Changeset 32390 for main/trunk
- Timestamp:
- 2018-08-30T14:27:06+12:00 (6 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone3/src/java/org/greenstone/gsdl3/service/Authentication.java
r32369 r32390 109 109 opList.add(PERFORM_ADD); 110 110 opList.add(PERFORM_EDIT); 111 opList.add(ADD_USER); 111 112 opList.add(EDIT_USER); 112 113 opList.add(PERFORM_DELETE_USER); … … 128 129 opList.add(PERFORM_ACCOUNT_EDIT); 129 130 opList.add(PERFORM_RESET_PASSWORD); 131 opList.add(PERFORM_CHANGE_PASSWORD); 132 opList.add(PERFORM_RETRIEVE_PASSWORD); 130 133 opList.addAll(_adminOpList); 131 134 _userOpList = opList; … … 145 148 protected static boolean _derbyWrapperDoneForcedShutdown = false; 146 149 150 // some XML strings 151 protected static final String RECAPTCHA_ELEM = "recaptcha"; 152 protected static final String SITE_KEY = "site_key"; 153 protected static final String SECRET_KEY = "secret_key"; 154 protected static final String OPERATIONS = "operations"; 155 protected static final String OPERATION = "operation"; 156 157 protected static final String USERNAME = "username"; 158 protected static final String PREV_USERNAME = "prevUsername"; 159 protected static final String NEW_USERNAME = "newUsername"; 160 protected static final String PASSWORD = "password"; 161 protected static final String OLD_PASSWORD = "oldPassword"; 162 protected static final String NEW_PASSWORD = "newPassword"; 163 164 protected static final String GROUPS = "groups"; 165 protected static final String ENABLED = "enabled"; 166 protected static final String COMMENT = "comment"; 167 protected static final String STATUS = "status"; 168 protected static final String EMAIL = "email"; 169 protected static final String NEW_EMAIL = "newEmail"; 170 protected static final String ACCOUNT_STATUS = "accountstatus"; 171 protected static final String EDIT_ENABLED = "editEnabled"; 172 147 173 protected String _recaptchaSiteKey = null; 148 174 protected String _recaptchaSecretKey = null; 149 175 protected static ArrayList<String> _recaptchaOpList = null; 150 176 /** constructor */ 151 177 public Authentication() … … 204 230 DerbyWrapper.createDatabaseIfNeeded(); 205 231 206 NodeList recaptchaElems = info.getElementsByTagName( "recaptcha");232 NodeList recaptchaElems = info.getElementsByTagName(RECAPTCHA_ELEM); 207 233 for (int i = 0; i < recaptchaElems.getLength(); i++) 208 234 { 209 235 Element currentElem = (Element) recaptchaElems.item(i); 210 if (currentElem.getAttribute(GSXML.NAME_ATT) != null && currentElem.getAttribute(GSXML.NAME_ATT).equals("site_key"))211 { 212 if (currentElem.getAttribute(GSXML.VALUE_ATT) != null)236 if (currentElem.getAttribute(GSXML.NAME_ATT).equals(SITE_KEY)) 237 { 238 if (!currentElem.getAttribute(GSXML.VALUE_ATT).equals("")) 213 239 { 214 240 _recaptchaSiteKey = currentElem.getAttribute(GSXML.VALUE_ATT); 215 241 } 216 242 } 217 else if (currentElem.getAttribute(GSXML.NAME_ATT) != null && currentElem.getAttribute(GSXML.NAME_ATT).equals("secret_key"))218 { 219 if (currentElem.getAttribute(GSXML.VALUE_ATT) != null)243 else if (currentElem.getAttribute(GSXML.NAME_ATT).equals(SECRET_KEY)) 244 { 245 if (!currentElem.getAttribute(GSXML.VALUE_ATT).equals("")) 220 246 { 221 247 _recaptchaSecretKey = currentElem.getAttribute(GSXML.VALUE_ATT); 222 248 } 223 249 } 224 } 225 250 else if (currentElem.getAttribute(GSXML.NAME_ATT).equals(OPERATIONS)) 251 { 252 _recaptchaOpList = new ArrayList<String>(); 253 String value = currentElem.getAttribute(GSXML.VALUE_ATT); 254 String[] ops = value.split(","); 255 for (int j=0; j<ops.length; j++) { 256 if (!ops[j].equals("")) { 257 _recaptchaOpList.add(ops[j]); /// value checking? 258 } 259 } 260 } 261 262 } 263 // check recaptcha 264 if (_recaptchaSecretKey == null || _recaptchaSecretKey.length() == 0 || _recaptchaSiteKey == null || _recaptchaSiteKey.length() == 0) { 265 _recaptchaOpList = null; 266 } 267 226 268 return true; 227 269 } … … 301 343 HashMap<String, Serializable> params = GSXML.extractParams(paramList, true); 302 344 303 String username = (String) params.get( "username");304 String editMode = (String) params.get( "enabled");345 String username = (String) params.get(USERNAME); 346 String editMode = (String) params.get(ENABLED); 305 347 306 348 if (!editMode.toLowerCase().equals("true") && !editMode.toLowerCase().equals("false")) … … 332 374 333 375 Element system = (Element) GSXML.getChildByTagName(request, GSXML.REQUEST_TYPE_SYSTEM); 334 String username = system.hasAttribute( "username") ? system.getAttribute("username") : "";335 String password = system.hasAttribute( "password") ? system.getAttribute("password") : "";376 String username = system.hasAttribute(USERNAME) ? system.getAttribute(USERNAME) : ""; 377 String password = system.hasAttribute(PASSWORD) ? system.getAttribute(PASSWORD) : ""; 336 378 337 379 … … 345 387 } 346 388 else { 347 String storedPassword = retrieveDataForUser(username, "password");389 String storedPassword = retrieveDataForUser(username, PASSWORD); 348 390 if(storedPassword != null && (password.equals(storedPassword) || hashPassword(password).equals(storedPassword))) { 349 391 350 392 // gliserver.pl used to return the groups when authentication succeeded 351 String groups = retrieveDataForUser(username, "groups"); //comma-separated list393 String groups = retrieveDataForUser(username, GROUPS); //comma-separated list 352 394 353 395 if(collection.equals("")) { … … 407 449 HashMap<String, Serializable> params = GSXML.extractParams(paramList, true); 408 450 409 String username = (String) params.get( "username");451 String username = (String) params.get(USERNAME); 410 452 411 453 if (username == null) … … 432 474 result.appendChild(userInfoList); 433 475 434 Element usernameField = GSXML.createParameter(result_doc, "username", userInfo.username);435 Element passwordField = GSXML.createParameter(result_doc, "password", userInfo.password);436 Element groupsField = GSXML.createParameter(result_doc, "groups", userInfo.groups);437 Element accountStatusField = GSXML.createParameter(result_doc, "accountstatus", userInfo.accountstatus);438 Element commentField = GSXML.createParameter(result_doc, "comment", userInfo.comment);476 Element usernameField = GSXML.createParameter(result_doc, USERNAME, userInfo.username); 477 Element passwordField = GSXML.createParameter(result_doc, PASSWORD, userInfo.password); 478 Element groupsField = GSXML.createParameter(result_doc, GROUPS, userInfo.groups); 479 Element accountStatusField = GSXML.createParameter(result_doc, ACCOUNT_STATUS, userInfo.accountstatus); 480 Element commentField = GSXML.createParameter(result_doc, COMMENT, userInfo.comment); 439 481 440 482 if (editEnabled != null) 441 483 { 442 Element editEnabledElem = GSXML.createParameter(result_doc, "editEnabled", editEnabled);484 Element editEnabledElem = GSXML.createParameter(result_doc, EDIT_ENABLED, editEnabled); 443 485 userInfoList.appendChild(editEnabledElem); 444 486 } … … 479 521 if (param_list == null) 480 522 { 481 serviceNode.setAttribute( "operation", LOGIN);523 serviceNode.setAttribute(OPERATION, LOGIN); 482 524 logger.error("Authentication request has no param list"); 483 525 return result; // Return the empty result … … 485 527 HashMap<String, Serializable> paramMap = GSXML.extractParams(param_list, false); 486 528 String op = (String) paramMap.get("authpage"); 487 serviceNode.setAttribute( "operation", op);529 serviceNode.setAttribute(OPERATION, op); 488 530 489 531 String username = null; … … 496 538 groups = userInformation.getAttribute(GSXML.GROUPS_ATT); 497 539 } 498 540 logger.error("username="+username+", groups = "+groups); 499 541 if ((userInformation == null || username == null) && _userOpList.contains(op)) 500 542 { 501 543 // its an operation that requires the user to be logged on - direct them to login page 502 serviceNode.setAttribute( "operation", LOGIN);544 serviceNode.setAttribute(OPERATION, LOGIN); 503 545 GSXML.addError(result, getErrorTextString(ERROR_NOT_LOGGED_IN, lang)); 504 546 return result; … … 508 550 { 509 551 // actually, the user needs to be an admin user and they are not 510 serviceNode.setAttribute( "operation", LOGIN);552 serviceNode.setAttribute(OPERATION, LOGIN); 511 553 GSXML.addError(result, getErrorTextString(ERROR_ADMIN_NOT_LOGGED_IN, lang)); 512 554 return result; 513 555 } 514 556 557 if (_recaptchaOpList != null && _recaptchaOpList.contains(op)) { 558 serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey); 559 } 560 515 561 if (op.equals(LIST_USERS)) 516 562 { … … 518 564 if (error != NO_ERROR) 519 565 { 520 serviceNode.setAttribute( "operation", BLANK);566 serviceNode.setAttribute(OPERATION, BLANK); 521 567 GSXML.addError(result, getErrorTextString(error, lang)); 522 568 } … … 527 573 if (op.equals(PERFORM_ADD)) 528 574 { 529 String newUsername = (String) paramMap.get( "username");530 String newPassword = (String) paramMap.get( "password");531 String newGroups = (String) paramMap.get( "groups");532 String newStatus = (String) paramMap.get( "status");533 String newComment = (String) paramMap.get( "comment");534 String newEmail = (String) paramMap.get( "email");575 String newUsername = (String) paramMap.get(USERNAME); 576 String newPassword = (String) paramMap.get(PASSWORD); 577 String newGroups = (String) paramMap.get(GROUPS); 578 String newStatus = (String) paramMap.get(STATUS); 579 String newComment = (String) paramMap.get(COMMENT); 580 String newEmail = (String) paramMap.get(EMAIL); 535 581 536 582 //Check the given user name … … 538 584 if ((error = checkUsername(newUsername)) != NO_ERROR) 539 585 { 586 serviceNode.setAttribute(OPERATION, ADD_USER); 540 587 GSXML.addError(result, getErrorTextString(error, lang)); 541 588 return result; … … 545 592 if ((error = checkPassword(newPassword)) != NO_ERROR) 546 593 { 594 serviceNode.setAttribute(OPERATION, ADD_USER); 547 595 GSXML.addError(result, getErrorTextString(error, lang)); 548 596 return result; … … 554 602 if (error != NO_ERROR) 555 603 { 556 serviceNode.setAttribute( "operation", ADD_USER);604 serviceNode.setAttribute(OPERATION, ADD_USER); 557 605 GSXML.addError(result, getErrorTextString(error, lang)); 558 606 } … … 560 608 { 561 609 addUserInformationToNode(null, serviceNode); 562 serviceNode.setAttribute( "operation", LIST_USERS);610 serviceNode.setAttribute(OPERATION, LIST_USERS); 563 611 } 564 612 return result; 565 613 } 614 615 if (op.equals(REGISTER)) { 616 // don't need any additional info 617 return result; 618 } 619 if (op.equals(PERFORM_REGISTER)) 620 { 621 String newUsername = (String) paramMap.get(USERNAME); 622 String newPassword = (String) paramMap.get(PASSWORD); 623 String newEmail = (String) paramMap.get(EMAIL); 624 625 //Check the given details 626 int error; 627 if ((error = checkUsername(newUsername)) == NO_ERROR) { 628 if ((error = checkPassword(newPassword)) == NO_ERROR) { 629 newPassword = hashPassword(newPassword); 630 if (_recaptchaSiteKey != null && _recaptchaSecretKey != null) { 631 632 String user_response = (String) paramMap.get("g-recaptcha-response"); 633 if ((error= verifyRecaptcha(_recaptchaSecretKey, user_response)) == NO_ERROR) { 634 error = addUser(newUsername, newPassword, "", "true", "", newEmail); 635 } 636 } 637 } 638 } 639 640 if (error != NO_ERROR) 641 { 642 serviceNode.setAttribute(OPERATION, REGISTER); 643 if (_recaptchaOpList != null && _recaptchaOpList.contains(REGISTER)) { 644 serviceNode.setAttribute("recaptcha_key", _recaptchaSiteKey); 645 } 646 GSXML.addError(result, getErrorTextString(error, lang)); 647 } 648 // otherwise everything hunky dory and we return result 649 return result; 650 } 566 651 567 if (op.equals(PERFORM_REGISTER)) 568 { 569 String newUsername = (String) paramMap.get("username"); 570 String newPassword = (String) paramMap.get("password"); 571 String newEmail = (String) paramMap.get("email"); 652 if (op.equals(PERFORM_EDIT)) 653 { 654 String previousUsername = (String) paramMap.get(PREV_USERNAME); 655 String newUsername = (String) paramMap.get(NEW_USERNAME); 656 String newPassword = (String) paramMap.get(PASSWORD); 657 String newGroups = (String) paramMap.get(GROUPS); 658 String newStatus = (String) paramMap.get(STATUS); 659 String newComment = (String) paramMap.get(COMMENT); 660 String newEmail = (String) paramMap.get(NEW_EMAIL); 572 661 573 662 //Check the given user name … … 579 668 } 580 669 581 //Check the given password 582 if ((error = checkPassword(newPassword)) != NO_ERROR) 583 { 670 if (newPassword == null) 671 { 672 newPassword = retrieveDataForUser(previousUsername, PASSWORD); 673 } 674 else 675 { 676 //Check the given password 677 if ((error = checkPassword(newPassword)) != NO_ERROR) 678 { 679 GSXML.addError(result, getErrorTextString(error, lang)); 680 return result; 681 } 682 683 newPassword = hashPassword(newPassword); 684 } 685 686 error = removeUser(previousUsername); 687 if (error != NO_ERROR) 688 { 689 if (error == ERROR_USERNAME_NOT_SPECIFIED) 690 { 691 addUserInformationToNode(null, serviceNode); 692 serviceNode.setAttribute(OPERATION, LIST_USERS); 693 } 694 else 695 { 696 serviceNode.setAttribute(OPERATION, EDIT_USER); 697 GSXML.addError(result, getErrorTextString(error, lang)); 698 } 699 return result; 700 } 701 702 error = addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail); 703 if (error != NO_ERROR) 704 { 705 serviceNode.setAttribute(OPERATION, EDIT_USER); 584 706 GSXML.addError(result, getErrorTextString(error, lang)); 707 } 708 else 709 { 710 addUserInformationToNode(null, serviceNode); 711 serviceNode.setAttribute(OPERATION, LIST_USERS); 712 } 713 return result; 714 } 715 // this operation is done by a user when editing their own details. Should not return userNode info. 716 if (op.equals(PERFORM_ACCOUNT_EDIT)) 717 { 718 String previousUsername = (String) paramMap.get(PREV_USERNAME); 719 String newUsername = (String) paramMap.get(NEW_USERNAME); 720 String oldPassword = (String) paramMap.get(OLD_PASSWORD); 721 String newPassword = (String) paramMap.get(NEW_PASSWORD); 722 String newEmail = (String) paramMap.get(NEW_EMAIL); 723 724 //Make sure the user name does not already exist 725 if (!previousUsername.equals(newUsername) && checkUserExists(newUsername)) 726 { 727 addUserInformationToNode(previousUsername, serviceNode); 728 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 729 GSXML.addError(result, getErrorTextString(ERROR_USER_ALREADY_EXISTS, lang)); 585 730 return result; 586 731 } 587 732 588 newPassword = hashPassword(newPassword); 589 590 // check the recaptcha 591 if (_recaptchaSiteKey != null && _recaptchaSecretKey.length() > 0) { 592 593 String user_response = (String) paramMap.get("g-recaptcha-response"); 594 int recaptcha_error = verifyRecaptcha(_recaptchaSecretKey, user_response); 595 if (recaptcha_error != NO_ERROR) { 596 serviceNode.setAttribute("operation", REGISTER); 597 GSXML.addError(result, getErrorTextString(recaptcha_error, lang)); 598 return result; 599 } 600 } 601 602 error = addUser(newUsername, newPassword, "", "true", "", newEmail); 603 if (error != NO_ERROR) 604 { 605 serviceNode.setAttribute("operation", REGISTER); 606 GSXML.addError(result, getErrorTextString(error, lang)); 607 } 608 return result; 609 } 610 611 else if (op.equals(PERFORM_EDIT)) 612 { 613 String previousUsername = (String) paramMap.get("prevUsername"); 614 String newUsername = (String) paramMap.get("newUsername"); 615 String newPassword = (String) paramMap.get("password"); 616 String newGroups = (String) paramMap.get("groups"); 617 String newStatus = (String) paramMap.get("status"); 618 String newComment = (String) paramMap.get("comment"); 619 String newEmail = (String) paramMap.get("newEmail"); 733 String prevPassword = retrieveDataForUser(previousUsername, PASSWORD); 734 735 if (newPassword != null) 736 { 737 oldPassword = hashPassword(oldPassword); 738 739 if (oldPassword == null || !oldPassword.equals(prevPassword)) 740 { 741 addUserInformationToNode(previousUsername, serviceNode); 742 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 743 GSXML.addError(result, getErrorTextString(ERROR_INCORRECT_PASSWORD, lang), "INCORRECT_PASSWORD"); 744 return result; 745 } 746 747 //Check the given password 748 int error; 749 if ((error = checkPassword(newPassword)) != NO_ERROR) 750 { 751 addUserInformationToNode(previousUsername, serviceNode); 752 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 753 GSXML.addError(result, getErrorTextString(error, lang)); 754 return result; 755 } 756 757 newPassword = hashPassword(newPassword); 758 } 759 else 760 { 761 newPassword = prevPassword; 762 } 620 763 621 764 //Check the given user name … … 623 766 if ((error = checkUsername(newUsername)) != NO_ERROR) 624 767 { 768 addUserInformationToNode(previousUsername, serviceNode); 769 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 625 770 GSXML.addError(result, getErrorTextString(error, lang)); 626 771 return result; 627 772 } 628 773 629 if (newPassword == null) 630 { 631 newPassword = retrieveDataForUser(previousUsername, "password"); 632 } 633 else 634 { 635 //Check the given password 636 if ((error = checkPassword(newPassword)) != NO_ERROR) 637 { 638 GSXML.addError(result, getErrorTextString(error, lang)); 639 return result; 640 } 641 642 newPassword = hashPassword(newPassword); 643 } 774 String prevGroups = retrieveDataForUser(previousUsername, GROUPS); 775 String prevStatus = retrieveDataForUser(previousUsername, STATUS); 776 String prevComment = retrieveDataForUser(previousUsername, COMMENT); 644 777 645 778 error = removeUser(previousUsername); 646 779 if (error != NO_ERROR) 647 780 { 648 if (error == ERROR_USERNAME_NOT_SPECIFIED)649 {650 addUserInformationToNode(null, serviceNode);651 serviceNode.setAttribute("operation", LIST_USERS);652 }653 else654 {655 serviceNode.setAttribute("operation", EDIT_USER);656 GSXML.addError(result, getErrorTextString(error, lang));657 }658 return result;659 }660 661 error = addUser(newUsername, newPassword, newGroups, newStatus, newComment, newEmail);662 if (error != NO_ERROR)663 {664 serviceNode.setAttribute("operation", EDIT_USER);665 GSXML.addError(result, getErrorTextString(error, lang));666 }667 else668 {669 addUserInformationToNode(null, serviceNode);670 serviceNode.setAttribute("operation", LIST_USERS);671 }672 }673 // this operation is done by a user when editing their own details. Should not return userNode info.674 else if (op.equals(PERFORM_ACCOUNT_EDIT))675 {676 String previousUsername = (String) paramMap.get("prevUsername");677 String newUsername = (String) paramMap.get("newUsername");678 String oldPassword = (String) paramMap.get("oldPassword");679 String newPassword = (String) paramMap.get("newPassword");680 String newEmail = (String) paramMap.get("newEmail");681 682 //Make sure the user name does not already exist683 if (!previousUsername.equals(newUsername) && checkUserExists(newUsername))684 {685 addUserInformationToNode(previousUsername, serviceNode);686 serviceNode.setAttribute("operation", ACCOUNT_SETTINGS);687 GSXML.addError(result, getErrorTextString(ERROR_USER_ALREADY_EXISTS, lang));688 return result;689 }690 691 String prevPassword = retrieveDataForUser(previousUsername, "password");692 693 if (newPassword != null)694 {695 oldPassword = hashPassword(oldPassword);696 697 if (oldPassword == null || !oldPassword.equals(prevPassword))698 {699 addUserInformationToNode(previousUsername, serviceNode);700 serviceNode.setAttribute("operation", ACCOUNT_SETTINGS);701 GSXML.addError(result, getErrorTextString(ERROR_INCORRECT_PASSWORD, lang), "INCORRECT_PASSWORD");702 return result;703 }704 705 //Check the given password706 int error;707 if ((error = checkPassword(newPassword)) != NO_ERROR)708 {709 addUserInformationToNode(previousUsername, serviceNode);710 serviceNode.setAttribute("operation", ACCOUNT_SETTINGS);711 GSXML.addError(result, getErrorTextString(error, lang));712 return result;713 }714 715 newPassword = hashPassword(newPassword);716 }717 else718 {719 newPassword = prevPassword;720 }721 722 //Check the given user name723 int error;724 if ((error = checkUsername(newUsername)) != NO_ERROR)725 {726 781 addUserInformationToNode(previousUsername, serviceNode); 727 serviceNode.setAttribute("operation", ACCOUNT_SETTINGS); 728 GSXML.addError(result, getErrorTextString(error, lang)); 729 return result; 730 } 731 732 String prevGroups = retrieveDataForUser(previousUsername, "groups"); 733 String prevStatus = retrieveDataForUser(previousUsername, "status"); 734 String prevComment = retrieveDataForUser(previousUsername, "comment"); 735 736 error = removeUser(previousUsername); 737 if (error != NO_ERROR) 738 { 739 addUserInformationToNode(previousUsername, serviceNode); 740 serviceNode.setAttribute("operation", ACCOUNT_SETTINGS); 782 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 741 783 GSXML.addError(result, getErrorTextString(error, lang)); 742 784 return result; … … 746 788 if (error != NO_ERROR) 747 789 { 748 serviceNode.setAttribute( "operation", ACCOUNT_SETTINGS);790 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 749 791 GSXML.addError(result, getErrorTextString(error, lang)); 750 792 } 751 793 752 794 addUserInformationToNode(newUsername, serviceNode); 753 serviceNode.setAttribute( "operation", ACCOUNT_SETTINGS);795 serviceNode.setAttribute(OPERATION, ACCOUNT_SETTINGS); 754 796 GSXML.addError(result, getTextString("auth.success.account_settings", lang)); 755 756 } 757 elseif (op.equals(PERFORM_RETRIEVE_PASSWORD))758 { 759 760 } 761 elseif (op.equals(PERFORM_CHANGE_PASSWORD))762 { 763 serviceNode.setAttribute( "operation", PERFORM_CHANGE_PASSWORD);764 String user_name = (String) paramMap.get( "username");765 String oldPassword = (String) paramMap.get( "oldPassword");766 String newPassword = (String) paramMap.get( "newPassword");797 return result; 798 } 799 if (op.equals(PERFORM_RETRIEVE_PASSWORD)) 800 { 801 return result; 802 } 803 if (op.equals(PERFORM_CHANGE_PASSWORD)) 804 { 805 serviceNode.setAttribute(OPERATION, PERFORM_CHANGE_PASSWORD); 806 String user_name = (String) paramMap.get(USERNAME); 807 String oldPassword = (String) paramMap.get(OLD_PASSWORD); 808 String newPassword = (String) paramMap.get(NEW_PASSWORD); 767 809 if (user_name == null || oldPassword == null || newPassword == null) 768 810 { … … 771 813 } 772 814 773 String prevPassword = retrieveDataForUser(user_name, "password");815 String prevPassword = retrieveDataForUser(user_name, PASSWORD); 774 816 if (!hashPassword(oldPassword).equals(prevPassword)) 775 817 { … … 788 830 789 831 DerbyWrapper derbyWrapper = openDatabase(); 790 String chpa_groups = retrieveDataForUser(user_name, "groups");832 String chpa_groups = retrieveDataForUser(user_name, GROUPS); 791 833 String chpa_comment = "password_changed_by_user"; 792 834 String info = derbyWrapper.modifyUserInfo(user_name, hashPassword(newPassword), chpa_groups, null, chpa_comment, null); … … 797 839 return result; 798 840 } 799 } 800 else if (op.equals(EDIT_USER)) 801 { 802 String editUsername = (String) paramMap.get("username"); 841 return result; 842 } 843 if (op.equals(EDIT_USER)) 844 { 845 String editUsername = (String) paramMap.get(USERNAME); 803 846 int error = addUserInformationToNode(editUsername, serviceNode); 804 847 if (error != NO_ERROR) … … 806 849 GSXML.addError(result, getErrorTextString(error, lang)); 807 850 } 808 } 809 else if (op.equals(ACCOUNT_SETTINGS)) 810 { 811 String editUsername = (String) paramMap.get("username"); 851 return result; 852 } 853 if (op.equals(ACCOUNT_SETTINGS)) 854 { 855 String editUsername = (String) paramMap.get(USERNAME); 812 856 813 857 if (editUsername == null) 814 858 { 815 serviceNode.setAttribute( "operation", "");859 serviceNode.setAttribute(OPERATION, ""); 816 860 GSXML.addError(result, getErrorTextString(ERROR_USERNAME_NOT_SPECIFIED, lang)); 817 861 return result; … … 820 864 if (!editUsername.equals(username)) 821 865 { 822 serviceNode.setAttribute( "operation", LOGIN);866 serviceNode.setAttribute(OPERATION, LOGIN); 823 867 GSXML.addError(result, getErrorTextString(ERROR_NOT_AUTHORISED, lang)); 824 868 return result; … … 829 873 GSXML.addError(result, getErrorTextString(error, lang)); 830 874 } 831 } 832 else if (op.equals(PERFORM_RESET_PASSWORD)) 833 { 834 String passwordResetUser = (String) paramMap.get("username"); 875 return result; 876 } 877 if (op.equals(PERFORM_RESET_PASSWORD)) 878 { 879 String passwordResetUser = (String) paramMap.get(USERNAME); 835 880 836 881 String newPassword = UUID.randomUUID().toString(); 837 882 newPassword = newPassword.substring(0, newPassword.indexOf("-")); 838 883 839 String email = retrieveDataForUser(passwordResetUser, "email");884 String email = retrieveDataForUser(passwordResetUser, EMAIL); 840 885 String from = "[email protected]"; 841 886 String host = request.getAttribute("remoteAddress"); 842 887 843 888 //TODO: FINISH THIS 844 } 845 else if (op.equals(REGISTER)) 846 { 847 } 848 else if (op.equals(PERFORM_DELETE_USER)) 849 { 850 String usernameToDelete = (String) paramMap.get("username"); 889 return result; 890 } 891 if (op.equals(PERFORM_DELETE_USER)) 892 { 893 String usernameToDelete = (String) paramMap.get(USERNAME); 851 894 int error = removeUser(usernameToDelete); 852 895 if (error != NO_ERROR) … … 855 898 } 856 899 addUserInformationToNode(null, serviceNode); 857 serviceNode.setAttribute("operation", LIST_USERS); 858 } 859 860 return result; 900 serviceNode.setAttribute(OPERATION, LIST_USERS); 901 return result; 902 } 903 904 return result; // or should we return null, as we haven't recognised the operation?? 861 905 } 862 906 … … 1114 1158 for (int i = 0; i < result.getSize(); i++) 1115 1159 { 1116 if (dataType.equals( "password"))1160 if (dataType.equals(PASSWORD)) 1117 1161 { 1118 1162 data = ((UserTermInfo) userInfo.get(i)).password; 1119 1163 break; 1120 1164 } 1121 else if (dataType.equals( "groups"))1165 else if (dataType.equals(GROUPS)) 1122 1166 { 1123 1167 data = ((UserTermInfo) userInfo.get(i)).groups; 1124 1168 break; 1125 1169 } 1126 else if (dataType.equals( "status"))1170 else if (dataType.equals(STATUS)) 1127 1171 { 1128 1172 data = ((UserTermInfo) userInfo.get(i)).accountstatus; 1129 1173 break; 1130 1174 } 1131 else if (dataType.equals( "comment"))1175 else if (dataType.equals(COMMENT)) 1132 1176 { 1133 1177 data = ((UserTermInfo) userInfo.get(i)).comment; 1134 1178 break; 1135 1179 } 1136 else if (dataType.equals( "email"))1180 else if (dataType.equals(EMAIL)) 1137 1181 { 1138 1182 data = ((UserTermInfo) userInfo.get(i)).email; … … 1163 1207 String comment = ((UserTermInfo) userInfo.get(i)).comment; 1164 1208 String email = ((UserTermInfo) userInfo.get(i)).email; 1165 user_node.setAttribute( "username", username);1166 user_node.setAttribute( "groups", groups);1167 user_node.setAttribute( "status", accountstatus);1168 user_node.setAttribute( "comment", comment);1169 user_node.setAttribute( "email", email);1209 user_node.setAttribute(USERNAME, username); 1210 user_node.setAttribute(GROUPS, groups); 1211 user_node.setAttribute(STATUS, accountstatus); 1212 user_node.setAttribute(COMMENT, comment); 1213 user_node.setAttribute(EMAIL, email); 1170 1214 1171 1215 user_list_node.appendChild(user_node);
Note:
See TracChangeset
for help on using the changeset viewer.