This is an automated email from the ASF dual-hosted git repository.

ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/master by this push:
     new 326065713a [SYNCOPE-1972] set security answer in enduser and fix for 
password reset (#1415)
326065713a is described below

commit 326065713aed1c9283a68833c5e24d042ca9d679
Author: Samuel Garofalo <[email protected]>
AuthorDate: Tue Jun 9 08:50:38 2026 +0200

    [SYNCOPE-1972] set security answer in enduser and fix for password reset 
(#1415)
---
 .../ui/commons/wizards/any/PasswordPanel.java      |  2 ++
 .../client/console/status/ChangePasswordModal.java |  3 ++-
 .../client/console/wizards/any/UserDetails.java    |  2 +-
 .../client/enduser/pages/EditSecurityQuestion.java | 17 ++++++++---------
 .../enduser/pages/SelfConfirmPasswordReset.java    |  3 ++-
 .../client/enduser/panels/any/UserDetails.java     |  1 +
 .../common/rest/api/beans/ComplianceQuery.java     | 19 ++++++++++++++++++-
 .../apache/syncope/core/logic/UserSelfLogic.java   | 22 +++++++++++++++++-----
 8 files changed, 51 insertions(+), 18 deletions(-)

diff --git 
a/client/idrepo/common-ui/src/main/java/org/apache/syncope/client/ui/commons/wizards/any/PasswordPanel.java
 
b/client/idrepo/common-ui/src/main/java/org/apache/syncope/client/ui/commons/wizards/any/PasswordPanel.java
index f822414b2e..a252ed4807 100644
--- 
a/client/idrepo/common-ui/src/main/java/org/apache/syncope/client/ui/commons/wizards/any/PasswordPanel.java
+++ 
b/client/idrepo/common-ui/src/main/java/org/apache/syncope/client/ui/commons/wizards/any/PasswordPanel.java
@@ -44,6 +44,7 @@ public class PasswordPanel extends Panel {
             final UserWrapper wrapper,
             final Boolean storePasswordInSyncope,
             final boolean templateMode,
+            final String token,
             final AnonymousRestClient restClient) {
 
         super(id);
@@ -95,6 +96,7 @@ public class PasswordPanel extends Panel {
                     ComplianceQuery quey = new ComplianceQuery.Builder().
                             realm(wrapper.getInnerObject().getRealm()).
                             password(password.getField().getInput()).
+                            token(token).
                             resources(wrapper.getInnerObject().getResources()).
                             build();
                     try {
diff --git 
a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/status/ChangePasswordModal.java
 
b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/status/ChangePasswordModal.java
index 31682cf793..49c42543db 100644
--- 
a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/status/ChangePasswordModal.java
+++ 
b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/status/ChangePasswordModal.java
@@ -64,7 +64,8 @@ public class ChangePasswordModal extends 
AbstractModalPanel<AnyWrapper<UserTO>>
         super(baseModal, pageRefer);
         this.wrapper = wrapper;
 
-        PasswordPanel passwordPanel = new PasswordPanel("passwordPanel", 
wrapper, false, false, anonymousRestClient);
+        PasswordPanel passwordPanel = new PasswordPanel(
+                "passwordPanel", wrapper, false, false, null, 
anonymousRestClient);
         passwordPanel.setOutputMarkupId(true);
         add(passwordPanel);
 
diff --git 
a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/wizards/any/UserDetails.java
 
b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/wizards/any/UserDetails.java
index 47493d2226..3492d5ff6d 100644
--- 
a/client/idrepo/console/src/main/java/org/apache/syncope/client/console/wizards/any/UserDetails.java
+++ 
b/client/idrepo/console/src/main/java/org/apache/syncope/client/console/wizards/any/UserDetails.java
@@ -176,7 +176,7 @@ public class UserDetails extends Details<UserTO> {
             super(id);
             setOutputMarkupId(true);
             add(new Label("warning", new 
ResourceModel("password.change.warning")));
-            add(new PasswordPanel("passwordPanel", wrapper, false, 
templateMode, anonymousRestClient));
+            add(new PasswordPanel("passwordPanel", wrapper, false, 
templateMode, null, anonymousRestClient));
         }
     }
 }
diff --git 
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/EditSecurityQuestion.java
 
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/EditSecurityQuestion.java
index 08809c6284..db15c18002 100644
--- 
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/EditSecurityQuestion.java
+++ 
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/EditSecurityQuestion.java
@@ -70,10 +70,15 @@ public class EditSecurityQuestion extends BaseReauthPage {
 
     protected final UserTO userTO;
 
+    protected final UserUR userUR;
+
     public EditSecurityQuestion(final PageParameters parameters) {
         super(parameters, EDIT_SECURITY_QUESTION);
 
         userTO = SyncopeEnduserSession.get().getSelfTO(true);
+        userUR = new UserUR.Builder(userTO.getKey()).
+                securityQuestion(new 
StringReplacePatchItem.Builder().value(userTO.getSecurityQuestion()).build()).
+                build();
 
         WebMarkupContainer content = new WebMarkupContainer("content");
         content.setOutputMarkupId(true);
@@ -84,7 +89,7 @@ public class EditSecurityQuestion extends BaseReauthPage {
         content.add(form);
 
         securityQuestion = new AjaxDropDownChoicePanel<>("securityQuestion",
-                "securityQuestion", new PropertyModel<>(userTO, 
"securityQuestion"));
+                "securityQuestion", new PropertyModel<>(userUR, 
"securityQuestion.value"));
         securityQuestion.setNullValid(true);
         securityQuestion.setRequired(true);
 
@@ -126,7 +131,7 @@ public class EditSecurityQuestion extends BaseReauthPage {
         form.add(securityQuestion);
 
         securityAnswer = new AjaxTextFieldPanel("securityAnswer", 
"securityAnswer",
-                new PropertyModel<>(userTO, "securityAnswer"), false);
+                new PropertyModel<>(userUR, "securityAnswer.value"), false);
         
form.add(securityAnswer.setOutputMarkupId(true).setOutputMarkupPlaceholderTag(true).
                 
setEnabled(StringUtils.isNotBlank(securityQuestion.getModelObject())));
         securityAnswer.setRequired(true);
@@ -151,13 +156,7 @@ public class EditSecurityQuestion extends BaseReauthPage {
                 } else {
                     try {
                         ProvisioningResult<UserTO> provisioningResult =
-                                userSelfRestClient.update(
-                                        userTO.getETagValue(),
-                                        new UserUR.Builder(userTO.getKey())
-                                                .securityQuestion(new 
StringReplacePatchItem.Builder().
-                                                        
value(securityQuestion.getModelObject()).build())
-                                                .securityAnswer(new 
StringReplacePatchItem.Builder().
-                                                        
value(securityAnswer.getModelObject()).build()).build());
+                                
userSelfRestClient.update(userTO.getETagValue(), userUR);
                         setResponsePage(new SelfResult(provisioningResult,
                                 
ProvisioningUtils.managePageParams(EditSecurityQuestion.this,
                                         "securityquestion.change",
diff --git 
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfConfirmPasswordReset.java
 
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfConfirmPasswordReset.java
index 1263a00b6c..5617fc7dc6 100644
--- 
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfConfirmPasswordReset.java
+++ 
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/pages/SelfConfirmPasswordReset.java
@@ -49,7 +49,7 @@ public class SelfConfirmPasswordReset extends BasePage {
         setDomain(parameters);
         disableSidebarAndNavbar();
 
-        if (parameters == null || parameters.get("token").isEmpty()) {
+        if (parameters.get("token").isEmpty()) {
             LOG.error("No token parameter found in the request url");
 
             PageParameters homeParameters = new PageParameters();
@@ -72,6 +72,7 @@ public class SelfConfirmPasswordReset extends BasePage {
                 new UserWrapper(fakeUserTO),
                 false,
                 false,
+                parameters.get("token").toString(),
                 anonymousRestClient);
         passwordPanel.setOutputMarkupId(true);
 
diff --git 
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/panels/any/UserDetails.java
 
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/panels/any/UserDetails.java
index 9261f8d300..a5f05a0cab 100644
--- 
a/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/panels/any/UserDetails.java
+++ 
b/client/idrepo/enduser/src/main/java/org/apache/syncope/client/enduser/panels/any/UserDetails.java
@@ -124,6 +124,7 @@ public class UserDetails extends Details<UserTO> {
                     wrapper,
                     wrapper.getInnerObject().getKey() == null,
                     false,
+                    null,
                     restClient));
         }
     }
diff --git 
a/common/idrepo/rest-api/src/main/java/org/apache/syncope/common/rest/api/beans/ComplianceQuery.java
 
b/common/idrepo/rest-api/src/main/java/org/apache/syncope/common/rest/api/beans/ComplianceQuery.java
index 15bf953482..69810d58c8 100644
--- 
a/common/idrepo/rest-api/src/main/java/org/apache/syncope/common/rest/api/beans/ComplianceQuery.java
+++ 
b/common/idrepo/rest-api/src/main/java/org/apache/syncope/common/rest/api/beans/ComplianceQuery.java
@@ -46,6 +46,11 @@ public class ComplianceQuery implements Serializable {
             return this;
         }
 
+        public Builder token(final String token) {
+            instance.setToken(token);
+            return this;
+        }
+
         public Builder realm(final String realm) {
             instance.setRealm(realm);
             return this;
@@ -79,6 +84,8 @@ public class ComplianceQuery implements Serializable {
 
     private String password;
 
+    private String token;
+
     private String realm;
 
     private Set<String> resources = new HashSet<>();
@@ -99,6 +106,14 @@ public class ComplianceQuery implements Serializable {
         this.password = password;
     }
 
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(final String token) {
+        this.token = token;
+    }
+
     public String getRealm() {
         return realm;
     }
@@ -120,7 +135,7 @@ public class ComplianceQuery implements Serializable {
         if (StringUtils.isBlank(username) && StringUtils.isBlank(password)) {
             return true;
         }
-        return StringUtils.isEmpty(realm) && resources.isEmpty();
+        return StringUtils.isEmpty(token) && StringUtils.isEmpty(realm) && 
resources.isEmpty();
     }
 
     @Override
@@ -138,6 +153,7 @@ public class ComplianceQuery implements Serializable {
         return new EqualsBuilder().
                 append(username, other.username).
                 append(password, other.password).
+                append(token, other.token).
                 append(realm, other.realm).
                 append(resources, other.resources).
                 build();
@@ -148,6 +164,7 @@ public class ComplianceQuery implements Serializable {
         return new HashCodeBuilder().
                 append(username).
                 append(password).
+                append(token).
                 append(realm).
                 append(resources).
                 build();
diff --git 
a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/UserSelfLogic.java
 
b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/UserSelfLogic.java
index af7ca062f0..2369054201 100644
--- 
a/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/UserSelfLogic.java
+++ 
b/core/idrepo/logic/src/main/java/org/apache/syncope/core/logic/UserSelfLogic.java
@@ -19,6 +19,7 @@
 package org.apache.syncope.core.logic;
 
 import java.time.OffsetDateTime;
+import java.util.HashSet;
 import java.util.List;
 import java.util.Optional;
 import java.util.Set;
@@ -212,12 +213,23 @@ public class UserSelfLogic extends AbstractUserLogic {
         }
 
         Realm realm = null;
-        if (StringUtils.isNotBlank(query.getRealm())) {
-            realm = realmSearchDAO.findByFullPath(query.getRealm()).
-                    orElseThrow(() -> new NotFoundException("Realm " + 
query.getRealm()));
+        Set<ExternalResource> resources;
+        if (StringUtils.isNotBlank(query.getToken())) {
+            String key = userDAO.findByToken(query.getToken()).
+                    orElseThrow(() -> new NotFoundException("User with token " 
+ query.getToken()));
+            User user = userDAO.findById(key).
+                    orElseThrow(() -> new NotFoundException("User with key " + 
key));
+            realm = user.getRealm();
+            resources = new HashSet<>(user.getResources());
+        } else {
+            if (StringUtils.isNotBlank(query.getRealm())) {
+                realm = realmSearchDAO.findByFullPath(query.getRealm()).
+                        orElseThrow(() -> new NotFoundException("Realm " + 
query.getRealm()));
+            }
+            resources = query.getResources().stream().
+                    
map(resourceDAO::findById).flatMap(Optional::stream).collect(Collectors.toSet());
         }
-        Set<ExternalResource> resources = query.getResources().stream().
-                
map(resourceDAO::findById).flatMap(Optional::stream).collect(Collectors.toSet());
+
         if (realm == null && resources.isEmpty()) {
             sce.getElements().add("Nothing to check");
             throw sce;

Reply via email to