Index: lams_central/src/java/org/lamsfoundation/lams/web/PasswordChangeAction.java =================================================================== diff -u -r7b89a024a3408d102799244f2f6fbceb03f34ed1 -ra960bab0d90ec37fd6f11742eac0e6a21f4e721e --- lams_central/src/java/org/lamsfoundation/lams/web/PasswordChangeAction.java (.../PasswordChangeAction.java) (revision 7b89a024a3408d102799244f2f6fbceb03f34ed1) +++ lams_central/src/java/org/lamsfoundation/lams/web/PasswordChangeAction.java (.../PasswordChangeAction.java) (revision a960bab0d90ec37fd6f11742eac0e6a21f4e721e) @@ -23,7 +23,6 @@ /* $$Id$$ */ package org.lamsfoundation.lams.web; - import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -46,121 +45,108 @@ /** * @author Fei Yang * - * @struts:action path="/passwordChanged" - * name="PasswordChangeActionForm" - * scope="request" - * input=".passwordChange" - * validate="false" + * @struts:action path="/passwordChanged" name="PasswordChangeActionForm" scope="request" input=".passwordChange" + * validate="false" * * @struts:action-forward name="okay" path="/index.do?state=active&tab=passwordChanged" * @struts:action-forward name="cancelled" path="/index.do?state=active&tab=profile" * @struts:action-forward name="errors" path="/index.do?state=active&tab=password" */ public class PasswordChangeAction extends Action { - private static Logger log = Logger.getLogger(PasswordChangeAction.class); - + private static Logger log = Logger.getLogger(PasswordChangeAction.class); + /** - * @param mapping The ActionMapping used to select this instance - * @param actionForm The optional ActionForm bean for this request (if any) - * @param request The HTTP request we are processing - * @param response The HTTP response we are creating - * + * @param mapping + * The ActionMapping used to select this instance + * @param actionForm + * The optional ActionForm bean for this request (if any) + * @param request + * The HTTP request we are processing + * @param response + * The HTTP response we are creating + * */ - public ActionForward execute(ActionMapping mapping, - ActionForm form, - HttpServletRequest request, - HttpServletResponse response) - throws Exception - { - // -- isCancelled? - if (isCancelled(request)) { - request.getSession().removeAttribute(PasswordChangeActionForm.formName); - return mapping.findForward("cancelled"); - } + public ActionForward execute(ActionMapping mapping, ActionForm form, HttpServletRequest request, + HttpServletResponse response) throws Exception { + // -- isCancelled? + if (isCancelled(request)) { + request.getSession().removeAttribute(PasswordChangeActionForm.formName); + return mapping.findForward("cancelled"); + } + ActionMessages errors = new ActionMessages(); - ActionMessages errors = new ActionMessages(); - - PasswordChangeActionForm passwordChangeForm = (PasswordChangeActionForm) form; - - if (errors.isEmpty()) - { - try { - - String loggedInUser = request.getRemoteUser(); - String login = passwordChangeForm.getLogin(); - String oldPassword = passwordChangeForm.getOldPassword(); - String password = passwordChangeForm.getPassword(); - String passwordConfirm = passwordChangeForm.getPasswordConfirm(); - - if ( loggedInUser == null || ! loggedInUser.equals(login) ) - { - errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("error.authorisation")); - } - else - { - //WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(request.getSession(true).getServletContext()); - WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(getServlet().getServletContext()); - UserManagementService service = (UserManagementService)ctx.getBean("userManagementService"); - - User user = service.getUserByLogin(login); - if(!user.getPassword().equals(HashUtil.sha1(oldPassword))) - { - errors.add("oldPassword", new ActionMessage("error.oldpassword.mismatch")); - log.debug("old pass wrong"); - } - if(!password.equals(passwordConfirm)) - { - errors.add("password", new ActionMessage("error.newpassword.mismatch")); - log.debug("new pass wrong"); - } - if(password == null || password.length() == 0) - { - errors.add("password", new ActionMessage("error.password.empty")); - log.debug("new password cannot be empty"); - } - if (errors.isEmpty()) - { - //service.updatePassword(login, HashUtil.sha1(password)); - user.setPassword(HashUtil.sha1(password)); - user.setChangePassword(false); - service.save(user); - - // make 'password changed' audit log entry - IAuditService auditService = (IAuditService) ctx.getBean("auditService"); - MessageService messageService = (MessageService)ctx.getBean("centralMessageService"); - String[] args = new String[1]; - args[0] = user.getLogin()+"("+user.getUserId()+")"; - String message = messageService.getMessage("audit.user.password.change",args); - auditService.log(CentralConstants.MODULE_NAME, message); - } - } - - } catch (Exception e) { - log.error("Exception occured ",e); - errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(e.getMessage())); - } - - } // end if no errors + PasswordChangeActionForm passwordChangeForm = (PasswordChangeActionForm) form; - // -- Report any errors - if (!errors.isEmpty()) { - saveMessages(request,errors); - if (mapping.getInput()!=null) - { - passwordChangeForm.reset(mapping,request); - //return (new ActionForward(mapping.getInput())); - return (mapping.findForward("errors")); - } - // If no input page, use error forwarding - return (mapping.findForward("error.system")); - } - - request.setAttribute("tab", "password"); - return mapping.findForward("okay"); + if (errors.isEmpty()) { + try { - } -} + String loggedInUser = request.getRemoteUser(); + String login = passwordChangeForm.getLogin(); + String oldPassword = passwordChangeForm.getOldPassword(); + String password = passwordChangeForm.getPassword(); + String passwordConfirm = passwordChangeForm.getPasswordConfirm(); + if (loggedInUser == null || !loggedInUser.equals(login)) { + errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage("error.authorisation")); + } else { + // WebApplicationContext ctx = + // WebApplicationContextUtils.getWebApplicationContext(request.getSession(true).getServletContext()); + WebApplicationContext ctx = WebApplicationContextUtils.getWebApplicationContext(getServlet() + .getServletContext()); + UserManagementService service = (UserManagementService) ctx.getBean("userManagementService"); + User user = service.getUserByLogin(login); + if (!user.getPassword().equals(HashUtil.sha1(oldPassword))) { + errors.add("oldPassword", new ActionMessage("error.oldpassword.mismatch")); + log.debug("old pass wrong"); + } + if (!password.equals(passwordConfirm)) { + errors.add("password", new ActionMessage("error.newpassword.mismatch")); + log.debug("new pass wrong"); + } + if (password == null || password.length() == 0) { + errors.add("password", new ActionMessage("error.password.empty")); + log.debug("new password cannot be empty"); + } + if (errors.isEmpty()) { + // service.updatePassword(login, HashUtil.sha1(password)); + user.setPassword(HashUtil.sha1(password)); + user.setChangePassword(false); + service.save(user); + + // make 'password changed' audit log entry + IAuditService auditService = (IAuditService) ctx.getBean("auditService"); + MessageService messageService = (MessageService) ctx.getBean("centralMessageService"); + String[] args = new String[1]; + args[0] = user.getLogin() + "(" + user.getUserId() + ")"; + String message = messageService.getMessage("audit.user.password.change", args); + auditService.log(CentralConstants.MODULE_NAME, message); + } + } + + } catch (Exception e) { + log.error("Exception occured ", e); + errors.add(ActionMessages.GLOBAL_MESSAGE, new ActionMessage(e.getMessage())); + } + + } // end if no errors + + // -- Report any errors + if (!errors.isEmpty()) { + saveMessages(request, errors); + if (mapping.getInput() != null) { + passwordChangeForm.reset(mapping, request); + // return (new ActionForward(mapping.getInput())); + return (mapping.findForward("errors")); + } + // If no input page, use error forwarding + return (mapping.findForward("error.system")); + } + + request.setAttribute("tab", "password"); + return mapping.findForward("okay"); + + } +}