From 20416ce108ae92b82f107679e37469f8c58f0501 Mon Sep 17 00:00:00 2001 From: Fabrice Lecomte Date: Wed, 9 Oct 2019 12:27:20 +0200 Subject: [PATCH] create SQL function "change_user_password" --- .../sql/functions/user/change_user_password.sql | 12 ++++++++++++ src/test/sql/user.sql | 7 +++++++ 2 files changed, 19 insertions(+) create mode 100644 src/main/resources/sql/functions/user/change_user_password.sql diff --git a/src/main/resources/sql/functions/user/change_user_password.sql b/src/main/resources/sql/functions/user/change_user_password.sql new file mode 100644 index 0000000..eaa915e --- /dev/null +++ b/src/main/resources/sql/functions/user/change_user_password.sql @@ -0,0 +1,12 @@ +create or replace function change_user_password(resource json) returns void language plpgsql as +$$ +begin + update "user" + set password = crypt(resource->>'plain_password', gen_salt('bf', 8)) + where id = (resource->>'id')::uuid; + + return; +end; +$$; + +-- drop function if exists change_user_password(json); \ No newline at end of file diff --git a/src/test/sql/user.sql b/src/test/sql/user.sql index 0e38909..082eaf9 100644 --- a/src/test/sql/user.sql +++ b/src/test/sql/user.sql @@ -2,6 +2,7 @@ do $$ declare created_user json := '{"username": "george", "plain_password": "azerty", "roles": ["ROLE_USER"]}'; + user_with_other_password json; selected_user json; exist_user json; begin @@ -24,6 +25,12 @@ begin assert exist_user->>'username' = 'george', format('the function check_user must be return user object with username is "george", %s is return', exist_user::text); assert exist_user->>'password' is null, format('the function check_user must not be return the password, %s is return', exist_user::text); + -- test change password + user_with_other_password = jsonb_set(created_user::jsonb, '{plain_password}', '"qwerty"'::jsonb); + perform change_user_password(user_with_other_password); + select check_user('george', 'qwerty') into exist_user; + assert exist_user->>'username' = 'george', format('the function change_user_password must change password: %s', exist_user::text); + -- delete user and check if user is really not exists delete from "user" where username = 'george'; select check_user('george', 'azerty') into exist_user;