AuthenticationFailureListener: persist date of event instead of current date.

php-coder · php-coder · commit a2e9db2a4f1e · 2015-08-23T00:01:55.000+03:00
Fix #186
diff --git a/src/main/java/ru/mystamps/web/service/SiteService.java b/src/main/java/ru/mystamps/web/service/SiteService.java
@@ -17,6 +17,8 @@
  */
 package ru.mystamps.web.service;
 
+import java.util.Date;
+
 import ru.mystamps.web.entity.User;
 
 public interface SiteService {
@@ -34,6 +36,7 @@ void logAboutFailedAuthentication(
 		User user,
 		String ip,
 		String referer,
-		String agent
+		String agent,
+		Date date
 	);
 }
diff --git a/src/main/java/ru/mystamps/web/service/SiteServiceImpl.java b/src/main/java/ru/mystamps/web/service/SiteServiceImpl.java
@@ -53,7 +53,7 @@ public void logAboutAbsentPage(
 			String referer,
 			String agent) {
 		
-		logEvent(PAGE_NOT_FOUND, page, user, ip, referer, agent);
+		logEvent(PAGE_NOT_FOUND, page, user, ip, referer, agent, new Date());
 	}
 	
 	@Override
@@ -64,9 +64,10 @@ public void logAboutFailedAuthentication(
 			User user,
 			String ip,
 			String referer,
-			String agent) {
+			String agent,
+			Date date) {
 		
-		logEvent(AUTHENTICATION_FAILED, page, user, ip, referer, agent);
+		logEvent(AUTHENTICATION_FAILED, page, user, ip, referer, agent, date);
 	}
 	
 	@SuppressWarnings("PMD.UseObjectForClearerAPI")
@@ -76,7 +77,8 @@ private void logEvent(
 			User user,
 			String ip,
 			String referer,
-			String agent) {
+			String agent,
+			Date date) {
 		
 		Validate.isTrue(type != null, "Type of suspicious activity was not set");
 		Validate.isTrue(page != null, "Page should be non null");
@@ -88,7 +90,7 @@ private void logEvent(
 		activityType.setName(type);
 		activity.setType(activityType);
 		
-		activity.setOccurredAt(new Date());
+		activity.setOccurredAt(date == null ? new Date() : date);
 		activity.setPage(page);
 		
 		activity.setUser(user);
diff --git a/src/main/java/ru/mystamps/web/support/spring/security/AuthenticationFailureListener.java b/src/main/java/ru/mystamps/web/support/spring/security/AuthenticationFailureListener.java
@@ -17,6 +17,8 @@
  */
 package ru.mystamps.web.support.spring.security;
 
+import java.util.Date;
+
 import javax.inject.Inject;
 import javax.servlet.http.HttpServletRequest;
 
@@ -52,8 +54,9 @@ public void onApplicationEvent(AuthenticationFailureBadCredentialsEvent event) {
 		String ip      = request.getRemoteAddr();
 		String referer = request.getHeader("referer");
 		String agent   = request.getHeader("user-agent");
+		Date date      = new Date(event.getTimestamp());
 		
-		siteService.logAboutFailedAuthentication(page, null, ip, referer, agent);
+		siteService.logAboutFailedAuthentication(page, null, ip, referer, agent, date);
 	}
 	
 	private HttpServletRequest getRequest() {
diff --git a/src/test/groovy/ru/mystamps/web/service/SiteServiceImplTest.groovy b/src/test/groovy/ru/mystamps/web/service/SiteServiceImplTest.groovy
@@ -176,7 +176,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should call dao"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add(_ as SuspiciousActivity)
 	}
@@ -185,17 +185,29 @@ class SiteServiceImplTest extends Specification {
 		given:
 			SuspiciousActivityType expectedType = TestObjects.createAuthFailedActivityType()
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.type?.name == expectedType.name
 				return true
 			})
 	}
 	
-	def "logAboutFailedAuthentication() should assign occurred at to current date"() {
+	def "logAboutFailedAuthentication() should assign occurred at to current date when date was provided"() {
+		given:
+			Date expectedDate = new Date() - 100;
+		when:
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, expectedDate)
+		then:
+			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
+				assert DateUtils.roughlyEqual(activity?.occurredAt, expectedDate)
+				return true
+			})
+	}
+	
+	def "logAboutFailedAuthentication() should assign occurred at to current date when date wasn't provided"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert DateUtils.roughlyEqual(activity?.occurredAt, new Date())
@@ -205,14 +217,14 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should throw exception when page is null"() {
 		when:
-			service.logAboutFailedAuthentication(null, null, null, null, null)
+			service.logAboutFailedAuthentication(null, null, null, null, null, null)
 		then:
 			thrown IllegalArgumentException
 	}
 	
 	def "logAboutFailedAuthentication() should pass page to dao"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.page == TEST_PAGE
@@ -222,7 +234,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should pass null to dao for unknown user"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.user == null
@@ -234,7 +246,7 @@ class SiteServiceImplTest extends Specification {
 		given:
 			User user = TestObjects.createUser()
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, user, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, user, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.user == user
@@ -244,7 +256,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should pass ip to dao"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, TEST_IP, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, TEST_IP, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.ip == TEST_IP
@@ -254,7 +266,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should pass empty string to dao for unknown ip"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.ip?.empty
@@ -264,7 +276,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should pass referer to dao"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, TEST_REFERER_PAGE, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, TEST_REFERER_PAGE, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.refererPage == TEST_REFERER_PAGE
@@ -274,7 +286,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should pass empty string to dao for unknown referer"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.refererPage?.empty
@@ -284,7 +296,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should pass user agent to dao"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, TEST_USER_AGENT)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, TEST_USER_AGENT, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.userAgent == TEST_USER_AGENT
@@ -294,7 +306,7 @@ class SiteServiceImplTest extends Specification {
 	
 	def "logAboutFailedAuthentication() should pass empty string to dao for unknown user agent"() {
 		when:
-			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null)
+			service.logAboutFailedAuthentication(TEST_PAGE, null, null, null, null, null)
 		then:
 			1 * suspiciousActivityDao.add({ SuspiciousActivity activity ->
 				assert activity?.userAgent?.empty
