Merge branch '88-change-password' into 87-inviting-user

2019-05-17 03:59:28 +04:00 · 2019-05-17 03:59:28 +04:00 · b9748905d1
commit b9748905d1
parent 728fa42972 fbd618a6d0
14 changed files with 130 additions and 59 deletions
--- a/src/main/java/ru/ulstu/configuration/Constants.java
+++ b/src/main/java/ru/ulstu/configuration/Constants.java
@ -6,6 +6,7 @@ public class Constants {
    public static final String MAIL_ACTIVATE = "Account activation";
    public static final String MAIL_RESET = "Password reset";
    public static final String MAIL_INVITE = "Account registration";
    public static final String MAIL_CHANGE_PASSWORD = "Password has been changed";
    public static final int MIN_PASSWORD_LENGTH = 6;
    public static final int MAX_PASSWORD_LENGTH = 32;
--- a/src/main/java/ru/ulstu/core/model/ErrorConstants.java
+++ b/src/main/java/ru/ulstu/core/model/ErrorConstants.java
@ -8,7 +8,7 @@ public enum ErrorConstants {
    USER_ACTIVATION_ERROR(101, "Invalid activation key"),
    USER_EMAIL_EXISTS(102, "User with same email already exists"),
    USER_LOGIN_EXISTS(103, "User with same login already exists"),
-    USER_PASSWORDS_NOT_VALID_OR_NOT_MATCH(104, "User passwords is not valid or not match"),
+    USER_PASSWORDS_NOT_VALID_OR_NOT_MATCH(104, "Пароли введены неверно"),
    USER_NOT_FOUND(105, "User is not found"),
    USER_NOT_ACTIVATED(106, "User is not activated"),
    USER_RESET_ERROR(107, "Invalid reset key"),
--- a/src/main/java/ru/ulstu/core/model/response/Response.java
+++ b/src/main/java/ru/ulstu/core/model/response/Response.java
@ -11,6 +11,6 @@ public class Response<D> extends ResponseEntity<Object> {
    }
    public Response(ErrorConstants error) {
-        super(new ControllerResponse<Void, Void>(new ControllerResponseError<>(error, null)), HttpStatus.OK);
+        super(new ControllerResponse<Void, Void>(new ControllerResponseError<>(error, null)), HttpStatus.BAD_REQUEST);
    }
 }
--- a/src/main/java/ru/ulstu/core/model/response/ResponseExtended.java
+++ b/src/main/java/ru/ulstu/core/model/response/ResponseExtended.java
@ -7,6 +7,6 @@ import ru.ulstu.core.model.ErrorConstants;
 public class ResponseExtended<E> extends ResponseEntity<Object> {
    public ResponseExtended(ErrorConstants error, E errorData) {
-        super(new ControllerResponse<Void, E>(new ControllerResponseError<E>(error, errorData)), HttpStatus.OK);
+        super(new ControllerResponse<Void, E>(new ControllerResponseError<E>(error, errorData)), HttpStatus.BAD_REQUEST);
    }
 }
--- a/src/main/java/ru/ulstu/user/controller/UserController.java
+++ b/src/main/java/ru/ulstu/user/controller/UserController.java
@ -19,6 +19,7 @@ import ru.ulstu.odin.controller.OdinController;
 import ru.ulstu.odin.model.OdinMetadata;
 import ru.ulstu.odin.model.OdinVoid;
 import ru.ulstu.odin.service.OdinService;
 import ru.ulstu.user.model.User;
 import ru.ulstu.user.model.UserDto;
 import ru.ulstu.user.model.UserListDto;
 import ru.ulstu.user.model.UserResetPasswordDto;
@ -28,8 +29,12 @@ import ru.ulstu.user.model.UserSessionListDto;
 import ru.ulstu.user.service.UserService;
 import ru.ulstu.user.service.UserSessionService;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
 import javax.validation.Valid;
 import java.util.Map;
 import static ru.ulstu.user.controller.UserController.URL;
@RestController
@ -141,13 +146,6 @@ public class UserController extends OdinController<UserListDto, UserDto> {
        return new Response<>(userService.activateUser(activationKey));
    }
    // TODO: add page for user password change (user-profile)
    @PostMapping("/change-password")
    public Response<UserDto> changePassword(@Valid @RequestBody UserDto userDto) {
        log.debug("REST: UserController.changePassword( {} )", userDto.getLogin());
        return new Response<>(userService.changeUserPassword(userDto));
    }
    @PostMapping(PASSWORD_RESET_REQUEST_URL)
    public Response<Boolean> requestPasswordReset(@RequestParam("email") String email) {
        log.debug("REST: UserController.requestPasswordReset( {} )", email);
@ -160,4 +158,12 @@ public class UserController extends OdinController<UserListDto, UserDto> {
        log.debug("REST: UserController.requestPasswordReset( {} )", key);
        return new Response<>(userService.completeUserPasswordReset(key, userResetPasswordDto));
    }
    @PostMapping("/changePassword")
    public void changePassword(@RequestBody Map<String, String> payload, HttpServletRequest request) {
        HttpSession session = request.getSession(false);
        final String sessionId = session.getAttribute(Constants.SESSION_ID_ATTR).toString();
        User user = userSessionService.getUserBySessionId(sessionId);
        userService.changeUserPassword(user, payload);
    }
 }
--- a/src/main/java/ru/ulstu/user/controller/UserMvcController.java
+++ b/src/main/java/ru/ulstu/user/controller/UserMvcController.java
@ -3,9 +3,7 @@ package ru.ulstu.user.controller;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.ui.ModelMap;
 import org.springframework.web.bind.annotation.ExceptionHandler;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
@ -37,12 +35,6 @@ public class UserMvcController extends OdinController<UserListDto, UserDto> {
        this.userSessionService = userSessionService;
    }
    @ExceptionHandler(Exception.class)
    public String errorHandler(Model model, Exception exception) {
        model.addAttribute("error", exception.getMessage());
        return "/error/error";
    }
    @GetMapping("/profile")
    public void getUserProfile(ModelMap modelMap, HttpServletRequest request) {
        HttpSession session = request.getSession(false);
--- a/src/main/java/ru/ulstu/user/error/UserPasswordsNotValidOrNotMatchException.java
+++ b/src/main/java/ru/ulstu/user/error/UserPasswordsNotValidOrNotMatchException.java
@ -1,6 +1,7 @@
 package ru.ulstu.user.error;
 public class UserPasswordsNotValidOrNotMatchException extends RuntimeException {
-    public UserPasswordsNotValidOrNotMatchException() {
+    public UserPasswordsNotValidOrNotMatchException(String message) {
        super(message);
    }
 }
--- a/src/main/java/ru/ulstu/user/service/MailService.java
+++ b/src/main/java/ru/ulstu/user/service/MailService.java
@ -114,4 +114,10 @@ public class MailService {
    public void sendInviteMail(Map<String, Object> variables, String email) throws MessagingException {
        sendEmailFromTemplate(variables, "userInviteEmail", Constants.MAIL_INVITE, email);
    }
    @Async
    public void sendChangePasswordMail(User user) {
        sendEmailFromTemplate(user, "passwordChangeEmail", Constants.MAIL_CHANGE_PASSWORD);
    }
 }
--- a/src/main/java/ru/ulstu/user/service/UserService.java
+++ b/src/main/java/ru/ulstu/user/service/UserService.java
@ -128,7 +128,7 @@ public class UserService implements UserDetailsService {
            throw new UserEmailExistsException(userDto.getEmail());
        }
        if (!userDto.isPasswordsValid()) {
-            throw new UserPasswordsNotValidOrNotMatchException();
+            throw new UserPasswordsNotValidOrNotMatchException("");
        }
        User user = userMapper.userDtoToUserEntity(userDto);
        user.setActivated(false);
@ -198,10 +198,10 @@ public class UserService implements UserDetailsService {
                : roles);
        if (!StringUtils.isEmpty(userDto.getOldPassword())) {
            if (!userDto.isPasswordsValid() || !userDto.isOldPasswordValid()) {
-                throw new UserPasswordsNotValidOrNotMatchException();
+                throw new UserPasswordsNotValidOrNotMatchException("");
            }
            if (!passwordEncoder.matches(userDto.getOldPassword(), user.getPassword())) {
-                throw new UserPasswordsNotValidOrNotMatchException();
+                throw new UserPasswordsNotValidOrNotMatchException("");
            }
            user.setPassword(passwordEncoder.encode(userDto.getPassword()));
            log.debug("Changed password for User: {}", user.getLogin());
@ -221,24 +221,18 @@ public class UserService implements UserDetailsService {
        return userMapper.userEntityToUserDto(user);
    }
-    public UserDto changeUserPassword(UserDto userDto) {
+    public void changeUserPassword(User user, Map<String, String> payload) {
-        if (userDto.getId() == null) {
+        if (!payload.get("password").equals(payload.get("confirmPassword"))) {
-            throw new EntityIdIsNullException();
+            throw new UserPasswordsNotValidOrNotMatchException("");
        }
-        if (!userDto.isPasswordsValid() || !userDto.isOldPasswordValid()) {
+        if (!passwordEncoder.matches(payload.get("oldPassword"), user.getPassword())) {
-            throw new UserPasswordsNotValidOrNotMatchException();
+            throw new UserPasswordsNotValidOrNotMatchException("Старый пароль введен неправильно");
        }
-        final String login = UserUtils.getCurrentUserLogin();
+        user.setPassword(passwordEncoder.encode(payload.get("password")));
        final User user = userRepository.findOneByLoginIgnoreCase(login);
        if (user == null) {
            throw new UserNotFoundException(login);
        }
        if (!passwordEncoder.matches(userDto.getOldPassword(), user.getPassword())) {
            throw new UserPasswordsNotValidOrNotMatchException();
        }
        user.setPassword(passwordEncoder.encode(userDto.getPassword()));
        log.debug("Changed password for User: {}", user.getLogin());
-        return userMapper.userEntityToUserDto(userRepository.save(user));
+        userRepository.save(user);
        mailService.sendChangePasswordMail(user);
    }
    public boolean requestUserPasswordReset(String email) {
@ -259,7 +253,7 @@ public class UserService implements UserDetailsService {
    public boolean completeUserPasswordReset(String key, UserResetPasswordDto userResetPasswordDto) {
        if (!userResetPasswordDto.isPasswordsValid()) {
-            throw new UserPasswordsNotValidOrNotMatchException();
+            throw new UserPasswordsNotValidOrNotMatchException("");
        }
        User user = userRepository.findOneByResetKey(key);
        if (user == null) {
--- a/src/main/resources/mail_templates/passwordChangeEmail.html
+++ b/src/main/resources/mail_templates/passwordChangeEmail.html
@ -0,0 +1,21 @@
 <!DOCTYPE html>
 <html xmlns:th="http://www.thymeleaf.org">
 <head>
    <title>Password reset</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
    <link rel="shortcut icon" th:href="@{|${baseUrl}/favicon.ico|}"/>
 </head>
 <body>
 <p>
    Dear <span th:text="${user.firstName + ' ' + user.lastName}">Ivan Ivanov</span>
 </p>
 <p>
    Your password has been changed.
 </p>
 <p>
    Regards,
    <br/>
    <em>Balance Team.</em>
 </p>
 </body>
 </html>
--- a/src/main/resources/public/js/users.js
+++ b/src/main/resources/public/js/users.js
@ -0,0 +1,33 @@
 function changePassword() {
    oldPassword = document.getElementById("oldPassword").value
    password = document.getElementById("password").value
    confirmPassword = document.getElementById("confirmPassword").value
    if ([oldPassword.length, password.length, confirmPassword.length].includes(0)) {
        alert("Заполните все поля");
        return;
    }
    if (password != confirmPassword) {
        alert("Повторный пароль введен неверно");
        return;
    }
    $.ajax({
        url:"/api/1.0/users/changePassword",
        contentType: "application/json; charset=utf-8",
        data: JSON.stringify({
            "oldPassword": document.getElementById("oldPassword").value,
            "password": document.getElementById("password").value,
            "confirmPassword": document.getElementById("confirmPassword").value,
        }),
        method: "POST",
        success: function() {
            document.getElementById("closeModalPassword").click();
            alert("Пароль был обновлен");
        },
        error: function(errorData) {
            alert(errorData.responseJSON.error.message)
        }
    })
 }
--- a/src/main/resources/templates/default.html
+++ b/src/main/resources/templates/default.html
@ -70,6 +70,7 @@
                        <a class="dropdown-item" href="/users/profile">Личный кабинет</a>
                        <a class="dropdown-item" href="/logout">Выход</a>
                        <a class="dropdown-item" data-toggle="modal" href="invite.html" data-target="#inviteModal">Пригласить</a>
                        <a class="dropdown-item" data-toggle="modal" data-target="#changePasswordModal">Сменить пароль</a>
                    </div>
                </li>
            </ul>
@ -77,6 +78,7 @@
    </div>
 </nav>
 <div th:replace="users/inviteModal"/>
 <div th:replace="users/changePassword"/>
 <div class="container-fluid">
    <div class="container">
        <ul id="messages" class="feedback-panel">
--- a/src/main/resources/templates/error/error.html
+++ b/src/main/resources/templates/error/error.html
@ -1,21 +0,0 @@
 <!DOCTYPE html>
 <html lang="en"
      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
      layout:decorator="default" xmlns:th="http://www.w3.org/1999/xhtml">
 <head>
 </head>
 <body>
 <div class="container" layout:fragment="content">
    <section id="services">
        <div class="container">
            <div class="row">
                <div class="col-lg-12 text-center">
                    <h2 class="section-heading text-uppercase"><span th:text="${error}"></span></h2>
                    <a href="/"><h3>Вернуться на главную</h3></a>
                </div>
            </div>
        </div>
    </section>
 </div>
 </body>
 </html>
--- a/src/main/resources/templates/users/changePassword.html
+++ b/src/main/resources/templates/users/changePassword.html
@ -0,0 +1,36 @@
 <!DOCTYPE HTML>
 <html xmlns:th="http://www.thymeleaf.org">
 <head th:fragment="headerfiles">
    <meta charset="UTF-8"/>
    <script type='text/javascript' src="js/users.js"></script>
 </head>
 <body>
 <div id="changePasswordModal" class="modal fade text-center">
    <div class="modal-dialog">
        <div class="modal-content">
            <div class="modal-header">
                <h5 class="modal-title" id="label">Пригласить пользователя</h5>
                <button type="button" class="close" data-dismiss="modal" aria-label="Close">
                    <span aria-hidden="true">&times;</span>
                </button>
            </div>
            <div class="modal-body">
                <input class="form-control" id="oldPassword" type="password"
                       placeholder="Старый пароль" required="required" name="oldPassword"/>
                <br/>
                <input class="form-control" id="password" type="password"
                       placeholder="Новый пароль" required="required" name="password"/>
                <br/>
                <input class="form-control" id="confirmPassword" type="password"
                       placeholder="Подтверждение нового пароля" required="required" name="confirmPassword"/>
            </div>
            <div class="modal-footer">
                <button id="closeModalPassword" type="button" class="btn btn-secondary" data-dismiss="modal">Закрыть
                </button>
                <button type="button" onclick="changePassword()" class="btn btn-primary">Сохранить</button>
            </div>
        </div>
    </div>
 </div>
 </body>
 </html>