Source code

001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software GmbH & Co. KG, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.security;
029
030import org.opencms.file.CmsObject;
031import org.opencms.main.CmsException;
032import org.opencms.main.CmsIllegalArgumentException;
033import org.opencms.main.CmsIllegalStateException;
034import org.opencms.main.OpenCms;
035import org.opencms.util.CmsStringUtil;
036
037/**
038 * Validating bean for changing the password.<p>
039 *
040 * @since 6.0.0
041 */
042public class CmsPasswordInfo {
043
044    /** Cms Context. */
045    private final CmsObject m_cms;
046    /** Password Confirmation. */
047    private String m_confirmation;
048    /** Current (old) users password. */
049    private String m_currentPwd;
050    /** New Password. */
051    private String m_newPwd;
052    /** Current logged in user name. */
053    private final String m_userName;
054
055    /**
056     * Default Constructor.<p>
057     */
058    public CmsPasswordInfo() {
059
060        this(null);
061    }
062
063    /**
064     * Use this Constructor if you need to check the old password of the current logged in user.<p>
065     *
066     * @param cms the cms context
067     */
068    public CmsPasswordInfo(CmsObject cms) {
069
070        m_cms = cms;
071        if (m_cms != null) {
072            m_userName = m_cms.getRequestContext().getCurrentUser().getName();
073        } else {
074            m_userName = null;
075        }
076    }
077
078    /**
079     * Sets the new password for the current logged in user.<p>
080     *
081     * @throws CmsException if something goes wrong
082     */
083    public void applyChanges() throws CmsException {
084
085        if (m_userName == null) {
086            throw new CmsIllegalStateException(Messages.get().container(Messages.ERR_INVALID_USER_CONTEXT_0));
087        }
088        validate();
089        m_cms.setPassword(m_userName, getCurrentPwd(), getNewPwd());
090    }
091
092    /**
093     * Returns the confirmation.<p>
094     *
095     * @return the confirmation
096     */
097    public String getConfirmation() {
098
099        return m_confirmation;
100    }
101
102    /**
103     * Returns the current password.<p>
104     *
105     * @return the current password
106     */
107    public String getCurrentPwd() {
108
109        return m_currentPwd;
110    }
111
112    /**
113     * Returns the new password.<p>
114     *
115     * @return the new password
116     */
117    public String getNewPwd() {
118
119        return m_newPwd;
120    }
121
122    /**
123     * Sets the confirmation.<p>
124     *
125     * @param confirmation the confirmation to set
126     */
127    public void setConfirmation(String confirmation) {
128
129        // leave password unchanged, if the new password and the confirmation is empty
130        if (CmsStringUtil.isEmpty(getNewPwd()) && CmsStringUtil.isEmpty(confirmation)) {
131            return;
132        }
133        m_confirmation = confirmation;
134    }
135
136    /**
137     * Sets the current password.<p>
138     *
139     * @param currentPwd the current password to set
140     */
141    public void setCurrentPwd(String currentPwd) {
142
143        if (m_userName == null) {
144            throw new CmsIllegalStateException(Messages.get().container(Messages.ERR_INVALID_USER_CONTEXT_0));
145        }
146        try {
147            m_cms.readUser(m_userName, currentPwd);
148        } catch (CmsException e) {
149            throw new CmsIllegalArgumentException(
150                Messages.get().container(Messages.ERR_INVALID_USER_PWD_1, m_userName));
151        }
152        m_currentPwd = currentPwd;
153    }
154
155    /**
156     * Sets the new password.<p>
157     *
158     * @param newPwd the new password to set
159     */
160    public void setNewPwd(String newPwd) {
161
162        // leave password unchanged, if the new password is empty
163        if (CmsStringUtil.isEmpty(newPwd)) {
164            return;
165        }
166        try {
167            OpenCms.getPasswordHandler().validatePassword(newPwd);
168        } catch (CmsSecurityException e) {
169            throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_INVALID_NEWPWD_0), e);
170        }
171        m_newPwd = newPwd;
172    }
173
174    /**
175     * Validates that the confirmation matches the new password.<p>
176     */
177    public void validate() {
178
179        if (CmsStringUtil.isEmpty(getNewPwd())) {
180            throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_INVALID_NEWPWD_0));
181        }
182        if (!getNewPwd().equals(getConfirmation())) {
183            throw new CmsIllegalArgumentException(Messages.get().container(Messages.ERR_NEWPWD_MISMATCH_0));
184        }
185    }
186}