1 68 package com.ivata.groupware.admin.security.struts; 69 70 import java.lang.reflect.InvocationTargetException ; 71 import java.util.Iterator ; 72 import java.util.Locale ; 73 74 import javax.servlet.http.HttpServletRequest ; 75 import javax.servlet.http.HttpServletResponse ; 76 import javax.servlet.http.HttpSession ; 77 78 import org.apache.commons.beanutils.PropertyUtils; 79 import org.apache.log4j.Logger; 80 import org.apache.struts.Globals; 81 import org.apache.struts.action.ActionErrors; 82 import org.apache.struts.action.ActionForm; 83 import org.apache.struts.action.ActionMapping; 84 import org.apache.struts.action.ActionMessage; 85 import org.apache.struts.action.ActionMessages; 86 87 import com.ivata.groupware.admin.security.Security; 88 import com.ivata.groupware.admin.security.server.SecuritySession; 89 import com.ivata.groupware.business.addressbook.struts.PersonForm; 90 import com.ivata.mask.MaskFactory; 91 import com.ivata.mask.util.StringHandling; 92 import com.ivata.mask.util.SystemException; 93 import com.ivata.mask.util.ThrowableHandling; 94 import com.ivata.mask.validation.ValidationException; 95 import com.ivata.mask.web.struts.MaskAction; 96 import com.ivata.mask.web.struts.MaskAuthenticator; 97 import com.ivata.mask.web.struts.ValidationErrorsConvertor; 98 99 100 109 public class PasswordAction extends MaskAction { 110 113 private static Logger log = Logger.getLogger(PasswordAction.class); 114 117 private Security security; 118 119 130 public PasswordAction(Security security, MaskFactory maskFactory, 131 MaskAuthenticator authenticator) { 132 super(maskFactory, authenticator); 133 this.security = security; 134 } 135 136 159 public String execute(final ActionMapping mapping, 160 final ActionErrors errors, 161 final ActionForm form, 162 final HttpServletRequest request, 163 final HttpServletResponse response, 164 final HttpSession session) throws SystemException { 165 SecuritySession securitySession = (SecuritySession) 166 session.getAttribute("securitySession"); 167 boolean justClose = false; 169 PersonForm personForm = (PersonForm) 171 session.getAttribute("addressBookPersonForm"); 172 if ((personForm == null) 173 || StringHandling.isNullOrEmpty(personForm.getUserName())) { 174 errors.add(Globals.ERROR_KEY, 175 new ActionMessage( 176 "errors.addressBook.password.noUserName")); 177 justClose = true; 178 } else if (!personForm.getUserName().equals( 179 personForm.getPerson().getUser().getName())) { 180 errors.add(Globals.ERROR_KEY, 183 new ActionMessage( 184 "errors.addressBook.password.userNameApply")); 185 justClose = true; 186 } else if (!security.isUserEnabled(securitySession, 187 personForm.getPerson().getUser().getName())) { 188 errors.add(Globals.ERROR_KEY, 190 new ActionMessage( 191 "errors.addressBook.password.userIsDisable")); 192 justClose = true; 193 } 194 195 196 try { 198 PropertyUtils.setSimpleProperty(form, "justClose", 199 new Boolean (justClose)); 200 } catch (NoSuchMethodException e) { 201 throw new SystemException(e); 202 } catch (InvocationTargetException e) { 203 throw new SystemException(e); 204 } catch (IllegalAccessException e) { 205 throw new SystemException(e); 206 } 207 return null; 208 } 209 210 234 public String onConfirm(final ActionMapping mapping, 235 final ActionErrors errors, 236 final ActionForm form, 237 final HttpServletRequest request, 238 final HttpServletResponse response, 239 final HttpSession session, 240 final String defaultForward) throws SystemException { 241 String oldPassword, newPassword, confirmPassword; 242 boolean justClose = false; 243 244 try { 245 oldPassword = (String ) PropertyUtils.getSimpleProperty(form, 246 "oldPassword"); 247 newPassword = (String ) PropertyUtils.getSimpleProperty(form, 248 "newPassword"); 249 confirmPassword = (String ) PropertyUtils.getSimpleProperty(form, 250 "confirmPassword"); 251 } catch (NoSuchMethodException e) { 252 throw new SystemException(e); 253 } catch (InvocationTargetException e) { 254 throw new SystemException(e); 255 } catch (IllegalAccessException e) { 256 throw new SystemException(e); 257 } 258 if (StringHandling.isNullOrEmpty(oldPassword) 260 || StringHandling.isNullOrEmpty(newPassword) 261 || StringHandling.isNullOrEmpty(confirmPassword)) { 262 errors.add(Globals.ERROR_KEY, 263 new ActionMessage( 264 "errors.addressBook.password.notComplete")); 265 } else if (!newPassword.equals(confirmPassword)) { 266 errors.add(Globals.ERROR_KEY, 267 new ActionMessage( 268 "errors.addressBook.password.notMatching")); 269 } else if (errors.isEmpty()) { 270 PersonForm personForm 271 = (PersonForm) session.getAttribute("addressBookPersonForm"); 272 273 SecuritySession securitySession 275 = (SecuritySession) session.getAttribute("securitySession"); 276 try { 277 security.checkPassword(securitySession, oldPassword); 278 } catch (SystemException e) { 279 log.warn("security.checkPassword threw an exception.", e); 280 281 if (personForm.getUserName().equals( 282 securitySession.getUser().getName())) { 283 errors.add( 284 ActionMessages.GLOBAL_MESSAGE, 285 new ActionMessage("password.error.badOldPassword")); 286 } else { 287 errors.add( 288 ActionMessages.GLOBAL_MESSAGE, 289 new ActionMessage("password.error." 290 + "badYoursPassword")); 291 } 292 } 293 if (errors.isEmpty()) { 294 if ((personForm == null) 296 || StringHandling.isNullOrEmpty( 297 personForm.getUserName())) { 298 errors.add(Globals.ERROR_KEY, 299 new ActionMessage( 300 "errors.addressBook.password.noUserName")); 301 } else { 302 try { 303 security.setPassword(securitySession, 304 personForm.getUserName(), newPassword); 305 justClose = true; 308 errors.add(Globals.ERROR_KEY, 311 new ActionMessage( 312 "errors.addressBook.password." 313 + "passwordUpdated")); 314 } catch (Exception e) { 315 Throwable cause = ThrowableHandling.getCause(e); 316 if (cause instanceof ValidationException) { 320 ValidationException validationException = 321 (ValidationException) cause; 322 Locale locale = 323 (Locale ) session.getAttribute( 324 Globals.LOCALE_KEY); 325 ActionMessages allErrors = ValidationErrorsConvertor 326 .toActionErrors(validationException.getErrors(), 327 locale); 328 Iterator allErrorsIterator = allErrors.get(); 329 while (allErrorsIterator.hasNext()) { 330 ActionMessage actionError = (ActionMessage) 331 allErrorsIterator.next(); 332 String key = actionError.getKey(); 333 if (key.startsWith("password.error")) { 334 log.debug("Adding action error: " 335 + actionError.getKey()); 336 errors.add(ActionMessages.GLOBAL_MESSAGE, 337 actionError); 338 } else if ("errors.admin.script".equals(key)) { 339 log.debug("Adding script error: " 340 + actionError.getKey()); 341 errors.add(ActionMessages.GLOBAL_MESSAGE, 342 actionError); 343 } else { 344 log.error( 345 "Invalid password action error " 346 + "key: " 347 + key); 348 errors.add(ActionMessages.GLOBAL_MESSAGE, 349 new ActionMessage( 350 "password.error." 351 + "passwordCouldNotBe" 352 + "Changed")); 353 } 354 } 355 } else { 356 log.warn("security.setPassword threw an exception.", 357 e); 358 errors.add(ActionMessages.GLOBAL_MESSAGE, 359 new ActionMessage("password.error." 360 + "passwordCouldNotBeChanged")); 361 } 362 } 363 } 364 } 365 } 366 try { 368 PropertyUtils.setSimpleProperty(form, "justClose", 369 new Boolean (justClose)); 370 } catch (NoSuchMethodException e) { 371 throw new SystemException(e); 372 } catch (InvocationTargetException e) { 373 throw new SystemException(e); 374 } catch (IllegalAccessException e) { 375 throw new SystemException(e); 376 } 377 return "addressBookPassword"; 378 } 379 } | Popular Tags |