]> git.mxchange.org Git - jjobs-war.git/blob - src/java/org/mxchange/jjobs/beans/user/password/JobsUserPasswordWebRequestBean.java
e74a87a230451c7e273f3c3fff9fb1dfdb7f5f1c
[jjobs-war.git] / src / java / org / mxchange / jjobs / beans / user / password / JobsUserPasswordWebRequestBean.java
1 /*
2  * Copyright (C) 2016, 2017 Roland Häder
3  *
4  * This program is free software: you can redistribute it and/or modify
5  * it under the terms of the GNU Affero General Public License as
6  * published by the Free Software Foundation, either version 3 of the
7  * License, or (at your option) any later version.
8  *
9  * This program is distributed in the hope that it will be useful,
10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12  * GNU Affero General Public License for more details.
13  *
14  * You should have received a copy of the GNU Affero General Public License
15  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
16  */
17 package org.mxchange.jjobs.beans.user.password;
18
19 import java.util.Objects;
20 import javax.annotation.PostConstruct;
21 import javax.enterprise.context.RequestScoped;
22 import javax.enterprise.event.Event;
23 import javax.enterprise.inject.Any;
24 import javax.faces.view.facelets.FaceletException;
25 import javax.inject.Inject;
26 import javax.inject.Named;
27 import javax.naming.Context;
28 import javax.naming.InitialContext;
29 import javax.naming.NamingException;
30 import org.mxchange.jcoreee.utils.FacesUtils;
31 import org.mxchange.jjobs.beans.BaseJobsController;
32 import org.mxchange.jjobs.beans.features.JobsFeaturesWebApplicationController;
33 import org.mxchange.jjobs.beans.login.user.JobsUserLoginWebSessionController;
34 import org.mxchange.jusercore.events.user.password_change.ObservableUpdatedUserPasswordEvent;
35 import org.mxchange.jusercore.events.user.password_change.UpdatedUserPasswordEvent;
36 import org.mxchange.jusercore.exceptions.UserNotFoundException;
37 import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
38 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
39 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
40 import org.mxchange.jusercore.model.user.User;
41 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
42 import org.mxchange.jusercore.model.user.UserUtils;
43 import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
44
45 /**
46  * A user password (change) controller (bean)
47  * <p>
48  * @author Roland Häder<roland@mxchange.org>
49  */
50 @Named ("userPasswordController")
51 @RequestScoped
52 public class JobsUserPasswordWebRequestBean extends BaseJobsController implements JobsUserPasswordWebRequestController {
53
54         /**
55          * Serial number
56          */
57         private static final long serialVersionUID = 15_267_867_367_501L;
58
59         /**
60          * Features controller
61          */
62         @Inject
63         private JobsFeaturesWebApplicationController featureController;
64
65         /**
66          * Remote user bean
67          */
68         private UserSessionBeanRemote userBean;
69
70         /**
71          * Current password (for confirmation of password change)
72          */
73         private String userCurrentPassword;
74
75         /**
76          * Login bean (controller)
77          */
78         @Inject
79         private JobsUserLoginWebSessionController userLoginController;
80
81         /**
82          * User password (clear-text from web form)
83          */
84         private String userPassword;
85
86         /**
87          * User password repeated (clear-text from web form)
88          */
89         private String userPasswordRepeat;
90
91         /**
92          * Event being fired when user's password has been updated
93          */
94         @Any
95         @Inject
96         private Event<ObservableUpdatedUserPasswordEvent> userUpdatedPasswordEvent;
97
98         /**
99          * Default constructor
100          */
101         public JobsUserPasswordWebRequestBean () {
102                 // Call super constructor
103                 super();
104         }
105
106         @Override
107         public String doChangePassword () {
108                 // This method shall only be called if the user is logged-in
109                 if (!this.userLoginController.isUserLoggedIn()) {
110                         // Not logged-in
111                         throw new IllegalStateException("User is not logged-in"); //NOI18N
112                 } else if (!this.isRequiredChangePasswordSet()) {
113                         // Not all required fields are set
114                         throw new FaceletException("Not all required fields are set."); //NOI18N
115                 } else if (!this.userLoginController.ifCurrentPasswordMatches()) {
116                         // Password not matching
117                         throw new FaceletException(new UserPasswordMismatchException(this.userLoginController.getLoggedInUser()));
118                 } else if (!this.featureController.isFeatureEnabled("change_user_password")) { //NOI18N
119                         // Editing is not allowed
120                         throw new IllegalStateException("User tried to change password."); //NOI18N
121                 } else if (!UserUtils.ifPasswordMatches(this.getUserCurrentPassword(), this.userLoginController.getLoggedInUser())) {
122                         // Password mismatches
123                         this.showFacesMessage("form_user_change_password:userCurrentPassword", "Entered current password does not matched stored password."); //NOI18N
124
125                         // Clear bean
126                         this.clear();
127
128                         // No redirect
129                         return ""; //NOI18N
130                 } else if (!Objects.equals(this.getUserPassword(), this.getUserPasswordRepeat())) {
131                         // Both entered passwords don't match
132                         this.showFacesMessage("form_user_change_password:userPasswordRepeat", "Entered new passwords mismatch."); //NOI18N
133
134                         // Clear bean
135                         this.clear();
136
137                         // No redirect
138                         return ""; //NOI18N
139                 } else if (Objects.equals(this.getUserCurrentPassword(), this.getUserPassword())) {
140                         // New password matches current
141                         this.showFacesMessage("form_user_change_password:userPassword", "Entered new password is same as current password."); //NOI18N
142
143                         // Clear bean
144                         this.clear();
145
146                         // No redirect
147                         return ""; //NOI18N
148                 } else if (this.userLoginController.isPasswordInHistory(this.getUserPassword())) {
149                         // Is already in list (to old passwords are ignored)
150                         this.showFacesMessage("form_user_change_password:userPassword", "Entered new password is has already been used some time ago."); //NOI18N
151
152                         // Clear bean
153                         this.clear();
154
155                         // No redirect
156                         return ""; //NOI18N
157                 }
158
159                 // Get user instance
160                 User user = this.userLoginController.getLoggedInUser();
161
162                 // Encrypt password
163                 String encryptedPassword = UserUtils.encryptPassword(this.getUserPassword());
164
165                 // Set it in user
166                 user.setUserEncryptedPassword(encryptedPassword);
167
168                 try {
169                         // Get base URL
170                         String baseUrl = FacesUtils.generateBaseUrl();
171
172                         // All is set, then update password
173                         PasswordHistory passwordHistory = this.userBean.updateUserPassword(user, baseUrl);
174
175                         // Fire event
176                         this.userUpdatedPasswordEvent.fire(new UpdatedUserPasswordEvent(passwordHistory));
177                 } catch (final UserNotFoundException | UserStatusUnconfirmedException | UserStatusLockedException ex) {
178                         // Clear bean
179                         this.clear();
180
181                         // Throw again
182                         throw new FaceletException(ex);
183                 }
184
185                 // Clear bean
186                 this.clear();
187
188                 // Return outcome
189                 return "login_data_saved"; //NOI18N
190         }
191
192         @Override
193         public String getUserCurrentPassword () {
194                 return this.userCurrentPassword;
195         }
196
197         @Override
198         public void setUserCurrentPassword (final String userCurrentPassword) {
199                 this.userCurrentPassword = userCurrentPassword;
200         }
201
202         @Override
203         public String getUserPassword () {
204                 return this.userPassword;
205         }
206
207         @Override
208         public void setUserPassword (final String userPassword) {
209                 this.userPassword = userPassword;
210         }
211
212         @Override
213         public String getUserPasswordRepeat () {
214                 return this.userPasswordRepeat;
215         }
216
217         @Override
218         public void setUserPasswordRepeat (final String userPasswordRepeat) {
219                 this.userPasswordRepeat = userPasswordRepeat;
220         }
221
222         /**
223          * Post-initialization of this class
224          */
225         @PostConstruct
226         public void init () {
227                 // Try it
228                 try {
229                         // Get initial context
230                         Context context = new InitialContext();
231
232                         // Try to lookup
233                         this.userBean = (UserSessionBeanRemote) context.lookup("java:global/jjobs-ejb/user!org.mxchange.jusercore.model.user.UserSessionBeanRemote"); //NOI18N
234                 } catch (final NamingException e) {
235                         // Throw again
236                         throw new FaceletException(e);
237                 }
238         }
239
240         @Override
241         public boolean isRequiredChangePasswordSet () {
242                 // Is all data set?
243                 return ((this.getUserCurrentPassword() != null) &&
244                                 (!this.getUserCurrentPassword().isEmpty()) &&
245                                 (this.getUserPassword() != null) &&
246                                 (!this.getUserPassword().isEmpty()) &&
247                                 (this.getUserPasswordRepeat() != null) &&
248                                 (!this.getUserPasswordRepeat().isEmpty()));
249         }
250
251         /**
252          * Clears this bean
253          */
254         private void clear () {
255                 // Clear all data
256                 this.setUserPassword(null);
257                 this.setUserPasswordRepeat(null);
258         }
259
260 }