Merge branch 'RED-8491-fix' into 'main'
RED-8491: Hide all KNECON_* roles for any possible access in all endpoints See merge request fforesight/tenant-user-management-service!109
This commit is contained in:
commit
7b135dc48b
@ -577,7 +577,7 @@ public class UserService {
|
||||
var currentRoles = getRoles(currentUserResource.toRepresentation().getId());
|
||||
var userRoles = getRoles(targetUserId);
|
||||
|
||||
if (currentRoles.stream()
|
||||
if (userRoles.stream()
|
||||
.anyMatch(ApplicationRoles::isKneconRole)) {
|
||||
return ValidationStatus.INVALID;
|
||||
}
|
||||
|
||||
@ -462,9 +462,9 @@ public class UserTest extends AbstractTenantUserManagementIntegrationTest {
|
||||
e = assertThrows(FeignException.class, () -> userClient.updateProfile(user.getUserId(), new UpdateProfileRequest()));
|
||||
assertEquals(404, e.status());
|
||||
|
||||
// or reset password as it is forbidden (higher rights)
|
||||
// or reset password
|
||||
e = assertThrows(FeignException.class, () -> userClient.resetPassword(user.getUserId(), new ResetPasswordRequest()));
|
||||
assertEquals(403, e.status());
|
||||
assertEquals(404, e.status());
|
||||
|
||||
// now as a knecon admin again
|
||||
tokenService.setUser("admin@knecon.com", "secret");
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user