dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #32898
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 16732: NPE check for UserCredentials
------------------------------------------------------------
revno: 16732
committer: Morten Olav Hansen <mortenoh@xxxxxxxxx>
branch nick: dhis2
timestamp: Wed 2014-09-17 13:15:25 +0700
message:
NPE check for UserCredentials
modified:
dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java 2014-08-15 07:40:20 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java 2014-09-17 06:15:25 +0000
@@ -28,18 +28,7 @@
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-import java.io.IOException;
-import java.util.Collection;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
+import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.commons.lang.StringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
@@ -71,7 +60,16 @@
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.client.RestTemplate;
-import com.fasterxml.jackson.databind.ObjectMapper;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.util.Collection;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
/**
* @author Lars Helge Overland
@@ -109,7 +107,7 @@
@Autowired
private SystemSettingManager systemSettingManager;
-
+
private ObjectMapper objectMapper = new ObjectMapper();
@RequestMapping( value = "/recovery", method = RequestMethod.POST )
@@ -133,7 +131,7 @@
ContextUtils.conflictResponse( response, "User does not exist: " + username );
return;
}
-
+
boolean recover = securityService.sendRestoreMessage( credentials, rootPath, RestoreOptions.RECOVER_PASSWORD_OPTION );
if ( !recover )
@@ -181,7 +179,7 @@
ContextUtils.conflictResponse( response, "User does not exist: " + username );
return;
}
-
+
boolean restore = securityService.restore( credentials, token, code, password, RestoreType.RECOVER_PASSWORD );
if ( !restore )
@@ -214,7 +212,7 @@
{
UserCredentials credentials = null;
- boolean invitedByEmail = ( inviteUsername != null && !inviteUsername.isEmpty() );
+ boolean invitedByEmail = (inviteUsername != null && !inviteUsername.isEmpty());
boolean canChooseUsername = true;
@@ -314,7 +312,7 @@
if ( email == null || !ValidationUtils.emailIsValid( email ) )
{
- ContextUtils.badRequestResponse( response, "Email is not specified or invalid" );
+ ContextUtils.badRequestResponse( response, "Email is not specified or invalid" );
return;
}
@@ -456,6 +454,15 @@
Map<String, String> result = new HashMap<>();
result.put( "status", "OK" );
+ if ( credentials == null )
+ {
+ result.put( "status", "NON_EXPIRED" );
+ result.put( "message", "Username is not valid, redirecting to login." );
+
+ ContextUtils.badRequestResponse( response, objectMapper.writeValueAsString( result ) );
+ return;
+ }
+
if ( userService.credentialsNonExpired( credentials ) )
{
result.put( "status", "NON_EXPIRED" );
