(seatunnel-web) branch main updated: [Bug] Disabled users are able to login (#264)

Fri, 17 Jan 2025 22:29:37 -0800 

This is an automated email from the ASF dual-hosted git repository.

arshad pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/seatunnel-web.git


The following commit(s) were added to refs/heads/main by this push:
     new a901300e [Bug] Disabled users are able to login (#264)
a901300e is described below

commit a901300ebc4c640b39a833c4918b69a14947b40d
Author: Mohammad Arshad <[email protected]>
AuthorDate: Sat Jan 18 11:59:08 2025 +0530

    [Bug] Disabled users are able to login (#264)
---
 .../apache/seatunnel/app/dal/mapper/UserMapper.xml |  2 +-
 .../server/common/SeatunnelErrorEnum.java          |  4 +--
 .../seatunnel/app/test/UserControllerTest.java     | 32 ++++++++++++++++++++++
 3 files changed, 35 insertions(+), 3 deletions(-)

diff --git 
a/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml
 
b/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml
index f4e8abcb..049aec32 100644
--- 
a/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml
+++ 
b/seatunnel-server/seatunnel-app/src/main/resources/org/apache/seatunnel/app/dal/mapper/UserMapper.xml
@@ -96,7 +96,7 @@
         select
         <include refid="Base_Column_List"/>
         from `user`
-        where username = #{username,jdbcType=VARCHAR} and password = 
#{password,jdbcType=VARCHAR} and auth_provider = 
#{authProvider,jdbcType=VARCHAR}
+        where status = 0 and username = #{username,jdbcType=VARCHAR} and 
password = #{password,jdbcType=VARCHAR} and auth_provider = 
#{authProvider,jdbcType=VARCHAR}
     </select>
     <select id="queryEnabledUsers" 
resultType="org.apache.seatunnel.app.dal.entity.User">
         select
diff --git 
a/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java
 
b/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java
index 29c772ac..56c89da3 100644
--- 
a/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java
+++ 
b/seatunnel-server/seatunnel-server-common/src/main/java/org/apache/seatunnel/server/common/SeatunnelErrorEnum.java
@@ -32,8 +32,8 @@ public enum SeatunnelErrorEnum {
 
     USERNAME_PASSWORD_NO_MATCHED(
             10007,
-            "username and password no matched",
-            "The user name and password do not match, please check your 
input"),
+            "username and password not matched or user is disabled.",
+            "The user name and password do not match or user is disabled, 
please check your input"),
 
     TOKEN_ILLEGAL(10008, "token illegal", "The token is expired or invalid, 
please login again."),
     INVALID_AUTHENTICATION_PROVIDER(
diff --git 
a/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java
 
b/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java
index 76c28b37..77363cc0 100644
--- 
a/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java
+++ 
b/seatunnel-web-it/src/test/java/org/apache/seatunnel/app/test/UserControllerTest.java
@@ -24,6 +24,7 @@ import 
org.apache.seatunnel.app.domain.request.user.UpdateUserReq;
 import org.apache.seatunnel.app.domain.request.user.UserLoginReq;
 import org.apache.seatunnel.app.domain.response.user.AddUserRes;
 import org.apache.seatunnel.app.domain.response.user.UserSimpleInfoRes;
+import org.apache.seatunnel.server.common.SeatunnelErrorEnum;
 
 import org.junit.jupiter.api.AfterAll;
 import org.junit.jupiter.api.BeforeAll;
@@ -32,6 +33,7 @@ import org.junit.jupiter.api.Test;
 import java.util.function.Supplier;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertNotNull;
 import static org.junit.jupiter.api.Assertions.assertTrue;
 
@@ -147,6 +149,36 @@ public class UserControllerTest {
         assertEquals("Invalid authentication provider [INVALID_AUTH_TYPE]", 
loginResult.getMsg());
     }
 
+    @Test
+    public void disabledUser_shouldNotBeAbleToLogin() {
+        String user = "disabledUser" + uniqueId.get();
+        String pass = "pass7";
+        AddUserReq addUserReq = getAddUserReq(user, pass);
+        Result<AddUserRes> result = userControllerWrapper.addUser(addUserReq);
+        assertTrue(result.isSuccess());
+
+        // Disable the user
+        UpdateUserReq updateUserReq = new UpdateUserReq();
+        updateUserReq.setUsername(user);
+        updateUserReq.setUserId(result.getData().getId());
+        updateUserReq.setPassword(pass);
+        updateUserReq.setStatus((byte) 1);
+        updateUserReq.setType((byte) 0);
+        Result<Void> disableUserResult =
+                userControllerWrapper.updateUser(
+                        Long.toString(result.getData().getId()), 
updateUserReq);
+        assertTrue(disableUserResult.isSuccess());
+
+        // Attempt to login with the disabled user
+        UserLoginReq loginReq = new UserLoginReq();
+        loginReq.setUsername(user);
+        loginReq.setPassword(pass);
+        Result<UserSimpleInfoRes> loginResult = 
userControllerWrapper.login(loginReq);
+        assertFalse(loginResult.isSuccess());
+        assertEquals(
+                SeatunnelErrorEnum.USERNAME_PASSWORD_NO_MATCHED.getCode(), 
loginResult.getCode());
+    }
+
     @AfterAll
     public static void tearDown() {
         Result<Void> logout = userControllerWrapper.logout();

Reply via email to