001: /* ====================================================================
002: * The Jcorporate Apache Style Software License, Version 1.2 05-07-2002
003: *
004: * Copyright (c) 1995-2002 Jcorporate Ltd. All rights reserved.
005: *
006: * Redistribution and use in source and binary forms, with or without
007: * modification, are permitted provided that the following conditions
008: * are met:
009: *
010: * 1. Redistributions of source code must retain the above copyright
011: * notice, this list of conditions and the following disclaimer.
012: *
013: * 2. Redistributions in binary form must reproduce the above copyright
014: * notice, this list of conditions and the following disclaimer in
015: * the documentation and/or other materials provided with the
016: * distribution.
017: *
018: * 3. The end-user documentation included with the redistribution,
019: * if any, must include the following acknowledgment:
020: * "This product includes software developed by Jcorporate Ltd.
021: * (http://www.jcorporate.com/)."
022: * Alternately, this acknowledgment may appear in the software itself,
023: * if and wherever such third-party acknowledgments normally appear.
024: *
025: * 4. "Jcorporate" and product names such as "Expresso" must
026: * not be used to endorse or promote products derived from this
027: * software without prior written permission. For written permission,
028: * please contact info@jcorporate.com.
029: *
030: * 5. Products derived from this software may not be called "Expresso",
031: * or other Jcorporate product names; nor may "Expresso" or other
032: * Jcorporate product names appear in their name, without prior
033: * written permission of Jcorporate Ltd.
034: *
035: * 6. No product derived from this software may compete in the same
036: * market space, i.e. framework, without prior written permission
037: * of Jcorporate Ltd. For written permission, please contact
038: * partners@jcorporate.com.
039: *
040: * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
041: * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
042: * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
043: * DISCLAIMED. IN NO EVENT SHALL JCORPORATE LTD OR ITS CONTRIBUTORS
044: * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
045: * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
046: * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
047: * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
048: * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
049: * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
050: * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
051: * SUCH DAMAGE.
052: * ====================================================================
053: *
054: * This software consists of voluntary contributions made by many
055: * individuals on behalf of the Jcorporate Ltd. Contributions back
056: * to the project(s) are encouraged when you make modifications.
057: * Please send them to support@jcorporate.com. For more information
058: * on Jcorporate Ltd. and its products, please see
059: * <http://www.jcorporate.com/>.
060: *
061: * Portions of this software are based upon other open source
062: * products and are subject to their respective licenses.
063: */
064: package com.jcorporate.expresso.services.validation;
065:
066: import com.jcorporate.expresso.core.ExpressoSchema;
067: import com.jcorporate.expresso.core.controller.Controller;
068: import com.jcorporate.expresso.core.controller.ControllerException;
069: import com.jcorporate.expresso.core.controller.ControllerRequest;
070: import com.jcorporate.expresso.core.controller.ControllerResponse;
071: import com.jcorporate.expresso.core.controller.NonHandleableException;
072: import com.jcorporate.expresso.core.controller.Transition;
073: import com.jcorporate.expresso.core.db.DBException;
074: import com.jcorporate.expresso.core.i18n.Messages;
075: import com.jcorporate.expresso.core.misc.StringUtil;
076: import com.jcorporate.expresso.core.security.User;
077: import com.jcorporate.expresso.services.dbobj.Setup;
078:
079: import java.util.Hashtable;
080: import java.util.Vector;
081:
082: /**
083: * This class is a helper class that allows the LoginController controller to
084: * validate the password-change request.
085: *
086: * @author Shash Chatterjee
087: * @see com.jcorporate.expresso.services.controller.LoginController
088: */
089: public class ChangePasswordValidator implements ValidationHandler {
090:
091: /**
092: * Default constructor Creation date: (9/23/2001 2:23:06 PM) Author: Shash
093: * Chatterjee
094: */
095: public ChangePasswordValidator() {
096: super ();
097: }
098:
099: /**
100: * This method is used to send the user request a password change an email
101: * with a validation link to verify that the user indeed requested this
102: * service. This method is called by ValidationJob when a new validation
103: * request is submitted. Creation date: (9/23/2001 2:24:30 PM) Author:
104: * Shash Chatterjee
105: *
106: * @param params params All the application-specific parameters from
107: * LoginController
108: * @param URL URL The link that the user will click on to validate the
109: * request
110: * @throws AuthValidationException AuthValidationException
111: * @see com.jcorporate.expresso.services.job.ValidationJob
112: */
113: public void notify(Hashtable params, String URL)
114: throws AuthValidationException {
115: // The db context for the user (Note: this is different from the Validation entry context, which
116: // could very well be in a different DB context)
117: String dbName = (String) params.get("db");
118:
119: // The login name of the user
120: String loginName = (String) params.get("UserName");
121: Vector addresses = new Vector(0);
122:
123: try {
124: // Create the list of addresses to notify, in this case just the user
125: User myUser = new User();
126: myUser.setDataContext(dbName);
127: myUser.setLoginName(loginName);
128:
129: if (!myUser.find()) {
130: throw new AuthValidationException("User with login \""
131: + loginName + "\" not found");
132: }
133:
134: addresses.add(myUser.getEmail());
135:
136: Object[] args = { URL,
137: Setup.getValue(dbName, "CompanyName"),
138: Setup.getValue(dbName, "HomePageURL") };
139:
140: // add a schema param if you want to draw localized messages from your schema
141: String schema = (String) params.get("schema");
142: if (schema == null) {
143: schema = ExpressoSchema.class.getName();
144: }
145:
146: // Send email notification
147: ValidationEntry.notifyByEmail(dbName, Setup.getValue(
148: dbName, "MAILFrom"), addresses, Messages.getString(
149: schema, "passwdRequestedSubject"), Messages
150: .getString(schema, "passwdRequested", args));
151: } catch (DBException dbe) {
152: throw new AuthValidationException(
153: "DB error accessing user \"" + loginName + "\"",
154: dbe);
155: }
156: }
157:
158: /**
159: * This method is used to regenerate an users password after the validation
160: * is successful. This method is called by ValidationController after a
161: * validation code matches that stored in the validation entry. Creation
162: * date: (9/23/2001 2:24:30 PM) Author: Shash Chatterjee
163: *
164: * @param params All the application-specific parameters from
165: * LoginController
166: * @param request the ControllerRequest object
167: * @param response The controller response from the runValidationState of
168: * ValidationController
169: * @param ctlr The ValidationController instance
170: * @return ControllerResponse object
171: * @throws ControllerException upon error
172: * @throws NonHandleableException for fatal error
173: * @see com.jcorporate.expresso.services.controller.ValidationController
174: */
175: public ControllerResponse validated(Hashtable params,
176: ControllerRequest request, ControllerResponse response,
177: Controller ctlr) throws ControllerException,
178: NonHandleableException {
179: // The db context for the user (Note: this is different from the Validation entry context, which
180: // could very well be in a different DB context)
181: String dbname = (String) params.get("db");
182:
183: // The login name of the user
184: String loginName = (String) params.get("UserName");
185: String loginController = (String) params.get("LoginController");
186:
187: StringUtil
188: .assertNotBlank(loginController,
189: "Error - Change Password validator needed login controller parameter");
190:
191: Transition t = new Transition();
192: t.setControllerObject(loginController);
193: t.setState("emailValidate");
194: t.setName("emailValidate");
195: t.addParam("db", dbname);
196: t.addParam("UserName", loginName);
197: t.addParam("LoginController", loginController);
198:
199: //We redirect transition so that the user's URL changes
200: t.redirectTransition(request, response);
201:
202: return response;
203: }
204:
205: }
|