dhis2-devs team mailing list archive

Thread
Date

[Branch ~dhis2-devs-core/dhis2/trunk] Rev 20980: Users, minor

To: DHIS 2 developers <dhis2-devs@xxxxxxxxxxxxxxxxxxx>
From: noreply@xxxxxxxxxxxxx
Date: Sun, 08 Nov 2015 19:00:43 -0000
Reply-to: noreply@xxxxxxxxxxxxx
Sender: bounces@xxxxxxxxxxxxx

------------------------------------------------------------
revno: 20980
committer: Lars Helge Overland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Sun 2015-11-08 19:59:48 +0100
message:
  Users, minor
modified:
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/javascripts/useraccount/updateUserAccountForm.js
  dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/updateUserAccountForm.vm
  dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java


--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk

Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription

=== modified file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/javascripts/useraccount/updateUserAccountForm.js'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/javascripts/useraccount/updateUserAccountForm.js	2014-01-17 03:48:57 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/javascripts/useraccount/updateUserAccountForm.js	2015-11-08 18:59:48 +0000
@@ -14,10 +14,6 @@
 	validation2( 'updateUserinforForm', updateUser, {
 		'rules' : rules
 	} );
-
-	var oldPassword = byId( 'oldPassword' );
-	oldPassword.select();
-	oldPassword.focus();
 } );
 
 function updateUser()

=== modified file 'dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/updateUserAccountForm.vm'
--- dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/updateUserAccountForm.vm	2015-11-08 16:58:48 +0000
+++ dhis-2/dhis-web/dhis-web-commons-resources/src/main/webapp/dhis-web-commons/useraccount/updateUserAccountForm.vm	2015-11-08 18:59:48 +0000
@@ -25,18 +25,18 @@
     </tr>
     #if( !$userCredentials.externalAuth )
 	<tr>
-		<td><label for="rawPassword">$i18n.getString( "old_password" ) <em title="$i18n.getString( 'required' )" class="required">*</em></label></td>
+		<td><label for="oldPassword">$i18n.getString( "old_password" ) <em title="$i18n.getString( 'required' )" class="required">*</em></label></td>
 		<td><input type="password" id="oldPassword" name="oldPassword"></td>
 	</tr>
 	<tr>
 		<td><label for="rawPassword">$i18n.getString( "new_password" )</label></td>
 		<td><input type="password" id="rawPassword" name="rawPassword"></td>
 	</tr>
-	#end
 	<tr>
 		<td><label for="retypePassword">$i18n.getString( "retype_new_password" )</label></td>
 		<td><input type="password" id="retypePassword" name="retypePassword"></td>
 	</tr>
+	#end
 	<tr>
 		<td><label for="email">$i18n.getString( "email" )</label></td>
 		<td><input type="text" id="email" name="email" value="$!encoder.htmlEncode( $!userCredentials.user.email )"></td>

=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java	2015-11-08 16:58:48 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/UpdateUserAccountAction.java	2015-11-08 18:59:48 +0000
@@ -32,6 +32,7 @@
 import org.hisp.dhis.i18n.I18n;
 import org.hisp.dhis.security.PasswordManager;
 import org.hisp.dhis.user.User;
+import org.hisp.dhis.user.UserCredentials;
 import org.hisp.dhis.user.UserService;
 
 import com.opensymphony.xwork2.Action;
@@ -147,9 +148,15 @@
         rawPassword = StringUtils.trimToNull( rawPassword );
 
         User user = userService.getUser( id );
+        UserCredentials credentials = user.getUserCredentials();
+        
         String currentPassword = userService.getUserCredentials( user ).getPassword();
-        
-        if ( !passwordManager.matches( oldPassword, currentPassword ) )
+
+        // ---------------------------------------------------------------------
+        // Deny update if user has local authentication and password is wrong
+        // ---------------------------------------------------------------------
+
+        if ( !credentials.isExternalAuth() && !passwordManager.matches( oldPassword, currentPassword ) )
         {
             message = i18n.getString( "wrong_password" );
             return INPUT;
@@ -166,7 +173,7 @@
         
         userService.encodeAndSetPassword( user, rawPassword );
         
-        userService.updateUserCredentials( user.getUserCredentials() );
+        userService.updateUserCredentials( credentials );
         userService.updateUser( user );
 
         message = i18n.getString( "update_user_success" );