allow changing passwords as superuser

author: Florian Dold <florian@dold.me> 2021-08-07 12:00:37 +0200
committer: Florian Dold <florian@dold.me> 2021-08-07 12:00:52 +0200
commit: 3c7524c6a876ab3254b45a445d533161258374ea (patch)
tree: b3630f39c7d129a4914840e1a59953cf34199af7 /nexus
parent: 775073e70b4f1044a2c2c3dc84782d571b812e06 (diff)
download: libeufin-3c7524c6a876ab3254b45a445d533161258374ea.tar.gz
libeufin-3c7524c6a876ab3254b45a445d533161258374ea.tar.bz2
libeufin-3c7524c6a876ab3254b45a445d533161258374ea.zip
2 files changed, 13 insertions, 3 deletions
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/ebics/EbicsNexus.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/ebics/EbicsNexus.kt
index 2bbadbe1..f0782124 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/ebics/EbicsNexus.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/ebics/EbicsNexus.kt
@@ -603,6 +603,7 @@ class EbicsBankConnectionProtocol: BankConnectionProtocol {
         pdfWriter.flush()
         return po.toByteArray()
     }
+
     override fun exportBackup(bankConnectionId: String, passphrase: String): JsonNode {
         val subscriber = transaction { getEbicsSubscriberDetails(bankConnectionId) }
         val ret = EbicsKeysBackupJson(
diff --git a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
index 08e05ff6..42bf9dc6 100644
--- a/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
+++ b/nexus/src/main/kotlin/tech/libeufin/nexus/server/NexusServer.kt
@@ -279,6 +279,7 @@ fun serverMain(dbName: String, host: String, port: Int) {
 
             post("/permissions") {
                 val req = call.receive<ChangePermissionsRequest>()
+                val knownPermissions = listOf()
                 transaction {
                     requireSuperuser(call.request)
                     val existingPerm = findPermission(req.permission)
@@ -321,11 +322,19 @@ fun serverMain(dbName: String, host: String, port: Int) {
             }
 
             // change a user's password
-            post("/users/password") {
+            post("/users/{username}/password") {
                 val body = call.receiveJson<ChangeUserPassword>()
+                val targetUsername = ensureNonNull(call.parameters["username"])
                 transaction {
-                    val user = authenticateRequest(call.request)
-                    user.passwordHash = CryptoUtil.hashpw(body.newPassword)
+                    requireSuperuser(call.request)
+                    val targetUser = NexusUserEntity.find {
+                        NexusUsersTable.username eq targetUsername
+                    }.firstOrNull()
+                    if (targetUser == null) throw NexusError(
+                        HttpStatusCode.NotFound,
+                        "Username $targetUsername not found"
+                    )
+                    targetUser.passwordHash = CryptoUtil.hashpw(body.newPassword)
                 }
                 call.respond(NexusMessage(message = "Password successfully changed"))
                 return@post
author	Florian Dold <florian@dold.me>	2021-08-07 12:00:37 +0200
committer	Florian Dold <florian@dold.me>	2021-08-07 12:00:52 +0200
commit	3c7524c6a876ab3254b45a445d533161258374ea (patch)
tree	b3630f39c7d129a4914840e1a59953cf34199af7 /nexus
parent	775073e70b4f1044a2c2c3dc84782d571b812e06 (diff)
download	libeufin-3c7524c6a876ab3254b45a445d533161258374ea.tar.gz libeufin-3c7524c6a876ab3254b45a445d533161258374ea.tar.bz2 libeufin-3c7524c6a876ab3254b45a445d533161258374ea.zip