dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #19787
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 8774: Checking if email is set up before allowing recovery
------------------------------------------------------------
revno: 8774
committer: Lars Helge Øverland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Tue 2012-10-30 18:04:28 +0300
message:
Checking if email is set up before allowing recovery
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java
dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/security.xml
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2012-10-29 20:17:23 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/setting/SystemSettingManager.java 2012-10-30 15:04:28 +0000
@@ -114,4 +114,6 @@
String getEmailPassword();
boolean accountRecoveryEnabled();
+
+ boolean emailEnabled();
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java 2012-10-30 14:45:03 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java 2012-10-30 15:04:28 +0000
@@ -34,9 +34,12 @@
import java.util.Map;
import java.util.Set;
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
import org.hisp.dhis.common.CodeGenerator;
import org.hisp.dhis.message.MessageSender;
import org.hisp.dhis.period.Cal;
+import org.hisp.dhis.setting.SystemSettingManager;
import org.hisp.dhis.system.util.ValidationUtils;
import org.hisp.dhis.system.velocity.VelocityManager;
import org.hisp.dhis.user.User;
@@ -49,6 +52,8 @@
public class DefaultSecurityService
implements SecurityService
{
+ private static final Log log = LogFactory.getLog( DefaultSecurityService.class );
+
private static final String RESTORE_PATH = "/dhis-web-commons/security/restore.action";
private static final int TOKEN_LENGTH = 50;
@@ -78,6 +83,13 @@
{
this.userService = userService;
}
+
+ private SystemSettingManager systemSettingManager;
+
+ public void setSystemSettingManager( SystemSettingManager systemSettingManager )
+ {
+ this.systemSettingManager = systemSettingManager;
+ }
// -------------------------------------------------------------------------
// SecurityService implementation
@@ -94,15 +106,22 @@
if ( credentials == null || credentials.getUser() == null || credentials.getUser().getEmail() == null )
{
+ log.info( "Could not send message as user does not exist or has no email: " + username );
return false;
}
if ( !ValidationUtils.emailIsValid( credentials.getUser().getEmail() ) )
{
- return false;
- }
-
- // TODO check if email is configured
+ log.info( "Could not send message as email is invalid" );
+ return false;
+ }
+
+ if ( !systemSettingManager.emailEnabled() )
+ {
+ log.info( "Could not send message as email is not configured" );
+ return false;
+ }
+
// TODO deny restore if credentials contain certain authorities
String[] result = initRestore( credentials );
@@ -157,6 +176,7 @@
if ( credentials == null )
{
+ log.info( "Could not restore as user does not exist: " + username );
return false;
}
@@ -194,6 +214,7 @@
if ( credentials == null || credentials.getRestoreToken() == null )
{
+ log.info( "Could not verify token as user does not exist or has no token: " + username );
return false;
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java 2012-10-29 20:17:23 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/setting/DefaultSystemSettingManager.java 2012-10-30 15:04:28 +0000
@@ -152,4 +152,9 @@
{
return (Boolean) getSystemSetting( KEY_ACCOUNT_RECOVERY, false );
}
+
+ public boolean emailEnabled()
+ {
+ return getEmailHostName() != null && getEmailPassword() != null && getEmailUsername() != null;
+ }
}
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/security.xml 2012-10-29 14:34:57 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/security.xml 2012-10-30 15:04:28 +0000
@@ -19,7 +19,8 @@
<bean id="org.hisp.dhis.security.SecurityService" class="org.hisp.dhis.security.DefaultSecurityService">
<property name="passwordManager" ref="org.hisp.dhis.security.PasswordManager" />
<property name="emailMessageSender" ref="emailMessageSender" />
- <property name="userService" ref="org.hisp.dhis.user.UserService" />
+ <property name="userService" ref="org.hisp.dhis.user.UserService" />
+ <property name="systemSettingManager" ref="org.hisp.dhis.setting.SystemSettingManager" />
</bean>
<sec:authentication-manager alias="authenticationManager">
