From be07274e331f6698c00cb3b0917a04a3bb98bac4 Mon Sep 17 00:00:00 2001 From: wknet123 Date: Wed, 24 Feb 2016 20:44:46 +0800 Subject: [PATCH] added checking affected count in changing password, added ut for changing password with old password. --- controllers/password.go | 6 +++++- dao/user.go | 16 +++++++++++----- main.go | 2 +- tests/dao_test.go | 15 +++++++++++++++ 4 files changed, 32 insertions(+), 7 deletions(-) diff --git a/controllers/password.go b/controllers/password.go index b0ab637e3..9ecc6d713 100644 --- a/controllers/password.go +++ b/controllers/password.go @@ -217,7 +217,11 @@ func (rpc *CommonController) ResetPassword() { if password != "" { user.Password = password - dao.ResetUserPassword(*user) + err = dao.ResetUserPassword(*user) + if err != nil { + beego.Error("Error occurred in ResetUserPassword:", err) + rpc.CustomAbort(500, "Internal error.") + } } else { rpc.CustomAbort(400, "password_is_required") } diff --git a/dao/user.go b/dao/user.go index bddc90a67..730b8f7e1 100644 --- a/dao/user.go +++ b/dao/user.go @@ -15,6 +15,7 @@ package dao import ( + "database/sql" "errors" "github.com/vmware/harbor/models" @@ -137,14 +138,19 @@ func ToggleUserAdminRole(u models.User) error { func ChangeUserPassword(u models.User, oldPassword ...string) error { o := orm.NewOrm() - //In some cases, it may no need to check old password, just as Linux change password polies. var err error + var r sql.Result if len(oldPassword) == 0 { - _, err = o.Raw(`update user set password=?, salt=? where user_id=?`, utils.Encrypt(u.Password, u.Salt), u.Salt, u.UserId).Exec() + //In some cases, it may no need to check old password, just as Linux change password policies. + r, err = o.Raw(`update user set password=?, salt=? where user_id=?`, utils.Encrypt(u.Password, u.Salt), u.Salt, u.UserId).Exec() } else if len(oldPassword) == 1 { - _, err = o.Raw(`update user set password=?, salt=? where user_id=? and password = ?`, utils.Encrypt(u.Password, u.Salt), u.Salt, u.UserId, utils.Encrypt(oldPassword[0], u.Salt)).Exec() + r, err = o.Raw(`update user set password=?, salt=? where user_id=? and password = ?`, utils.Encrypt(u.Password, u.Salt), u.Salt, u.UserId, utils.Encrypt(oldPassword[0], u.Salt)).Exec() } else { - err = errors.New("Wrong numbers of params.") + return errors.New("Wrong numbers of params.") + } + count, err := r.RowsAffected() + if count == 0 { + return errors.New("No record be changed, change password failed.") } return err } @@ -157,7 +163,7 @@ func ResetUserPassword(u models.User) error { } count, err := r.RowsAffected() if count == 0 { - return errors.New("No record be changed.") + return errors.New("No record be changed, reset password failed.") } return err } diff --git a/main.go b/main.go index d2a813237..531372297 100644 --- a/main.go +++ b/main.go @@ -38,7 +38,7 @@ func updateInitPassword(userId int, password string) error { queryUser := models.User{UserId: userId} user, err := dao.GetUser(queryUser) if err != nil { - log.Println("Failed to get user's initial password, userId:", userId) + log.Println("Failed to get user, userId:", userId) return err } if user == nil { diff --git a/tests/dao_test.go b/tests/dao_test.go index 9a40b7753..9abcecad0 100644 --- a/tests/dao_test.go +++ b/tests/dao_test.go @@ -300,6 +300,21 @@ func TestChangeUserPassword(t *testing.T) { } } +func TestChangeUserPasswordWithOldPassword(t *testing.T) { + err := dao.ChangeUserPassword(models.User{UserId: currentUser.UserId, Password: "NewerHarborTester12345", Salt: currentUser.Salt}, "NewHarborTester12345") + if err != nil { + t.Errorf("Error occurred in ChangeUserPassword: %v", err) + } + loginedUser, err := dao.LoginByDb(models.AuthModel{Principal: currentUser.Username, Password: "NewerHarborTester12345"}) + if err != nil { + t.Errorf("Error occurred in LoginByDb: %v", err) + } + + if loginedUser.Username != USERNAME { + t.Errorf("The username returned by Login does not match, expected: %s, acutal: %s", USERNAME, loginedUser.Username) + } +} + func TestQueryRelevantProjectsWhenNoProjectAdded(t *testing.T) { projects, err := dao.QueryRelevantProjects(currentUser.UserId) if err != nil {