001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.myaccount.action;
016    
017    import com.liferay.portal.UserPasswordException;
018    import com.liferay.portal.kernel.util.Validator;
019    import com.liferay.portal.model.Company;
020    import com.liferay.portal.model.CompanyConstants;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.security.pwd.PwdAuthenticator;
023    import com.liferay.portal.util.PortalUtil;
024    import com.liferay.portlet.RenderRequestImpl;
025    import com.liferay.util.servlet.DynamicServletRequest;
026    
027    import javax.portlet.ActionRequest;
028    import javax.portlet.ActionResponse;
029    import javax.portlet.PortletConfig;
030    import javax.portlet.RenderRequest;
031    import javax.portlet.RenderResponse;
032    
033    import org.apache.struts.action.ActionForm;
034    import org.apache.struts.action.ActionForward;
035    import org.apache.struts.action.ActionMapping;
036    
037    /**
038     * @author Brian Wing Shun Chan
039     */
040    public class EditUserAction
041            extends com.liferay.portlet.usersadmin.action.EditUserAction {
042    
043            @Override
044            public void processAction(
045                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
046                            ActionRequest actionRequest, ActionResponse actionResponse)
047                    throws Exception {
048    
049                    if (redirectToLogin(actionRequest, actionResponse)) {
050                            return;
051                    }
052    
053                    super.processAction(
054                            mapping, form, portletConfig, actionRequest, actionResponse);
055            }
056    
057            @Override
058            public ActionForward render(
059                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
060                            RenderRequest renderRequest, RenderResponse renderResponse)
061                    throws Exception {
062    
063                    User user = PortalUtil.getUser(renderRequest);
064    
065                    RenderRequestImpl renderRequestImpl = (RenderRequestImpl)renderRequest;
066    
067                    DynamicServletRequest dynamicRequest =
068                            (DynamicServletRequest)renderRequestImpl.getHttpServletRequest();
069    
070                    dynamicRequest.setParameter(
071                            "p_u_i_d", String.valueOf(user.getUserId()));
072    
073                    return super.render(
074                            mapping, form, portletConfig, renderRequest, renderResponse);
075            }
076    
077            @Override
078            protected Object[] updateUser(
079                            ActionRequest actionRequest, ActionResponse actionResponse)
080                    throws Exception {
081    
082                    String currentPassword = actionRequest.getParameter("password0");
083                    String newPassword = actionRequest.getParameter("password1");
084    
085                    if (Validator.isNotNull(currentPassword)) {
086                            if (Validator.isNull(newPassword)) {
087                                    throw new UserPasswordException(
088                                            UserPasswordException.PASSWORD_LENGTH);
089                            }
090    
091                            Company company = PortalUtil.getCompany(actionRequest);
092    
093                            String authType = company.getAuthType();
094    
095                            User user = PortalUtil.getSelectedUser(actionRequest);
096    
097                            String login = null;
098    
099                            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
100                                    login = user.getEmailAddress();
101                            }
102                            if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
103                                    login = String.valueOf(user.getUserId());
104                            }
105                            if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
106                                    login = user.getScreenName();
107                            }
108    
109                            boolean validPassword = PwdAuthenticator.authenticate(
110                                    login, currentPassword, user.getPassword());
111    
112                            if (!validPassword) {
113                                    throw new UserPasswordException(
114                                            UserPasswordException.PASSWORD_INVALID);
115                            }
116                    }
117                    else if (Validator.isNotNull(newPassword)) {
118                            throw new UserPasswordException(
119                                    UserPasswordException.PASSWORD_INVALID);
120                    }
121    
122                    return super.updateUser(actionRequest, actionResponse);
123            }
124    
125    }