[Pollen-commits] 01/03: refs #68 throw exception when the user wants to login or forgot his password but he did not validate his email address

This is an automated email from the git hooks/post-receive script. New commit to branch develop in repository pollen. See https://gitlab.nuiton.org/chorem/pollen.git commit 98067a3b703819e11daf135069182c8c43fa2609 Author: Kevin Morin <morin@codelutin.com> Date: Thu Jul 6 17:04:41 2017 +0200 refs #68 throw exception when the user wants to login or forgot his password but he did not validate his email address --- .../pollen/persistence/entity/PollenUserImpl.java | 12 ++++++++ pollen-persistence/src/main/xmi/pollen.zargo | Bin 26098 -> 26300 bytes .../org/chorem/pollen/rest/api/v1/AuthApi.java | 14 +++++++-- pollen-rest-api/src/main/resources/mapping | 1 + .../security/PollenEmailNotValidatedException.java | 34 +++++++++++++++++++++ .../services/service/security/SecurityService.java | 12 ++++++-- .../pollen/services/AbstractPollenServiceTest.java | 4 ++- .../services/service/FavoriteListServiceTest.java | 11 ++++--- .../pollen/services/service/PollServiceTest.java | 3 +- .../services/service/PollenUserServiceTest.java | 7 +++-- .../services/service/VoterListServiceTest.java | 3 +- 11 files changed, 85 insertions(+), 16 deletions(-) diff --git a/pollen-persistence/src/main/java/org/chorem/pollen/persistence/entity/PollenUserImpl.java b/pollen-persistence/src/main/java/org/chorem/pollen/persistence/entity/PollenUserImpl.java new file mode 100644 index 00000000..c45245ca --- /dev/null +++ b/pollen-persistence/src/main/java/org/chorem/pollen/persistence/entity/PollenUserImpl.java @@ -0,0 +1,12 @@ +package org.chorem.pollen.persistence.entity; + +/** + * @author Kevin Morin (Code Lutin) + */ +public class PollenUserImpl extends PollenUserAbstract { + + @Override + public boolean isEmailValidated() { + return emailActivationToken == null; + } +} diff --git a/pollen-persistence/src/main/xmi/pollen.zargo b/pollen-persistence/src/main/xmi/pollen.zargo index 2ad42e70..aef16793 100644 Binary files a/pollen-persistence/src/main/xmi/pollen.zargo and b/pollen-persistence/src/main/xmi/pollen.zargo differ diff --git a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java index 1c506063..0f3d6bcd 100644 --- a/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java +++ b/pollen-rest-api/src/main/java/org/chorem/pollen/rest/api/v1/AuthApi.java @@ -34,6 +34,7 @@ import org.chorem.pollen.services.service.PollenUserService; import org.chorem.pollen.services.service.security.MissingAuthenticationException; import org.chorem.pollen.services.service.security.PollenAuthenticationException; import org.chorem.pollen.services.service.security.PollenCypherTechnicalException; +import org.chorem.pollen.services.service.security.PollenEmailNotValidatedException; import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.chorem.pollen.services.service.security.SecurityService; import org.debux.webmotion.server.WebMotionController; @@ -70,7 +71,12 @@ public class AuthApi extends WebMotionController { } - public PollenEntityRef<PollenUser> login(HttpContext requestContext, SecurityService securityService) throws PollenAuthenticationException, MissingAuthenticationException, PollenInvalidSessionTokenException, PollenCypherTechnicalException { + public PollenEntityRef<PollenUser> login(HttpContext requestContext, SecurityService securityService) + throws PollenAuthenticationException, + MissingAuthenticationException, + PollenInvalidSessionTokenException, + PollenCypherTechnicalException, + PollenEmailNotValidatedException { String authHeader = requestContext.getHeader("Authorization"); @@ -122,7 +128,9 @@ public class AuthApi extends WebMotionController { } - public PollenEntityRef<PollenUser> login2(SecurityService securityService, String login, String password, Boolean rememberMe) throws PollenAuthenticationException { + public PollenEntityRef<PollenUser> login2(SecurityService securityService, String login, String password, Boolean rememberMe) + throws PollenAuthenticationException, + PollenEmailNotValidatedException { return securityService.login(login, password, rememberMe); @@ -141,7 +149,7 @@ public class AuthApi extends WebMotionController { } - public void lostPassword(SecurityService securityService, String login) { + public void lostPassword(SecurityService securityService, String login) throws PollenEmailNotValidatedException { securityService.lostPassword(login); diff --git a/pollen-rest-api/src/main/resources/mapping b/pollen-rest-api/src/main/resources/mapping index 6239c1a9..d6076def 100644 --- a/pollen-rest-api/src/main/resources/mapping +++ b/pollen-rest-api/src/main/resources/mapping @@ -38,6 +38,7 @@ default.render=org.chorem.pollen.rest.api.PollenRender org.chorem.pollen.services.service.security.PollenAuthenticationException ErrorAction.on401 org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException ErrorAction.on401 org.chorem.pollen.services.service.security.PollenUnauthorizedException ErrorAction.on403 +org.chorem.pollen.services.service.security.PollenEmailNotValidatedException ErrorAction.on403 org.chorem.pollen.services.service.security.PollenInvalidPermissionException ErrorAction.on403 org.chorem.pollen.services.service.security.PollenInvalidEmailActivationTokenException ErrorAction.on403 org.chorem.pollen.services.service.InvalidFormException ErrorAction.on400Form diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/PollenEmailNotValidatedException.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/PollenEmailNotValidatedException.java new file mode 100644 index 00000000..e978b5d0 --- /dev/null +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/PollenEmailNotValidatedException.java @@ -0,0 +1,34 @@ +package org.chorem.pollen.services.service.security; + +/* + * #%L + * Pollen :: Service + * %% + * Copyright (C) 2009 - 2017 Code Lutin, Tony Chemit + * %% + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see <http://www.gnu.org/licenses/>. + * #L% + */ + +/** + * Error thrown when the user tires to login although he has not yet validated his email. + * + * @author Kevin Morin - morin@codelutin.com + */ +public class PollenEmailNotValidatedException extends Exception { + + public PollenEmailNotValidatedException() { + super("emailNotValidated"); + } +} diff --git a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java index 42163426..057bf7e2 100644 --- a/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java +++ b/pollen-services/src/main/java/org/chorem/pollen/services/service/security/SecurityService.java @@ -121,7 +121,8 @@ public class SecurityService extends PollenServiceSupport { } - public PollenEntityRef<PollenUser> login(String login, String password, Boolean rememberMe) throws PollenAuthenticationException { + public PollenEntityRef<PollenUser> login(String login, String password, Boolean rememberMe) + throws PollenAuthenticationException, PollenEmailNotValidatedException { Subject subject = getSubject(); UsernamePasswordToken token = new UsernamePasswordToken(login, password); @@ -136,6 +137,9 @@ public class SecurityService extends PollenServiceSupport { } PollenUser user = getPollenUserDao().forEmailEquals(login).findUnique(); + if (!user.isEmailValidated()) { + throw new PollenEmailNotValidatedException(); + } // Generate a token PollenToken pollenToken = generateNewToken(); @@ -172,7 +176,7 @@ public class SecurityService extends PollenServiceSupport { } - public void lostPassword(String login) { + public void lostPassword(String login) throws PollenEmailNotValidatedException { Preconditions.checkNotNull(login); @@ -182,6 +186,10 @@ public class SecurityService extends PollenServiceSupport { throw new PollenUnauthorizedException(login); } + if (!user.isEmailValidated()) { + throw new PollenEmailNotValidatedException(); + } + String newPassword = serviceContext.generatePassword(); getSecurityService().setUserPassword(user, newPassword); diff --git a/pollen-services/src/test/java/org/chorem/pollen/services/AbstractPollenServiceTest.java b/pollen-services/src/test/java/org/chorem/pollen/services/AbstractPollenServiceTest.java index a84c9095..b2cd7c11 100644 --- a/pollen-services/src/test/java/org/chorem/pollen/services/AbstractPollenServiceTest.java +++ b/pollen-services/src/test/java/org/chorem/pollen/services/AbstractPollenServiceTest.java @@ -27,6 +27,7 @@ import org.chorem.pollen.persistence.entity.SessionToken; import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.service.InvalidFormException; import org.chorem.pollen.services.service.security.PollenAuthenticationException; +import org.chorem.pollen.services.service.security.PollenEmailNotValidatedException; import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.chorem.pollen.services.service.security.SecurityService; import org.chorem.pollen.services.test.FakePollenApplicationContext; @@ -85,7 +86,8 @@ public abstract class AbstractPollenServiceTest { } } - protected void login(String login, String password) throws PollenInvalidSessionTokenException, PollenAuthenticationException { + protected void login(String login, String password) throws PollenInvalidSessionTokenException, + PollenAuthenticationException, PollenEmailNotValidatedException { SecurityService securityService = newService(SecurityService.class); diff --git a/pollen-services/src/test/java/org/chorem/pollen/services/service/FavoriteListServiceTest.java b/pollen-services/src/test/java/org/chorem/pollen/services/service/FavoriteListServiceTest.java index 04551bf9..1d9baedb 100644 --- a/pollen-services/src/test/java/org/chorem/pollen/services/service/FavoriteListServiceTest.java +++ b/pollen-services/src/test/java/org/chorem/pollen/services/service/FavoriteListServiceTest.java @@ -34,6 +34,7 @@ import org.chorem.pollen.services.bean.PaginationParameterBean; import org.chorem.pollen.services.bean.PaginationResultBean; import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.service.security.PollenAuthenticationException; +import org.chorem.pollen.services.service.security.PollenEmailNotValidatedException; import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.junit.Assert; import org.junit.Before; @@ -75,7 +76,7 @@ public class FavoriteListServiceTest extends AbstractPollenServiceTest { "user2@pollen.org"; @Test - public void importFavoriteListFromFile() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException, IOException, FavoriteListImportException { + public void importFavoriteListFromFile() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException, IOException, FavoriteListImportException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); @@ -105,7 +106,7 @@ public class FavoriteListServiceTest extends AbstractPollenServiceTest { } @Test - public void createFavoriteList() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException { + public void createFavoriteList() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); @@ -222,7 +223,7 @@ public class FavoriteListServiceTest extends AbstractPollenServiceTest { } @Test - public void editFavoriteList() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException { + public void editFavoriteList() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); @@ -291,7 +292,7 @@ public class FavoriteListServiceTest extends AbstractPollenServiceTest { } @Test - public void editFavoriteListMember() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException { + public void editFavoriteListMember() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); @@ -386,7 +387,7 @@ public class FavoriteListServiceTest extends AbstractPollenServiceTest { @Test - public void editChildFavoriteList() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException { + public void editChildFavoriteList() throws PollenInvalidSessionTokenException, PollenAuthenticationException, InvalidFormException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); // create a first list diff --git a/pollen-services/src/test/java/org/chorem/pollen/services/service/PollServiceTest.java b/pollen-services/src/test/java/org/chorem/pollen/services/service/PollServiceTest.java index 41de7296..0f67bc10 100644 --- a/pollen-services/src/test/java/org/chorem/pollen/services/service/PollServiceTest.java +++ b/pollen-services/src/test/java/org/chorem/pollen/services/service/PollServiceTest.java @@ -31,6 +31,7 @@ import org.chorem.pollen.services.bean.ChoiceBean; import org.chorem.pollen.services.bean.PollBean; import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.service.security.PollenAuthenticationException; +import org.chorem.pollen.services.service.security.PollenEmailNotValidatedException; import org.chorem.pollen.services.service.security.PollenInvalidPermissionException; import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.chorem.pollen.services.service.security.PollenUnauthorizedException; @@ -536,7 +537,7 @@ public class PollServiceTest extends AbstractPollenServiceTest { // } @Test - public void testAssignPollToConnectedUser() throws PollenInvalidSessionTokenException, PollenAuthenticationException { + public void testAssignPollToConnectedUser() throws PollenInvalidSessionTokenException, PollenAuthenticationException, PollenEmailNotValidatedException { Poll poll = fixture(PollenFixtures.POLL_NORMAL_ID); Assert.assertNull(poll.getCreator().getPollenUser()); try { diff --git a/pollen-services/src/test/java/org/chorem/pollen/services/service/PollenUserServiceTest.java b/pollen-services/src/test/java/org/chorem/pollen/services/service/PollenUserServiceTest.java index be6d46eb..c3cb03db 100644 --- a/pollen-services/src/test/java/org/chorem/pollen/services/service/PollenUserServiceTest.java +++ b/pollen-services/src/test/java/org/chorem/pollen/services/service/PollenUserServiceTest.java @@ -29,6 +29,7 @@ import org.chorem.pollen.services.bean.PollenEntityId; import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.bean.PollenUserBean; import org.chorem.pollen.services.service.security.PollenAuthenticationException; +import org.chorem.pollen.services.service.security.PollenEmailNotValidatedException; import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.junit.Assert; import org.junit.Before; @@ -63,7 +64,7 @@ public class PollenUserServiceTest extends AbstractPollenServiceTest { } @Test - public void testGetPollenUsers() throws PollenAuthenticationException, PollenInvalidSessionTokenException { + public void testGetPollenUsers() throws PollenAuthenticationException, PollenInvalidSessionTokenException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); @@ -75,7 +76,7 @@ public class PollenUserServiceTest extends AbstractPollenServiceTest { } @Test - public void testGetPollenUser() throws PollenInvalidSessionTokenException, PollenAuthenticationException { + public void testGetPollenUser() throws PollenInvalidSessionTokenException, PollenAuthenticationException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); @@ -182,7 +183,7 @@ public class PollenUserServiceTest extends AbstractPollenServiceTest { } @Test - public void testEditUser() throws InvalidFormException, PollenInvalidSessionTokenException, PollenAuthenticationException { + public void testEditUser() throws InvalidFormException, PollenInvalidSessionTokenException, PollenAuthenticationException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); diff --git a/pollen-services/src/test/java/org/chorem/pollen/services/service/VoterListServiceTest.java b/pollen-services/src/test/java/org/chorem/pollen/services/service/VoterListServiceTest.java index dcf62172..f1f2e990 100644 --- a/pollen-services/src/test/java/org/chorem/pollen/services/service/VoterListServiceTest.java +++ b/pollen-services/src/test/java/org/chorem/pollen/services/service/VoterListServiceTest.java @@ -34,6 +34,7 @@ import org.chorem.pollen.services.bean.PollenEntityRef; import org.chorem.pollen.services.bean.VoterListBean; import org.chorem.pollen.services.bean.VoterListMemberBean; import org.chorem.pollen.services.service.security.PollenAuthenticationException; +import org.chorem.pollen.services.service.security.PollenEmailNotValidatedException; import org.chorem.pollen.services.service.security.PollenInvalidSessionTokenException; import org.junit.Assert; import org.junit.Before; @@ -142,7 +143,7 @@ public class VoterListServiceTest extends AbstractPollenServiceTest { // } @Test - public void createVoterList() throws InvalidFormException, PollenInvalidSessionTokenException, PollenAuthenticationException { + public void createVoterList() throws InvalidFormException, PollenInvalidSessionTokenException, PollenAuthenticationException, PollenEmailNotValidatedException { login("jean@pollen.fake", "fake"); -- To stop receiving notification emails like this one, please contact chorem.org SCM administrator <admin+scm@chorem.org>.