Gestita validazione password in metodo changePassword
All checks were successful
IntegryManagementSystem_Multi/pipeline/head This commit looks good
All checks were successful
IntegryManagementSystem_Multi/pipeline/head This commit looks good
This commit is contained in:
@@ -129,27 +129,24 @@ public class UtilityUser {
|
||||
return UtilityDB.executeSimpleQueryDTO(multiDBTransactionManager.getPrimaryConnection(), sql, EntityPermissionsDTO.class);
|
||||
}
|
||||
|
||||
public static boolean validationPassword(String userName, String newPassword, String oldPassword) throws Exception {
|
||||
public static void validationPassword(String userName, String newPassword, String oldPassword) throws Exception {
|
||||
if (UtilityString.isNullOrEmpty(newPassword))
|
||||
throw new Exception("Attenzione la password non può essere nulla");
|
||||
throw new Exception("Attenzione la password non può essere nulla.");
|
||||
|
||||
if (userName.equalsIgnoreCase(newPassword))
|
||||
throw new Exception("Attenzione la password non può essere uguale al nome utente");
|
||||
throw new Exception("Attenzione la password non può essere uguale al nome utente.");
|
||||
|
||||
if (!UtilityString.isNullOrEmpty(oldPassword) && oldPassword.equalsIgnoreCase(newPassword))
|
||||
throw new Exception("Attenzione la password non può essere uguale alla vecchia password");
|
||||
|
||||
throw new Exception("Attenzione la nuova password non può coincidere con quella attuale.");
|
||||
|
||||
int passwordLen = 8;
|
||||
if (newPassword.length() < passwordLen)
|
||||
throw new Exception(String.format("Attenzione la password deve essere lunga almeno %s catteri", passwordLen));
|
||||
if (newPassword.length() <= passwordLen)
|
||||
throw new Exception(String.format("Attenzione la password deve essere lunga almeno %s caratteri.", passwordLen));
|
||||
|
||||
// validationPasswordChar(newPassword, Caratteri.UPPER);
|
||||
// validationPasswordChar(newPassword, Caratteri.LOWER);
|
||||
// validationPasswordChar(newPassword, Caratteri.NUMERI);
|
||||
// validationPasswordChar(newPassword, Caratteri.CARATTERI_SPECIALI);
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
private static boolean validationPasswordChar(String newPassword, Caratteri caratteri) throws Exception {
|
||||
|
||||
@@ -1,8 +1,18 @@
|
||||
package it.integry.ems.user.dto;
|
||||
|
||||
public class ChangePasswordDTO {
|
||||
private String oldPassword;
|
||||
private String password;
|
||||
|
||||
public String getOldPassword() {
|
||||
return oldPassword;
|
||||
}
|
||||
|
||||
public ChangePasswordDTO setOldPassword(String oldPassword) {
|
||||
this.oldPassword = oldPassword;
|
||||
return this;
|
||||
}
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
@@ -2,21 +2,19 @@ package it.integry.ems.user.service;
|
||||
|
||||
import it.integry.ems.exception.PrimaryDatabaseNotPresentException;
|
||||
import it.integry.ems.javabeans.RequestDataDTO;
|
||||
import it.integry.ems.service.EmsServices;
|
||||
import it.integry.ems.service.EntityProcessor;
|
||||
import it.integry.ems.settings.Model.SettingsModel;
|
||||
import it.integry.ems.sync.MultiDBTransaction.MultiDBTransactionManager;
|
||||
import it.integry.ems.user.UtilityUser;
|
||||
import it.integry.ems.user.dto.ChangePasswordDTO;
|
||||
import it.integry.ems.user.dto.UserDTO;
|
||||
import it.integry.ems.utility.UtilityDebug;
|
||||
import it.integry.ems.utility.UtilityEntity;
|
||||
import it.integry.ems_model.config.EmsRestConstants;
|
||||
import it.integry.ems_model.entity.StbFilesAttached;
|
||||
import it.integry.ems_model.entity.StbUser;
|
||||
import it.integry.ems_model.types.OperationType;
|
||||
import it.integry.ems_model.utility.Query;
|
||||
import it.integry.ems_model.utility.UtilityDB;
|
||||
import it.integry.ems_model.utility.UtilityDate;
|
||||
import it.integry.ems_model.utility.UtilityString;
|
||||
import it.integry.ems_model.utility.*;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Scope;
|
||||
import org.springframework.stereotype.Service;
|
||||
@@ -43,9 +41,10 @@ public class UserService {
|
||||
private UserCacheService userCacheService;
|
||||
|
||||
@Autowired
|
||||
private EmsServices emsServices;
|
||||
private SettingsModel settingsModel;
|
||||
|
||||
public StbUser save(StbUser stbUser) throws Exception {
|
||||
if (!UtilityString.isNullOrEmpty(stbUser.getPassword()) && !UtilityDebug.isDebugExecution()) {
|
||||
String sql =
|
||||
Query.format(
|
||||
"SELECT dbo.sys_dcd_pss(password)\n" +
|
||||
@@ -54,32 +53,57 @@ public class UserService {
|
||||
|
||||
String oldPassword = UtilityDB.executeSimpleQueryOnlyFirstRowFirstColumn(multiDBTransactionManager.getPrimaryConnection(), sql);
|
||||
|
||||
if (!UtilityString.isNullOrEmpty(stbUser.getPassword()) && !UtilityDebug.isDebugExecution())
|
||||
UtilityUser.validationPassword(stbUser.getUserName(), stbUser.getPassword(), oldPassword);
|
||||
}
|
||||
|
||||
entityProcessor.processEntity(stbUser, multiDBTransactionManager);
|
||||
|
||||
UtilityEntity.throwEntityException(stbUser);
|
||||
|
||||
userCacheService.invalidateCache();
|
||||
|
||||
return stbUser;
|
||||
}
|
||||
|
||||
public StbUser changePassword(ChangePasswordDTO passwordDTO) throws Exception {
|
||||
StbUser stbUser =
|
||||
new StbUser()
|
||||
.setUserName(requestDataDTO.getUsername());
|
||||
public StbUser changePassword(ChangePasswordDTO changePasswordDTO) throws Exception {
|
||||
String dbName = settingsModel.getDbNameFromProfileDb(requestDataDTO.getProfileDB());
|
||||
|
||||
UserDTO userDTO = userCacheService.retrieveUser(
|
||||
dbName,
|
||||
requestDataDTO.getUsername(),
|
||||
changePasswordDTO.getOldPassword(),
|
||||
requestDataDTO.getApplication()
|
||||
);
|
||||
|
||||
if (userDTO == null) {
|
||||
throw new Exception("Utente non trovato. Verificare i dati inseriti.");
|
||||
}
|
||||
|
||||
if (!UtilityDebug.isDebugExecution()) {
|
||||
UtilityUser.validationPassword(userDTO.getUsername(), changePasswordDTO.getPassword(), changePasswordDTO.getOldPassword());
|
||||
}
|
||||
|
||||
StbUser stbUser = new StbUser()
|
||||
.setUserName(userDTO.getUsername());
|
||||
|
||||
stbUser.setOperation(OperationType.SELECT_OBJECT);
|
||||
|
||||
entityProcessor.processEntity(stbUser, multiDBTransactionManager);
|
||||
|
||||
Date expiringDate = EmsRestConstants.DATE_NULL;
|
||||
Date passwordEndtime = EmsRestConstants.DATE_NULL;
|
||||
|
||||
if (stbUser.getFlagPasswordExpiring().equalsIgnoreCase("S") &&
|
||||
stbUser.getPasswordExpiresDays() != 0) {
|
||||
expiringDate = UtilityDate.dateAdd(new Date(), stbUser.getPasswordExpiresDays());
|
||||
passwordEndtime = UtilityDate.dateAdd(new Date(), stbUser.getPasswordExpiresDays());
|
||||
}
|
||||
|
||||
stbUser
|
||||
.setPassword(passwordDTO.getPassword())
|
||||
.setUserName(userDTO.getUsername())
|
||||
.setPassword(changePasswordDTO.getPassword())
|
||||
.setCryptPassword(true)
|
||||
.setPasswordEndtime(expiringDate);
|
||||
.setPasswordEndtime(passwordEndtime)
|
||||
.setLastAccessDatetime(UtilityLocalDate.getNowTime());
|
||||
|
||||
stbUser.setOperation(OperationType.UPDATE);
|
||||
|
||||
entityProcessor.processEntity(stbUser, multiDBTransactionManager);
|
||||
@@ -87,6 +111,7 @@ public class UserService {
|
||||
UtilityEntity.throwEntityException(stbUser);
|
||||
|
||||
userCacheService.invalidateCache();
|
||||
|
||||
return stbUser;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user