Example 6 with MotechUserProfile
use of org.motechproject.security.domain.MotechUserProfile in project motech by motech.
the class MotechUserServiceBundleIT method shouldChangeExpiredPassword.
@Test
public void shouldChangeExpiredPassword() {
motechUserService.register("expired", "password", "1234", "", asList("IT_ADMIN"), Locale.ENGLISH, UserStatus.MUST_CHANGE_PASSWORD, "");
MotechUserProfile profile = motechUserService.changeExpiredPassword("expired", "password", "newPassword");
assertNotNull(profile);
assertEquals(UserStatus.ACTIVE, profile.getUserStatus());
UserDto userDto = motechUserService.getUser("expired");
assertEquals(UserStatus.ACTIVE, userDto.getUserStatus());
}
Also used :
MotechUserProfile(org.motechproject.security.domain.MotechUserProfile)
UserDto(org.motechproject.security.model.UserDto)
Test(org.junit.Test)
Example 7 with MotechUserProfile
use of org.motechproject.security.domain.MotechUserProfile in project motech by motech.
the class MotechUserServiceImpl method hasActiveMotechAdmin.
@Override
@Transactional
public boolean hasActiveMotechAdmin() {
List<MotechUserProfile> users = getUsers();
MotechUserProfile motechUser = (MotechUserProfile) CollectionUtils.find(users, new Predicate() {
@Override
public boolean evaluate(Object object) {
MotechUserProfile user = (MotechUserProfile) object;
return user.isActive() && user.hasRole(UserRoleNames.MOTECH_ADMIN);
}
});
return motechUser != null;
}
Also used :
MotechUserProfile(org.motechproject.security.domain.MotechUserProfile)
Predicate(org.apache.commons.collections.Predicate)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 8 with MotechUserProfile
use of org.motechproject.security.domain.MotechUserProfile in project motech by motech.
the class MotechUserServiceImpl method changeExpiredPassword.
@Override
@Transactional
public MotechUserProfile changeExpiredPassword(String userName, String oldPassword, String newPassword) {
MotechUser motechUser = motechUsersDao.findByUserName(userName);
validatePassword(newPassword);
if (motechUser != null && UserStatus.MUST_CHANGE_PASSWORD.equals(motechUser.getUserStatus()) && passwordEncoder.isPasswordValid(motechUser.getPassword(), oldPassword)) {
// The new password and the old password cannot be the same
if (passwordEncoder.isPasswordValid(motechUser.getPassword(), newPassword)) {
return null;
}
motechUser.setPassword(passwordEncoder.encodePassword(newPassword));
motechUser.setUserStatus(UserStatus.ACTIVE);
motechUsersDao.update(motechUser);
return new MotechUserProfile(motechUser);
} else {
// Wrong password
incrementFailureLoginCount(motechUser);
}
return null;
}
Also used :
MotechUser(org.motechproject.security.domain.MotechUser)
MotechUserProfile(org.motechproject.security.domain.MotechUserProfile)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 9 with MotechUserProfile
use of org.motechproject.security.domain.MotechUserProfile in project motech by motech.
the class MotechUserServiceImpl method changePassword.
@Override
@Transactional
public MotechUserProfile changePassword(String userName, String oldPassword, String newPassword) {
MotechUser motechUser = motechUsersDao.findByUserName(userName);
validatePassword(newPassword);
if (motechUser != null && passwordEncoder.isPasswordValid(motechUser.getPassword(), oldPassword)) {
motechUser.setPassword(passwordEncoder.encodePassword(newPassword));
motechUsersDao.update(motechUser);
return new MotechUserProfile(motechUser);
}
return null;
}
Also used :
MotechUser(org.motechproject.security.domain.MotechUser)
MotechUserProfile(org.motechproject.security.domain.MotechUserProfile)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 10 with MotechUserProfile
use of org.motechproject.security.domain.MotechUserProfile in project motech by motech.
the class MotechUserServiceTest method shouldIncrementFailureLoginCounter.
@Test
public void shouldIncrementFailureLoginCounter() {
MotechUser motechUser = new MotechUser();
motechUser.setUserStatus(UserStatus.MUST_CHANGE_PASSWORD);
motechUser.setPassword(PASSWORD);
motechUser.setUserName(USER);
motechUser.setFailureLoginCounter(0);
when(motechUsersDao.findByUserName(USER)).thenReturn(motechUser);
when(motechPasswordEncoder.isPasswordValid(PASSWORD, PASSWORD)).thenReturn(false);
when(settingService.getFailureLoginLimit()).thenReturn(2);
MotechUserProfile profile = motechUserService.changeExpiredPassword(USER, PASSWORD, NEW_PASSWORD);
assertNull(profile);
verify(motechUsersDao).update(userCaptor.capture());
MotechUser capturedUser = userCaptor.getValue();
assertEquals(USER, capturedUser.getUserName());
assertEquals(PASSWORD, capturedUser.getPassword());
assertEquals(new Integer(1), capturedUser.getFailureLoginCounter());
}
Also used :
MotechUser(org.motechproject.security.domain.MotechUser)
MotechUserProfile(org.motechproject.security.domain.MotechUserProfile)
Test(org.junit.Test)
Aggregations
MotechUserProfile (org.motechproject.security.domain.MotechUserProfile)12
MotechUser (org.motechproject.security.domain.MotechUser)8
Test (org.junit.Test)5
ArrayList (java.util.ArrayList)3
ConfigAttribute (org.springframework.security.access.ConfigAttribute)3
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)3
Transactional (org.springframework.transaction.annotation.Transactional)3
UserDto (org.motechproject.security.model.UserDto)2
SecurityConfig (org.springframework.security.access.SecurityConfig)2
Predicate (org.apache.commons.collections.Predicate)1
PasswordValidatorException (org.motechproject.security.exception.PasswordValidatorException)1
ChangePasswordViewData (org.motechproject.server.web.dto.ChangePasswordViewData)1
ChangePasswordFormValidator (org.motechproject.server.web.validator.ChangePasswordFormValidator)1
LockedException (org.springframework.security.authentication.LockedException)1
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1
ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1
