RED-6034 - Possible to assign a file to unauthorized users

- rework user provider
2023-04-28 15:26:17 +03:00 · 2023-04-28 15:26:17 +03:00 · 6d9a62178d
commit 6d9a62178d
parent d9b589d8eb
2 changed files with 17 additions and 20 deletions
--- a/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/UserService.java
+++ b/persistence-service-v1/persistence-service-processor-v1/src/main/java/com/iqser/red/service/persistence/management/v1/processor/service/UserService.java
@ -349,13 +349,16 @@ public class UserService {

    public Optional<User> getUserById(String userId) {

-        return userListingService.getAllUsers(TenantContext.getTenantId()).stream().filter(u -> u.getUserId().equalsIgnoreCase(userId)).findAny();
+        return this.getAllUsers().stream().filter(u -> u.getUserId().equalsIgnoreCase(userId)).findAny();
+    }
+
+    public Optional<User> getOptionalUserByUsername(String username) {
+        return this.getAllUsers().stream().filter(u -> u.getUsername().contains(username)).findFirst();
    }


    public List<User> getUsersByIds(Collection<String> userIds) {
-
-        return userListingService.getAllUsers(TenantContext.getTenantId()).stream().filter(u -> userIds.contains(u.getUserId())).collect(Collectors.toList());
+        return this.getAllUsers().stream().filter(u -> userIds.contains(u.getUserId())).collect(Collectors.toList());
    }


--- a/persistence-service-v1/persistence-service-server-v1/src/test/java/com/iqser/red/service/peristence/v1/server/integration/service/UserProvider.java
+++ b/persistence-service-v1/persistence-service-server-v1/src/test/java/com/iqser/red/service/peristence/v1/server/integration/service/UserProvider.java
@ -12,30 +12,24 @@ public class UserProvider {
    private UserService userService;

    public String getUserId(){
-        var allUsers = userService.getAllUsers();
-        var managerAdmin = allUsers.stream().filter(u -> u.getUsername().contains("manageradmin1")).findFirst();
-        if(managerAdmin.isPresent()){
-            return managerAdmin.get().getUserId();
-        }
-        throw new RuntimeException("user not created");
+        return this.getUserIdByUsername("manageradmin1");
    }

    public String getAltUserId(){
-        var allUsers = userService.getAllUsers();
-        var managerAdmin = allUsers.stream().filter(u -> u.getUsername().contains("manageradmin2")).findFirst();
-        if(managerAdmin.isPresent()){
-            return managerAdmin.get().getUserId();
-        }
-        throw new RuntimeException("user not created");
+       return this.getUserIdByUsername("manageradmin2");
    }


    public String getMemberUserId(){
-        var allUsers = userService.getAllUsers();
-        var managerAdmin = allUsers.stream().filter(u -> u.getUsername().contains("user")).findFirst();
-        if(managerAdmin.isPresent()){
-            return managerAdmin.get().getUserId();
+       return this.getUserIdByUsername("user");
+    }
+
+    private String getUserIdByUsername(String username) {
+        var userOptional = userService.getOptionalUserByUsername(username);
+        if(userOptional.isPresent()){
+            return userOptional.get().getUserId();
        }
-        throw new RuntimeException("user not created");
+        throw new RuntimeException("user " +  username + " not created");
+
    }
 }