001: /*
002: * EditProfileServlet.java
003: *
004: * Version: $Revision: 1947 $
005: *
006: * Date: $Date: 2007-05-18 08:50:29 -0500 (Fri, 18 May 2007) $
007: *
008: * Copyright (c) 2002-2005, Hewlett-Packard Company and Massachusetts
009: * Institute of Technology. All rights reserved.
010: *
011: * Redistribution and use in source and binary forms, with or without
012: * modification, are permitted provided that the following conditions are
013: * met:
014: *
015: * - Redistributions of source code must retain the above copyright
016: * notice, this list of conditions and the following disclaimer.
017: *
018: * - Redistributions in binary form must reproduce the above copyright
019: * notice, this list of conditions and the following disclaimer in the
020: * documentation and/or other materials provided with the distribution.
021: *
022: * - Neither the name of the Hewlett-Packard Company nor the name of the
023: * Massachusetts Institute of Technology nor the names of their
024: * contributors may be used to endorse or promote products derived from
025: * this software without specific prior written permission.
026: *
027: * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
028: * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
029: * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
030: * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
031: * HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
032: * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
033: * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS
034: * OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
035: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR
036: * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
037: * USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
038: * DAMAGE.
039: */
040: package org.dspace.app.webui.servlet;
041:
042: import java.io.IOException;
043: import java.sql.SQLException;
044:
045: import javax.servlet.ServletException;
046: import javax.servlet.http.HttpServletRequest;
047: import javax.servlet.http.HttpServletResponse;
048:
049: import org.apache.log4j.Logger;
050: import org.dspace.app.webui.util.JSPManager;
051: import org.dspace.authorize.AuthorizeException;
052: import org.dspace.core.Context;
053: import org.dspace.core.LogManager;
054: import org.dspace.eperson.EPerson;
055:
056: /**
057: * Servlet for handling editing user profiles
058: *
059: * @author Robert Tansley
060: * @version $Revision: 1947 $
061: */
062: public class EditProfileServlet extends DSpaceServlet {
063: /** Logger */
064: private static Logger log = Logger
065: .getLogger(EditProfileServlet.class);
066:
067: protected void doDSGet(Context context, HttpServletRequest request,
068: HttpServletResponse response) throws ServletException,
069: IOException, SQLException, AuthorizeException {
070: // A GET displays the edit profile form. We assume the authentication
071: // filter means we have a user.
072: log.info(LogManager.getHeader(context, "view_profile", ""));
073:
074: request.setAttribute("eperson", context.getCurrentUser());
075:
076: JSPManager.showJSP(request, response,
077: "/register/edit-profile.jsp");
078: }
079:
080: protected void doDSPost(Context context,
081: HttpServletRequest request, HttpServletResponse response)
082: throws ServletException, IOException, SQLException,
083: AuthorizeException {
084: // Get the user - authentication should have happened
085: EPerson eperson = context.getCurrentUser();
086:
087: // Find out if they're trying to set a new password
088: boolean settingPassword = false;
089:
090: if ((eperson.getRequireCertificate() == false)
091: && (request.getParameter("password") != null)
092: && !request.getParameter("password").equals("")) {
093: settingPassword = true;
094: }
095:
096: // Set the user profile info
097: boolean ok = updateUserProfile(eperson, request);
098:
099: if (!ok) {
100: request.setAttribute("missing.fields", new Boolean(true));
101: }
102:
103: String passwordProblem = null;
104:
105: if (ok && settingPassword) {
106: // They want to set a new password.
107: ok = confirmAndSetPassword(eperson, request);
108:
109: if (!ok) {
110: request.setAttribute("password.problem", new Boolean(
111: true));
112: }
113: }
114:
115: if (ok) {
116: // Update the DB
117: log.info(LogManager.getHeader(context, "edit_profile",
118: "password_changed=" + settingPassword));
119: eperson.update();
120:
121: // Show confirmation
122: request.setAttribute("password.updated", new Boolean(
123: settingPassword));
124: JSPManager.showJSP(request, response,
125: "/register/profile-updated.jsp");
126:
127: context.complete();
128: } else {
129: log.info(LogManager.getHeader(context, "view_profile",
130: "problem=true"));
131:
132: request.setAttribute("eperson", eperson);
133:
134: JSPManager.showJSP(request, response,
135: "/register/edit-profile.jsp");
136: }
137: }
138:
139: /**
140: * Update a user's profile information with the information in the given
141: * request. This assumes that authentication has occurred. This method
142: * doesn't write the changes to the database (i.e. doesn't call update.)
143: *
144: * @param eperson
145: * the e-person
146: * @param request
147: * the request to get values from
148: *
149: * @return true if the user supplied all the required information, false if
150: * they left something out.
151: */
152: public static boolean updateUserProfile(EPerson eperson,
153: HttpServletRequest request) {
154: // Get the parameters from the form
155: String lastName = request.getParameter("last_name");
156: String firstName = request.getParameter("first_name");
157: String phone = request.getParameter("phone");
158: String language = request.getParameter("language");
159:
160: // Update the eperson
161: eperson.setFirstName(firstName);
162: eperson.setLastName(lastName);
163: eperson.setMetadata("phone", phone);
164: eperson.setLanguage(language);
165:
166: // Check all required fields are there
167: if ((lastName == null) || lastName.equals("")
168: || (firstName == null) || firstName.equals("")) {
169: return false;
170: } else {
171: return true;
172: }
173: }
174:
175: /**
176: * Set an eperson's password, if the passwords they typed match and are
177: * acceptible. If all goes well and the password is set, null is returned.
178: * Otherwise the problem is returned as a String.
179: *
180: * @param eperson
181: * the eperson to set the new password for
182: * @param request
183: * the request containing the new password
184: *
185: * @return true if everything went OK, or false
186: */
187: public static boolean confirmAndSetPassword(EPerson eperson,
188: HttpServletRequest request) {
189: // Get the passwords
190: String password = request.getParameter("password");
191: String passwordConfirm = request
192: .getParameter("password_confirm");
193:
194: // Check it's there and long enough
195: if ((password == null) || (password.length() < 6)) {
196: return false;
197: }
198:
199: // Check the two passwords entered match
200: if (!password.equals(passwordConfirm)) {
201: return false;
202: }
203:
204: // Everything OK so far, change the password
205: eperson.setPassword(password);
206:
207: return true;
208: }
209: }
|