use of com.liferay.portal.ModelListenerException in project liferay-ide by liferay.
the class UserLocalServiceImpl method updatePassword.
/**
* Updates the user's password, optionally with tracking and validation of
* the change.
*
* @param userId the primary key of the user
* @param password1 the user's new password
* @param password2 the user's new password confirmation
* @param passwordReset whether the user should be asked to reset their
* password the next time they login
* @param silentUpdate whether the password should be updated without being
* tracked, or validated. Primarily used for password imports.
* @return the user
* @throws PortalException if a user with the primary key could not be found
* @throws SystemException if a system exception occurred
*/
@Override
public User updatePassword(long userId, String password1, String password2, boolean passwordReset, boolean silentUpdate) throws PortalException, SystemException {
User user = userPersistence.findByPrimaryKey(userId);
if (!silentUpdate) {
validatePassword(user.getCompanyId(), userId, password1, password2);
}
String oldEncPwd = user.getPassword();
if (!user.isPasswordEncrypted()) {
oldEncPwd = PasswordEncryptorUtil.encrypt(user.getPassword());
}
String newEncPwd = PasswordEncryptorUtil.encrypt(password1);
if (user.hasCompanyMx()) {
mailService.updatePassword(user.getCompanyId(), userId, password1);
}
user.setPassword(newEncPwd);
user.setPasswordUnencrypted(password1);
user.setPasswordEncrypted(true);
user.setPasswordReset(passwordReset);
user.setPasswordModifiedDate(new Date());
user.setDigest(StringPool.BLANK);
user.setGraceLoginCount(0);
if (!silentUpdate) {
user.setPasswordModified(true);
}
try {
userPersistence.update(user);
} catch (ModelListenerException mle) {
String msg = GetterUtil.getString(mle.getCause().getMessage());
if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
String passwordHistory = PrefsPropsUtil.getString(user.getCompanyId(), PropsKeys.LDAP_ERROR_PASSWORD_HISTORY);
if (msg.contains(passwordHistory)) {
throw new UserPasswordException(UserPasswordException.PASSWORD_ALREADY_USED);
}
}
throw new UserPasswordException(UserPasswordException.PASSWORD_INVALID);
}
if (!silentUpdate) {
user.setPasswordModified(false);
passwordTrackerLocalService.trackPassword(userId, oldEncPwd);
}
return user;
}
Aggregations