001    /**
002     * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.myaccount.action;
016    
017    import com.liferay.portal.UserPasswordException;
018    import com.liferay.portal.kernel.util.ParamUtil;
019    import com.liferay.portal.kernel.util.Validator;
020    import com.liferay.portal.model.Company;
021    import com.liferay.portal.model.CompanyConstants;
022    import com.liferay.portal.model.User;
023    import com.liferay.portal.security.pwd.PwdAuthenticator;
024    import com.liferay.portal.util.PortalUtil;
025    import com.liferay.portlet.RenderRequestImpl;
026    import com.liferay.util.servlet.DynamicServletRequest;
027    
028    import javax.portlet.ActionRequest;
029    import javax.portlet.ActionResponse;
030    import javax.portlet.PortletConfig;
031    import javax.portlet.RenderRequest;
032    import javax.portlet.RenderResponse;
033    
034    import org.apache.struts.action.ActionForm;
035    import org.apache.struts.action.ActionForward;
036    import org.apache.struts.action.ActionMapping;
037    
038    /**
039     * @author Brian Wing Shun Chan
040     */
041    public class EditUserAction
042            extends com.liferay.portlet.enterpriseadmin.action.EditUserAction {
043    
044            public void processAction(
045                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
046                            ActionRequest actionRequest, ActionResponse actionResponse)
047                    throws Exception {
048    
049                    if (redirectToLogin(actionRequest, actionResponse)) {
050                            return;
051                    }
052    
053                    super.processAction(
054                            mapping, form, portletConfig, actionRequest, actionResponse);
055            }
056    
057            public ActionForward render(
058                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
059                            RenderRequest renderRequest, RenderResponse renderResponse)
060                    throws Exception {
061    
062                    User user = PortalUtil.getUser(renderRequest);
063    
064                    RenderRequestImpl renderRequestImpl = (RenderRequestImpl)renderRequest;
065    
066                    DynamicServletRequest dynamicRequest =
067                            (DynamicServletRequest)renderRequestImpl.getHttpServletRequest();
068    
069                    dynamicRequest.setParameter(
070                            "p_u_i_d", String.valueOf(user.getUserId()));
071    
072                    return super.render(
073                            mapping, form, portletConfig, renderRequest, renderResponse);
074            }
075    
076            protected Object[] updateUser(ActionRequest actionRequest)
077                    throws Exception {
078    
079                    String newPassword = ParamUtil.getString(actionRequest, "password1");
080    
081                    if (Validator.isNotNull(newPassword)) {
082                            String requestPassword = ParamUtil.getString(
083                                    actionRequest, "password0");
084    
085                            Company company = PortalUtil.getCompany(actionRequest);
086    
087                            String authType = company.getAuthType();
088    
089                            User user = PortalUtil.getSelectedUser(actionRequest);
090    
091                            String login = null;
092    
093                            if (authType.equals(CompanyConstants.AUTH_TYPE_EA)) {
094                                    login = user.getEmailAddress();
095                            }
096                            if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
097                                    login = String.valueOf(user.getUserId());
098                            }
099                            if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
100                                    login = user.getScreenName();
101                            }
102    
103                            boolean validPassword = PwdAuthenticator.authenticate(
104                                    login, requestPassword, user.getPassword());
105    
106                            if (!validPassword) {
107                                    throw new UserPasswordException(
108                                            UserPasswordException.PASSWORD_INVALID);
109                            }
110                    }
111    
112                    return super.updateUser(actionRequest);
113            }
114    
115    }