From b13d2680a87c824cdb57d6d560a8c677c007c4d0 Mon Sep 17 00:00:00 2001 From: Stoyan Tzenkov Date: Wed, 6 Feb 2019 13:00:57 +0200 Subject: [PATCH 1/2] NY-6899: updateAccount fixed to take only the requested parameters. Signed-off-by: Stoyan Tzenkov --- .../AccountRepositoryAdditionalImpl.java | 35 ++++++++++++++----- 1 file changed, 26 insertions(+), 9 deletions(-) diff --git a/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java b/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java index b541a36..fd190af 100644 --- a/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java +++ b/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java @@ -290,7 +290,8 @@ public class AccountRepositoryAdditionalImpl implements AccountRepositoryAdditio String accessToken = accessPoint.getAccessToken(); DecodedJWT decodedToken = JWT.decode(accessToken); List accesspointRoles = getRolesFromAccessToken(decodedToken); - if (accesspointRoles.contains(Role.ACCOUNT_ADMIN.name()) || accesspointRoles.contains(Role.AUTHENTICATION_ADMIN.name())) { + if (accesspointRoles.contains(Role.ACCOUNT_ADMIN.name()) + || accesspointRoles.contains(Role.AUTHENTICATION_ADMIN.name())) { if (!accessPointService.deleteAccessPoint(UUID.fromString(accountId), accessToken)) { logger.error("Error deleting accesspoint record from DB for account with id {} and role {}.", accountId, Role.ACCOUNT_ADMIN.name()); @@ -431,14 +432,29 @@ public class AccountRepositoryAdditionalImpl implements AccountRepositoryAdditio private void updateAccountData(Transaction transaction, UpdateAccountRequest request, Account currentAccountState, Long lastUpdateTimestamp) { Account newAccountState = (Account) SerializationUtils.clone(currentAccountState); - newAccountState.setAvatar(request.getAvatar()); - newAccountState.setAccountMark(request.getAccountMark()); - newAccountState.setAccountName(request.getAccountName()); - newAccountState.setFirstName(request.getFirstName()); - newAccountState.setLastName(request.getLastName()); - newAccountState.setUsername(request.getUsername()); + if (request.getAvatar() != null && !request.getAvatar().isEmpty()) { + newAccountState.setAvatar(request.getAvatar()); + } + if (request.getAccountMark() != null && !request.getAccountMark().isEmpty()) { + newAccountState.setAccountMark(request.getAccountMark()); + } + if (request.getAccountName() != null && !request.getAccountName().isEmpty()) { + newAccountState.setAccountName(request.getAccountName()); + } + if (request.getFirstName() != null && !request.getFirstName().isEmpty()) { + newAccountState.setFirstName(request.getFirstName()); + } + if (request.getLastName() != null && !request.getLastName().isEmpty()) { + newAccountState.setLastName(request.getLastName()); + } + if (request.getUsername() != null && !request.getUsername().isEmpty()) { + newAccountState.setUsername(request.getUsername()); + } newAccountState.setLastUpdateTimestamp(lastUpdateTimestamp); - newAccountState.setAccessStatus(request.getAccessStatus().toString()); + if (request.getAccessStatus() != null + && !request.getAccessStatus().equals(AccessStatus.UNKNOWN_ACCESS_STATUS)) { + newAccountState.setAccessStatus(request.getAccessStatus().toString()); + } if (request.getRolesList() == null || request.getRolesList().isEmpty()) { newAccountState.setRoles(Set.of(Role.USER.toString())); } else { @@ -583,7 +599,8 @@ public class AccountRepositoryAdditionalImpl implements AccountRepositoryAdditio Account existingAccount = accountRepository.findByAccountId(accountByProfileId.getAccountId()); deleteAccountData(batchOperations, existingAccount); if (!accessPointService.deleteAccessPointsForAccount(accountByProfileId.getAccountId())) { - logger.error("Error deleting accesspoints from the DB for account {}.", accountByProfileId.getAccountId()); + logger.error("Error deleting accesspoints from the DB for account {}.", + accountByProfileId.getAccountId()); } } -- GitLab From cb19c6edff249aa1c98ffc3a6aeab4efb2f44f28 Mon Sep 17 00:00:00 2001 From: Stoyan Tzenkov Date: Thu, 7 Feb 2019 12:13:09 +0200 Subject: [PATCH 2/2] NY-6899: Send error if requested account status is UNKNOWN_ACCESS_STATUS. Signed-off-by: Stoyan Tzenkov --- .../AccountRepositoryAdditionalImpl.java | 29 +++++-------------- .../account/services/AccountServiceImpl.java | 8 ++++- 2 files changed, 14 insertions(+), 23 deletions(-) diff --git a/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java b/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java index fd190af..1b11b63 100644 --- a/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java +++ b/src/main/java/biz/nynja/account/repositories/AccountRepositoryAdditionalImpl.java @@ -432,29 +432,14 @@ public class AccountRepositoryAdditionalImpl implements AccountRepositoryAdditio private void updateAccountData(Transaction transaction, UpdateAccountRequest request, Account currentAccountState, Long lastUpdateTimestamp) { Account newAccountState = (Account) SerializationUtils.clone(currentAccountState); - if (request.getAvatar() != null && !request.getAvatar().isEmpty()) { - newAccountState.setAvatar(request.getAvatar()); - } - if (request.getAccountMark() != null && !request.getAccountMark().isEmpty()) { - newAccountState.setAccountMark(request.getAccountMark()); - } - if (request.getAccountName() != null && !request.getAccountName().isEmpty()) { - newAccountState.setAccountName(request.getAccountName()); - } - if (request.getFirstName() != null && !request.getFirstName().isEmpty()) { - newAccountState.setFirstName(request.getFirstName()); - } - if (request.getLastName() != null && !request.getLastName().isEmpty()) { - newAccountState.setLastName(request.getLastName()); - } - if (request.getUsername() != null && !request.getUsername().isEmpty()) { - newAccountState.setUsername(request.getUsername()); - } + newAccountState.setAvatar(request.getAvatar()); + newAccountState.setAccountMark(request.getAccountMark()); + newAccountState.setAccountName(request.getAccountName()); + newAccountState.setFirstName(request.getFirstName()); + newAccountState.setLastName(request.getLastName()); + newAccountState.setUsername(request.getUsername()); newAccountState.setLastUpdateTimestamp(lastUpdateTimestamp); - if (request.getAccessStatus() != null - && !request.getAccessStatus().equals(AccessStatus.UNKNOWN_ACCESS_STATUS)) { - newAccountState.setAccessStatus(request.getAccessStatus().toString()); - } + newAccountState.setAccessStatus(request.getAccessStatus().toString()); if (request.getRolesList() == null || request.getRolesList().isEmpty()) { newAccountState.setRoles(Set.of(Role.USER.toString())); } else { diff --git a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java index 4c2f0d2..945176b 100644 --- a/src/main/java/biz/nynja/account/services/AccountServiceImpl.java +++ b/src/main/java/biz/nynja/account/services/AccountServiceImpl.java @@ -20,6 +20,7 @@ import org.slf4j.LoggerFactory; import biz.nynja.account.accesspoints.AccessPointService; import biz.nynja.account.configuration.ProfileDataConfiguration; +import biz.nynja.account.grpc.AccessStatus; import biz.nynja.account.grpc.AccountByAccountIdRequest; import biz.nynja.account.grpc.AccountResponse; import biz.nynja.account.grpc.AccountServiceGrpc; @@ -523,6 +524,11 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas request.getAccountId(), Cause.INVALID_ACCOUNT_ID, "Invalid Account ID"); return; } + if (request.getAccessStatus().equals(AccessStatus.UNKNOWN_ACCESS_STATUS)) { + logAndBuildGrpcAccountResponse(responseObserver, AccountResponse.newBuilder(), "Invalid access status for account id: {}", + request.getAccountId(), Cause.INVALID_ACCESS_STATUS, "Invalid access status"); + return; + } if (!permissionsValidator.isRpcAllowed(request.getAccountId())) { logAndBuildGrpcAccountResponse(responseObserver, AccountResponse.newBuilder(), "Can not update account {}.", @@ -1069,7 +1075,7 @@ public class AccountServiceImpl extends AccountServiceGrpc.AccountServiceImplBas return searchResultDetails.build(); } - //Currently not supported + // Currently not supported @Override @PerformPermissionCheck @Permitted(role = RoleConstants.ACCOUNT_ADMIN) -- GitLab