Skip to content

Commit

Permalink
PP-11205 Add DAO method to delete forgotten passwords (#2196)
Browse files Browse the repository at this point in the history
- Added DAO method to delete historic forgotten passwords
  • Loading branch information
kbottla authored Oct 26, 2023
1 parent fe20149 commit 1417455
Show file tree
Hide file tree
Showing 4 changed files with 83 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -7,10 +7,13 @@
import uk.gov.pay.adminusers.persistence.entity.ForgottenPasswordEntity;

import javax.persistence.EntityManager;
import java.time.Instant;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.util.Optional;

import static java.util.Date.from;

@Transactional
public class ForgottenPasswordDao extends JpaDao<ForgottenPasswordEntity> {

Expand All @@ -35,4 +38,14 @@ public Optional<ForgottenPasswordEntity> findNonExpiredByCode(String code) {
.setParameter("expiry", expiryDateTime)
.getResultList().stream().findFirst();
}

public int deleteForgottenPasswords(ZonedDateTime deleteRecordsBeforeDate) {
String query = "DELETE FROM ForgottenPasswordEntity" +
" WHERE createdAt < :deleteRecordsBeforeDate";

return entityManager.get()
.createQuery(query)
.setParameter("deleteRecordsBeforeDate", deleteRecordsBeforeDate)
.executeUpdate();
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -61,4 +61,7 @@ public ZonedDateTime getDate() {
return date;
}

public Object getId() {
return id;
}
}
Original file line number Diff line number Diff line change
@@ -1,7 +1,9 @@
package uk.gov.pay.adminusers.persistence.dao;

import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Nested;
import org.junit.jupiter.api.Test;
import uk.gov.pay.adminusers.fixtures.ForgottenPasswordDbFixture;
import uk.gov.pay.adminusers.model.ForgottenPassword;
import uk.gov.pay.adminusers.model.User;
import uk.gov.pay.adminusers.persistence.entity.ForgottenPasswordEntity;
Expand All @@ -14,6 +16,7 @@
import java.util.Map;
import java.util.Optional;

import static java.time.ZonedDateTime.parse;
import static java.time.temporal.ChronoUnit.MINUTES;
import static org.apache.commons.lang3.RandomStringUtils.random;
import static org.exparity.hamcrest.date.ZonedDateTimeMatchers.within;
Expand All @@ -27,7 +30,7 @@
import static uk.gov.pay.adminusers.fixtures.UserDbFixture.userDbFixture;
import static uk.gov.pay.adminusers.model.ForgottenPassword.forgottenPassword;

public class ForgottenPasswordDaoIT extends DaoTestBase {
class ForgottenPasswordDaoIT extends DaoTestBase {

private UserDao userDao;
private ForgottenPasswordDao forgottenPasswordDao;
Expand All @@ -39,7 +42,7 @@ public void before() {
}

@Test
public void shouldPersistAForgottenPasswordEntity() {
void shouldPersistAForgottenPasswordEntity() {
String forgottenPasswordCode = random(10);
String username = randomUuid();
String email = username + "@example.com";
Expand All @@ -64,7 +67,7 @@ public void shouldPersistAForgottenPasswordEntity() {
}

@Test
public void shouldFindForgottenPasswordByCode_ifNotExpired() {
void shouldFindForgottenPasswordByCode_ifNotExpired() {
String forgottenPasswordCode = random(10);
String username = randomUuid();
String email = username + "@example.com";
Expand All @@ -90,7 +93,7 @@ public void shouldFindForgottenPasswordByCode_ifNotExpired() {
}

@Test
public void shouldNotFindForgottenPasswordByCode_ifExpired() {
void shouldNotFindForgottenPasswordByCode_ifExpired() {
String forgottenPasswordCode = randomUuid();
String username = randomUuid();
String email = username + "@example.com";
Expand All @@ -112,7 +115,7 @@ public void shouldNotFindForgottenPasswordByCode_ifExpired() {
}

@Test
public void shouldRemoveForgottenPasswordEntity() {
void shouldRemoveForgottenPasswordEntity() {
String forgottenPasswordCode = randomUuid();
String username = randomUuid();
String email = username + "@example.com";
Expand All @@ -136,4 +139,62 @@ public void shouldRemoveForgottenPasswordEntity() {

assertThat(forgottenPasswordDao.findNonExpiredByCode(forgottenPasswordCode).isPresent(), is(false));
}

@Nested
class TestDeleteForgottenPasswords {

@Test
void shouldRemoveForgottenPasswordsOlderThanTheDateProvided() {
User user = userDbFixture(databaseHelper).insertUser();
ZonedDateTime deleteRecordsUpToDate = parse("2020-01-01T00:00:00Z");

ForgottenPasswordDbFixture forgottenPasswordDbFixture = aForgottenPasswordDbFixture()
.withDatabaseTestHelper(databaseHelper)
.withUserId(user.getId())
.withCreatedAt(deleteRecordsUpToDate.minusDays(1))
.insert();
ForgottenPasswordDbFixture forgottenPasswordDbFixture2 = aForgottenPasswordDbFixture()
.withDatabaseTestHelper(databaseHelper)
.withUserId(user.getId())
.withCreatedAt(deleteRecordsUpToDate.minusDays(2))
.insert();

int noOfRecordsDeleted = forgottenPasswordDao.deleteForgottenPasswords(deleteRecordsUpToDate);

assertThat(noOfRecordsDeleted, is(2));

Optional<ForgottenPasswordEntity> forgottenPasswordEntityOptional = forgottenPasswordDao.findById(forgottenPasswordDbFixture.getId());
assertFalse(forgottenPasswordEntityOptional.isPresent());

forgottenPasswordEntityOptional = forgottenPasswordDao.findById(forgottenPasswordDbFixture2.getId());
assertFalse(forgottenPasswordEntityOptional.isPresent());
}

@Test
void shouldNotRemoveForgottenPasswordsCreatedAfterTheDateProvided() {
User user = userDbFixture(databaseHelper).insertUser();
ZonedDateTime deleteRecordsUpToDate = parse("2020-01-01T00:00:00Z");

ForgottenPasswordDbFixture forgottenPasswordDbFixture = aForgottenPasswordDbFixture()
.withDatabaseTestHelper(databaseHelper)
.withUserId(user.getId())
.withCreatedAt(deleteRecordsUpToDate)
.insert();
ForgottenPasswordDbFixture forgottenPasswordDbFixture2 = aForgottenPasswordDbFixture()
.withDatabaseTestHelper(databaseHelper)
.withUserId(user.getId())
.withCreatedAt(deleteRecordsUpToDate.plusDays(1))
.insert();

int noOfRecordsDeleted = forgottenPasswordDao.deleteForgottenPasswords(deleteRecordsUpToDate);

assertThat(noOfRecordsDeleted, is(0));

Optional<ForgottenPasswordEntity> forgottenPasswordEntityOptional = forgottenPasswordDao.findById(forgottenPasswordDbFixture.getId());
assertTrue(forgottenPasswordEntityOptional.isPresent());

forgottenPasswordEntityOptional = forgottenPasswordDao.findById(forgottenPasswordDbFixture2.getId());
assertTrue(forgottenPasswordEntityOptional.isPresent());
}
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -183,7 +183,7 @@ public DatabaseTestHelper insertForgottenPassword(Integer id, ZonedDateTime date
.bind("date", from(date.toInstant()))
.bind("code", code)
.bind("userId", userId)
.bind("createdAt", from(date.toInstant()))
.bind("createdAt", from(createdAt.toInstant()))
.execute()
);
return this;
Expand Down

0 comments on commit 1417455

Please sign in to comment.