]> git.mxchange.org Git - jjobs-war.git/blob - src/java/org/mxchange/jjobs/beans/user/password/JobsUserPasswordWebRequestBean.java
61b31771a4e3ed74f7831f5bab2f081a3beca25c
[jjobs-war.git] / src / java / org / mxchange / jjobs / beans / user / password / JobsUserPasswordWebRequestBean.java
1 /*
2  * Copyright (C) 2016 Roland Haeder
3  *
4  * This program is free software: you can redistribute it and/or modify
5  * it under the terms of the GNU Affero General Public License as
6  * published by the Free Software Foundation, either version 3 of the
7  * License, or (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  * GNU Affero General Public License for more details.
13  *
14  * You should have received a copy of the GNU Affero General Public License
15  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
16  */
17 package org.mxchange.jjobs.beans.user.password;
18
19 import java.util.Objects;
20 import javax.enterprise.context.RequestScoped;
21 import javax.enterprise.event.Event;
22 import javax.enterprise.inject.Any;
23 import javax.faces.view.facelets.FaceletException;
24 import javax.inject.Inject;
25 import javax.inject.Named;
26 import javax.naming.Context;
27 import javax.naming.InitialContext;
28 import javax.naming.NamingException;
29 import org.mxchange.jcoreee.utils.FacesUtils;
30 import org.mxchange.jjobs.beans.BaseJobsController;
31 import org.mxchange.jjobs.beans.features.JobsFeaturesWebApplicationController;
32 import org.mxchange.jjobs.beans.login.JobsUserLoginWebSessionController;
33 import org.mxchange.jusercore.events.user.password_change.UpdatedUserPasswordEvent;
34 import org.mxchange.jusercore.events.user.password_change.UserUpdatedPasswordEvent;
35 import org.mxchange.jusercore.exceptions.UserNotFoundException;
36 import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
37 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
38 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
39 import org.mxchange.jusercore.model.user.User;
40 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
41 import org.mxchange.jusercore.model.user.UserUtils;
42 import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
43
44 /**
45  * A user password (change) controller (bean)
46  * <p>
47  * @author Roland Haeder<roland@mxchange.org>
48  */
49 @Named ("userPasswordController")
50 @RequestScoped
51 public class JobsUserPasswordWebRequestBean extends BaseJobsController implements JobsUserPasswordWebRequestController {
52
53         /**
54          * Serial number
55          */
56         private static final long serialVersionUID = 15_267_867_367_501L;
57
58         /**
59          * Features controller
60          */
61         @Inject
62         private JobsFeaturesWebApplicationController featureController;
63
64         /**
65          * Remote user bean
66          */
67         private final UserSessionBeanRemote userBean;
68
69         /**
70          * Login controller (bean)
71          */
72         @Inject
73         private JobsUserLoginWebSessionController userLoginController;
74
75         /**
76          * User password (unencrypted from web form)
77          */
78         private String userPassword;
79
80         /**
81          * User password repeated (unencrypted from web form)
82          */
83         private String userPasswordRepeat;
84
85         /**
86          * Event being fired when user's password has been updated
87          */
88         @Any
89         @Inject
90         private Event<UpdatedUserPasswordEvent> userUpdatedPasswordEvent;
91
92         /**
93          * Default constructor
94          */
95         public JobsUserPasswordWebRequestBean () {
96                 // Try it
97                 try {
98                         // Get initial context
99                         Context context = new InitialContext();
100
101                         // Try to lookup
102                         this.userBean = (UserSessionBeanRemote) context.lookup("java:global/jlandingpage-ejb/user!org.mxchange.jusercore.model.user.UserSessionBeanRemote"); //NOI18N
103                 } catch (final NamingException e) {
104                         // Throw again
105                         throw new FaceletException(e);
106                 }
107         }
108
109         @Override
110         public String doChangePassword () {
111                 // This method shall only be called if the user is logged-in
112                 if (!this.userLoginController.isUserLoggedIn()) {
113                         // Not logged-in
114                         throw new IllegalStateException("User is not logged-in"); //NOI18N
115                 } else if (!this.isRequiredChangePasswordSet()) {
116                         // Not all required fields are set
117                         throw new FaceletException("Not all required fields are set."); //NOI18N
118                 } else if (!this.userLoginController.ifCurrentPasswordMatches()) {
119                         // Password not matching
120                         throw new FaceletException(new UserPasswordMismatchException(this.userLoginController.getLoggedInUser()));
121                 } else if (!this.featureController.isFeatureEnabled("change_user_password")) { //NOI18N
122                         // Editing is not allowed
123                         throw new IllegalStateException("User tried to change password."); //NOI18N
124                 } else if (!UserUtils.ifPasswordMatches(this.userLoginController.getUserCurrentPassword(), this.userLoginController.getLoggedInUser())) {
125                         // Password mismatches
126                         this.showFacesMessage("form_user_change_password:userCurrentPassword", "ERROR_USER_CURRENT_PASSWORD_MISMATCHING"); //NOI18N
127
128                         // Clear bean
129                         this.userLoginController.setUserCurrentPassword(null);
130                         this.clear();
131
132                         // No redirect
133                         return ""; //NOI18N
134                 } else if (!Objects.equals(this.getUserPassword(), this.getUserPasswordRepeat())) {
135                         // Both entered passwords don't match
136                         this.showFacesMessage("form_user_change_password:userPasswordRepeat", "ERROR_USER_NEW_PASSWORDS_MISMATCH"); //NOI18N
137
138                         // Clear bean
139                         this.userLoginController.setUserCurrentPassword(null);
140                         this.clear();
141
142                         // No redirect
143                         return ""; //NOI18N
144                 } else if (Objects.equals(this.userLoginController.getUserCurrentPassword(), this.getUserPassword())) {
145                         // New password matches current
146                         this.showFacesMessage("form_user_change_password:userPassword", "ERROR_USER_NEW_PASSWORD_SAME_AS_CURRENT"); //NOI18N
147
148                         // Clear bean
149                         this.userLoginController.setUserCurrentPassword(null);
150                         this.clear();
151
152                         // No redirect
153                         return ""; //NOI18N
154                 } else if (this.userLoginController.isPasswordInHistory(this.getUserPassword())) {
155                         // Is already in list (to old passwords are ignored)
156                         this.showFacesMessage("form_user_change_password:userPassword", "ERROR_USER_NEW_PASSWORD_ALREADY_ENTERED"); //NOI18N
157
158                         // Clear bean
159                         this.userLoginController.setUserCurrentPassword(null);
160                         this.clear();
161
162                         // No redirect
163                         return ""; //NOI18N
164                 }
165
166                 // Get user instance
167                 User user = this.userLoginController.getLoggedInUser();
168
169                 // Encrypt password
170                 String encryptedPassword = UserUtils.encryptPassword(this.getUserPassword());
171
172                 // Set it in user
173                 user.setUserMustChangePassword(Boolean.FALSE);
174                 user.setUserEncryptedPassword(encryptedPassword);
175
176                 try {
177                         // Get base URL
178                         String baseUrl = FacesUtils.generateBaseUrl();
179
180                         // All is set, then update password
181                         PasswordHistory passwordHistory = this.userBean.updateUserPassword(user, baseUrl);
182
183                         // Fire event
184                         this.userUpdatedPasswordEvent.fire(new UserUpdatedPasswordEvent(passwordHistory));
185                 } catch (final UserNotFoundException | UserStatusUnconfirmedException | UserStatusLockedException ex) {
186                         // Clear bean
187                         this.userLoginController.setUserCurrentPassword(null);
188                         this.clear();
189
190                         // Throw again
191                         throw new FaceletException(ex);
192                 }
193
194                 // Clear bean
195                 this.clear();
196
197                 // Return outcome
198                 return "login_data_saved"; //NOI18N
199         }
200
201         @Override
202         public String getUserPassword () {
203                 return this.userPassword;
204         }
205
206         @Override
207         public void setUserPassword (final String userPassword) {
208                 this.userPassword = userPassword;
209         }
210
211         @Override
212         public String getUserPasswordRepeat () {
213                 return this.userPasswordRepeat;
214         }
215
216         @Override
217         public void setUserPasswordRepeat (final String userPasswordRepeat) {
218                 this.userPasswordRepeat = userPasswordRepeat;
219         }
220
221         @Override
222         public boolean isRequiredChangePasswordSet () {
223                 // Is all data set?
224                 return ((this.userLoginController.getUserCurrentPassword() != null) &&
225                                 (!this.userLoginController.getUserCurrentPassword().isEmpty()) &&
226                                 (this.getUserPassword() != null) &&
227                                 (!this.getUserPassword().isEmpty()) &&
228                                 (this.getUserPasswordRepeat() != null) &&
229                                 (!this.getUserPasswordRepeat().isEmpty()));
230         }
231
232         /**
233          * Clears this bean
234          */
235         private void clear () {
236                 // Clear all data
237                 this.setUserPassword(null);
238                 this.setUserPasswordRepeat(null);
239         }
240
241 }