_test.go
@ -15,6 +15,7 @@
 package test

 import (
+	"fmt"
 	//	"fmt"
 	"log"
 	"os"
@ -112,6 +113,8 @@ func TestMain(m *testing.M) {
 		log.Fatalf("environment variable DB_PWD is not set")
 	}

+	fmt.Printf("DB_HOST: %s, DB_USR: %s, DB_PORT: %s, DB_PWD: %s\n", dbHost, dbUser, dbPort, dbPassword)
+
 	os.Setenv("MYSQL_PORT_3306_TCP_ADDR", dbHost)
 	os.Setenv("MYSQL_PORT_3306_TCP_PORT", dbPort)
 	os.Setenv("MYSQL_USR", dbUser)
@ -309,12 +312,25 @@ func TestChangeUserPasswordWithOldPassword(t *testing.T) {
 	if err != nil {
 		t.Errorf("Error occurred in LoginByDb: %v", err)
 	}
-
 	if loginedUser.Username != USERNAME {
 		t.Errorf("The username returned by Login does not match, expected: %s, acutal: %s", USERNAME, loginedUser.Username)
 	}
 }

+func TestChangeUserPasswordWithIncorrectOldPassword(t *testing.T) {
+	err := dao.ChangeUserPassword(models.User{UserId: currentUser.UserId, Password: "NNewerHarborTester12345", Salt: currentUser.Salt}, "WrongNewerHarborTester12345")
+	if err == nil {
+		t.Errorf("Error does not occurred due to old password is incorrect.")
+	}
+	loginedUser, err := dao.LoginByDb(models.AuthModel{Principal: currentUser.Username, Password: "NNewerHarborTester12345"})
+	if err != nil {
+		t.Errorf("Error occurred in LoginByDb: %v", err)
+	}
+	if loginedUser != nil {
+		t.Errorf("The login user is not nil, acutal: %+v", loginedUser)
+	}
+}
+
 func TestQueryRelevantProjectsWhenNoProjectAdded(t *testing.T) {
 	projects, err := dao.QueryRelevantProjects(currentUser.UserId)
 	if err != nil {