Skip to content

Add validation for admin password reset config updates. #6664

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Conversation

Malith-19
Copy link
Contributor

@Malith-19 Malith-19 commented Apr 4, 2025

Purpose

  • $subject

Related issues

Approach

  • With changes now only one of the below governance configs can be enabled for a given time,
    • Email Link - Recovery.AdminPasswordReset.RecoveryLink
    • Email OTP - Recovery.AdminPasswordReset.OTP
    • Offline - Recovery.AdminPasswordReset.Offline
    • SMS OTP - Recovery.AdminPasswordReset.SMSOTP
  • Additionally this will compare the current configuration if user not updating all configs at once.
    • For example, now user will not able enable email OTP option when email Link is already enabled.
  • Config correction method is added to always enable one admin force password config and when all configs are disabled email link will be enabled by default. Please note that this config correction will not persist the corrected value but correction will happen when getting the governance configs.

After merge

@Malith-19 Malith-19 self-assigned this Apr 4, 2025
Copy link

codecov bot commented Apr 4, 2025

Codecov Report

Attention: Patch coverage is 80.89888% with 17 lines in your changes missing coverage. Please review.

Project coverage is 48.36%. Comparing base (37686de) to head (db10f4b).
Report is 101 commits behind head on master.

Files with missing lines Patch % Lines
.../org/wso2/carbon/idp/mgt/dao/IdPManagementDAO.java 44.82% 12 Missing and 4 partials ⚠️
...rg/wso2/carbon/idp/mgt/util/IdPManagementUtil.java 98.33% 0 Missing and 1 partial ⚠️
Additional details and impacted files
@@             Coverage Diff              @@
##             master    #6664      +/-   ##
============================================
+ Coverage     48.20%   48.36%   +0.15%     
- Complexity    16407    16497      +90     
============================================
  Files          1830     1833       +3     
  Lines        109630   111940    +2310     
  Branches      20646    21040     +394     
============================================
+ Hits          52849    54139    +1290     
- Misses        49552    50482     +930     
- Partials       7229     7319      +90     
Flag Coverage Δ
unit 32.10% <80.89%> (+0.13%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/14263683130

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/14263683130
Status: failure

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/14266111360

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/14266111360
Status: success

Copy link

@jenkins-is-staging jenkins-is-staging left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/14266111360

@Malith-19 Malith-19 requested review from Copilot and removed request for jenkins-is-staging April 16, 2025 09:45
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds validations for admin password reset configuration updates to ensure that only one of the possible options (Email Link, Email OTP, Offline, SMS OTP) is enabled at a time, and provides automatic correction when all are disabled. Key changes include the introduction of new validation methods in IdPManagementUtil, updates to test cases in IdPManagementUtilTest, and corresponding constant and DAO modifications to support the new logic.

Reviewed Changes

Copilot reviewed 4 out of 5 changed files in this pull request and generated 1 comment.

File Description
components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/java/org/wso2/carbon/idp/mgt/util/IdPManagementUtilTest.java Added tests and helper methods for validating admin password reset configurations; contains a variable naming typo.
components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/util/IdPManagementUtil.java Introduced new validation methods for admin password reset options.
components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/util/IdPManagementConstants.java Added new constants for the admin password reset configurations.
components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAO.java Updated DAO logic to read the new admin reset configurations and to auto-correct them if necessary.
Files not reviewed (1)
  • components/idp-mgt/org.wso2.carbon.idp.mgt/src/test/resources/dbscripts/h2.sql: Language not supported
Comments suppressed due to low confidence (1)

components/idp-mgt/org.wso2.carbon.idp.mgt/src/main/java/org/wso2/carbon/idp/mgt/dao/IdPManagementDAO.java:6241

  • [nitpick] For consistency with other parts of the code, consider using the predefined TRUE_STRING constant instead of String.valueOf(true) when setting the property value.
adminForcedPasswordResetProperty.setValue(String.valueOf(true));

sadilchamishka
sadilchamishka previously approved these changes Apr 17, 2025
@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/14539455833

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/14539455833
Status: failure

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/14551029871

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/14551029871
Status: failure

Copy link

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/14565985058

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/14565985058
Status: failure

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/14569950349

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/14569950349
Status: failure

@Malith-19
Copy link
Contributor Author

Integration test runner only fails due to UserMeSuccessTestBase as per the last run in the fork which is intermittent and not related to this code changes.

image

@sadilchamishka sadilchamishka merged commit 0ef5123 into wso2:master Apr 22, 2025
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants