dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #41208
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 20978: Users. Setting password to a password which is invalid/cannot be used for authentication for exte...
------------------------------------------------------------
revno: 20978
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Sun 2015-11-08 17:46:08 +0100
message:
Users. Setting password to a password which is invalid/cannot be used for authentication for external authentication only users.
modified:
dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java
dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js
dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2015-11-08 13:56:42 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/user/UserService.java 2015-11-08 16:46:08 +0000
@@ -43,7 +43,7 @@
public interface UserService
{
String ID = UserService.class.getName();
- String PW_NO_INTERNAL_LOGIN = "--[#no_internal_login#]--";
+ String PW_NO_INTERNAL_LOGIN = "--[##no_internal_login##]--";
// -------------------------------------------------------------------------
// User
=== modified file 'dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java'
--- dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2015-11-07 17:11:20 +0000
+++ dhis-2/dhis-services/dhis-service-core/src/main/java/org/hisp/dhis/user/DefaultUserService.java 2015-11-08 16:46:08 +0000
@@ -554,6 +554,18 @@
@Override
public void encodeAndSetPassword( UserCredentials userCredentials, String rawPassword )
{
+ if ( StringUtils.isEmpty( rawPassword ) && !userCredentials.isExternalAuth() )
+ {
+ return; // Leave unchanged if internal authentication and no password supplied
+ }
+
+ if ( userCredentials.isExternalAuth() )
+ {
+ userCredentials.setPassword( UserService.PW_NO_INTERNAL_LOGIN );
+
+ return; // Set unusable, not-encoded password if external authentication
+ }
+
boolean isNewPassword = StringUtils.isBlank( userCredentials.getPassword() ) ||
!passwordManager.matches( rawPassword, userCredentials.getPassword() );
@@ -562,6 +574,8 @@
userCredentials.setPasswordLastUpdated( new Date() );
}
+ // Encode and set password
+
userCredentials.setPassword( passwordManager.encode( rawPassword ) );
}
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java 2015-11-08 13:56:42 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/java/org/hisp/dhis/user/action/UpdateUserAction.java 2015-11-08 16:46:08 +0000
@@ -331,14 +331,11 @@
}
// ---------------------------------------------------------------------
- // Update User
+ // Set password and update user
// ---------------------------------------------------------------------
- if ( StringUtils.isNotEmpty( rawPassword ) )
- {
- userService.encodeAndSetPassword( userCredentials, rawPassword );
- }
-
+ userService.encodeAndSetPassword( userCredentials, rawPassword );
+
userService.updateUserCredentials( userCredentials );
userService.updateUser( user );
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2015-11-08 13:56:42 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/addUserForm.vm 2015-11-08 16:46:08 +0000
@@ -112,7 +112,7 @@
<tr class="account">
<td><label for="externalAuth">$i18n.getString( "external_authentication_only" ) (OpenID or LDAP)</label></td>
- <td colspan="3"><input type="checkbox" id="externalAuth" name="externalAuth" value="true"></td>
+ <td colspan="3"><input type="checkbox" id="externalAuth" name="externalAuth" value="true" onchange="javascript:externalAuthChanged()"></td>
</tr>
<tr class="account">
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js 2015-07-10 05:22:40 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/javascript/user.js 2015-11-08 16:46:08 +0000
@@ -1,13 +1,3 @@
-// -----------------------------------------------------------------------------
-// Export to PDF file
-// -----------------------------------------------------------------------------
-
-function exportPDF( type ) {
- var params = "type=" + type;
- params += "&months=" + jQuery('#months').val();
-
- exportPdfByType(type, params);
-}
// -----------------------------------------------------------------------------
// Search users
@@ -155,6 +145,17 @@
return def.promise();
}
+function externalAuthChanged() {
+ var extAuth = $('#externalAuth').is(':checked');
+
+ if ( extAuth ) {
+ $('#rawPassword, #retypePassword').val('').prop('disabled', true);
+ }
+ else {
+ $('#rawPassword, #retypePassword').prop('disabled', false);
+ }
+}
+
// -----------------------------------------------------------------------------
// Remove user
// -----------------------------------------------------------------------------
=== modified file 'dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm'
--- dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm 2015-11-08 13:56:42 +0000
+++ dhis-2/dhis-web/dhis-web-maintenance/dhis-web-maintenance-user/src/main/webapp/dhis-web-maintenance-user/updateUserForm.vm 2015-11-08 16:46:08 +0000
@@ -42,6 +42,8 @@
selectionTreeSelection.setMultipleSelectionAllowed(true);
selectionTree.buildSelectionTree();
+
+ externalAuthChanged();
$('#urAvailable').selected({
url: '../api/userRoles.json?canIssue=true',
@@ -97,7 +99,7 @@
<tr class="account">
<td><label for="externalAuth">$i18n.getString( "external_authentication_only" ) (OpenID or LDAP)</label></td>
- <td colspan="3"><input type="checkbox" id="externalAuth" name="externalAuth" value="true"#if( $userCredentials.externalAuth ) checked="checked"#end></td>
+ <td colspan="3"><input type="checkbox" id="externalAuth" name="externalAuth" value="true" onchange="javascript:externalAuthChanged()"#if( $!userCredentials.externalAuth ) checked="checked"#end></td>
</tr>
<tr>
