← Back to team overview

dhis2-devs team mailing list archive

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 17748: Centralized book keeping for passwordLastUpdated in userService.encodeAndSetPassword. Changed all...

 

------------------------------------------------------------
revno: 17748
committer: Halvdan Hoem Grelland <halvdanhg@xxxxxxxxx>
branch nick: dhis2
timestamp: Fri 2014-12-19 16:42:38 +0100
message:
  Centralized book keeping for passwordLastUpdated in userService.encodeAndSetPassword. Changed all modifications to password to use this method. Now correctly detects whether password was actually changed or not and sets passwordLastUpdated accordingly.
modified:
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java
  dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/migration/MigrationAuthenticationProvider.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
  dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java
  dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml
  dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java
  dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java
  dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddUserAction.java
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java
  dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2014-12-19 12:31:55 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserCredentials.java	2014-12-19 15:42:38 +0000
@@ -459,7 +459,6 @@
     public void setPassword( String password )
     {
         this.password = password;
-        this.passwordLastUpdated = new Date();
     }
 
     @JsonProperty

=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java	2014-12-19 10:38:55 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java	2014-12-19 15:42:38 +0000
@@ -224,6 +224,32 @@
     Collection<UserCredentials> getAllUserCredentials();
 
     /**
+     * Encodes and sets the password of the User.
+     * Due to business logic required on password updates the password for a user
+     * should only be changed using this method or {@link #encodeAndSetPassword(UserCredentials, String) encodeAndSetPassword}
+     * and not directly on the User or UserCredentials object.
+     *
+     * Note that the changes made to the User object are not persisted.
+     *
+     * @param user the User.
+     * @param rawPassword the raw password.
+     */
+    void encodeAndSetPassword( User user, String rawPassword );
+
+    /**
+     * Encodes and sets the password of the UserCredentials.
+     * Due to business logic required on password updates the password for a user
+     * should only be changed using this method or {@link #encodeAndSetPassword(User, String) encodeAndSetPassword}
+     * and not directly on the User or UserCredentials object.
+     *
+     * Note that the changes made to the UserCredentials object are not persisted.
+     *
+     * @param userCredentials the UserCredentials.
+     * @param rawPassword the raw password.
+     */
+    void encodeAndSetPassword( UserCredentials userCredentials, String rawPassword );
+
+    /**
      * Updates the last login date of UserCredentials with the given username
      * with the current date.
      *

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2014-12-19 11:12:59 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/DefaultSecurityService.java	2014-12-19 15:42:38 +0000
@@ -144,7 +144,7 @@
 
         user.setSurname( "(TBD)" );
         user.setFirstName( "(TBD)" );
-        user.getUserCredentials().setPassword( passwordManager.encode( rawPassword ) );
+        userService.encodeAndSetPassword( user, rawPassword );
 
         return true;
     }
@@ -297,14 +297,11 @@
             return false;
         }
 
-        newPassword = passwordManager.encode( newPassword );
-
-        credentials.setPassword( newPassword );
-
         credentials.setRestoreCode( null );
         credentials.setRestoreToken( null );
         credentials.setRestoreExpiry( null );
 
+        userService.encodeAndSetPassword( credentials, newPassword );
         userService.updateUserCredentials( credentials );
 
         return true;

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/migration/MigrationAuthenticationProvider.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/migration/MigrationAuthenticationProvider.java	2014-11-24 14:15:14 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/security/migration/MigrationAuthenticationProvider.java	2014-12-19 15:42:38 +0000
@@ -70,8 +70,7 @@
 
             if ( userCredentials != null )
             {
-                userCredentials.setPassword( passwordManager.encode( password ) );
-                userCredentials.setPasswordLastUpdated( new Date() );
+                userService.encodeAndSetPassword( userCredentials, password );
                 userService.updateUser( userCredentials.getUser() );
 
                 log.info( "User " + userCredentials.getUsername() + " was migrated from " + passwordManager.getLegacyPasswordEncoderClassName() +

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java	2014-12-19 10:38:55 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java	2014-12-19 15:42:38 +0000
@@ -41,6 +41,7 @@
 import java.util.Map;
 import java.util.Set;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.hisp.dhis.common.AuditLogUtil;
@@ -52,6 +53,7 @@
 import org.hisp.dhis.dataset.DataSet;
 import org.hisp.dhis.organisationunit.OrganisationUnit;
 import org.hisp.dhis.period.PeriodType;
+import org.hisp.dhis.security.migration.MigrationPasswordManager;
 import org.hisp.dhis.setting.SystemSettingManager;
 import org.hisp.dhis.system.filter.UserAuthorityGroupCanIssueFilter;
 import org.hisp.dhis.system.util.DateUtils;
@@ -121,6 +123,13 @@
         this.systemSettingManager = systemSettingManager;
     }
 
+    private MigrationPasswordManager passwordManager;
+
+    public void setPasswordManager( MigrationPasswordManager passwordManager )
+    {
+        this.passwordManager = passwordManager;
+    }
+
     // -------------------------------------------------------------------------
     // Implementing methods
     // -------------------------------------------------------------------------
@@ -517,6 +526,26 @@
     }
 
     @Override
+    public void encodeAndSetPassword( User user, String rawPassword )
+    {
+        encodeAndSetPassword( user.getUserCredentials(), rawPassword );
+    }
+
+    @Override
+    public void encodeAndSetPassword( UserCredentials userCredentials, String rawPassword )
+    {
+        boolean isNewPassword = StringUtils.isBlank( userCredentials.getPassword() ) ||
+            !passwordManager.legacyOrCurrentMatches( rawPassword, userCredentials.getPassword(), userCredentials.getUsername() );
+
+        if ( isNewPassword )
+        {
+            userCredentials.setPasswordLastUpdated( new Date() );
+        }
+
+        userCredentials.setPassword( passwordManager.encode( rawPassword ) );
+    }
+
+    @Override
     public UserCredentials getUserCredentials( User user )
     {
         return userCredentialsStore.getUserCredentials( user );

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java	2014-12-18 20:01:47 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/hibernate/HibernateUserCredentialsStore.java	2014-12-19 15:42:38 +0000
@@ -85,7 +85,7 @@
 
     @Override
     public void updateUserCredentials( UserCredentials userCredentials )
-    {        
+    {
         sessionFactory.getCurrentSession().update( userCredentials );
     }
 

=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml	2014-12-19 10:38:55 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/resources/META-INF/dhis/beans.xml	2014-12-19 15:42:38 +0000
@@ -596,6 +596,7 @@
     <property name="currentUserService" ref="org.hisp.dhis.user.CurrentUserService" />
     <property name="categoryService" ref="org.hisp.dhis.dataelement.DataElementCategoryService" />
     <property name="systemSettingManager" ref="org.hisp.dhis.setting.SystemSettingManager" />
+    <property name="passwordManager" ref="org.hisp.dhis.security.PasswordManager" />
   </bean>
 
   <bean id="org.hisp.dhis.user.UserGroupService" class="org.hisp.dhis.user.DefaultUserGroupService">

=== modified file 'dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java'
--- dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java	2014-12-02 09:39:03 +0000
+++ dhis-2/dhis-services/dhis-service-dxf2/src/main/java/org/hisp/dhis/dxf2/metadata/importers/DefaultIdentifiableObjectImporter.java	2014-12-19 15:42:38 +0000
@@ -75,6 +75,7 @@
 import org.hisp.dhis.trackedentity.TrackedEntityAttribute;
 import org.hisp.dhis.user.User;
 import org.hisp.dhis.user.UserCredentials;
+import org.hisp.dhis.user.UserService;
 import org.hisp.dhis.validation.ValidationRule;
 import org.springframework.beans.factory.annotation.Autowired;
 
@@ -134,13 +135,13 @@
     @Autowired
     private SchemaService schemaService;
 
+    @Autowired
+    private UserService userService;
+
     @Autowired( required = false )
     private List<ObjectHandler<T>> objectHandlers;
 
     @Autowired
-    private PasswordManager passwordManager;
-
-    @Autowired
     private DataElementCategoryService categoryService;
 
     //-------------------------------------------------------------------------------------------------------
@@ -323,7 +324,7 @@
 
             if ( userCredentials.getPassword() != null )
             {
-                userCredentials.setPassword( passwordManager.encode( userCredentials.getPassword() ) );
+                userService.encodeAndSetPassword( userCredentials, userCredentials.getPassword() );
             }
 
             Map<Field, Collection<Object>> collectionFieldsUserCredentials = detachCollectionFields( userCredentials );
@@ -423,7 +424,7 @@
 
                 if ( userCredentials != null && userCredentials.getPassword() != null )
                 {
-                    userCredentials.setPassword( passwordManager.encode( userCredentials.getPassword() ) );
+                    userService.encodeAndSetPassword( userCredentials, userCredentials.getPassword() );
                 }
 
                 ((User) persistedObject).getUserCredentials().mergeWith( userCredentials );

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java	2014-11-24 14:15:14 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/AccountController.java	2014-12-19 15:42:38 +0000
@@ -65,7 +65,6 @@
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 import java.util.Collection;
-import java.util.Date;
 import java.util.HashMap;
 import java.util.HashSet;
 import java.util.Map;
@@ -399,7 +398,7 @@
                 username = credentials.getUsername();
             }
 
-            credentials.setPassword( passwordManager.encode( password ) );
+            userService.encodeAndSetPassword( credentials, password );
 
             userService.updateUser( user );
             userService.updateUserCredentials( credentials );
@@ -421,7 +420,7 @@
 
             credentials = new UserCredentials();
             credentials.setUsername( username );
-            credentials.setPassword( passwordManager.encode( password ) );
+            userService.encodeAndSetPassword( credentials, password );
             credentials.setSelfRegistered( true );
             credentials.setUser( user );
             credentials.getUserAuthorityGroups().add( userRole );
@@ -499,10 +498,7 @@
             return;
         }
 
-        String passwordEncoded = passwordManager.encode( password );
-
-        credentials.setPassword( passwordEncoded );
-        credentials.setPasswordLastUpdated( new Date() );
+        userService.encodeAndSetPassword( credentials, password );
         userService.updateUserCredentials( credentials );
 
         authenticate( username, password, getAuthorities( credentials.getUserAuthorityGroups() ), request );

=== modified file 'dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java'
--- dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java	2014-12-19 14:51:19 +0000
+++ dhis-2/dhis-web/dhis-web-api/src/main/java/org/hisp/dhis/webapi/controller/user/UserController.java	2014-12-19 15:42:38 +0000
@@ -45,7 +45,6 @@
 import org.hisp.dhis.importexport.ImportStrategy;
 import org.hisp.dhis.node.types.RootNode;
 import org.hisp.dhis.schema.descriptors.UserSchemaDescriptor;
-import org.hisp.dhis.security.PasswordManager;
 import org.hisp.dhis.security.RestoreOptions;
 import org.hisp.dhis.security.SecurityService;
 import org.hisp.dhis.setting.SystemSettingManager;
@@ -91,9 +90,6 @@
     private UserGroupService userGroupService;
 
     @Autowired
-    private PasswordManager passwordManager;
-
-    @Autowired
     private SecurityService securityService;
 
     @Autowired

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java	2014-11-24 14:15:14 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/security/DatabaseAutomaticAccessProvider.java	2014-12-19 15:42:38 +0000
@@ -38,24 +38,11 @@
  * This access provider will put a user with all granted authorities in the database.
  * 
  * @author Torgeir Lorange Ostby
- * @version $Id: DatabaseAutomaticAccessProvider.java 3513 2007-08-04 16:16:40Z
- *          torgeilo $
  */
 public class DatabaseAutomaticAccessProvider
     extends AbstractAutomaticAccessProvider
 {
     // -------------------------------------------------------------------------
-    // Dependencies
-    // -------------------------------------------------------------------------
-
-    private PasswordManager passwordManager;
-
-    public void setPasswordManager( PasswordManager passwordManager )
-    {
-        this.passwordManager = passwordManager;
-    }
-
-    // -------------------------------------------------------------------------
     // AdminAccessManager implementation
     // -------------------------------------------------------------------------
 
@@ -84,10 +71,11 @@
 
         UserCredentials userCredentials = new UserCredentials();
         userCredentials.setUsername( username );
-        userCredentials.setPassword( passwordManager.encode( password ) );
         userCredentials.setUser( user );
         userCredentials.getUserAuthorityGroups().add( userAuthorityGroup );
 
+        userService.encodeAndSetPassword( userCredentials, password );
+
         userService.addUserCredentials( userCredentials );
     }
 

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java	2014-11-24 14:15:14 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java	2014-12-19 15:42:38 +0000
@@ -28,10 +28,10 @@
  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+import org.apache.commons.lang.StringUtils;
 import org.hisp.dhis.i18n.I18n;
 import org.hisp.dhis.security.migration.MigrationPasswordManager;
 import org.hisp.dhis.user.User;
-import org.hisp.dhis.user.UserCredentials;
 import org.hisp.dhis.user.UserService;
 
 import com.opensymphony.xwork2.Action;
@@ -143,21 +143,11 @@
         // Prepare values
         // ---------------------------------------------------------------------
 
-        if ( email != null && email.trim().length() == 0 )
-        {
-            email = null;
-        }
-
-        if ( rawPassword != null && rawPassword.trim().length() == 0 )
-        {
-            rawPassword = null;
-        }
+        email = StringUtils.trimToNull( email );
+        rawPassword = StringUtils.trimToNull( rawPassword );
 
         User user = userService.getUser( id );
-
-        UserCredentials userCredentials = userService.getUserCredentials( user );
-
-        String currentPassword = userCredentials.getPassword();
+        String currentPassword = userService.getUserCredentials( user ).getPassword();
         
         if ( !passwordManager.legacyOrCurrentMatches( oldPassword, currentPassword, user.getUsername() ) )
         {
@@ -170,20 +160,16 @@
         // ---------------------------------------------------------------------
 
         user.setSurname( surname );
-
         user.setFirstName( firstName );
-
         user.setEmail( email );
-
         user.setPhoneNumber( phoneNumber );
 
         if ( rawPassword != null )
         {
-            userCredentials.setPassword( passwordManager.encode( rawPassword ) );
-
-            userService.updateUserCredentials( userCredentials );
+            userService.encodeAndSetPassword( user, rawPassword );
         }
 
+        userService.updateUserCredentials( user.getUserCredentials() );
         userService.updateUser( user );
 
         message = i18n.getString( "update_user_success" );

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml'
--- dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml	2014-12-16 10:26:51 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/resources/META-INF/dhis/security.xml	2014-12-19 15:42:38 +0000
@@ -119,7 +119,6 @@
   <bean id="databaseAutomaticAccessProvider" class="org.hisp.dhis.security.DatabaseAutomaticAccessProvider">
     <property name="userService" ref="org.hisp.dhis.user.UserService" />
     <property name="systemAuthoritiesProvider" ref="simpleSystemAuthoritiesProvider" />
-    <property name="passwordManager" ref="org.hisp.dhis.security.PasswordManager" />
   </bean>
 
   <bean id="ghostAutomaticAccessProvider" class="org.hisp.dhis.security.GhostAutomaticAccessProvider">

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddUserAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddUserAction.java	2014-12-19 14:51:19 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/AddUserAction.java	2014-12-19 15:42:38 +0000
@@ -33,6 +33,7 @@
 import java.util.List;
 import java.util.Set;
 
+import org.apache.commons.lang.StringUtils;
 import org.apache.struts2.ServletActionContext;
 import org.hisp.dhis.attribute.AttributeService;
 import org.hisp.dhis.common.IdentifiableObjectManager;
@@ -59,7 +60,6 @@
 import org.hisp.dhis.user.UserSettingService;
 import org.hisp.dhis.webapi.utils.ContextUtils;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.util.StringUtils;
 
 import com.google.common.collect.Lists;
 import com.opensymphony.xwork2.Action;
@@ -285,11 +285,7 @@
     {
         //TODO: Allow user with F_USER_ADD_WITHIN_MANAGED_GROUP to add a user within managed groups.
 
-        if ( email != null && email.trim().length() == 0 )
-        {
-            email = null;
-        }
-
+        email = StringUtils.trimToNull( email );
         username = username.trim();
         inviteUsername = inviteUsername.trim();
         inviteEmail = inviteEmail.trim();
@@ -327,7 +323,7 @@
             user.setEmail( email );
             user.setPhoneNumber( phoneNumber );
 
-            userCredentials.setPassword( passwordManager.encode( rawPassword ) );
+            userService.encodeAndSetPassword( userCredentials, rawPassword );
         }
 
         if ( jsonAttributeValues != null )

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java	2014-11-26 15:32:32 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java	2014-12-19 15:42:38 +0000
@@ -33,6 +33,7 @@
 import java.util.List;
 import java.util.Set;
 
+import org.apache.commons.lang.StringUtils;
 import org.hisp.dhis.attribute.AttributeService;
 import org.hisp.dhis.common.IdentifiableObjectManager;
 import org.hisp.dhis.dataelement.CategoryOptionGroupSet;
@@ -41,7 +42,6 @@
 import org.hisp.dhis.organisationunit.OrganisationUnit;
 import org.hisp.dhis.oust.manager.SelectionTreeManager;
 import org.hisp.dhis.ouwt.manager.OrganisationUnitSelectionManager;
-import org.hisp.dhis.security.PasswordManager;
 import org.hisp.dhis.setting.SystemSettingManager;
 import org.hisp.dhis.system.util.AttributeUtils;
 import org.hisp.dhis.system.util.LocaleUtils;
@@ -55,7 +55,6 @@
 import org.hisp.dhis.user.UserSetting;
 import org.hisp.dhis.user.UserSettingService;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.util.StringUtils;
 
 import com.google.common.collect.Lists;
 import com.opensymphony.xwork2.Action;
@@ -77,13 +76,6 @@
         this.userService = userService;
     }
 
-    private PasswordManager passwordManager;
-
-    public void setPasswordManager( PasswordManager passwordManager )
-    {
-        this.passwordManager = passwordManager;
-    }
-
     private SelectionTreeManager selectionTreeManager;
 
     public void setSelectionTreeManager( SelectionTreeManager selectionTreeManager )
@@ -243,15 +235,8 @@
     {
         //TODO: Allow user with F_USER_ADD_WITHIN_MANAGED_GROUP to update a user within managed groups.
 
-        if ( email != null && email.trim().length() == 0 )
-        {
-            email = null;
-        }
-
-        if ( rawPassword != null && rawPassword.trim().length() == 0 )
-        {
-            rawPassword = null;
-        }
+        email = StringUtils.trimToNull( email );
+        rawPassword = StringUtils.trimToNull( rawPassword );
 
         User currentUser = currentUserService.getCurrentUser();
 
@@ -276,11 +261,6 @@
             userCredentials.setOpenId( null );
         }
 
-        if ( rawPassword != null )
-        {
-            userCredentials.setPassword( passwordManager.encode( rawPassword ) );
-        }
-
         if ( jsonAttributeValues != null )
         {
             AttributeUtils.updateAttributeValuesFromJson( user.getAttributeValues(), jsonAttributeValues,
@@ -350,6 +330,11 @@
         // Update User
         // ---------------------------------------------------------------------
 
+        if ( rawPassword != null )
+        {
+            userService.encodeAndSetPassword( userCredentials, rawPassword );
+        }
+
         userService.updateUserCredentials( userCredentials );
         userService.updateUser( user );
 

=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml	2014-12-18 11:41:20 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/resources/META-INF/dhis/beans.xml	2014-12-19 15:42:38 +0000
@@ -43,7 +43,6 @@
 
   <bean id="org.hisp.dhis.user.action.UpdateUserAction" class="org.hisp.dhis.user.action.UpdateUserAction" scope="prototype">
     <property name="userService" ref="org.hisp.dhis.user.UserService" />
-    <property name="passwordManager" ref="org.hisp.dhis.security.PasswordManager" />
     <property name="selectionTreeManager" ref="org.hisp.dhis.oust.manager.SelectionTreeManager" />
     <property name="selectionManager" ref="org.hisp.dhis.ouwt.manager.OrganisationUnitSelectionManager" />
     <property name="currentUserService" ref="org.hisp.dhis.user.CurrentUserService" />