X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=auth%2Fauth-gui%2Fsrc%2Fmain%2Fjava%2Forg%2Fonap%2Faaf%2Fauth%2Fgui%2Fpages%2FPassChangeForm.java;h=dcaed0477bcb792601e1de155501bd657800545a;hb=4b5a7d721d994a49057e9bfb403c7bff1b376660;hp=897796d6b221747553e4a93ad8d92ff89c447b02;hpb=71037c39a37d3549dcfe31926832a657744fbe05;p=aaf%2Fauthz.git diff --git a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java index 897796d6..dcaed047 100644 --- a/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java +++ b/auth/auth-gui/src/main/java/org/onap/aaf/auth/gui/pages/PassChangeForm.java @@ -52,154 +52,154 @@ import org.onap.aaf.misc.xgen.html.HTMLGen; import aaf.v2_0.Users; public class PassChangeForm extends Page { - // Package on purpose - static final String HREF = "/gui/passwd"; - static final String NAME = "PassChange"; - static final String fields[] = {"id","current","password","password2","startDate","ns"}; - - public PassChangeForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException { - super(gui.env,NAME,HREF, fields, - new BreadCrumbs(breadcrumbs), - new NamedCode(true,NAME) { - private final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]); - @Override - public void code(final Cache cache, final HTMLGen hgen) throws APIException, IOException { - - // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment - hgen.incr(HTMLGen.H4,true,"style=margin: 0em 0em .4em 0em") - .text("You are adding a New Password in the AAF System.") - .end(); + // Package on purpose + static final String HREF = "/gui/passwd"; + static final String NAME = "PassChange"; + static final String fields[] = {"id","current","password","password2","startDate","ns"}; + + public PassChangeForm(final AAF_GUI gui, final Page ... breadcrumbs) throws APIException, IOException { + super(gui.env,NAME,HREF, fields, + new BreadCrumbs(breadcrumbs), + new NamedCode(true,NAME) { + private final Slot sID = gui.env.slot(PassChangeForm.NAME+'.'+PassChangeForm.fields[0]); + @Override + public void code(final Cache cache, final HTMLGen hgen) throws APIException, IOException { + + // p tags not closing right using .p() - causes issues in IE8 password form - so using leaf for the moment + hgen.incr(HTMLGen.H4,true,"style=margin: 0em 0em .4em 0em") + .text("You are adding a New Password in the AAF System.") + .end(); - Mark form = new Mark(); - hgen.incr(form,"form","method=post"); - - Mark table = new Mark(TABLE); - hgen.incr(table); + Mark form = new Mark(); + hgen.incr(form,"form","method=post"); + + Mark table = new Mark(TABLE); + hgen.incr(table); - cache.dynamic(hgen, new DynamicCode() { - @Override - public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache cache, final HTMLGen hgen) throws APIException, IOException { - String incomingID= trans.get(sID, ""); - boolean skipCurrent = false; - if(incomingID.length()>0) { - try { - Organization org = OrganizationFactory.obtain(trans.env(), incomingID); - if(org==null) { - hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: There is no supported company for ").text(incomingID).end(); - } else { - Identity user = org.getIdentity(trans, incomingID); - if(user==null) { - int at = incomingID.indexOf('@'); - hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: You are not the sponsor of '").text(at<0?incomingID:incomingID.substring(0,at)) - .text("' defined at ").text(org.getName()).end(); - incomingID = ""; - } else { - // Owners/or the IDs themselves are allowed to reset password without previous one - skipCurrent=skipCurrent(trans, user); - - if(!skipCurrent) { - final String id = incomingID; - try { - skipCurrent=gui.clientAsUser(trans.getUserPrincipal(), new Retryable() { - @Override - public Boolean code(Rcli client) throws CadiException, ConnectException, APIException { - Future fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class)); - if(fc.get(AAFcli.timeout())) { - GregorianCalendar now = new GregorianCalendar(); - for(aaf.v2_0.Users.User u : fc.value.getUser()) { - if(u.getType()<10 && u.getType()>=1 && u.getExpires().toGregorianCalendar().after(now)) { - return false; // an existing, non expired, password type exists - } - } - return true; // no existing, no expired password - } else { - if(fc.code()==404) { // not found... - return true; - } else { - trans.error().log(gui.aafCon.readableErrMsg(fc)); - } - } - return false; - } - }); - } catch (LocatorException | CadiException e) { - trans.error().log(e); - } - } - } - } - } catch (OrganizationException e) { - hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: ") - .text(e.getMessage()).end(); - } - } - - hgen.input(fields[0],"ID*",true,"value="+incomingID,(incomingID.length()==0?"":"readonly")); - if(!skipCurrent) { - hgen.input(fields[1],"Current Password*",true,"type=password"); - } - if(skipCurrent) { - hgen.input(fields[1],"",false,"type=hidden", "value=").end(); - } + cache.dynamic(hgen, new DynamicCode() { + @Override + public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache cache, final HTMLGen hgen) throws APIException, IOException { + String incomingID= trans.get(sID, ""); + boolean skipCurrent = false; + if(incomingID.length()>0) { + try { + Organization org = OrganizationFactory.obtain(trans.env(), incomingID); + if(org==null) { + hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: There is no supported company for ").text(incomingID).end(); + } else { + Identity user = org.getIdentity(trans, incomingID); + if(user==null) { + int at = incomingID.indexOf('@'); + hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: You are not the sponsor of '").text(at<0?incomingID:incomingID.substring(0,at)) + .text("' defined at ").text(org.getName()).end(); + incomingID = ""; + } else { + // Owners/or the IDs themselves are allowed to reset password without previous one + skipCurrent=skipCurrent(trans, user); + + if(!skipCurrent) { + final String id = incomingID; + try { + skipCurrent=gui.clientAsUser(trans.getUserPrincipal(), new Retryable() { + @Override + public Boolean code(Rcli client) throws CadiException, ConnectException, APIException { + Future fc = client.read("/authn/creds/id/"+id,gui.getDF(Users.class)); + if(fc.get(AAFcli.timeout())) { + GregorianCalendar now = new GregorianCalendar(); + for(aaf.v2_0.Users.User u : fc.value.getUser()) { + if(u.getType()<10 && u.getType()>=1 && u.getExpires().toGregorianCalendar().after(now)) { + return false; // an existing, non expired, password type exists + } + } + return true; // no existing, no expired password + } else { + if(fc.code()==404) { // not found... + return true; + } else { + trans.error().log(gui.aafCon.readableErrMsg(fc)); + } + } + return false; + } + }); + } catch (LocatorException | CadiException e) { + trans.error().log(e); + } + } + } + } + } catch (OrganizationException e) { + hgen.incr(HTMLGen.H4,"style=color:red;").text("Error: ") + .text(e.getMessage()).end(); + } + } + + hgen.input(fields[0],"ID*",true,"value="+incomingID,(incomingID.length()==0?"":"readonly")); + if(!skipCurrent) { + hgen.input(fields[1],"Current Password*",true,"type=password"); + } + if(skipCurrent) { + hgen.input(fields[1],"",false,"type=hidden", "value=").end(); + } - hgen.input(fields[2],"New Password*",true, "type=password") - .input(fields[3], "Reenter New Password*",true, "type=password") - // .input(fields[3],"Start Date",false,"type=date", "value="+ - // Chrono.dateOnlyFmt.format(new Date(System.currentTimeMillis())) - // ) - .end(table); + hgen.input(fields[2],"New Password*",true, "type=password") + .input(fields[3], "Reenter New Password*",true, "type=password") + // .input(fields[3],"Start Date",false,"type=date", "value="+ + // Chrono.dateOnlyFmt.format(new Date(System.currentTimeMillis())) + // ) + .end(table); - } + } - }); - hgen.tagOnly("input", "type=submit", "value=Submit") - .end(form) - .br() - .p("All AAF Passwords continue to be valid until their listed expiration dates. ", - "This allows you to migrate services to this new password until the old ones expire.").br().br() - .p("Note: You must be an Admin of the Namespace where the MechID is defined.").br() - ; - - Mark div = hgen.divID("passwordRules"); - cache.dynamic(hgen, new DynamicCode() { - @Override - public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache cache, final HTMLGen hgen) throws APIException, IOException { - try { - Organization org = OrganizationFactory.obtain(trans.env(),trans.getUserPrincipal().getName()); - if(org!=null) { - hgen.incr(HTMLGen.H4).text("Password Rules for ").text(org.getName()).end() - .incr(HTMLGen.UL); - for(String line : org.getPasswordRules()) { - hgen.leaf(HTMLGen.LI).text(line).end(); - } - hgen.end(); - } - } catch (OrganizationException e) { - hgen.p("No Password Rules can be found for company of ID ",trans.getUserPrincipal().getName()).br(); - } - } - }); - hgen.end(div); - } - } - ); - } + }); + hgen.tagOnly("input", "type=submit", "value=Submit") + .end(form) + .br() + .p("All AAF Passwords continue to be valid until their listed expiration dates. ", + "This allows you to migrate services to this new password until the old ones expire.").br().br() + .p("Note: You must be an Admin of the Namespace where the MechID is defined.").br() + ; + + Mark div = hgen.divID("passwordRules"); + cache.dynamic(hgen, new DynamicCode() { + @Override + public void code(final AAF_GUI gui, final AuthzTrans trans, final Cache cache, final HTMLGen hgen) throws APIException, IOException { + try { + Organization org = OrganizationFactory.obtain(trans.env(),trans.getUserPrincipal().getName()); + if(org!=null) { + hgen.incr(HTMLGen.H4).text("Password Rules for ").text(org.getName()).end() + .incr(HTMLGen.UL); + for(String line : org.getPasswordRules()) { + hgen.leaf(HTMLGen.LI).text(line).end(); + } + hgen.end(); + } + } catch (OrganizationException e) { + hgen.p("No Password Rules can be found for company of ID ",trans.getUserPrincipal().getName()).br(); + } + } + }); + hgen.end(div); + } + } + ); + } - // Package on Purpose - static boolean skipCurrent(AuthzTrans trans, Identity user) throws OrganizationException { - if(user!=null) { - // Should this be an abstractable Policy? - String tuser = trans.user(); - if(user.fullID().equals(trans.user())) { - return true; - } else { - Identity manager = user.responsibleTo(); - if(tuser.equals(user.fullID()) || manager.isFound()) { - return true; - } - } - } - return false; - } + // Package on Purpose + static boolean skipCurrent(AuthzTrans trans, Identity user) throws OrganizationException { + if(user!=null) { + // Should this be an abstractable Policy? + String tuser = trans.user(); + if(user.fullID().equals(trans.user())) { + return true; + } else { + Identity manager = user.responsibleTo(); + if(tuser.equals(user.fullID()) || manager.isFound()) { + return true; + } + } + } + return false; + } }