接入个人修改密码解密

2026-03-30 10:41:56 +08:00
parent 68f823f0bc
commit 92bdd58d27
2 changed files with 78 additions and 2 deletions
--- a/ruoyi-admin/src/test/java/com/ruoyi/web/controller/system/SysProfileControllerPasswordTransferTest.java
+++ b/ruoyi-admin/src/test/java/com/ruoyi/web/controller/system/SysProfileControllerPasswordTransferTest.java
@@ -0,0 +1,72 @@
+package com.ruoyi.web.controller.system;
+
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
+import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+
+import java.util.Collections;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.Test;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.test.util.ReflectionTestUtils;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.setup.MockMvcBuilders;
+import com.ruoyi.common.core.domain.entity.SysUser;
+import com.ruoyi.common.core.domain.model.LoginUser;
+import com.ruoyi.common.utils.SecurityUtils;
+import com.ruoyi.framework.web.service.PasswordTransferCryptoService;
+import com.ruoyi.framework.web.service.TokenService;
+import com.ruoyi.system.service.ISysUserService;
+
+class SysProfileControllerPasswordTransferTest
+{
+    @AfterEach
+    void tearDown()
+    {
+        SecurityContextHolder.clearContext();
+    }
+
+    @Test
+    void shouldDecryptPasswordsBeforeCheckingOldPassword() throws Exception
+    {
+        ISysUserService userService = mock(ISysUserService.class);
+        TokenService tokenService = mock(TokenService.class);
+        PasswordTransferCryptoService passwordTransferCryptoService = mock(PasswordTransferCryptoService.class);
+        when(passwordTransferCryptoService.decrypt("oldCipher")).thenReturn("oldPlain");
+        when(passwordTransferCryptoService.decrypt("newCipher")).thenReturn("newPlain");
+        when(userService.resetUserPwd(org.mockito.ArgumentMatchers.anyLong(), org.mockito.ArgumentMatchers.anyString()))
+                .thenReturn(1);
+
+        SysUser storedUser = new SysUser();
+        storedUser.setUserId(2L);
+        storedUser.setPassword(SecurityUtils.encryptPassword("oldPlain"));
+        when(userService.selectUserById(2L)).thenReturn(storedUser);
+
+        SysUser currentUser = new SysUser();
+        currentUser.setUserId(2L);
+        currentUser.setUserName("admin");
+        LoginUser loginUser = new LoginUser(2L, 1L, currentUser, Collections.emptySet());
+        SecurityContextHolder.getContext()
+                .setAuthentication(new UsernamePasswordAuthenticationToken(loginUser, null, Collections.emptyList()));
+
+        SysProfileController controller = new SysProfileController();
+        ReflectionTestUtils.setField(controller, "userService", userService);
+        ReflectionTestUtils.setField(controller, "tokenService", tokenService);
+        ReflectionTestUtils.setField(controller, "passwordTransferCryptoService", passwordTransferCryptoService);
+
+        MockMvc mockMvc = MockMvcBuilders.standaloneSetup(controller).build();
+
+        mockMvc.perform(put("/system/user/profile/updatePwd")
+                .contentType("application/json")
+                .content("{\"oldPassword\":\"oldCipher\",\"newPassword\":\"newCipher\"}"))
+                .andExpect(status().isOk());
+
+        verify(passwordTransferCryptoService).decrypt("oldCipher");
+        verify(passwordTransferCryptoService).decrypt("newCipher");
+        verify(userService).resetUserPwd(org.mockito.ArgumentMatchers.eq(2L), org.mockito.ArgumentMatchers.anyString());
+        verify(tokenService).setLoginUser(loginUser);
+    }
+}