← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 13327: minor fix

 

------------------------------------------------------------
revno: 13327
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Thu 2013-12-19 13:07:47 +0100
message:
  minor fix
modified:
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java	2013-12-19 11:50:58 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/api/controller/AccountController.java	2013-12-19 12:07:47 +0000
@@ -378,6 +378,24 @@
             return objectMapper.writeValueAsString( result );
         }
 
+        if ( password == null || !ValidationUtils.passwordIsValid( password ) )
+        {
+            response.setStatus( HttpServletResponse.SC_BAD_REQUEST );
+            result.put( "status", "PASSWORD_INVALID" );
+            result.put( "message", "Password is not specified or invalid" );
+
+            return objectMapper.writeValueAsString( result );
+        }
+
+        if ( password.trim().equals( username.trim() ) )
+        {
+            response.setStatus( HttpServletResponse.SC_BAD_REQUEST );
+            result.put( "status", "PASSWORD_EQUAL_TO_USERNAME" );
+            result.put( "message", "Password cannot be equal to username" );
+
+            return objectMapper.writeValueAsString( result );
+        }
+
         String passwordEncoded = passwordManager.encodePassword( username, password );
 
         credentials.setPassword( passwordEncoded );