← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 8756: Impl system setting for account recovery

 

------------------------------------------------------------
revno: 8756
committer: Lars Helge Øverland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2012-10-29 23:17:23 +0300
message:
  Impl system setting for account recovery
added:
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/recovery.vm
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/restore.vm
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsAccountRecoveryAllowedAction.java
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java
  dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message1.vm
  dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message2.vm
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/css/login.css
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.vm
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java
  dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/beans.xml
  dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml
  dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml
  dhis-2/dhis-web/dhis-web-commons/src/main/resources/i18n_global.properties
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/resources/org/hisp/dhis/settings/i18n_module.properties
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemGeneralSettings.vm


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java	2012-10-25 13:31:14 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java	2012-10-29 20:17:23 +0000
@@ -75,6 +75,7 @@
     final String KEY_SCHEDULE_AGGREGATE_QUERY_BUILDER_TASKS = "scheduleAggregateQueryBuilder";
     final String KEY_AGGREGATE_QUERY_BUILDER_ORGUNITGROUPSET_AGG_LEVEL = "aggQueryBuilderorgUnitGroupSetAggregationLevel";
     final String KEY_CONFIGURATION = "keyConfig";
+    final String KEY_ACCOUNT_RECOVERY = "keyAccountRecovery";
 
     final int DEFAULT_MAX_NUMBER_OF_ATTEMPTS = 20;
     final int DEFAULT_TIMEFRAME_MINUTES = 1;
@@ -111,4 +112,6 @@
     String getEmailUsername();
     
     String getEmailPassword();
+    
+    boolean accountRecoveryEnabled();
 }

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java	2012-10-18 11:22:57 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/message/EmailMessageSender.java	2012-10-29 20:17:23 +0000
@@ -124,7 +124,7 @@
                 {
                     email.addBcc( user.getEmail() );
                     
-                    log.debug( "Sent email to user: " + user + " with email address: " + user.getEmail() );
+                    log.debug( "Sending email to user: " + user + " with email address: " + user.getEmail() );
                     
                     hasRecipients = true;
                 }
@@ -133,6 +133,8 @@
             if ( hasRecipients )
             {
                 email.send();
+                
+                log.debug( "Email sent" );
             }
         }
         catch ( EmailException ex )

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java	2012-10-23 08:04:24 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java	2012-10-29 20:17:23 +0000
@@ -147,4 +147,9 @@
     {
         return StringUtils.trimToNull( (String) getSystemSetting( KEY_EMAIL_USERNAME ) );
     }
+    
+    public boolean accountRecoveryEnabled()
+    {
+        return (Boolean) getSystemSetting( KEY_ACCOUNT_RECOVERY, false );
+    }
 }

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message1.vm'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message1.vm	2012-10-29 14:34:57 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message1.vm	2012-10-29 20:17:23 +0000
@@ -1,7 +1,11 @@
-Someone, probably you, have asked us to restore your useraccount at ${basePath}. 
-You have been sent two emails. This is the first email of those two. Please follow
-the link below this text. In the next step you will be asked to enter a code 
-which is sent to you in the other email. You must complete the restore within 1 
-hour.
-
-${restorePath}?username=${username}&token=${token}
+Someone, probably you, have asked us to restore your user account at ${object.rootPath}. 
+You have been sent two emails, where this is the first one. Please follow the 
+link below. In the next step you will be asked to enter a code which has been 
+sent to you in the other email.
+
+
+${object.restorePath}?username=${object.username}&token=${object.token}
+
+
+You must complete the restore process within 1 hour. If you take no action, your
+account will not be restored.

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message2.vm'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message2.vm	2012-10-29 14:34:57 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/restore_message2.vm	2012-10-29 20:17:23 +0000
@@ -1,7 +1,11 @@
-Someone, probably you, have asked us to restore your useraccount at ${basePath}. 
-You have been sent two emails. This is the second email of those two. Please
-read the first email and follow the instructions. If you already have done that,
-please use the code below to complete the account restore form. You must complete 
-the restore within 1 hour.
-
-${code}
+Someone, probably you, have asked us to restore your user account at ${object.rootPath}. 
+You have been sent two emails, where this is the second one. Please read the 
+first email and follow the instructions. If you already have done so, please 
+use the code below to complete the account restore form.
+
+
+${object.code}
+
+
+You must complete the restore process within 1 hour. If you take no action, your
+account will not be restored.
\ No newline at end of file

=== modified file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/css/login.css'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/css/login.css	2012-10-23 10:26:43 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/css/login.css	2012-10-29 20:17:23 +0000
@@ -65,6 +65,11 @@
   border: none;
 }
 
+#loginFormFooter
+{
+  font-size: 14px;
+}
+
 #accountArea
 {
   position: absolute;

=== modified file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.vm	2012-10-23 10:26:43 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/security/login.vm	2012-10-29 20:17:23 +0000
@@ -56,6 +56,19 @@
                             <input id="reset" class="button" type="reset" value="Clear" style="width:120px">
                         </td>
                     </tr>
+                    <tr>
+                        <td></td>
+                        <td style="padding-top:8px">
+                        	<span id="loginFormFooter">
+                        	#if( $keyAccountRecovery )
+                        	<a href="recovery.action">Forgot password?</a>&nbsp;
+                        	#end
+                        	#if( $keyConfig.selfRegistrationAllowed() )
+                        	<a href="account.action">Create an account</a>	
+	                        #end
+	                        </span>
+                        </td>
+                    </tr>
                 </table>
             </form>
             #if( $failed == true )

=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/recovery.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/recovery.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/recovery.vm	2012-10-29 20:17:23 +0000
@@ -0,0 +1,41 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+    <title>DHIS 2</title>
+    <script type="text/javascript" src="../javascripts/jQuery/jquery.min.js"></script>
+    <script type="text/javascript" src="../javascripts/jQuery/jquery.validate.js"></script>
+    <script type="text/javascript" src="../javascripts/jQuery/jquery.validate.ext.js"></script>
+    <script type="text/javascript" src="../javascripts/useraccount/account.js"></script>
+    <script type="text/javascript" src="../i18nJavaScript.action"></script>
+    <link type="text/css" rel="stylesheet" href="../css/account.css">
+</head>
+<body>
+
+<div id="accountHeader"></div>
+
+<div id="accountContainer">
+
+<div id="bannerArea"><a href="http://dhis2.org";><img src="../security/logo_front.png" style="border:none"></a></div>
+
+<div id="accountInput">
+
+<h3>$i18n.getString( "account_recovery" )</h3>
+
+<form id="recoveryForm">
+
+<table>
+    <tr>
+        <td style="width:120px"><label for="username">$i18n.getString( "user_name" )</label></td>
+        <td><input type="text" id="username" name="username" autocomplete="off"></td>
+    </tr>
+    <tr>
+        <td></td>
+        <td><input id="submitButton" type="submit" value="$i18n.getString( 'recover' )" style="width:10em"></td>
+    </tr>
+
+</div>
+
+</div>
+
+</body>
+</htm>
\ No newline at end of file

=== added file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/restore.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/restore.vm	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/restore.vm	2012-10-29 20:17:23 +0000
@@ -0,0 +1,52 @@
+<!DOCTYPE HTML>
+<html>
+<head>
+    <title>DHIS 2</title>
+    <script type="text/javascript" src="../javascripts/jQuery/jquery.min.js"></script>
+    <script type="text/javascript" src="../javascripts/jQuery/jquery.validate.js"></script>
+    <script type="text/javascript" src="../javascripts/jQuery/jquery.validate.ext.js"></script>
+    <script type="text/javascript" src="../javascripts/useraccount/account.js"></script>
+    <script type="text/javascript" src="../i18nJavaScript.action"></script>
+    <link type="text/css" rel="stylesheet" href="../css/account.css">
+</head>
+<body>
+
+<div id="accountHeader"></div>
+
+<div id="accountContainer">
+
+<div id="bannerArea"><a href="http://dhis2.org";><img src="../security/logo_front.png" style="border:none"></a></div>
+
+<div id="accountInput">
+
+<h3>$i18n.getString( "restore_account" )</h3>
+
+<form id="accountForm">
+
+<table>
+    <tr>
+        <td><label for="code">$i18n.getString( "code" )</label></td>
+        <td><input type="text" id="code" name="code" autocomplete="off"></td>
+    </tr>
+    <tr>
+        <td><label for="password">$i18n.getString( "new_password" )</label></td>
+        <td><input type="password" id="password" name="password" autocomplete="off"></td>
+    </tr>
+    <tr>
+        <td><label for="retypePassword">$i18n.getString( "confirm_password" )</label></td>
+        <td><input type="password" id="retypePassword" name="retypePassword" autocomplete="off"></td>
+    </tr>
+    <tr>
+        <td></td>
+        <td><input id="submitButton" type="submit" value="$i18n.getString( 'restore' )" style="width:10em"></td>
+    </tr>
+</table>
+
+</form>
+
+</div>
+
+</div>
+
+</body>
+</html>
\ No newline at end of file

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java	2012-10-23 14:04:27 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/interceptor/SystemSettingInterceptor.java	2012-10-29 20:17:23 +0000
@@ -41,6 +41,7 @@
 import static org.hisp.dhis.setting.SystemSettingManager.KEY_START_MODULE;
 import static org.hisp.dhis.setting.SystemSettingManager.KEY_PHONE_NUMBER_AREA_CODE;
 import static org.hisp.dhis.setting.SystemSettingManager.KEY_CONFIGURATION;
+import static org.hisp.dhis.setting.SystemSettingManager.KEY_ACCOUNT_RECOVERY;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -102,6 +103,7 @@
         map.put( KEY_FACTOR_OF_DEVIATION, systemSettingManager.getSystemSetting( KEY_FACTOR_OF_DEVIATION, DEFAULT_FACTOR_OF_DEVIATION ) );
         map.put( KEY_COMPLETENESS_OFFSET, systemSettingManager.getSystemSetting( KEY_COMPLETENESS_OFFSET, DEFAULT_COMPLETENESS_OFFSET ) );
         map.put( KEY_PHONE_NUMBER_AREA_CODE, systemSettingManager.getSystemSetting( KEY_PHONE_NUMBER_AREA_CODE, "" ) );
+        map.put( KEY_ACCOUNT_RECOVERY, systemSettingManager.getSystemSetting( KEY_ACCOUNT_RECOVERY, false ) );
         map.put( KEY_CONFIGURATION, configurationService.getConfiguration() );
         
         invocation.getStack().push( map );

=== added file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsAccountRecoveryAllowedAction.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsAccountRecoveryAllowedAction.java	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsAccountRecoveryAllowedAction.java	2012-10-29 20:17:23 +0000
@@ -0,0 +1,50 @@
+package org.hisp.dhis.useraccount.action;
+
+/*
+ * Copyright (c) 2004-2012, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ *   list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.hisp.dhis.setting.SystemSettingManager;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.opensymphony.xwork2.Action;
+
+/**
+ * @author Lars Helge Overland
+ */
+public class IsAccountRecoveryAllowedAction
+    implements Action
+{
+    @Autowired
+    private SystemSettingManager systemSettingManager;
+    
+    public String execute()
+    {
+        boolean enabled = systemSettingManager.accountRecoveryEnabled();
+        
+        return enabled ? SUCCESS : ERROR;
+    }
+}

=== added file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java	1970-01-01 00:00:00 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java	2012-10-29 20:17:23 +0000
@@ -0,0 +1,72 @@
+package org.hisp.dhis.useraccount.action;
+
+/*
+ * Copyright (c) 2004-2012, University of Oslo
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ * * Redistributions of source code must retain the above copyright notice, this
+ *   list of conditions and the following disclaimer.
+ * * Redistributions in binary form must reproduce the above copyright notice,
+ *   this list of conditions and the following disclaimer in the documentation
+ *   and/or other materials provided with the distribution.
+ * * Neither the name of the HISP project nor the names of its contributors may
+ *   be used to endorse or promote products derived from this software without
+ *   specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+ * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR
+ * ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
+ * ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+import org.hisp.dhis.security.SecurityService;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.opensymphony.xwork2.Action;
+
+/**
+ * @author Lars Helge Overland
+ */
+public class IsRestoreTokenValidAction
+    implements Action
+{
+    @Autowired
+    private SecurityService securityService;
+
+    // -------------------------------------------------------------------------
+    // Input
+    // -------------------------------------------------------------------------
+
+    private String username;
+    
+    public void setUsername( String username )
+    {
+        this.username = username;
+    }
+
+    private String token;
+
+    public void setToken( String token )
+    {
+        this.token = token;
+    }
+
+    // -------------------------------------------------------------------------
+    // Action implementation
+    // -------------------------------------------------------------------------
+
+    public String execute()
+    {
+        boolean verified = securityService.verifyToken( username, token );
+        
+        return verified ? SUCCESS : ERROR;
+    }
+}

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/beans.xml	2012-10-23 14:04:27 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/beans.xml	2012-10-29 20:17:23 +0000
@@ -592,6 +592,12 @@
     
   <bean id="org.hisp.dhis.useraccount.action.IsSelfRegistrationAllowedAction" class="org.hisp.dhis.useraccount.action.IsSelfRegistrationAllowedAction"
     scope="prototype"/>
+    
+  <bean id="org.hisp.dhis.useraccount.action.IsRestoreTokenValidAction" class="org.hisp.dhis.useraccount.action.IsRestoreTokenValidAction"
+    scope="prototype"/>
+
+  <bean id="org.hisp.dhis.useraccount.action.IsAccountRecoveryAllowedAction" class="org.hisp.dhis.useraccount.action.IsAccountRecoveryAllowedAction"
+    scope="prototype"/>
 
   <!-- User settings -->
 

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml	2012-10-29 14:37:17 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml	2012-10-29 20:17:23 +0000
@@ -42,6 +42,8 @@
     <sec:intercept-url pattern="/dhis-web-commons/i18nJavaScript.action" access="permitAll()" />
     <sec:intercept-url pattern="/dhis-web-commons/security/**" access="permitAll()" />
     <sec:intercept-url pattern="/api/account/username" access="permitAll()" />
+    <sec:intercept-url pattern="/api/account/recovery" access="permitAll()" />
+    <sec:intercept-url pattern="/api/account/restore" access="permitAll()" />
     <sec:intercept-url pattern="/api/account" access="permitAll()" />
     <sec:intercept-url pattern="/**" access="isAuthenticated()" />
     <sec:custom-filter ref="automaticAccessFilter" before="LOGOUT_FILTER" />

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml	2012-10-23 14:04:27 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/dhis-web-commons.xml	2012-10-29 20:17:23 +0000
@@ -118,6 +118,16 @@
       <result name="success" type="velocity">/dhis-web-commons/useraccount/account.vm</result>
       <result name="error" type="redirect">login.action</result>
     </action>
+    
+    <action name="recovery" class="org.hisp.dhis.useraccount.action.IsAccountRecoveryAllowedAction">
+      <result name="success" type="velocity">/dhis-web-commons/useraccount/recovery.vm</result>
+      <result name="error" type="redirect">login.action</result>
+    </action>
+    
+    <action name="restore" class="org.hisp.dhis.useraccount.action.IsRestoreTokenValidAction">
+      <result name="success" type="velocity">/dhis-web-commons/useraccount/restore.vm</result>
+      <result name="error" type="redirect">login.action</result>
+    </action>
   
   </package>
   

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/i18n_global.properties'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/i18n_global.properties	2012-10-22 14:55:29 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/i18n_global.properties	2012-10-29 20:17:23 +0000
@@ -127,6 +127,11 @@
 prove_you_are_not_a_robot=Prove you are not a robot
 create=Create
 cant_read_the_words_try_another_one=Can't read the words? Try another one
+restore=Restore
+new_password=New password
+restore_account=Restore account
+account_recovery=Account recovery
+recover=Recover
 
 #-- PeriodTypes ----------------------------------------------------------------#
 

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java	2012-10-23 14:24:38 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/java/org/hisp/dhis/settings/action/system/SetAccessSettingsAction.java	2012-10-29 20:17:23 +0000
@@ -30,12 +30,15 @@
 import org.hisp.dhis.configuration.Configuration;
 import org.hisp.dhis.configuration.ConfigurationService;
 import org.hisp.dhis.i18n.I18n;
+import org.hisp.dhis.setting.SystemSettingManager;
 import org.hisp.dhis.user.UserAuthorityGroup;
 import org.hisp.dhis.user.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 
 import com.opensymphony.xwork2.Action;
 
+import static org.hisp.dhis.setting.SystemSettingManager.KEY_ACCOUNT_RECOVERY;
+
 /**
  * @author Lars Helge Overland
  */
@@ -46,6 +49,9 @@
     private ConfigurationService configurationService;
     
     @Autowired
+    private SystemSettingManager systemSettingManager;
+    
+    @Autowired
     private UserService userService;
 
     // -------------------------------------------------------------------------
@@ -58,6 +64,13 @@
     {
         this.selfRegistrationRole = selfRegistrationRole;
     }
+    
+    private Boolean accountRecovery;
+
+    public void setAccountRecovery( Boolean accountRecovery )
+    {
+        this.accountRecovery = accountRecovery;
+    }
 
     // -------------------------------------------------------------------------
     // Output
@@ -94,6 +107,8 @@
         config.setSelfRegistrationRole( group );
         configurationService.setConfiguration( config );
 
+        systemSettingManager.saveSystemSetting( KEY_ACCOUNT_RECOVERY, accountRecovery );
+        
         message = i18n.getString( "settings_updated" );
 
         return SUCCESS;

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/resources/org/hisp/dhis/settings/i18n_module.properties'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/resources/org/hisp/dhis/settings/i18n_module.properties	2012-10-22 18:48:19 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/resources/org/hisp/dhis/settings/i18n_module.properties	2012-10-29 20:17:23 +0000
@@ -107,4 +107,5 @@
 access_settings=Access settings
 do_not_allow_self_registration=Do not allow self registration
 self_registration_account_user_role=Self registration account user role
-access=Access
\ No newline at end of file
+access=Access
+enable_user_account_recovery=Enable user account recovery
\ No newline at end of file

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm	2012-10-23 08:01:42 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemAccessSettings.vm	2012-10-29 20:17:23 +0000
@@ -2,7 +2,8 @@
 jQuery( document ).ready( function() {
     jQuery( "input[type=button]" ).click( function() {
         jQuery.postUTF8( "setSystemAccessSettings.action", {
-            selfRegistrationRole: jQuery( "#selfRegistrationRole" ).val()
+            selfRegistrationRole: jQuery( "#selfRegistrationRole" ).val(),
+            accountRecovery: jQuery( '#accountRecovery' ).is( ':checked' )
         }, function( json ) {
             if ( json.response == "success" ) {
                 setHeaderDelayMessage( json.message );
@@ -28,4 +29,9 @@
 </select>
 </div>
 
+<div class="setting">
+	<input type="checkbox" id="accountRecovery" name="accountRecovery"#if( $keyAccountRecovery ) checked="checked"#end>
+	<label for="accountRecovery">$i18n.getString( "enable_user_account_recovery" )</label>
+</div>
+
 <div class="setting"><input type="button" value="$i18n.getString( 'save' )" style="width:10em"/></div>

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemGeneralSettings.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemGeneralSettings.vm	2012-10-22 18:48:19 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-settings/src/main/webapp/dhis-web-maintenance-settings/systemGeneralSettings.vm	2012-10-29 20:17:23 +0000
@@ -94,7 +94,7 @@
 </div>
 
 <div class="setting">
-    <input type="checkbox" id="omitIndicatorsZeroNumeratorDataMart" name="omitIndicatorsZeroNumeratorDataMart" #if( $omitIndicatorsZeroNumeratorDataMart )checked="checked"#end/>
+    <input type="checkbox" id="omitIndicatorsZeroNumeratorDataMart" name="omitIndicatorsZeroNumeratorDataMart" #if( $omitIndicatorsZeroNumeratorDataMart )checked="checked"#end>
     <label for="omitIndicatorsZeroNumeratorDataMart">$i18n.getString( "omit_indicators_zero_numerator_data_mart" )</label>
 </div>