Account expired

security/src/main/java/org/genesys/blocks/security/model/BasicUser.java

@@ -370,7 +370,9 @@ public abstract class BasicUser<R extends GrantedAuthority> extends AclSid imple
 	@Override
 	@JsonView(JsonViews.Protected.class)
 	public boolean isAccountNonExpired() {
-		return (accountExpires == null) || !accountExpires.before(new Date());
+		return true;
+		// TODO Re-enable when we have a way to extend accounts
+//		return (accountExpires == null) || !accountExpires.before(new Date());
 	}
 
 	/*

security/src/main/java/org/genesys/blocks/security/service/impl/BasicUserServiceImpl.java

@@ -265,6 +265,12 @@ public abstract class BasicUserServiceImpl<R extends GrantedAuthority, T extends
 	public T changePassword(final T user, final String password) throws PasswordPolicyException {
 		if (user.getAccountType() == AccountType.LOCAL) {
 			setPassword(user, password);
+
+			// Set account to expire 1 month after change password
+			Calendar accountExpires = Calendar.getInstance();
+			accountExpires.add(Calendar.MONTH, 1);
+			user.setAccountExpires(accountExpires.getTime());
+
 			return deepLoad(_repository.save(user));
 		} else {
 			throw new PasswordPolicyException("Password can be set only for LOCAL account types");
@@ -282,8 +288,10 @@ public abstract class BasicUserServiceImpl<R extends GrantedAuthority, T extends
 		if (user.getAccountType() == AccountType.LOCAL) {
 			assureGoodPassword(password);
 			user.setPassword(password == null ? null : passwordEncoder.encode(password));
+			user.setPasswordExpires(null);
 		} else {
 			user.setPassword(THIS_IS_NOT_A_PASSWORD);
+			user.setPasswordExpires(null);
 		}
 	}
 

security/src/test/java/org/genesys/blocks/security/test/BasicUserServiceTest.java

@@ -23,8 +23,11 @@ import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.not;
 import static org.hamcrest.Matchers.notNullValue;
 import static org.hamcrest.Matchers.nullValue;
+import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertThat;
 
+import java.util.Calendar;
+
 import com.google.common.collect.Sets;
 
 import org.genesys.blocks.security.NotUniqueUserException;
@@ -55,7 +58,17 @@ public class BasicUserServiceTest extends ServiceTest {
 		assertThat(user.getId(), is(notNullValue()));
 		assertThat(user.getUuid(), is(notNullValue()));
 		assertThat(user.getAccountType(), is(AccountType.LOCAL));
-		testUserService.changePassword(user, "newPassword2#");
+		TestUser updatedUser = testUserService.changePassword(user, "newPassword2#");
+
+		Calendar accountExpires = Calendar.getInstance();
+		accountExpires.add(Calendar.MONTH, 1);
+
+		Calendar updatedAccountExpires = Calendar.getInstance();
+		updatedAccountExpires.setTime(updatedUser.getAccountExpires());
+
+		assertEquals(accountExpires.get(Calendar.YEAR), updatedAccountExpires.get(Calendar.YEAR));
+		assertEquals(accountExpires.get(Calendar.MONTH), updatedAccountExpires.get(Calendar.MONTH));
+		assertEquals(accountExpires.get(Calendar.DAY_OF_MONTH), updatedAccountExpires.get(Calendar.DAY_OF_MONTH));
 	}
 
 	/**