我在我的 grails 项目中使用 spring security core 插件,Person 域看起来像这样。
class User {
transient springSecurityService
//Mandatory Fields
String employeeId
String firstName
String lastName
String password
String emailId
//Other Fields
String department
String extn
String mobileNumber
String address
String city
String zipCode
String country
User manager
static hasMany = [previousPasswords: String]
boolean enabled = true
boolean accountExpired
boolean accountLocked
boolean passwordExpired
static transients = ['springSecurityService']
static constraints = {
employeeId blank: false, unique: true
firstName blank: false
lastName blank: false
password blank: false, password: true, validator: {val, obj ->
if(obj.previousPasswords) {
println "-----------------------1-------------------------"
println "obj.previousPasswords: " + obj.previousPasswords
println "val: " + val
if (obj.isDirty('password')) {
println "-----------------------2-------------------------"
if(obj.previousPasswords.contains(val)) {
obj.errors.rejectValue(
'password',
'user.password.duplicated',
'Repeat passwords are not allowed')
return false
}
println "-----------------------3-------------------------"
obj.addToPreviousPasswords(val)
return true
}
} else {
println "-----------------------4-------------------------"
obj.addToPreviousPasswords(val)
return true
}
}
emailId blank: false, email: true
department nullable: true
extn nullable: true
mobileNumber nullable: true
address nullable: true
city nullable: true
zipCode nullable: true
country nullable: true
manager nullable: true
}
static mapping = {
password column: '`password`'
}
Set<Role> getAuthorities() {
UserRole.findAllByUser(this).collect { it.role } as Set
}
def beforeInsert() {
println "%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%"
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
println "^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^"
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password)
}
}
我必须确保密码不会重复,我为“密码”字段编写了自定义验证器
我的集成测试看起来像这样
void "Test if previous passwords can be re-used"() {
given:
def user = new User(employeeId: "empId1", firstName: "f_name", lastName: "l_name", password: "password", emailId: "test@hptest.com", mobileNumber: "(111) 111-1111", address: "350 Fifth Avenue, 34th floor", city: "New York", zipCode: "10007")
println "&&&&&&&&&&&&&&&&&&& 1 &&&&&&&&&&&&&&&&&&&&&&"
user.springSecurityService = springSecurityService
println "&&&&&&&&&&&&&&&&&&& 2 &&&&&&&&&&&&&&&&&&&&&&"
user.save(flush: true, failOnError: true)
when: 'password is repeated'
user.password = "password"
println "&&&&&&&&&&&&&&&&&&& 3 &&&&&&&&&&&&&&&&&&&&&&"
user.save(flush: true)
then: 'validation fails'
!user.validate()
user.errors.getFieldError("password").codes.contains("validator.invalid")
when: 'password is not repeated'
user.password = "password@123"
then: 'validation succeeds'
println "&&&&&&&&&&&&&&&&&&& 4 &&&&&&&&&&&&&&&&&&&&&&"
user.validate()
println "&&&&&&&&&&&&&&&&&&& 5 &&&&&&&&&&&&&&&&&&&&&&"
user.save(flush: true)
}
我得到的输出是这样的
&&&&&&&&&&&&&&&&&&& 1 &&&&&&&&&&&&&&&&&&&&&&
&&&&&&&&&&&&&&&&&&& 2 &&&&&&&&&&&&&&&&&&&&&&
-----------------------4-------------------------
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-----------------------1-------------------------
obj.previousPasswords: [password]
val: $2a$10$mxFM9S7mEoOdyRo6xJL9/uzVafUgc0.8r1rd4nzBYM45s2cE8TTDi
&&&&&&&&&&&&&&&&&&& 3 &&&&&&&&&&&&&&&&&&&&&&
-----------------------1-------------------------
obj.previousPasswords: [password]
val: password
-----------------------2-------------------------
-----------------------1-------------------------
obj.previousPasswords: [password]
val: password
如果您仔细研究代码和输出,您会发现每次保存操作都会调用验证器函数两次。
谁能告诉我这是什么原因。这可能是由于我在验证器中使用的 addTo 方法吗?