Only encrypts NewPassword if it is not empty, when updating the user details. Fixes #1222

2025-04-03 04:27:37 +03:00 · 2021-07-01 16:09:49 -04:00 · 2021-07-01 16:09:49 -04:00 · fb183e58e9
commit fb183e58e9
parent ed286c7103
2 changed files with 21 additions and 1 deletions
--- a/persistence/user_repository.go
+++ b/persistence/user_repository.go
@ -63,7 +63,9 @@ func (r *userRepository) Put(u *model.User) error {
 		u.ID = uuid.NewString()
 	}
 	u.UpdatedAt = time.Now()
-	_ = r.encryptPassword(u)
+	if u.NewPassword != "" {
+		_ = r.encryptPassword(u)
+	}
 	values, _ := toSqlArgs(*u)
 	delete(values, "current_password")
 	update := Update(r.tableName).Where(Eq{"id": u.ID}).SetMap(values)
--- a/persistence/user_repository_test.go
+++ b/persistence/user_repository_test.go
@ -48,6 +48,24 @@ var _ = Describe("UserRepository", func() {
 			Expect(actual.Name).To(Equal("Admin"))
 			Expect(actual.Password).To(Equal("wordpass"))
 		})
+		It("updates the name and keep the same password", func() {
+			usr.Name = "Jane Doe"
+			usr.NewPassword = ""
+			Expect(repo.Put(&usr)).To(BeNil())
+
+			actual, err := repo.FindByUsernameWithPassword("admin")
+			Expect(err).ToNot(HaveOccurred())
+			Expect(actual.Name).To(Equal("Jane Doe"))
+			Expect(actual.Password).To(Equal("wordpass"))
+		})
+		It("updates password if specified", func() {
+			usr.NewPassword = "newpass"
+			Expect(repo.Put(&usr)).To(BeNil())
+
+			actual, err := repo.FindByUsernameWithPassword("admin")
+			Expect(err).ToNot(HaveOccurred())
+			Expect(actual.Password).To(Equal("newpass"))
+		})
 	})

 	Describe("validatePasswordChange", func() {