dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 8755: Impl account restore and recovery resource in AccountController

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Mon, 29 Oct 2012 19:28:14 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 8755
committer: Lars Helge Øverland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2012-10-29 22:27:12 +0300
message:
  Impl account restore and recovery resource in AccountController
modified:
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2012-10-29 14:56:41 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2012-10-29 19:27:12 +0000
@@ -94,6 +94,8 @@
         }
         
         // TODO check if email is configured
+        // TODO check if restore is allowed
+        // TODO deny restore if credentials contain certain authorities
         
         String[] result = initRestore( credentials );
         
@@ -107,8 +109,8 @@
         vars.put( "code", result[1] );
         vars.put( "username", username );
         
-        String text1 = new VelocityManager().render( vars, "restore_message1.vm" );
-        String text2 = new VelocityManager().render( vars, "restore_message2.vm" );
+        String text1 = new VelocityManager().render( vars, "restore_message1" );
+        String text2 = new VelocityManager().render( vars, "restore_message2" );
         
         emailMessageSender.sendMessage( "User account restore confirmation (message 1 of 2)", text1, null, users );
         emailMessageSender.sendMessage( "User account restore confirmation (message 2 of 2)", text2, null, users );

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java	2012-10-23 13:38:24 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java	2012-10-29 19:27:12 +0000
@@ -40,6 +40,7 @@
 import org.hisp.dhis.api.utils.ContextUtils;
 import org.hisp.dhis.configuration.ConfigurationService;
 import org.hisp.dhis.security.PasswordManager;
+import org.hisp.dhis.security.SecurityService;
 import org.hisp.dhis.system.util.ValidationUtils;
 import org.hisp.dhis.user.User;
 import org.hisp.dhis.user.UserAuthorityGroup;
@@ -92,6 +93,66 @@
     @Autowired
     private PasswordManager passwordManager;
     
+    @Autowired
+    private SecurityService securityService;
+    
+    @RequestMapping( value = "/recovery", method = RequestMethod.POST, produces = ContextUtils.CONTENT_TYPE_TEXT )
+    public @ResponseBody String recoverAccount(
+        @RequestParam String username,
+        HttpServletRequest request,
+        HttpServletResponse response )
+    {
+        String rootPath = ContextUtils.getRootPath( request );
+        
+        boolean recover = securityService.sendRestoreMessage( username, rootPath );
+        
+        if ( !recover )
+        {
+            response.setStatus( HttpServletResponse.SC_BAD_REQUEST );
+            return "Account could not be recovered";
+        }
+
+        log.info( "Recovery message sent for user: " + username );
+        
+        response.setStatus( HttpServletResponse.SC_CREATED );
+        return "Recovery message sent";
+    }
+    
+    @RequestMapping( value = "/restore", method = RequestMethod.POST, produces = ContextUtils.CONTENT_TYPE_TEXT )
+    public @ResponseBody String restoreAccount(
+        @RequestParam String username,
+        @RequestParam String token,
+        @RequestParam String code,
+        @RequestParam String password,
+        HttpServletRequest request,
+        HttpServletResponse response )        
+    {
+        if ( password == null || !ValidationUtils.passwordIsValid( password ) )
+        {
+            response.setStatus( HttpServletResponse.SC_BAD_REQUEST );
+            return "Password is not specified or invalid";
+        }
+        
+        if ( password.trim().equals( username.trim() ) )
+        {
+            response.setStatus( HttpServletResponse.SC_BAD_REQUEST );
+            return "Password cannot be equal to username";
+        }
+        
+        boolean restore = securityService.restore( username, token, code, password );
+        
+        if ( !restore )
+        {
+            response.setStatus( HttpServletResponse.SC_BAD_REQUEST );
+            return "Account could not be restored";
+        }        
+
+        log.info( "Account restored for user: " + username );
+        
+        response.setStatus( HttpServletResponse.SC_CREATED );
+        return "Account restored";
+    }
+    
     @RequestMapping( method = RequestMethod.POST, produces = ContextUtils.CONTENT_TYPE_TEXT )
     public @ResponseBody String createAccount( 
         @RequestParam String username,