Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

feat: Add update user password endpoint#1310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Merged
BrunoQuaresma merged 17 commits intomainfrombq/update-user-password
May 6, 2022
Merged
Show file tree
Hide file tree
Changes from1 commit
Commits
Show all changes
17 commits
Select commitHold shift + click to select a range
346e5e4
Add UpdateUserHashedPassword query
BrunoQuaresmaMay 4, 2022
4bd7557
chore: Merge branch 'main' of github.com:coder/coder into bq/update-u…
BrunoQuaresmaMay 4, 2022
de39cf5
Add database functions
BrunoQuaresmaMay 5, 2022
2fe1716
Add update user password endpoint
BrunoQuaresmaMay 5, 2022
212020a
Add tests and fixes
BrunoQuaresmaMay 5, 2022
2699445
Remove confirmation and fix lint issues
BrunoQuaresmaMay 5, 2022
355f163
Return hash error as server error
BrunoQuaresmaMay 5, 2022
56b29fd
Update coderd/database/databasefake/databasefake.go
BrunoQuaresmaMay 5, 2022
30b8f15
Improve readbility
BrunoQuaresmaMay 5, 2022
f6be255
Add RBAC
BrunoQuaresmaMay 5, 2022
5df5763
Fix route
BrunoQuaresmaMay 5, 2022
b9dbd64
Merge branch 'bq/update-user-password' of github.com:coder/coder into…
BrunoQuaresmaMay 5, 2022
69af903
Add missing TS types
BrunoQuaresmaMay 5, 2022
d85092b
Update update password request params
BrunoQuaresmaMay 5, 2022
96ce751
Remove confirm password from the API
BrunoQuaresmaMay 5, 2022
4f9f506
Update coderd/users.go
BrunoQuaresmaMay 5, 2022
671c56d
Remove user restriction and refactor tests
BrunoQuaresmaMay 6, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
PrevPrevious commit
NextNext commit
Remove confirm password from the API
  • Loading branch information
@BrunoQuaresma
BrunoQuaresma committedMay 5, 2022
commit96ce7513f258105911ab22d5c602b121b3b99df3
16 changes: 0 additions & 16 deletionscoderd/users.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -368,22 +368,6 @@ func (api *api) putUserPassword(rw http.ResponseWriter, r *http.Request) {
return
}

// Check if the new password and the confirmation match
if params.Password != params.ConfirmPassword {
requestErrors := []httpapi.Error{
{
Field: "confirm_new_password",
Detail: "The value does not match the new password",
},
}
httpapi.Write(rw, http.StatusBadRequest, httpapi.Response{
Message: fmt.Sprintf("The new password and the new password confirmation don't match"),
Errors: requestErrors,
})
return
}

// Hash password and update it in the database
hashedPassword, err := userpassword.Hash(params.Password)
if err != nil {
httpapi.Write(rw, http.StatusInternalServerError, httpapi.Response{
Expand Down
16 changes: 1 addition & 15 deletionscoderd/users_test.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -290,26 +290,12 @@ func TestUpdateUserProfile(t *testing.T) {
func TestUpdateUserPassword(t *testing.T) {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Let's also add some tests to make sure the rbac is working here, I'd like to ensure that the user itself cannot perform this action, and neither can other non-admin users.

Copy link
CollaboratorAuthor

@BrunoQuaresmaBrunoQuaresmaMay 5, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

So from what I'm understanding we want to test:

  • A non-admin user can't update any password
  • An admin can update another user's password

Is that?

Copy link
CollaboratorAuthor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

Updated!

t.Parallel()

t.Run("DifferentPasswordConfirmation", func(t *testing.T) {
t.Parallel()
client := coderdtest.New(t, nil)
coderdtest.CreateFirstUser(t, client)
err := client.UpdateUserPassword(context.Background(), codersdk.Me, codersdk.UpdateUserPasswordRequest{
Password: "newpassword",
ConfirmPassword: "wrongconfirmation",
})
var apiErr *codersdk.Error
require.ErrorAs(t, err, &apiErr)
require.Equal(t, http.StatusBadRequest, apiErr.StatusCode())
})

t.Run("Success", func(t *testing.T) {
t.Parallel()
client := coderdtest.New(t, nil)
coderdtest.CreateFirstUser(t, client)
err := client.UpdateUserPassword(context.Background(), codersdk.Me, codersdk.UpdateUserPasswordRequest{
Password: "newpassword",
ConfirmPassword: "newpassword",
Password: "newpassword",
})
require.NoError(t, err, "update password request should be successful")

Expand Down
3 changes: 1 addition & 2 deletionscodersdk/users.go
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -73,8 +73,7 @@ type UpdateUserProfileRequest struct {
}

type UpdateUserPasswordRequest struct {
Password string `json:"password" validate:"required"`
ConfirmPassword string `json:"confirm_new_password" validate:"required"`
Password string `json:"password" validate:"required"`
}

type UpdateRoles struct {
Expand Down
15 changes: 7 additions & 8 deletionssite/src/api/typesGenerated.ts
View file
Open in desktop
Original file line numberDiff line numberDiff line change
Expand Up@@ -12,7 +12,7 @@ export interface AgentGitSSHKey {
readonly private_key: string
}

// From codersdk/users.go:110:6
// From codersdk/users.go:109:6
export interface AuthMethods {
readonly password: boolean
readonly github: boolean
Expand DownExpand Up@@ -44,7 +44,7 @@ export interface CreateFirstUserResponse {
readonly organization_id: string
}

// From codersdk/users.go:105:6
// From codersdk/users.go:104:6
export interface CreateOrganizationRequest {
readonly name: string
}
Expand DownExpand Up@@ -101,7 +101,7 @@ export interface CreateWorkspaceRequest {
readonly parameter_values: CreateParameterRequest[]
}

// From codersdk/users.go:101:6
// From codersdk/users.go:100:6
export interface GenerateAPIKeyResponse {
readonly key: string
}
Expand All@@ -119,13 +119,13 @@ export interface GoogleInstanceIdentityToken {
readonly json_web_token: string
}

// From codersdk/users.go:90:6
// From codersdk/users.go:89:6
export interface LoginWithPasswordRequest {
readonly email: string
readonly password: string
}

// From codersdk/users.go:96:6
// From codersdk/users.go:95:6
export interface LoginWithPasswordResponse {
readonly session_token: string
}
Expand DownExpand Up@@ -255,15 +255,14 @@ export interface UpdateActiveTemplateVersion {
readonly id: string
}

// From codersdk/users.go:80:6
// From codersdk/users.go:79:6
export interface UpdateRoles {
readonly roles: string[]
}

// From codersdk/users.go:75:6
export interface UpdateUserPasswordRequest {
readonly password: string
readonly confirm_new_password: string
}

// From codersdk/users.go:70:6
Expand DownExpand Up@@ -297,7 +296,7 @@ export interface User {
readonly organization_ids: string[]
}

// From codersdk/users.go:84:6
// From codersdk/users.go:83:6
export interface UserRoles {
readonly roles: string[]
readonly organization_roles: Record<string, string[]>
Expand Down
[8]ページ先頭
©2009-2025 Movatter.jp