fix: [schema] Modify User.change_pw column to boolean

2021-10-23 19:07:29 +02:00 · 2021-10-23 19:07:29 +02:00 · 958bfe7383
parent d25122e4a3
commit 958bfe7383
3 changed files with 10 additions and 7 deletions
--- a/app/Model/AppModel.php
+++ b/app/Model/AppModel.php
@ -83,7 +83,7 @@ class AppModel extends Model
        51 => false, 52 => false, 53 => false, 54 => false, 55 => false, 56 => false,
        57 => false, 58 => false, 59 => false, 60 => false, 61 => false, 62 => false,
        63 => true, 64 => false, 65 => false, 66 => false, 67 => false, 68 => false,
-        69 => false, 70 => false, 71 => true, 72 => true, 73 => false,
+        69 => false, 70 => false, 71 => true, 72 => true, 73 => false, 74 => false,
    );

    public $advanced_updates_description = array(
@ -1582,6 +1582,9 @@ class AppModel extends Model
                $this->__dropIndex('user_settings', 'timestamp'); // index is not used
                $sqlArray[] = "ALTER TABLE `user_settings` ADD UNIQUE INDEX `unique_setting` (`user_id`, `setting`)";
                break;
+            case 74:
+                $sqlArray[] = "ALTER TABLE `users` MODIFY COLUMN `change_pw` tinyint(1) NOT NULL DEFAULT 0;";
+                break;
            case 'fixNonEmptySharingGroupID':
                $sqlArray[] = 'UPDATE `events` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
                $sqlArray[] = 'UPDATE `attributes` SET `sharing_group_id` = 0 WHERE `distribution` != 4;';
--- a/db_schema.json
+++ b/db_schema.json
@ -7414,7 +7414,7 @@
                "character_maximum_length": null,
                "numeric_precision": "3",
                "collation_name": null,
-                "column_type": "tinyint(4)",
+                "column_type": "tinyint(1)",
                "column_default": "0",
                "extra": ""
            },
@ -8182,5 +8182,5 @@
            "id": true
        }
    },
-    "db_version": "73"
+    "db_version": "74"
 }
--- a/tests/testlive_security.py
+++ b/tests/testlive_security.py
@ -268,14 +268,14 @@ class TestSecurity(unittest.TestCase):
    def test_user_must_change_password(self):
        updated_user = self.admin_misp_connector.update_user({'change_pw': 1}, self.test_usr)
        check_response(updated_user)
-        self.assertEqual(updated_user.change_pw, "1")
+        self.assertTrue(updated_user.change_pw)

        # Try to login, should still work because key is still valid
        PyMISP(url, self.test_usr.authkey)

        updated_user = self.admin_misp_connector.update_user({'change_pw': 0}, self.test_usr)
        check_response(updated_user)
-        self.assertEqual(updated_user.change_pw, "0")
+        self.assertFalse(updated_user.change_pw)

        # Try to login, should also still works
        PyMISP(url, self.test_usr.authkey)
@ -284,7 +284,7 @@ class TestSecurity(unittest.TestCase):
        # Admin set that user must change password
        updated_user = self.admin_misp_connector.update_user({'change_pw': 1}, self.test_usr)
        check_response(updated_user)
-        self.assertEqual(updated_user.change_pw, "1")
+        self.assertTrue(updated_user.change_pw)

        # User try to change back trough API
        logged_in = PyMISP(url, self.test_usr.authkey)
@ -292,7 +292,7 @@ class TestSecurity(unittest.TestCase):

        updated_user = self.admin_misp_connector.get_user(self.test_usr)
        # Should not be possible
-        self.assertEqual(updated_user.change_pw, "1")
+        self.assertTrue(updated_user.change_pw)

    def test_disabled_user(self):
        # Disable user