dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 16790: Adjust error messages for user account invite failure.

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Wed, 24 Sep 2014 09:24:25 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 16790
committer: jimgrace@xxxxxxxxx
branch nick: dhis2
timestamp: Wed 2014-09-24 11:23:28 +0200
message:
  Adjust error messages for user account invite failure.
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2014-09-24 06:56:36 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2014-09-24 09:23:28 +0000
@@ -342,13 +342,21 @@
     }
 
     /**
-     * Tests whether the given input arguments can perform a valid restore of the
-     * user account for these credentials. Returns false if any of the input arguments
-     * are null, or any of the properties on the credentials are null. Returns false
-     * if the expiry date argument is after the expiry date of the credentials.
-     * Returns false if any of the given token or code arguments are not equal to
-     * the respective properties the the credentials. Returns true otherwise.
-     *
+     * Tests whether the given input arguments can perform a valid restore of
+     * the user account for these credentials.
+     * <p>
+     * If fail, returns one of the following error strings:
+     * <ul>
+     *     <li>account_restoreToken_is_null</li>
+     *     <li>account_restoreCode_is_null</li>
+     *     <li>account_restoreExpiry_is_null</li>
+     *     <li>token_parameter_is_null</li>
+     *     <li>code_parameter_is_null</li>
+     *     <li>date_parameter_is_null</li>
+     *     <li>token_does_not_match_restoreToken ...</li>
+     *     <li>code_does_not_match_restoreCode ...</li>
+     *     <li>date_is_after_expiry ...</li>
+     * </ul>
      * @param token the restore token.
      * @param code  the restore code.
      * @param date  the expiry date.
@@ -358,47 +366,47 @@
     {
         if ( this.restoreToken == null )
         {
-            return "account restoreToken is null";
+            return "account_restoreToken_is_null";
         }
 
         if ( this.restoreCode == null )
         {
-            return "account restoreCode is null";
+            return "account_restoreCode_is_null";
         }
 
         if ( this.restoreExpiry == null )
         {
-            return "account restoreExpiry is null";
+            return "account_restoreExpiry_is_null";
         }
 
         if ( token == null )
         {
-            return "canRestore() token parameter is null";
+            return "token_parameter_is_null";
         }
 
         if ( code == null )
         {
-            return "canRestore() code parameter is null";
+            return "code_parameter_is_null";
         }
 
         if ( date == null )
         {
-            return "canRestore() date parameter is null";
+            return "date_parameter_is_null";
         }
 
         if ( !token.equals ( this.restoreToken ) )
         {
-            return ( "token '" + token + "' does not match restoreToken '" + restoreToken + "'" );
+            return ( "token_does_not_match_restoreToken - token: '" + token + "' restoreToken: '" + restoreToken + "'" );
         }
 
         if ( !code.equals ( this.restoreCode ) )
         {
-            return ( "code '" + code + "' does not match restoreCode '" + restoreCode + "'" );
+            return ( "code_does_not_match_restoreCode - code: '" + code + "' restoreCode: '" + restoreCode + "'" );
         }
 
         if ( date.after( this.restoreExpiry ) )
         {
-            return "date " + date.toString() + " is after " + this.restoreExpiry.toString();
+            return "date_is_after_expiry - date: " + date.toString() + " expiry: " + this.restoreExpiry.toString();
         }
 
         return null; // Success.

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2014-09-24 06:56:36 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2014-09-24 09:23:28 +0000
@@ -270,71 +270,94 @@
 
     public boolean canRestoreNow( UserCredentials credentials, String token, String code, RestoreType restoreType )
     {
+        String logInfoPrefix = "Restore User " + credentials.getUid() + " " + credentials.getUsername();
+
         String errorMessage = verifyToken( credentials, token, restoreType );
 
-        if ( errorMessage == null )
-        {
-            String username = credentials.getUsername();
-
-            String encodedToken = passwordManager.encodePassword( username, token );
-            String encodedCode = passwordManager.encodePassword( username, code );
-
-            Date date = new Cal().now().time();
-
-            errorMessage = credentials.canRestore( encodedToken, encodedCode, date );
-        }
-
-        String messageInfo = "Restore User " + credentials.getUid() + " " + credentials.getUsername();
-
-        if ( errorMessage != null )
-        {
-            log.info( messageInfo + " fail because " + errorMessage + "." );
-            return false;
-        }
-
-        log.info( messageInfo + " success." );
+        if ( errorMessage != null )
+        {
+            log.info( logInfoPrefix + " verifyToken() failed: " + errorMessage );
+            return false;
+        }
+
+        String username = credentials.getUsername();
+
+        String encodedToken = passwordManager.encodePassword( username, token );
+        String encodedCode = passwordManager.encodePassword( username, code );
+
+        Date date = new Cal().now().time();
+
+        errorMessage = credentials.canRestore( encodedToken, encodedCode, date );
+
+        if ( errorMessage != null )
+        {
+            log.info( logInfoPrefix + " canRestore() failed: " + errorMessage + "." );
+            return false;
+        }
+
+        log.info( logInfoPrefix + " success." );
         return true;
     }
 
+    /**
+     * Verify the token given for a user invite or password restore operation.
+     * <p>
+     * If error, returns one of the following strings:
+     *
+     * <ul>
+     *     <li>credentials_parameter_is_null</li>
+     *     <li>token_parameter_is_null</li>
+     *     <li>restoreType_parameter_is_null</li>
+     *     <li>cannnot_parse_restore_options ...</li>
+     *     <li>wrong_prefix_for_restore_type ...</li>
+     *     <li>could_not_verify_token ...</li>
+     *     <li>restoreToken_does_not_match_supplied_token</li>
+     * </ul>
+     *
+     * @param credentials the user credentials.
+     * @param token the token.
+     * @param restoreType type of restore operation.
+     * @return null if success, otherwise error string.
+     */
     public String verifyToken( UserCredentials credentials, String token, RestoreType restoreType )
     {
         if ( credentials == null )
         {
-            return "verifyToken() - credentials parameter is null";
+            return "credentials_parameter_is_null";
         }
 
         if ( token == null )
         {
-            return "verifyToken() - token parameter is null";
+            return "token_parameter_is_null";
         }
 
         if ( restoreType == null )
         {
-            return "verifyToken() - restoreType parameter is null";
+            return "restoreType_parameter_is_null";
         }
 
         RestoreOptions restoreOptions = RestoreOptions.getRestoreOptions( token );
 
         if ( restoreOptions == null )
         {
-            return "can't parse restore options for " + restoreType.name() + " from token " + token;
+            return "cannnot_parse_restore_options for " + restoreType.name() + " from token " + token;
         }
 
         if ( restoreType != restoreOptions.getRestoreType() )
         {
-            return "wrong prefix for restore type " + restoreType.name() + " on token " + token;
+            return "wrong_prefix_for_restore_type " + restoreType.name() + " on token " + token;
         }
 
         if ( credentials.getRestoreToken() == null )
         {
-            return "could not verify token for " + restoreType.name() + " because user has no token";
+            return "could_not_verify_token for " + restoreType.name() + " because user has no token";
         }
 
         String encodedToken = passwordManager.encodePassword( credentials.getUsername(), token );
 
         if ( !credentials.getRestoreToken().equals( encodedToken ) )
         {
-            return "supplied token " + token + " does not mach account restoreToken";
+            return "restoreToken_does_not_match_supplied_token " + token;
         }
 
         return null; // Success.