aboutsummaryrefslogtreecommitdiff
path: root/juick-server
diff options
context:
space:
mode:
Diffstat (limited to 'juick-server')
-rw-r--r--juick-server/src/main/java/com/juick/service/UserServiceImpl.java63
-rw-r--r--juick-server/src/test/java/com/juick/server/tests/ServerTests.java30
2 files changed, 41 insertions, 52 deletions
diff --git a/juick-server/src/main/java/com/juick/service/UserServiceImpl.java b/juick-server/src/main/java/com/juick/service/UserServiceImpl.java
index 2de3dfc6..077fb01d 100644
--- a/juick-server/src/main/java/com/juick/service/UserServiceImpl.java
+++ b/juick-server/src/main/java/com/juick/service/UserServiceImpl.java
@@ -52,9 +52,8 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
user.setUid(rs.getInt(1));
user.setName(rs.getString(2));
- user.setBanned(rs.getBoolean(3));
- user.setLang(rs.getString(4));
-
+ user.setCredentials(rs.getString(3));
+ user.setBanned(rs.getBoolean(4));
return user;
}
}
@@ -121,7 +120,7 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
@Override
public Optional<User> getUserByUID(final int uid) {
List<User> list = getJdbcTemplate().query(
- "SELECT id, nick, banned, lang FROM users WHERE id = ?", new UserMapper(), uid);
+ "SELECT id, nick, passw, banned FROM users WHERE id = ?", new UserMapper(), uid);
return list.isEmpty() ? Optional.empty() : Optional.of(list.get(0));
}
@@ -131,7 +130,7 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
public User getUserByName(final String username) {
if (StringUtils.isNotBlank(username)) {
List<User> list = getJdbcTemplate().query(
- "SELECT id, nick, banned, lang FROM users WHERE nick = ?", new UserMapper(), username);
+ "SELECT id, nick, passw, banned FROM users WHERE nick = ?", new UserMapper(), username);
if (!list.isEmpty())
return list.get(0);
@@ -141,22 +140,11 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
}
@Override
- // No need marks with @Transactional annotation
- public User getFullyUserByName(final String username) {
- if (StringUtils.isNotBlank(username)) {
- List<User> list = getFullyUsersByNames(Collections.singletonList(username));
- if (!list.isEmpty())
- return list.get(0);
- }
- return null;
- }
-
- @Override
@Transactional(readOnly = true)
public User getUserByEmail(String email) {
if (StringUtils.isNotBlank(email)) {
List<User> list = getJdbcTemplate().query(
- "SELECT id, nick, banned, lang FROM users WHERE id = (SELECT DISTINCT user_id FROM emails WHERE email = ?)",
+ "SELECT id, nick, passw, banned FROM users WHERE id = (SELECT DISTINCT user_id FROM emails WHERE email = ?)",
new UserMapper(),
email);
@@ -168,34 +156,12 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
@Transactional(readOnly = true)
@Override
- public List<User> getFullyUsersByNames(final Collection<String> usernames) {
- if (CollectionUtils.isEmpty(usernames))
- return Collections.emptyList();
-
- return getNamedParameterJdbcTemplate().query(
- "SELECT id, nick, passw, lang, banned FROM users WHERE nick in (:names)",
- new MapSqlParameterSource("names", usernames),
- (rs, rowNum) -> {
- User user = new User();
-
- user.setUid(rs.getInt(1));
- user.setName(rs.getString(2));
- user.setCredentials(rs.getString(3));
- user.setLang(rs.getString(4));
- user.setBanned(rs.getBoolean(5));
-
- return user;
- });
- }
-
- @Transactional(readOnly = true)
- @Override
public User getUserByJID(final String jid) {
User result = null;
if (StringUtils.isNotBlank(jid)) {
List<User> list = getJdbcTemplate().query(
- "SELECT id, nick, banned, lang FROM users WHERE id = (SELECT user_id FROM jids WHERE jid = ?)",
+ "SELECT id, nick, passw, banned FROM users WHERE id = (SELECT user_id FROM jids WHERE jid = ?)",
new UserMapper(),
jid);
@@ -212,7 +178,7 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
return Collections.emptyList();
return getNamedParameterJdbcTemplate().query(
- "SELECT id, nick, banned, lang FROM users WHERE nick IN (:unames)",
+ "SELECT id, nick, passw, banned FROM users WHERE nick IN (:unames)",
new MapSqlParameterSource("unames", unames),
new UserMapper());
}
@@ -224,7 +190,7 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
return Collections.emptyList();
return getNamedParameterJdbcTemplate().query(
- "SELECT id, nick, banned, lang FROM users WHERE id IN (:ids)",
+ "SELECT id, nick, passw, banned FROM users WHERE id IN (:ids)",
new MapSqlParameterSource("ids", uids),
new UserMapper());
}
@@ -279,7 +245,7 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
public com.juick.User getUserByHash(final String hash) {
if (StringUtils.isNotBlank(hash)) {
List<User> list = getJdbcTemplate().query(
- "SELECT logins.user_id, users.nick, users.banned, users.lang FROM logins " +
+ "SELECT logins.user_id, users.nick, users.passw, users.banned FROM logins " +
"INNER JOIN users ON logins.user_id = users.id WHERE logins.hash = ?",
new UserMapper(),
hash);
@@ -312,15 +278,8 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
public int checkPassword(final String username, final String password) {
if (StringUtils.isNotBlank(username)) {
List<User> list = getJdbcTemplate().query(
- "SELECT id, nick, banned, passw FROM users WHERE nick = ?",
- (rs, rowNum) -> {
- User user = new User();
- user.setUid(rs.getInt(1));
- user.setName(rs.getString(2));
- user.setBanned(rs.getBoolean(3));
- user.setCredentials(rs.getString(4));
- return user;
- },
+ "SELECT id, nick, passw, banned FROM users WHERE nick = ?",
+ new UserMapper(),
username);
if (!list.isEmpty()) {
diff --git a/juick-server/src/test/java/com/juick/server/tests/ServerTests.java b/juick-server/src/test/java/com/juick/server/tests/ServerTests.java
index abeb7424..9f573e82 100644
--- a/juick-server/src/test/java/com/juick/server/tests/ServerTests.java
+++ b/juick-server/src/test/java/com/juick/server/tests/ServerTests.java
@@ -17,6 +17,7 @@
package com.juick.server.tests;
+import com.fasterxml.jackson.annotation.JsonInclude;
import com.fasterxml.jackson.core.type.TypeReference;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.jayway.jsonpath.JsonPath;
@@ -59,6 +60,7 @@ import org.springframework.web.context.WebApplicationContext;
import org.springframework.web.util.UriComponents;
import org.springframework.web.util.UriComponentsBuilder;
import org.w3c.dom.Document;
+import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import org.xml.sax.SAXException;
@@ -82,6 +84,7 @@ import java.io.*;
import java.net.Socket;
import java.net.URI;
import java.net.URISyntaxException;
+import java.nio.charset.StandardCharsets;
import java.nio.file.*;
import java.sql.Timestamp;
import java.time.Instant;
@@ -1225,4 +1228,31 @@ public class ServerTests {
server.addConnectionIn(test);
assertThat(getStatus.get().getInbound().size(), is(1));
}
+ @Test
+ public void credentialsShouldNeverBeSerialized() throws Exception {
+ int uid = userService.createUser("yyy", "xxxx");
+ User yyy = userService.getUserByUID(uid).get();
+ assertThat(yyy.getCredentials(), is("xxxx"));
+ ObjectMapper jsonMapper = new ObjectMapper();
+ jsonMapper.setSerializationInclusion(JsonInclude.Include.NON_DEFAULT);
+ String jsonUser = jsonMapper.writeValueAsString(yyy);
+ Map<String, Object> user = JsonPath.read(jsonUser, "$");
+ // only uid and name
+ assertThat(user.keySet().size(), is(2));
+
+ JAXBContext context = JAXBContext
+ .newInstance(User.class);
+ Marshaller m = context.createMarshaller();
+
+ StringWriter sw = new StringWriter();
+ m.marshal(yyy, sw);
+
+ DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
+ DocumentBuilder db = dbf.newDocumentBuilder();
+ Document doc = db.parse(new ByteArrayInputStream(sw.toString().getBytes(StandardCharsets.UTF_8)));
+ Element juickNode = doc.getDocumentElement();
+ NamedNodeMap attrs = juickNode.getAttributes();
+ // uid, name, xmlns, xmlns:user
+ assertThat(attrs.getLength(), is(4));
+ }
}