grails · ddelponte · Apr 11, 2019 · Apr 12, 2019 · Sep 7, 2022 · Sep 7, 2022
diff --git a/.gitignore b/.gitignore
@@ -12,4 +12,4 @@ classes
 cobertura.ser
 kindlegen
 /plugin/src/main/templates/views
-.java-version
+.java-version
diff --git a/examples/extended/build.gradle b/examples/extended/build.gradle
@@ -61,6 +61,7 @@ dependencies {
     testCompile "org.seleniumhq.selenium:selenium-support:3.14.0"
     testRuntime "org.seleniumhq.selenium:selenium-chrome-driver:3.14.0"
     testRuntime "org.seleniumhq.selenium:selenium-firefox-driver:3.14.0"
+    testCompile "org.grails:grails-datastore-rest-client:6.1.10.RELEASE"
 
     compile 'dumbster:dumbster:1.6', { transitive = false }
     compile "org.grails.plugins:mail:$mailVersion"

diff --git a/examples/extended/src/integration-test/groovy/spec/VerifyRegistrationSpec.groovy b/examples/extended/src/integration-test/groovy/spec/VerifyRegistrationSpec.groovy
@@ -0,0 +1,56 @@
+package spec
+
+import grails.plugin.springsecurity.ui.RegistrationCode
+import grails.plugins.rest.client.RestBuilder
+import grails.plugins.rest.client.RestResponse
+import grails.testing.mixin.integration.Integration
+import spock.lang.Shared
+import spock.lang.Specification
+import test.User
+
+
+@Integration
+class VerifyRegistrationSpec extends Specification {
+
+    @Shared RestBuilder rest = new RestBuilder()
+
+    void "verify a call to the register/verifyRegistration endpoint properly updates the verified"() {
+        given: "a username"
+        String username = "username"
+
+        when: "a user account is created and given a registration code"
+        User user
+        RegistrationCode registrationCode
+
+        User.withNewTransaction {
+            user = new User(username: username, password: "password", accountLocked: true).save()
+            registrationCode = new RegistrationCode(username: username).save()
+        }
+
+
+        then: 'registration code token is populated'
+        registrationCode.token
+        user.accountLocked == true
+        user.accountExpired == false
+        user.enabled == true
+        user.username == username
+
+        when: "that user engages the verify registration action with their registration code's token"
+        RestResponse resp = rest.get("http://localhost:${serverPort}/register/verifyRegistration?t=${registrationCode.token}")
+
+        then: "that user account should be unlocked, not expired, and enabled"
+        resp.status == 200
+
+        when:
+        User updatedUser = User.withNewTransaction(readOnly: true) {
+            User.findByUsername(username)
+        }
+
+        then:
+        updatedUser.username == username
+        updatedUser.accountExpired == false
+        updatedUser.enabled == true
+        updatedUser.accountLocked == false
+
+    }
+}
diff --git a/examples/simple/build.gradle b/examples/simple/build.gradle
@@ -60,7 +60,7 @@ dependencies {
     testCompile "org.seleniumhq.selenium:selenium-support:3.14.0"
     testRuntime "org.seleniumhq.selenium:selenium-chrome-driver:3.14.0"
     testRuntime "org.seleniumhq.selenium:selenium-firefox-driver:3.14.0"
-
+    testCompile "org.grails:grails-datastore-rest-client:6.1.10.RELEASE"
 
     compile 'dumbster:dumbster:1.6', { transitive = false }
     compile "org.grails.plugins:mail:$mailVersion"

diff --git a/examples/simple/src/integration-test/groovy/spec/VerifyRegistrationSpec.groovy b/examples/simple/src/integration-test/groovy/spec/VerifyRegistrationSpec.groovy
@@ -0,0 +1,55 @@
+package spec
+
+import grails.plugin.springsecurity.ui.RegistrationCode
+import grails.plugins.rest.client.RestBuilder
+import grails.plugins.rest.client.RestResponse
+import grails.testing.mixin.integration.Integration
+import spock.lang.Shared
+import spock.lang.Specification
+import test.User
+
+@Integration
+class VerifyRegistrationSpec extends Specification {
+
+    @Shared RestBuilder rest = new RestBuilder()
+
+    void "verify a call to the register/verifyRegistration endpoint properly updates the verified"() {
+        given: "a username"
+        String username = "username"
+
+        when: "a user account is created and given a registration code"
+        User user
+        RegistrationCode registrationCode
+
+        User.withNewTransaction {
+            user = new User(username: username, password: "password", accountLocked: true).save()
+            registrationCode = new RegistrationCode(username: username).save()
+        }
+
+
+        then: 'registration code token is populated'
+        registrationCode.token
+        user.accountLocked == true
+        user.accountExpired == false
+        user.enabled == true
+        user.username == username
+
+        when: "that user engages the verify registration action with their registration code's token"
+        RestResponse resp = rest.get("http://localhost:${serverPort}/register/verifyRegistration?t=${registrationCode.token}")
+
+        then: "that user account should be unlocked, not expired, and enabled"
+        resp.status == 200
+
+        when:
+        User updatedUser = User.withNewTransaction(readOnly: true) {
+            User.findByUsername(username)
+        }
+
+        then:
+        updatedUser.username == username
+        updatedUser.accountExpired == false
+        updatedUser.enabled == true
+        updatedUser.accountLocked == false
+
+    }
+}
diff --git a/plugin/grails-app/services/grails/plugin/springsecurity/ui/SpringSecurityUiService.groovy b/plugin/grails-app/services/grails/plugin/springsecurity/ui/SpringSecurityUiService.groovy
@@ -739,7 +739,7 @@ class SpringSecurityUiService implements AclStrategy, ErrorsStrategy, Persistent
 				callback instance
 			}
 
-			instance.save()
+			instance.save(flush: true)
 			if (instance.hasErrors()) {
 				uiErrorsStrategy.handleValidationErrors instance, this, methodName, transactionStatus
 			}