Docjar: org/acs/damsel/client/edit/ChangePasswordAction.java

Home >> All >> org >> acs >> damsel >> client >> [ edit Javadoc ]
Source code: org/acs/damsel/client/edit/ChangePasswordAction.java

1   package org.acs.damsel.client.edit;
2   
3   import org.apache.struts.action.*;
4   import javax.servlet.http.*;
5   import org.acs.damsel.srvr.db.*;
6   import org.acs.damsel.srvr.user.*;
7   import org.acs.damsel.srvr.*;
8   import java.sql.*;
9   
10  public class ChangePasswordAction extends Action {
11    public ActionForward execute(ActionMapping actionMapping,
12                                 ActionForm actionForm,
13                                 HttpServletRequest httpServletRequest,
14                                 HttpServletResponse httpServletResponse) {
15  
16      ChangePasswordForm changePasswordForm = (ChangePasswordForm) actionForm;
17      String old = changePasswordForm.getOldPassword();
18      String newPassword = changePasswordForm.getNewPassword();
19      String newPassword2 = changePasswordForm.getNewPassword2();
20      String oldHash = null;
21      String newHash = null;
22      ActionErrors errors = new ActionErrors();
23  
24      // get the user object from the session
25      User user = (User) httpServletRequest.getSession().getAttribute("User");
26      // if the user is invalid, fail
27      if(user == null){
28        errors = new ActionErrors();
29        errors.add("changePassword", new ActionError("changePassword.not.logged.in"));
30        this.saveErrors(httpServletRequest, errors);
31        return actionMapping.findForward("failure");
32      }
33  
34      // if we can't hash the passwords for some reason, fail
35      try {
36        oldHash = DBUtils.instance().hash(old);
37        newHash = DBUtils.instance().hash(newPassword);
38      }
39      catch (SQLException ex) {
40        errors = new ActionErrors();
41        errors.add("changePassword", new ActionError("changePassword.sql.exception.caught"));
42        this.saveErrors(httpServletRequest, errors);
43        return (actionMapping.findForward("failure"));
44      }
45  
46      // if the old password doesn't match, fail
47      if (!user.getPassword().equals(oldHash)) {
48        errors.add("changePassword", new ActionError("changePasswords.old.dont.match"));
49        this.saveErrors(httpServletRequest, errors);
50      }
51  
52      // if the new password doesn't match the reentered new password, fail
53      if(!newPassword.equals(newPassword2)){
54        errors.add("changePassword", new ActionError("changePasswords.new.dont.match"));
55        this.saveErrors(httpServletRequest, errors);
56      }
57  
58      //if new passwords are blank, fail
59      if (newPassword == null || newPassword.trim().length() == 0) {
60        errors.add("changePassword", new ActionError("changePasswords.new.passwords.empty"));
61        this.saveErrors(httpServletRequest, errors);
62      }
63  
64      if (!errors.isEmpty())
65        return actionMapping.findForward("failure");
66  
67      // finally, if updating doesn't work, fail
68      user.setPassword(newHash);
69      try {
70        AssetDB.instance().updateUser(user);
71      }
72      catch (SQLException ex1) {
73        errors = new ActionErrors();
74        errors.add("changePassword", new ActionError("changePassword.sql.exception.caught"));
75        this.saveErrors(httpServletRequest, errors);
76        return (actionMapping.findForward("failure"));
77      }
78  
79      // since we've only been playing with the user object from the session,
80      // we don't have to worry about setting the user object again
81  
82      return actionMapping.findForward("success");
83    }
84  }