#173 Exported users now have a default password

Author: rjrudin

src/main/java/com/marklogic/appdeployer/export/AbstractNamedResourceExporter.java

@@ -18,7 +18,7 @@
 public abstract class AbstractNamedResourceExporter extends AbstractResourceExporter {
 
 	private String[] resourceNames;
-	private ObjectMapper objectMapper;
+	protected ObjectMapper objectMapper;
 
 	protected AbstractNamedResourceExporter(ManageClient manageClient, String... resourceNames) {
 		super(manageClient);

src/main/java/com/marklogic/appdeployer/export/security/UserExporter.java

@@ -1,15 +1,26 @@
 package com.marklogic.appdeployer.export.security;
 
+import com.fasterxml.jackson.databind.node.ObjectNode;
 import com.marklogic.appdeployer.ConfigDir;
 import com.marklogic.appdeployer.export.AbstractNamedResourceExporter;
 import com.marklogic.mgmt.ManageClient;
+import com.marklogic.mgmt.PayloadParser;
 import com.marklogic.mgmt.ResourceManager;
 import com.marklogic.mgmt.security.UserManager;
+import com.marklogic.rest.util.Fragment;
+import org.jdom2.Document;
+import org.jdom2.Element;
+import org.jdom2.output.Format;
+import org.jdom2.output.XMLOutputter;
 
 import java.io.File;
+import java.io.IOException;
 
 public class UserExporter extends AbstractNamedResourceExporter {
 
+	private PayloadParser payloadParser = new PayloadParser();
+	private String defaultPassword = "CHANGEME";
+
 	public UserExporter(ManageClient manageClient, String... usernames) {
 		super(manageClient, usernames);
 	}
@@ -26,6 +37,42 @@ protected File getResourceDirectory(File baseDir) {
 
 	@Override
 	protected String[] getExportMessages() {
-		return new String[]{"The exported user files do not have a password in them, as passwords cannot be retrieved. Each user file needs a password added before it can be deployed."};
+		return new String[]{"The exported user files each have a default password in them, as the real password cannot be exported for security reasons."};
+	}
+
+	/**
+	 * As of version 2.9.0 of ml-app-deployer, an attempt is made to add a default password to each exported user. This
+	 * allows the user to be immediately deployed, and the developer can then change the password to a real one at a
+	 * later date.
+	 *
+	 * @param resourceName
+	 * @param payload
+	 * @return
+	 */
+	@Override
+	protected String beforeResourceWrittenToFile(String resourceName, String payload) {
+		try {
+			if (payloadParser.isJsonPayload(payload)) {
+				ObjectNode json = (ObjectNode) payloadParser.parseJson(payload);
+				if (!json.has("password")) {
+					json.put("password", defaultPassword);
+					return objectMapper.writeValueAsString(json);
+				}
+			} else {
+				Fragment xml = new Fragment(payload);
+				if (!xml.elementExists("/node()/m:password")) {
+					Document doc = xml.getInternalDoc();
+					doc.getRootElement().addContent(new Element("password", "http://marklogic.com/manage").setText(defaultPassword));
+					return new XMLOutputter(Format.getPrettyFormat()).outputString(doc);
+				}
+			}
+		} catch (Exception ex) {
+			logger.warn("Unable to add a default password to exported user: " + resourceName + "; still exporting user but without a password; exception message: " + ex.getMessage());
+		}
+		return payload;
+	}
+
+	public void setDefaultPassword(String defaultPassword) {
+		this.defaultPassword = defaultPassword;
 	}
 }

src/test/java/com/marklogic/appdeployer/export/ExportUsersTest.java

@@ -0,0 +1,41 @@
+package com.marklogic.appdeployer.export;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.marklogic.rest.util.Fragment;
+import org.junit.Test;
+import org.springframework.util.FileCopyUtils;
+
+public class ExportUsersTest extends AbstractExportTest {
+
+	@Test
+	public void exportAsJson() throws Exception {
+		ExportedResources resources = new Exporter(manageClient).users("admin", "healthcheck").export(exportDir);
+
+		assertEquals("The exported user files each have a default password in them, as the real password cannot be exported for security reasons.",
+			resources.getMessages().get(0));
+
+		JsonNode json = objectMapper.readTree(resources.getFiles().get(0));
+		assertEquals("admin", json.get("user-name").asText());
+		assertEquals("CHANGEME", json.get("password").asText());
+
+		json = objectMapper.readTree(resources.getFiles().get(1));
+		assertEquals("healthcheck", json.get("user-name").asText());
+		assertEquals("CHANGEME", json.get("password").asText());
+	}
+
+	@Test
+	public void exportAsXml() throws Exception {
+		ExportedResources resources = new Exporter(manageClient).format("xml").users("admin", "healthcheck").export(exportDir);
+
+		assertEquals("The exported user files each have a default password in them, as the real password cannot be exported for security reasons.",
+			resources.getMessages().get(0));
+
+		Fragment xml = new Fragment(new String(FileCopyUtils.copyToByteArray(resources.getFiles().get(0))));
+		assertEquals("admin", xml.getElementValue("/node()/m:user-name"));
+		assertEquals("CHANGEME", xml.getElementValue("/node()/m:password"));
+
+		xml = new Fragment(new String(FileCopyUtils.copyToByteArray(resources.getFiles().get(1))));
+		assertEquals("healthcheck", xml.getElementValue("/node()/m:user-name"));
+		assertEquals("CHANGEME", xml.getElementValue("/node()/m:password"));
+	}
+}