Example 21 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminSecurityServiceImpl method sendForgotUsernameNotification.
@Override
@Transactional("blTransactionManager")
public GenericResponse sendForgotUsernameNotification(String emailAddress) {
GenericResponse response = new GenericResponse();
List<AdminUser> users = null;
if (emailAddress != null) {
users = adminUserDao.readAdminUserByEmail(emailAddress);
}
if (CollectionUtils.isEmpty(users)) {
response.addErrorCode("notFound");
} else {
List<String> activeUsernames = new ArrayList<String>();
for (AdminUser user : users) {
if (user.getActiveStatusFlag()) {
activeUsernames.add(user.getLogin());
}
}
if (activeUsernames.size() > 0) {
HashMap<String, Object> vars = new HashMap<String, Object>();
vars.put("accountNames", activeUsernames);
emailService.sendTemplateEmail(emailAddress, getSendUsernameEmailInfo(), vars);
} else {
// send inactive username found email.
response.addErrorCode("inactiveUser");
}
}
return response;
}
Also used :
GenericResponse(org.broadleafcommerce.common.service.GenericResponse)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 22 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminSecurityServiceImpl method resetPasswordUsingToken.
@Override
@Transactional("blTransactionManager")
public GenericResponse resetPasswordUsingToken(String username, String token, String password, String confirmPassword) {
GenericResponse response = new GenericResponse();
AdminUser user = null;
if (username != null) {
user = adminUserDao.readAdminUserByUserName(username);
}
checkUser(user, response);
checkPassword(password, confirmPassword, response);
if (StringUtils.isBlank(token)) {
response.addErrorCode("invalidToken");
}
ForgotPasswordSecurityToken fpst = null;
if (!response.getHasErrors()) {
token = token.toLowerCase();
List<ForgotPasswordSecurityToken> fpstoks = forgotPasswordSecurityTokenDao.readUnusedTokensByAdminUserId(user.getId());
for (ForgotPasswordSecurityToken fpstok : fpstoks) {
if (isPasswordValid(fpstok.getToken(), token, null)) {
fpst = fpstok;
break;
}
}
if (fpst == null) {
response.addErrorCode("invalidToken");
} else if (fpst.isTokenUsedFlag()) {
response.addErrorCode("tokenUsed");
} else if (isTokenExpired(fpst)) {
response.addErrorCode("tokenExpired");
}
}
if (!response.getHasErrors()) {
if (!user.getId().equals(fpst.getAdminUserId())) {
if (LOG.isWarnEnabled()) {
LOG.warn("Password reset attempt tried with mismatched user and token " + user.getId() + ", " + StringUtil.sanitize(token));
}
response.addErrorCode("invalidToken");
}
}
if (!response.getHasErrors()) {
user.setUnencodedPassword(password);
saveAdminUser(user);
invalidateAllTokensForAdminUser(user);
}
return response;
}
Also used :
ForgotPasswordSecurityToken(org.broadleafcommerce.openadmin.server.security.domain.ForgotPasswordSecurityToken)
GenericResponse(org.broadleafcommerce.common.service.GenericResponse)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 23 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminSecurityServiceImpl method changePassword.
@Override
@Transactional("blTransactionManager")
public GenericResponse changePassword(String username, String oldPassword, String password, String confirmPassword) {
GenericResponse response = new GenericResponse();
AdminUser user = null;
if (username != null) {
user = adminUserDao.readAdminUserByUserName(username);
}
checkUser(user, response);
checkPassword(password, confirmPassword, response);
if (!response.getHasErrors()) {
checkExistingPassword(oldPassword, user, response);
}
if (!response.getHasErrors()) {
user.setUnencodedPassword(password);
saveAdminUser(user);
}
return response;
}
Also used :
GenericResponse(org.broadleafcommerce.common.service.GenericResponse)
AdminUser(org.broadleafcommerce.openadmin.server.security.domain.AdminUser)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 24 with AdminUser
use of org.broadleafcommerce.openadmin.server.security.domain.AdminUser in project BroadleafCommerce by BroadleafCommerce.
the class AdminModuleProcessor method populateModelVariables.
@Override
public Map<String, Object> populateModelVariables(String tagName, Map<String, String> tagAttributes, BroadleafTemplateContext context) {
String resultVar = tagAttributes.get("resultVar");
Map<String, Object> newModelVars = new HashMap<>();
AdminUser user = getPersistentAdminUser();
if (user != null) {
AdminMenu menu = adminNavigationService.buildMenu(user);
newModelVars.put(resultVar, menu);
}
return newModelVars;
}Aggregations
AdminUser (org.broadleafcommerce.openadmin.server.security.domain.AdminUser)24
Transactional (org.springframework.transaction.annotation.Transactional)6
HashMap (java.util.HashMap)4
GenericResponse (org.broadleafcommerce.common.service.GenericResponse)4
ArrayList (java.util.ArrayList)3
Site (org.broadleafcommerce.common.site.domain.Site)3
Entity (org.broadleafcommerce.openadmin.dto.Entity)3
ValidationException (org.broadleafcommerce.openadmin.server.service.ValidationException)3
Set (java.util.Set)2
ServiceException (org.broadleafcommerce.common.exception.ServiceException)2
ExtensionResultHolder (org.broadleafcommerce.common.extension.ExtensionResultHolder)2
FieldMetadata (org.broadleafcommerce.openadmin.dto.FieldMetadata)2
PersistencePerspective (org.broadleafcommerce.openadmin.dto.PersistencePerspective)2
AdminRole (org.broadleafcommerce.openadmin.server.security.domain.AdminRole)2
AdminUserImpl (org.broadleafcommerce.openadmin.server.security.domain.AdminUserImpl)2
ForgotPasswordSecurityToken (org.broadleafcommerce.openadmin.server.security.domain.ForgotPasswordSecurityToken)2
Authentication (org.springframework.security.core.Authentication)2
IOException (java.io.IOException)1
HashSet (java.util.HashSet)1
TimeZone (java.util.TimeZone)1
