[GitHub] usergrid pull request: Usergrid 1079 2x

Fri, 30 Oct 2015 09:35:31 -0700 

Github user mdunker commented on a diff in the pull request:

    https://github.com/apache/usergrid/pull/419#discussion_r43522534
  
    --- Diff: 
stack/rest/src/test/java/org/apache/usergrid/rest/applications/collection/users/UserResourceIT.java
 ---
    @@ -1103,4 +1109,107 @@ public void queryForUserUuids() throws Exception {
     
             
assertEquals(response.getResponse().getEntities().get(0).get("uuid").toString(),
 userId.toString());
         }
    +
    +
    +
    +    @Test
    +    public void testCredentialsTransfer() throws Exception {
    +
    +        usersResource.post(new User("test_1", "Test1 User", 
"[email protected]", "test123")); // client.setApiUrl(apiUrl);
    +        refreshIndex();
    +
    +        //Entity appInfo = 
this.app().get().getResponse().getEntities().get(0);
    +
    +        Token token = this.app().token().post(new Token("test_1", 
"test123"));
    +
    +        assertNotNull(token.getAccessToken());
    +
    +        final String superUserName = this.clientSetup.getSuperuserName();
    +        final String superUserPassword = 
this.clientSetup.getSuperuserPassword();
    +
    +
    +        //get the credentials info
    +        final CollectionEndpoint collection  = 
userResource.entity("test_1").collection( "credentials" );
    +
    +        final WebResource resource  = collection.getResource();
    +
    +        resource.addFilter( new HTTPBasicAuthFilter(superUserName, 
superUserPassword) );
    +
    +
    +
    +        final ApiResponse response = resource.type( 
MediaType.APPLICATION_JSON_TYPE)
    +                                             .accept( 
MediaType.APPLICATION_JSON ).get( 
org.apache.usergrid.rest.test.resource.model.ApiResponse.class );
    +
    +
    +        //now get the credentials sub object
    +
    +        final Map<String, Object> credentials = ( Map<String, Object> ) 
response.getProperties().get( "credentials" );
    +
    +
    +
    +        //get out the hash and change it so we can validate
    +        final String originalSecret = ( String ) credentials.get( "secret" 
);
    +
    +
    +        //here we modify the hash a little, this way we can break password 
validation, then re-set it to ensure we're actually updating the credentials 
info correctly.
    +        final String borkedSecret = originalSecret.substring( 0, 
originalSecret.length() -1 );
    +
    +        credentials.put( "credentials", borkedSecret );
    --- End diff --
    
    Is this right? Or borked?


---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at [email protected] or file a JIRA ticket
with INFRA.
---

Reply via email to