Search in sources :

Example 1 with ConfirmEmailException

use of edu.harvard.iq.dataverse.confirmemail.ConfirmEmailException in project dataverse by IQSS.

the class DataverseUserPage method save.

public String save() {
    boolean passwordChanged = false;
    if (editMode == EditMode.CHANGE_PASSWORD) {
        final AuthenticationProvider prv = getUserAuthProvider();
        if (prv.isPasswordUpdateAllowed()) {
            if (!prv.verifyPassword(currentUser.getAuthenticatedUserLookup().getPersistentUserId(), currentPassword)) {
                FacesContext.getCurrentInstance().addMessage("currentPassword", new FacesMessage(FacesMessage.SEVERITY_ERROR, BundleUtil.getStringFromBundle("user.error.wrongPassword"), null));
                return null;
            }
            prv.updatePassword(currentUser.getAuthenticatedUserLookup().getPersistentUserId(), inputPassword);
            passwordChanged = true;
        } else {
            // erroneous state - we can't change the password for this user, so should not have gotten here. Log and bail out.
            logger.log(Level.WARNING, "Attempt to change a password on {0}, whose provider ({1}) does not support password change", new Object[] { currentUser.getIdentifier(), prv });
            JH.addMessage(FacesMessage.SEVERITY_ERROR, BundleUtil.getStringFromBundle("user.error.cannotChangePassword"));
            return null;
        }
    }
    if (editMode == EditMode.CREATE) {
        // Create a new built-in user.
        BuiltinUser builtinUser = new BuiltinUser();
        builtinUser.setUserName(getUsername());
        builtinUser.applyDisplayInfo(userDisplayInfo);
        builtinUser.updateEncryptedPassword(PasswordEncryption.get().encrypt(inputPassword), PasswordEncryption.getLatestVersionNumber());
        AuthenticatedUser au = authenticationService.createAuthenticatedUser(new UserRecordIdentifier(BuiltinAuthenticationProvider.PROVIDER_ID, builtinUser.getUserName()), builtinUser.getUserName(), builtinUser.getDisplayInfo(), false);
        if (au == null) {
            // Username already exists, show an error message
            getUsernameField().setValid(false);
            FacesMessage message = new FacesMessage(FacesMessage.SEVERITY_ERROR, BundleUtil.getStringFromBundle("user.username.taken"), null);
            FacesContext context = FacesContext.getCurrentInstance();
            context.addMessage(getUsernameField().getClientId(context), message);
            return null;
        }
        // The Authenticated User was just created via the UI, add an initial login timestamp
        au = userService.updateLastLogin(au);
        // Authenticated user registered. Save the new bulitin, and log in.
        builtinUserService.save(builtinUser);
        session.setUser(au);
        /**
         * @todo Move this to
         * AuthenticationServiceBean.createAuthenticatedUser
         */
        userNotificationService.sendNotification(au, new Timestamp(new Date().getTime()), UserNotification.Type.CREATEACC, null);
        // go back to where user came from
        if ("dataverse.xhtml".equals(redirectPage)) {
            redirectPage = redirectPage + "?alias=" + dataverseService.findRootDataverse().getAlias();
        }
        try {
            redirectPage = URLDecoder.decode(redirectPage, "UTF-8");
        } catch (UnsupportedEncodingException ex) {
            logger.log(Level.SEVERE, "Server does not support 'UTF-8' encoding.", ex);
            redirectPage = "dataverse.xhtml?alias=" + dataverseService.findRootDataverse().getAlias();
        }
        logger.log(Level.FINE, "Sending user to = {0}", redirectPage);
        return redirectPage + (!redirectPage.contains("?") ? "?" : "&") + "faces-redirect=true";
    // Happens if user is logged out while editing
    } else if (!session.getUser().isAuthenticated()) {
        logger.info("Redirecting");
        return permissionsWrapper.notAuthorized() + "faces-redirect=true";
    } else {
        String emailBeforeUpdate = currentUser.getEmail();
        AuthenticatedUser savedUser = authenticationService.updateAuthenticatedUser(currentUser, userDisplayInfo);
        String emailAfterUpdate = savedUser.getEmail();
        editMode = null;
        StringBuilder msg = new StringBuilder(passwordChanged ? "Your account password has been successfully changed." : "Your account information has been successfully updated.");
        if (!emailBeforeUpdate.equals(emailAfterUpdate)) {
            String expTime = ConfirmEmailUtil.friendlyExpirationTime(systemConfig.getMinutesUntilConfirmEmailTokenExpires());
            msg.append(" Your email address has changed and must be re-verified. Please check your inbox at ").append(currentUser.getEmail()).append(" and follow the link we've sent. \n\nAlso, please note that the link will only work for the next ").append(expTime).append(" before it has expired.");
            // delete unexpired token, if it exists (clean slate)
            confirmEmailService.deleteTokenForUser(currentUser);
            try {
                confirmEmailService.beginConfirm(currentUser);
            } catch (ConfirmEmailException ex) {
                logger.log(Level.INFO, "Unable to send email confirmation link to user id {0}", savedUser.getId());
            }
            session.setUser(currentUser);
            JsfHelper.addSuccessMessage(msg.toString());
        } else {
            JsfHelper.addFlashMessage(msg.toString());
        }
        return null;
    }
}
Also used : FacesContext(javax.faces.context.FacesContext) UserRecordIdentifier(edu.harvard.iq.dataverse.authorization.UserRecordIdentifier) AuthenticationProvider(edu.harvard.iq.dataverse.authorization.AuthenticationProvider) ShibAuthenticationProvider(edu.harvard.iq.dataverse.authorization.providers.shib.ShibAuthenticationProvider) UnsupportedEncodingException(java.io.UnsupportedEncodingException) AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser) Timestamp(java.sql.Timestamp) Date(java.util.Date) ConfirmEmailException(edu.harvard.iq.dataverse.confirmemail.ConfirmEmailException) FacesMessage(javax.faces.application.FacesMessage)

Example 2 with ConfirmEmailException

use of edu.harvard.iq.dataverse.confirmemail.ConfirmEmailException in project dataverse by IQSS.

the class Admin method startConfirmEmailProcess.

/**
 * This method is used in integration tests.
 *
 * @param userId The database id of an AuthenticatedUser.
 */
@Path("confirmEmail/{userId}")
@POST
public Response startConfirmEmailProcess(@PathParam("userId") long userId) {
    AuthenticatedUser user = authSvc.findByID(userId);
    if (user != null) {
        try {
            ConfirmEmailInitResponse confirmEmailInitResponse = confirmEmailSvc.beginConfirm(user);
            ConfirmEmailData confirmEmailData = confirmEmailInitResponse.getConfirmEmailData();
            return ok(Json.createObjectBuilder().add("tokenCreated", confirmEmailData.getCreated().toString()).add("identifier", user.getUserIdentifier()));
        } catch (ConfirmEmailException ex) {
            return error(Status.BAD_REQUEST, "Could not start confirm email process for user " + userId + ": " + ex.getLocalizedMessage());
        }
    }
    return error(Status.BAD_REQUEST, "Could not find user based on " + userId);
}
Also used : ConfirmEmailException(edu.harvard.iq.dataverse.confirmemail.ConfirmEmailException) ConfirmEmailInitResponse(edu.harvard.iq.dataverse.confirmemail.ConfirmEmailInitResponse) AuthenticatedUser(edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser) ConfirmEmailData(edu.harvard.iq.dataverse.confirmemail.ConfirmEmailData) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST)

Aggregations

AuthenticatedUser (edu.harvard.iq.dataverse.authorization.users.AuthenticatedUser)2 ConfirmEmailException (edu.harvard.iq.dataverse.confirmemail.ConfirmEmailException)2 AuthenticationProvider (edu.harvard.iq.dataverse.authorization.AuthenticationProvider)1 UserRecordIdentifier (edu.harvard.iq.dataverse.authorization.UserRecordIdentifier)1 ShibAuthenticationProvider (edu.harvard.iq.dataverse.authorization.providers.shib.ShibAuthenticationProvider)1 ConfirmEmailData (edu.harvard.iq.dataverse.confirmemail.ConfirmEmailData)1 ConfirmEmailInitResponse (edu.harvard.iq.dataverse.confirmemail.ConfirmEmailInitResponse)1 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 Timestamp (java.sql.Timestamp)1 Date (java.util.Date)1 FacesMessage (javax.faces.application.FacesMessage)1 FacesContext (javax.faces.context.FacesContext)1 POST (javax.ws.rs.POST)1 Path (javax.ws.rs.Path)1