RenJuan/TASKPM
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Introduce warning for other predefined users about its default password.

Browse source 
FEA : ItEr69S06AutocompleteAndPasswords
This commit is contained in:
Susana Montes Pedreira 2011-01-31 10:30:40 +01:00
parent dd5f1d240c
commit 5c07068160
10 changed files with 237 additions and 54 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
navalplanner-business/src/main/java/org/navalplanner/business/common/daos/ConfigurationDAO.java
View file

@ -58,10 +58,12 @@ public class ConfigurationDAO extends GenericDAOHibernate<Configuration, Long>
@Override
@Transactional(propagation = Propagation.REQUIRES_NEW)
public void saveChangedDefaultAdminPassword(boolean change) {
Query query = getSession()
.createQuery(
"UPDATE Configuration e SET e.changedDefaultAdminPassword = :change");
public void saveChangedDefaultPassword(String user, boolean change) {
user = user.substring(0, 1).toUpperCase()
+ user.substring(1).toLowerCase();
String sql = "UPDATE Configuration e SET e.changedDefault" + user
+ "Password = :change";
Query query = getSession().createQuery(sql);
query.setParameter("change", change);
query.executeUpdate();
}

7
navalplanner-business/src/main/java/org/navalplanner/business/common/daos/IConfigurationDAO.java
View file

@ -41,7 +41,8 @@ public interface IConfigurationDAO extends IGenericDAO<Configuration, Long> {
Configuration getConfigurationWithReadOnlyTransaction();
/**
* It changes the value in the field changedDefaultAdminPassword.
* It changes the value in the field changedDefaultAdminPassword of a
* specified user.
*/
void saveChangedDefaultAdminPassword(boolean change);
}
void saveChangedDefaultPassword(String user, boolean change);
}

35
navalplanner-business/src/main/java/org/navalplanner/business/common/entities/Configuration.java
View file

@ -74,6 +74,12 @@ public class Configuration extends BaseEntity {
private Boolean changedDefaultAdminPassword = false;
private Boolean changedDefaultUserPassword = false;
private Boolean changedDefaultWsreaderPassword = false;
private Boolean changedDefaultWswriterPassword = false;
private ProgressType progressType = ProgressType.SPREAD_PROGRESS;
private String companyLogoURL = "";
@ -276,4 +282,33 @@ public class Configuration extends BaseEntity {
: changedDefaultAdminPassword;
}
public void setChangedDefaultUserPassword(Boolean changedDefaultUserPassword) {
this.changedDefaultUserPassword = changedDefaultUserPassword;
}
public Boolean getChangedDefaultUserPassword() {
return changedDefaultUserPassword != null ? changedDefaultUserPassword
: false;
}
public void setChangedDefaultWsreaderPassword(
Boolean changedDefaultWsreaderPassword) {
this.changedDefaultWsreaderPassword = changedDefaultWsreaderPassword;
}
public Boolean getChangedDefaultWsreaderPassword() {
return changedDefaultWsreaderPassword != null ? changedDefaultWsreaderPassword
: false;
}
public void setChangedDefaultWswriterPassword(
Boolean changedDefaultWswriterPassword) {
this.changedDefaultWswriterPassword = changedDefaultWswriterPassword;
}
public Boolean getChangedDefaultWswriterPassword() {
return changedDefaultWswriterPassword != null ? changedDefaultWswriterPassword
: false;
}
}

7
navalplanner-business/src/main/resources/org/navalplanner/business/common/entities/Configuration.hbm.xml
View file

@ -49,7 +49,12 @@
column="monte_carlo_method_tab_visible" />
<property name="changedDefaultAdminPassword" not-null="true"
column="changed_default_admin_password" />
<property name="changedDefaultUserPassword" not-null="true"
column="changed_default_user_password" />
<property name="changedDefaultWsreaderPassword" not-null="true"
column="changed_default_wsreader_password" />
<property name="changedDefaultWswriterPassword" not-null="true"
column="changed_default_wswriter_password" />
<property name="progressType" column="progress_type">
<type name="org.hibernate.type.EnumType">
<param name="enumClass">org.navalplanner.business.common.entities.ProgressType</param>

5
navalplanner-webapp/src/main/java/org/navalplanner/web/common/ITemplateModel.java
View file

@ -24,6 +24,7 @@ package org.navalplanner.web.common;
import java.util.List;
import org.navalplanner.business.scenarios.entities.Scenario;
import org.navalplanner.web.users.bootstrap.MandatoryUser;
/**
* Contract for {@link TemplateModel}.
@ -49,8 +50,8 @@ public interface ITemplateModel {
boolean isScenariosVisible();
boolean isChangedDefaultAdminPassword();
boolean isChangedDefaultPassword(MandatoryUser user);
String getIdAdminUser();
String getIdUser(String login);
}

52
navalplanner-webapp/src/main/java/org/navalplanner/web/common/TemplateController.java
View file

@ -33,6 +33,7 @@ import org.navalplanner.business.scenarios.entities.Scenario;
import org.navalplanner.web.common.ITemplateModel.IOnFinished;
import org.navalplanner.web.common.components.bandboxsearch.BandboxSearch;
import org.navalplanner.web.security.SecurityUtils;
import org.navalplanner.web.users.bootstrap.MandatoryUser;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.config.BeanDefinition;
import org.springframework.context.annotation.Scope;
@ -63,9 +64,16 @@ public class TemplateController extends GenericForwardComposer {
private IMessagesForUser windowMessages;
private static TemplateController current;
public static TemplateController getCurrent() {
return current;
}
@Override
public void doAfterCompose(Component comp) throws Exception {
super.doAfterCompose(comp);
TemplateController.current = this;
if (templateModel.isScenariosVisible()) {
window = (Window) comp.getFellow("changeScenarioWindow");
windowMessages = new MessagesForUser(window
@ -129,12 +137,50 @@ public class TemplateController extends GenericForwardComposer {
return (templateModel != null) && templateModel.isScenariosVisible();
}
public String getDefaultPasswdAdminVisible() {
return ((templateModel != null) && (!templateModel
.isChangedDefaultPassword(MandatoryUser.ADMIN))) ? "inline"
: "none";
}
public String getDefaultPasswdUserVisible() {
return ((templateModel != null) && (!templateModel
.isChangedDefaultPassword(MandatoryUser.USER))) ? "inline"
: "none";
}
public String getDefaultPasswdWsreaderVisible() {
return ((templateModel != null) && (!templateModel
.isChangedDefaultPassword(MandatoryUser.WSREADER))) ? "inline"
: "none";
}
public String getDefaultPasswdWswriterVisible() {
return ((templateModel != null) && (!templateModel
.isChangedDefaultPassword(MandatoryUser.WSWRITER))) ? "inline"
: "none";
}
public String getDefaultPasswdVisible() {
return ((templateModel != null) && (getIdAdminUser() != null) && (!templateModel
.isChangedDefaultAdminPassword())) ? "inline" : "none";
return (getDefaultPasswdAdminVisible().equals("none") && (getDefaultPasswdUserVisible()
.equals("inline")
|| getDefaultPasswdWsreaderVisible().equals("inline") || getDefaultPasswdWswriterVisible()
.equals("inline"))) ? "inline" : "none";
}
public String getIdAdminUser() {
return templateModel.getIdAdminUser();
return templateModel.getIdUser(MandatoryUser.ADMIN.getLoginName());
}
public String getIdUser() {
return templateModel.getIdUser(MandatoryUser.USER.getLoginName());
}
public String getIdWsreaderUser() {
return templateModel.getIdUser(MandatoryUser.WSREADER.getLoginName());
}
public String getIdWswriterUser() {
return templateModel.getIdUser(MandatoryUser.WSWRITER.getLoginName());
}
}

18
navalplanner-webapp/src/main/java/org/navalplanner/web/common/TemplateModel.java
View file

@ -36,6 +36,7 @@ import org.navalplanner.business.common.IAdHocTransactionService;
import org.navalplanner.business.common.IOnTransaction;
import org.navalplanner.business.common.Registry;
import org.navalplanner.business.common.daos.IConfigurationDAO;
import org.navalplanner.business.common.entities.Configuration;
import org.navalplanner.business.common.exceptions.InstanceNotFoundException;
import org.navalplanner.business.orders.entities.Order;
import org.navalplanner.business.orders.entities.TaskSource;
@ -455,15 +456,26 @@ public class TemplateModel implements ITemplateModel {
@Override
@Transactional(readOnly = true)
public boolean isChangedDefaultAdminPassword() {
public boolean isChangedDefaultPassword(MandatoryUser user) {
Configuration configuration = configurationDAO.getConfiguration();
switch (user) {
case ADMIN:
return configuration.getChangedDefaultAdminPassword();
case USER:
return configuration.getChangedDefaultUserPassword();
case WSREADER:
return configuration.getChangedDefaultWsreaderPassword();
case WSWRITER:
return configuration.getChangedDefaultWswriterPassword();
}
return configurationDAO.getConfiguration()
.getChangedDefaultAdminPassword();
}
@Override
@Transactional(readOnly = true)
public String getIdAdminUser() {
String login = MandatoryUser.ADMIN.getLoginName();
public String getIdUser(String login) {
try {
return Registry.getUserDAO().findByLoginName(login).getId()
.toString();

109
navalplanner-webapp/src/main/java/org/navalplanner/web/users/UserModel.java
View file

@ -32,6 +32,7 @@ import org.navalplanner.business.users.daos.IUserDAO;
import org.navalplanner.business.users.entities.Profile;
import org.navalplanner.business.users.entities.User;
import org.navalplanner.business.users.entities.UserRole;
import org.navalplanner.web.common.TemplateController;
import org.navalplanner.web.common.concurrentdetection.OnConcurrentModification;
import org.navalplanner.web.users.bootstrap.MandatoryUser;
import org.navalplanner.web.users.services.IDBPasswordEncoderService;
@ -44,8 +45,8 @@ import org.zkoss.zk.ui.util.Clients;
/**
* Model for UI operations related to {@link User}
*
* @author Jacobo Aragunde Perez <jaragunde@igalia.com>
* @author Susana Montes Pedreira <smontes@wirelessgalicia.com>
*/
@Service
@Scope(BeanDefinition.SCOPE_PROTOTYPE)
@ -63,7 +64,7 @@ public class UserModel implements IUserModel {
private String clearNewPassword;
@Override
@Transactional(readOnly=true)
@Transactional(readOnly = true)
public List<User> getUsers() {
List<User> users = userDAO.list(User.class);
initializeUsers(users);
@ -79,52 +80,104 @@ public class UserModel implements IUserModel {
}
}
private UserCRUDController ctlr;
@Override
@Transactional
public void confirmSave() throws ValidationException {
this.ctlr = ctlr;
try {
//user.getLoginName() has to be validated before encoding password,
//because it must exist to perform the encoding
// user.getLoginName() has to be validated before encoding password,
// because it must exist to perform the encoding
Validate.notEmpty(user.getLoginName());
if (getClearNewPassword() != null) {
/**
* it ckecks if the admin password has changed and if so sets
* true in the field changedDefaultAdminPassword.
* it ckecks if the user password who have admin role has
* changed and if so sets true in the field
* changedDefaultAdminPassword.
*/
if (user.getLoginName().equalsIgnoreCase(
MandatoryUser.ADMIN.getLoginName())) {
checkIfChangeDefaultAdminPasswd();
}
checkIfChangeDefaultPasswd();
user.setPassword(dbPasswordEncoderService.
encodePassword(getClearNewPassword(), user.getLoginName()));
user.setPassword(dbPasswordEncoderService.encodePassword(
getClearNewPassword(), user.getLoginName()));
}
} catch (IllegalArgumentException e) {
}
catch (IllegalArgumentException e) {}
user.validate();
userDAO.save(user);
}
private void checkIfChangeDefaultAdminPasswd() {
private void checkIfChangeDefaultPasswd() {
if (user.getLoginName().equalsIgnoreCase(
MandatoryUser.ADMIN.getLoginName())) {
checkIfChangeDefaultPasswd(MandatoryUser.ADMIN);
return;
}
if (user.getLoginName().equalsIgnoreCase(
MandatoryUser.USER.getLoginName())) {
checkIfChangeDefaultPasswd(MandatoryUser.USER);
return;
}
if (user.getLoginName().equalsIgnoreCase(
MandatoryUser.WSREADER.getLoginName())) {
checkIfChangeDefaultPasswd(MandatoryUser.WSREADER);
return;
}
if (user.getLoginName().equalsIgnoreCase(
MandatoryUser.WSWRITER.getLoginName())) {
checkIfChangeDefaultPasswd(MandatoryUser.WSWRITER);
return;
}
}
private void checkIfChangeDefaultPasswd(MandatoryUser user) {
boolean changedPasswd = true;
if (getClearNewPassword().isEmpty()
|| getClearNewPassword().equals(MandatoryUser.ADMIN
.getClearPassword())) {
|| getClearNewPassword().equals(user.getClearPassword())) {
changedPasswd = false;
}
// save the field changedDefaultAdminPassword in configuration.
Registry.getConfigurationDAO().saveChangedDefaultAdminPassword(
changedPasswd);
Registry.getConfigurationDAO().saveChangedDefaultPassword(
user.getLoginName(), changedPasswd);
String displayA = null;
String displayO = null;
String displayU = null;
String login = null;
// show or hide the warning
if (changedPasswd) {
Clients.evalJavaScript("hideWarningDefaultPasswd();");
} else {
Clients.evalJavaScript("showWarningDefaultPasswd();");
displayO = isWarningDefaultPasswdOthersVisible();
if (user.equals(MandatoryUser.ADMIN)) {
displayA = isWarningDefaultPasswdAdminVisible(user,changedPasswd);
}else{
displayU = isWarningDefaultPasswordOtherUser(changedPasswd,
displayO);
login = user.getLoginName();
}
Clients.evalJavaScript("showOrHideWarnings('" + displayA + "', '"
+ displayO + "', '" + login + "', '" + displayU + "');");
}
private String isWarningDefaultPasswordOtherUser(boolean changedPasswd,
String displayO) {
if (displayO.equals("inline")) {
return changedPasswd ? "none" : "inline";
}
return null;
}
private String isWarningDefaultPasswdAdminVisible(MandatoryUser user, boolean changedPasswd){
if (user.equals(MandatoryUser.ADMIN)) {
return changedPasswd ? "none" : "inline";
}
return null;
}
private String isWarningDefaultPasswdOthersVisible() {
return (TemplateController.getCurrent() != null) ? TemplateController
.getCurrent().getDefaultPasswdVisible() : "none";
}
@Override
@ -162,7 +215,6 @@ public class UserModel implements IUserModel {
/**
* Load entities that will be needed in the conversation
*
* @param costCategory
*/
private void forceLoadEntities(User user) {
@ -215,13 +267,12 @@ public class UserModel implements IUserModel {
@Override
public void setPassword(String password) {
//password is not encrypted right away, because
//user.getLoginName must exist to do that, and we're
//not sure at this point
if(password != "") {
// password is not encrypted right away, because
// user.getLoginName must exist to do that, and we're
// not sure at this point
if (password != "") {
setClearNewPassword(password);
}
else{
} else {
setClearNewPassword(null);
}
}

29
navalplanner-webapp/src/main/webapp/common/layout/template.zul
View file

@ -34,6 +34,9 @@
contextPath = Executions.getCurrent().getContextPath();
templateCtrl = templateController;
idAdminUser = templateController.getIdAdminUser();
idUser = templateController.getIdUser();
idWsreader = templateController.getIdWsreaderUser();
idWswriter = templateController.getIdWswriterUser();
]]>
</zscript>
@ -127,12 +130,34 @@
<n:img height="40" src="${templateCtrl.companyLogoURL}" if="${templateCtrl.companyLogoURL!=''}" />
</n:td>
<n:td valign="center">
<n:div id="warningDefaultPasswd" style="display:${templateCtrl.defaultPasswdVisible}">
<n:div id="warningDefaultPasswdadmin" style="display:${templateCtrl.defaultPasswdAdminVisible}">
<div>
<n:span id="footer-messages-area" class="footer-messages-area">${i18n:_('The admin account default password was not changed')}.</n:span>
<n:span class="footer-messages-area">${i18n:_('The admin account default password was not changed')}.</n:span>
<n:a href="${contextPath}/users/users.zul#edit%3D${idAdminUser}" class="footer-messages-area">[${i18n:_('Click here')}]</n:a>
</div>
</n:div>
<n:div id="warningDefaultPasswdOthers" style="display:${templateCtrl.defaultPasswdVisible}">
<div>
<n:a href="${contextPath}/users/users.zul#edit%3D${idUser}"
class="footer-messages-area" id="warningDefaultPasswduser"
style="display:${templateCtrl.defaultPasswdUserVisible}">
[${i18n:_('user')}]
</n:a>
<n:a href="${contextPath}/users/users.zul#edit%3D${idWsreader}"
class="footer-messages-area" id="warningDefaultPasswdwsreader"
style="display:${templateCtrl.defaultPasswdWsreaderVisible}">
[${i18n:_('wswriter')}]
</n:a>
<n:a href="${contextPath}/users/users.zul#edit%3D${idWswriter}"
class="footer-messages-area" id="warningDefaultPasswdwswriter"
style="display:${templateCtrl.defaultPasswdWswriterVisible}">
[${i18n:_('wsreader')}]
</n:a>
<n:span class="footer-messages-area">
${i18n:_(' default password were not changed')}.
</n:span>
</div>
</n:div>
</n:td>
<n:td height="40" align="right" valign="bottom">
<n:img width="110" height="40" src="${contextPath}/common/img/logos_footer_fundacion.png"/>

19
navalplanner-webapp/src/main/webapp/users/users.zul
View file

@ -31,14 +31,19 @@
<zk>
<script type="text/JavaScript">
<![CDATA[
function showWarningDefaultPasswd() {
var warningDefaultPasswd = document.getElementById ("warningDefaultPasswd");
warningDefaultPasswd.style["display"] = "inline";
}
function showOrHideWarnings(displayA, displayO, user, displayU) {
if(displayA != "null"){
var warningAdmin = document.getElementById ("warningDefaultPasswdadmin");
warningAdmin.style["display"] = displayA;
}
function hideWarningDefaultPasswd() {
var warningDefaultPasswd = document.getElementById ("warningDefaultPasswd");
warningDefaultPasswd.style["display"] = "none";
var warningOthers = document.getElementById ("warningDefaultPasswdOthers");
warningOthers.style["display"] = displayO;
if(displayU != "null" && user != "null"){
var warningUser = document.getElementById ("warningDefaultPasswd"+user);
warningUser.style["display"] = displayU;
}
}
]]>
</script>