001: package org.tigris.scarab.actions;
002:
003: /* ================================================================
004: * Copyright (c) 2000-2002 CollabNet. All rights reserved.
005: *
006: * Redistribution and use in source and binary forms, with or without
007: * modification, are permitted provided that the following conditions are
008: * met:
009: *
010: * 1. Redistributions of source code must retain the above copyright
011: * notice, this list of conditions and the following disclaimer.
012: *
013: * 2. Redistributions in binary form must reproduce the above copyright
014: * notice, this list of conditions and the following disclaimer in the
015: * documentation and/or other materials provided with the distribution.
016: *
017: * 3. The end-user documentation included with the redistribution, if
018: * any, must include the following acknowlegement: "This product includes
019: * software developed by Collab.Net <http://www.Collab.Net/>."
020: * Alternately, this acknowlegement may appear in the software itself, if
021: * and wherever such third-party acknowlegements normally appear.
022: *
023: * 4. The hosted project names must not be used to endorse or promote
024: * products derived from this software without prior written
025: * permission. For written permission, please contact info@collab.net.
026: *
027: * 5. Products derived from this software may not use the "Tigris" or
028: * "Scarab" names nor may "Tigris" or "Scarab" appear in their names without
029: * prior written permission of Collab.Net.
030: *
031: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
032: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
033: * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
034: * IN NO EVENT SHALL COLLAB.NET OR ITS CONTRIBUTORS BE LIABLE FOR ANY
035: * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
036: * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
037: * GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
038: * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
039: * IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
040: * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
041: * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
042: *
043: * ====================================================================
044: *
045: * This software consists of voluntary contributions made by many
046: * individuals on behalf of Collab.Net.
047: */
048:
049: // Turbine Stuff
050: import org.apache.turbine.TemplateContext;
051: import org.apache.turbine.RunData;
052:
053: import org.apache.fulcrum.security.TurbineSecurity;
054: import org.apache.turbine.tool.IntakeTool;
055: import org.apache.fulcrum.intake.model.Group;
056: import org.apache.fulcrum.security.util.PasswordMismatchException;
057:
058: // Scarab Stuff
059: import org.tigris.scarab.om.ScarabUser;
060: import org.tigris.scarab.util.ScarabConstants;
061: import org.tigris.scarab.actions.base.ScarabTemplateAction;
062: import org.tigris.scarab.tools.ScarabRequestTool;
063: import org.tigris.scarab.tools.ScarabLocalizationTool;
064: import org.tigris.scarab.tools.localization.L10NKeySet;
065:
066: /**
067: * This class is responsible for dealing with the Change Password
068: * Action.
069: *
070: * @author <a href="mailto:kevin.minshull@bitonic.com">Kevin Minshull</a>
071: * @author <a href="mailto:mpoeschl@marmot.at">Martin Poeschl</a>
072: */
073: public class ChangePassword extends ScarabTemplateAction {
074: /**
075: * This manages clicking the Change Password button
076: */
077: public void doChangepassword(RunData data, TemplateContext context)
078: throws Exception {
079: ScarabRequestTool scarabR = getScarabRequestTool(context);
080: ScarabLocalizationTool l10n = getLocalizationTool(context);
081: String template = getCurrentTemplate(data, null);
082: IntakeTool intake = getIntakeTool(context);
083: if (intake.isAllValid()) {
084: Object user = data.getUser().getTemp(
085: ScarabConstants.SESSION_REGISTER);
086: Group register = null;
087: if (user != null && user instanceof ScarabUser) {
088: register = intake.get("Register", ((ScarabUser) user)
089: .getQueryKey(), false);
090: } else {
091: register = intake.get("Register",
092: IntakeTool.DEFAULT_KEY, false);
093: }
094:
095: String username = data.getParameters()
096: .getString("username");
097: String oldPassword = register.get("OldPassword").toString();
098: String password = register.get("Password").toString();
099: String passwordConfirm = register.get("PasswordConfirm")
100: .toString();
101:
102: if (oldPassword.equals(password)) {
103: scarabR.setInfoMessage(L10NKeySet.PasswordSame);
104: setTarget(data, template);
105: } else if (password.equals(passwordConfirm)) {
106: try {
107: ScarabUser confirmedUser = (ScarabUser) TurbineSecurity
108: .getUser(username);
109:
110: // first we need to save the user out
111: confirmedUser.setPasswordExpire();
112: confirmedUser.setHasLoggedIn(Boolean.FALSE);
113: data.setUser(confirmedUser);
114: data.save();
115:
116: // then change the password of that user
117: TurbineSecurity.changePassword(confirmedUser,
118: oldPassword, password);
119:
120: scarabR
121: .setConfirmMessage(L10NKeySet.PasswordChanged);
122:
123: // Remove NEXT_TEMPLATE, so we will start again from home after login
124: data.getParameters().remove(
125: ScarabConstants.NEXT_TEMPLATE);
126: setTarget(data, "Login.vm");
127: } catch (PasswordMismatchException pme) {
128: scarabR.setAlertMessage(l10n.getMessage(pme));
129: setTarget(data, template);
130: }
131: } else /* !password.equals(passwordConfirm) */
132: {
133: scarabR.setAlertMessage(L10NKeySet.PasswordsDoNotMatch);
134: setTarget(data, template);
135: }
136: } else {
137: scarabR.setAlertMessage("Failed to process form input.");
138: setTarget(data, template);
139: }
140: }
141: }
|