[mashup-dev] svn commit r14652 - in trunk/mashup/java/modules: core/src/org/wso2/mashup/webapp/userprofile core/src/org/wso2/mashup/webapp/utils www

Mon, 10 Mar 2008 03:44:26 -0700 

Author: channa
Date: Mon Mar 10 03:44:03 2008
New Revision: 14652

Log:

Added validations and encoding to current user's password change feature 
(MASHUP-655) also added caching for user full name (MASHUP-710).

Modified:
   
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
   
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
   trunk/mashup/java/modules/www/ajax_profile.jsp
   trunk/mashup/java/modules/www/user.jsp

Modified: 
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
==============================================================================
--- 
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
      (original)
+++ 
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/userprofile/AddUserBean.java
      Mon Mar 10 03:44:03 2008
@@ -25,8 +25,6 @@
 import org.wso2.registry.users.UserRealm;
 import org.wso2.registry.users.UserStoreAdmin;
 import org.wso2.registry.users.UserStoreException;
-import org.wso2.usermanager.Realm;
-
 
 import javax.servlet.http.HttpServletRequest;
 import java.util.Hashtable;
@@ -223,6 +221,10 @@
             }
 
             RegistryUtils.updateUser(registry, userStoreAdmin, userName, 
fullName, emailId, bio);
+
+            // Clear cached full name while changing the name in user manager.
+            request.getSession().removeAttribute(MashupConstants.FULL_NAME + 
userName);
+            
             created = true;
         } catch (UserStoreException e) {
             log.error("Error adding user in user manager", e);

Modified: 
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
==============================================================================
--- 
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
  (original)
+++ 
trunk/mashup/java/modules/core/src/org/wso2/mashup/webapp/utils/RegistryUtils.java
  Mon Mar 10 03:44:03 2008
@@ -17,6 +17,8 @@
 
 import org.apache.axis2.context.ConfigurationContext;
 import org.apache.axis2.deployment.DeploymentEngine;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
 import org.wso2.mashup.MashupConstants;
 import org.wso2.mashup.MashupFault;
 import org.wso2.mashup.utils.QueryResult;
@@ -43,10 +45,13 @@
 
 import javax.servlet.ServletContext;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 import java.io.ByteArrayOutputStream;
 import java.io.File;
 import java.io.IOException;
 import java.io.InputStream;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
 import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.Date;
@@ -55,7 +60,7 @@
 import java.util.Map;
 
 public class RegistryUtils {
-
+    private static final Log log = LogFactory.getLog(RegistryUtils.class);
     public static Registry getRegistry(HttpServletRequest request) throws 
MashupFault {
 
         Registry registry =
@@ -226,16 +231,20 @@
      */
     public static String getCurrentUserFullName(HttpServletRequest request)
             throws RegistryException {
+        HttpSession session = request.getSession();
         String currentUserFullName = null;
         String currentUser;
 
-        Registry registry =
-                (Registry) 
request.getSession().getAttribute(MashupConstants.USER_REGISTRY);
+        Registry registry = (Registry) 
session.getAttribute(MashupConstants.USER_REGISTRY);
 
         currentUser = getCurrentUser(registry);
 
-        currentUserFullName = getFullName(request, currentUser);
-
+        currentUserFullName = (String) 
session.getAttribute(MashupConstants.FULL_NAME +
+                currentUser);
+        if (currentUserFullName == null || "".equals(currentUserFullName)) {
+            currentUserFullName = getFullName(request, currentUser);
+            session.setAttribute(MashupConstants.FULL_NAME + currentUser, 
currentUserFullName);
+        }
         return currentUserFullName;
     }
 
@@ -644,10 +653,20 @@
      * @throws UserStoreException If the update fails.
      */
     public static void changeUserPassword(UserStoreAdmin storeAdmin, String 
userName, String values)
-            throws UserStoreException {
+            throws MashupFault {
         // Extract the old and new passwords from the value string.
         String[] passwords = values.split("&");
-        storeAdmin.updateUser(userName, passwords[1], passwords[0]);
+        try {
+            String newPassword = URLDecoder.decode(passwords[1], "UTF-8");
+            String oldPassword = URLDecoder.decode(passwords[0], "UTF-8");
+            storeAdmin.updateUser(userName, newPassword, oldPassword);
+        } catch (UnsupportedEncodingException e) {
+            log.error("Error decoding passwords", e);
+            throw new MashupFault("Error decoding passwords", e);
+        } catch (UserStoreException e) {
+            log.error("Error changing password", e);
+            throw new MashupFault("Error changing password", e);
+        }
     }
 
     /**

Modified: trunk/mashup/java/modules/www/ajax_profile.jsp
==============================================================================
--- trunk/mashup/java/modules/www/ajax_profile.jsp      (original)
+++ trunk/mashup/java/modules/www/ajax_profile.jsp      Mon Mar 10 03:44:03 2008
@@ -52,6 +52,10 @@
                 if (properties != null) {
                     properties.put(MashupConstants.FULL_NAME, value);
                     userStoreAdmin.setUserProperties(currentUser, properties);
+
+                    // Clear cached full name while changing the name in user 
manager.
+                    
request.getSession().removeAttribute(MashupConstants.FULL_NAME + currentUser);
+                    
                     success = true;
                 }
             } else if (fieldParam.equals(MashupConstants.PASSWORD)) {

Modified: trunk/mashup/java/modules/www/user.jsp
==============================================================================
--- trunk/mashup/java/modules/www/user.jsp      (original)
+++ trunk/mashup/java/modules/www/user.jsp      Mon Mar 10 03:44:03 2008
@@ -172,9 +172,12 @@
             var newPasswordConf = $("newPasswordConf_input_text").value;
 
             if (newPassword != newPasswordConf) {
-                $("passwordMessages_value").update("New passwords do not 
match");
+                $("passwordMessages_value").update("New passwords do not 
match!");
+            } else if (newPassword.length < <%= 
MashupConstants.MIN_PASSWORD_LENGTH %>) {
+                $("passwordMessages_value").update("New password length must 
exceed <%=
+                    MashupConstants.MIN_PASSWORD_LENGTH %> characters!");
             } else {
-                var changeDetails = oldPassword + "&" + newPassword;
+                var changeDetails = encodeURI(oldPassword) + "&" + 
encodeURI(newPassword);
                 new Ajax.Request("ajax_profile.jsp?name=" + user + "&field=" + 
fieldtype, {
                     method: "post",
                     contentType: "text/html",

_______________________________________________
Mashup-dev mailing list
[email protected]
http://www.wso2.org/cgi-bin/mailman/listinfo/mashup-dev

Reply via email to