01: /*
02: * Licensed to the Apache Software Foundation (ASF) under one or more
03: * contributor license agreements. See the NOTICE file distributed with
04: * this work for additional information regarding copyright ownership.
05: * The ASF licenses this file to You under the Apache License, Version 2.0
06: * (the "License"); you may not use this file except in compliance with
07: * the License. You may obtain a copy of the License at
08: *
09: * http://www.apache.org/licenses/LICENSE-2.0
10: *
11: * Unless required by applicable law or agreed to in writing, software
12: * distributed under the License is distributed on an "AS IS" BASIS,
13: * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14: * See the License for the specific language governing permissions and
15: * limitations under the License.
16: *
17: */
18: package org.apache.lenya.cms.ac.usecases;
19:
20: import org.apache.lenya.ac.User;
21:
22: /**
23: * Usecase to change a user's password. The old password is checked.
24: */
25: public class ChangePassword extends AbstractChangePassword {
26:
27: protected static final String OLD_PASSWORD = "oldPassword";
28:
29: /**
30: * @return Always returns the currently logged in user.
31: */
32: protected User getUser() {
33: return getSession().getIdentity().getUser();
34: }
35:
36: /**
37: * @see org.apache.lenya.cms.usecase.AbstractUsecase#doCheckExecutionConditions()
38: */
39: protected void doCheckExecutionConditions() throws Exception {
40: super .doCheckExecutionConditions();
41: checkOldPassword();
42: }
43:
44: /**
45: * verifies that the user knows the current password before s/he is allowed to change it.
46: */
47: private void checkOldPassword() {
48: String oldPassword = getParameterAsString(OLD_PASSWORD);
49: boolean authenticated = getUser().authenticate(oldPassword);
50: if (!authenticated) {
51: addErrorMessage("The old password is not correct.");
52: }
53: }
54: }
|