use of edu.harvard.iq.dataverse.confirmemail.ConfirmEmailException in project dataverse by IQSS.
the class DataverseUserPage method save.
public String save() {
boolean passwordChanged = false;
if (editMode == EditMode.CHANGE_PASSWORD) {
final AuthenticationProvider prv = getUserAuthProvider();
if (prv.isPasswordUpdateAllowed()) {
if (!prv.verifyPassword(currentUser.getAuthenticatedUserLookup().getPersistentUserId(), currentPassword)) {
FacesContext.getCurrentInstance().addMessage("currentPassword", new FacesMessage(FacesMessage.SEVERITY_ERROR, BundleUtil.getStringFromBundle("user.error.wrongPassword"), null));
return null;
}
prv.updatePassword(currentUser.getAuthenticatedUserLookup().getPersistentUserId(), inputPassword);
passwordChanged = true;
} else {
// erroneous state - we can't change the password for this user, so should not have gotten here. Log and bail out.
logger.log(Level.WARNING, "Attempt to change a password on {0}, whose provider ({1}) does not support password change", new Object[] { currentUser.getIdentifier(), prv });
JH.addMessage(FacesMessage.SEVERITY_ERROR, BundleUtil.getStringFromBundle("user.error.cannotChangePassword"));
return null;
}
}
if (editMode == EditMode.CREATE) {
// Create a new built-in user.
BuiltinUser builtinUser = new BuiltinUser();
builtinUser.setUserName(getUsername());
builtinUser.applyDisplayInfo(userDisplayInfo);
builtinUser.updateEncryptedPassword(PasswordEncryption.get().encrypt(inputPassword), PasswordEncryption.getLatestVersionNumber());
AuthenticatedUser au = authenticationService.createAuthenticatedUser(new UserRecordIdentifier(BuiltinAuthenticationProvider.PROVIDER_ID, builtinUser.getUserName()), builtinUser.getUserName(), builtinUser.getDisplayInfo(), false);
if (au == null) {
// Username already exists, show an error message
getUsernameField().setValid(false);
FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_ERROR, BundleUtil.getStringFromBundle("user.username.taken"), null);
FacesContext context = FacesContext.getCurrentInstance();
context.addMessage(getUsernameField().getClientId(context), message);
return null;
}
// The Authenticated User was just created via the UI, add an initial login timestamp
au = userService.updateLastLogin(au);
// Authenticated user registered. Save the new bulitin, and log in.
builtinUserService.save(builtinUser);
session.setUser(au);
/**
* @todo Move this to
* AuthenticationServiceBean.createAuthenticatedUser
*/
userNotificationService.sendNotification(au, new Timestamp(new Date().getTime()), UserNotification.Type.CREATEACC, null);
// go back to where user came from
if ("dataverse.xhtml".equals(redirectPage)) {
redirectPage = redirectPage + "?alias=" + dataverseService.findRootDataverse().getAlias();
}
try {
redirectPage = URLDecoder.decode(redirectPage, "UTF-8");
} catch (UnsupportedEncodingException ex) {
logger.log(Level.SEVERE, "Server does not support 'UTF-8' encoding.", ex);
redirectPage = "dataverse.xhtml?alias=" + dataverseService.findRootDataverse().getAlias();
}
logger.log(Level.FINE, "Sending user to = {0}", redirectPage);
return redirectPage + (!redirectPage.contains("?") ? "?" : "&") + "faces-redirect=true";
// Happens if user is logged out while editing
} else if (!session.getUser().isAuthenticated()) {
logger.info("Redirecting");
return permissionsWrapper.notAuthorized() + "faces-redirect=true";
} else {
String emailBeforeUpdate = currentUser.getEmail();
AuthenticatedUser savedUser = authenticationService.updateAuthenticatedUser(currentUser, userDisplayInfo);
String emailAfterUpdate = savedUser.getEmail();
editMode = null;
StringBuilder msg = new StringBuilder(passwordChanged ? "Your account password has been successfully changed." : "Your account information has been successfully updated.");
if (!emailBeforeUpdate.equals(emailAfterUpdate)) {
String expTime = ConfirmEmailUtil.friendlyExpirationTime(systemConfig.getMinutesUntilConfirmEmailTokenExpires());
msg.append(" Your email address has changed and must be re-verified. Please check your inbox at ").append(currentUser.getEmail()).append(" and follow the link we've sent. \n\nAlso, please note that the link will only work for the next ").append(expTime).append(" before it has expired.");
// delete unexpired token, if it exists (clean slate)
confirmEmailService.deleteTokenForUser(currentUser);
try {
confirmEmailService.beginConfirm(currentUser);
} catch (ConfirmEmailException ex) {
logger.log(Level.INFO, "Unable to send email confirmation link to user id {0}", savedUser.getId());
}
session.setUser(currentUser);
JsfHelper.addSuccessMessage(msg.toString());
} else {
JsfHelper.addFlashMessage(msg.toString());
}
return null;
}
}
use of edu.harvard.iq.dataverse.confirmemail.ConfirmEmailException in project dataverse by IQSS.
the class Admin method startConfirmEmailProcess.
/**
* This method is used in integration tests.
*
* @param userId The database id of an AuthenticatedUser.
*/
@Path("confirmEmail/{userId}")
@POST
public Response startConfirmEmailProcess(@PathParam("userId") long userId) {
AuthenticatedUser user = authSvc.findByID(userId);
if (user != null) {
try {
ConfirmEmailInitResponse confirmEmailInitResponse = confirmEmailSvc.beginConfirm(user);
ConfirmEmailData confirmEmailData = confirmEmailInitResponse.getConfirmEmailData();
return ok(Json.createObjectBuilder().add("tokenCreated", confirmEmailData.getCreated().toString()).add("identifier", user.getUserIdentifier()));
} catch (ConfirmEmailException ex) {
return error(Status.BAD_REQUEST, "Could not start confirm email process for user " + userId + ": " + ex.getLocalizedMessage());
}
}
return error(Status.BAD_REQUEST, "Could not find user based on " + userId);
}
Aggregations