[ofbiz-framework] branch release17.12 updated: Fixed: UserLoginPasswordHistory is not maintaining password as present in UserLogin. (OFBIZ-10802) Thanks Rohit Koushal for the patch. Thanks Jacques Le Roux and Gil Portenseigne for the review.

surajk Fri, 21 Feb 2020 23:24:24 -0800

This is an automated email from the ASF dual-hosted git repository.

surajk pushed a commit to branch release17.12
in repository https://gitbox.apache.org/repos/asf/ofbiz-framework.git



The following commit(s) were added to refs/heads/release17.12 by this push:
     new c175337  Fixed: UserLoginPasswordHistory is not maintaining password 
as present in UserLogin. (OFBIZ-10802) Thanks Rohit Koushal for the patch. 
Thanks Jacques Le Roux and Gil Portenseigne for the review.
c175337 is described below

commit c175337b843aec1e4b2e73fd8fe622ac562703dc
Author: Suraj Khurana <[email protected]>
AuthorDate: Sat Feb 22 12:53:28 2020 +0530

    Fixed: UserLoginPasswordHistory is not maintaining password as present in 
UserLogin.
    (OFBIZ-10802)
    Thanks Rohit Koushal for the patch. Thanks Jacques Le Roux and Gil 
Portenseigne for the review.
---
 applications/party/minilang/user/UserEvents.xml              |  4 +---
 .../java/org/apache/ofbiz/common/login/LoginServices.java    | 12 +++++++-----
 2 files changed, 8 insertions(+), 8 deletions(-)

diff --git a/applications/party/minilang/user/UserEvents.xml 
b/applications/party/minilang/user/UserEvents.xml
index 1dd839f..4afc8d2 100644
--- a/applications/party/minilang/user/UserEvents.xml
+++ b/applications/party/minilang/user/UserEvents.xml
@@ -337,9 +337,7 @@ under the License.
             </call-class-method>
             <if-compare-field field="autoPasswordChangeEnabled" 
operator="equals" to-field="true">
                 <call-class-method 
method-name="createUserLoginPasswordHistory" 
class-name="org.apache.ofbiz.common.login.LoginServices">
-                    <field field="delegator" 
type="org.apache.ofbiz.entity.Delegator"/>
-                    <string value="${newUserLogin.userLoginId}"/>
-                    <string value="${newUserLogin.currentPassword}"/>
+                    <field field="newUserLogin" 
type="org.apache.ofbiz.entity.GenericValue"/>
                 </call-class-method>
             </if-compare-field>
         </if-not-empty>
diff --git 
a/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java
 
b/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java
index 8d2ebe2..5173333 100644
--- 
a/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java
+++ 
b/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java
@@ -435,7 +435,7 @@ public class LoginServices {
         return result;
     }
 
-    public static void createUserLoginPasswordHistory(Delegator 
delegator,String userLoginId, String currentPassword) throws 
GenericEntityException{
+    public static void createUserLoginPasswordHistory(GenericValue userLogin) 
throws GenericEntityException{
         int passwordChangeHistoryLimit = 0;
         try {
             passwordChangeHistoryLimit = 
EntityUtilProperties.getPropertyAsInteger("security", 
"password.change.history.limit", 0).intValue();
@@ -473,8 +473,7 @@ public class LoginServices {
 
         // save this password in history
         GenericValue userLoginPwdHistToCreate = 
delegator.makeValue("UserLoginPasswordHistory", UtilMisc.toMap("userLoginId", 
userLoginId,"fromDate", nowTimestamp));
-        boolean useEncryption = 
"true".equals(EntityUtilProperties.getPropertyValue("security", 
"password.encrypt", delegator));
-        userLoginPwdHistToCreate.set("currentPassword", useEncryption ? 
HashCrypt.cryptUTF8(getHashType(), null, currentPassword) : currentPassword);
+        userLoginPwdHistToCreate.set("currentPassword", currentPassword);
         userLoginPwdHistToCreate.create();
     }
 
@@ -569,7 +568,7 @@ public class LoginServices {
 
         try {
             userLoginToCreate.create();
-            createUserLoginPasswordHistory(delegator,userLoginId, 
currentPassword);
+            createUserLoginPasswordHistory(userLoginToCreate);
         } catch (GenericEntityException e) {
             Debug.logWarning(e, "", module);
             Map<String, String> messageMap = UtilMisc.toMap("errorMessage", 
e.getMessage());
@@ -712,7 +711,7 @@ public class LoginServices {
 
             try {
                 userLoginToUpdate.store();
-                createUserLoginPasswordHistory(delegator,userLoginId, 
newPassword);
+                createUserLoginPasswordHistory(userLoginToUpdate);
             } catch (GenericEntityException e) {
                 Map<String, String> messageMap = 
UtilMisc.toMap("errorMessage", e.getMessage());
                 errMsg = 
UtilProperties.getMessage(resource,"loginservices.could_not_change_password_write_failure",
 messageMap, locale);
@@ -943,6 +942,9 @@ public class LoginServices {
         }
 
         int passwordChangeHistoryLimit = 0;
+        Delegator delegator = userLogin.getDelegator();
+        String userLoginId = userLogin.getString("userLoginId");
+        String currentPassword = userLogin.getString("currentPassword");
         try {
             passwordChangeHistoryLimit = 
EntityUtilProperties.getPropertyAsInteger("security", 
"password.change.history.limit", 0).intValue();
         } catch (NumberFormatException nfe) {

[ofbiz-framework] branch release17.12 updated: Fixed: UserLoginPasswordHistory is not maintaining password as present in UserLogin. (OFBIZ-10802) Thanks Rohit Koushal for the patch. Thanks Jacques Le Roux and Gil Portenseigne for the review.

Reply via email to