public void setPassword (User u, String clearpass, User author, HashVersion v) throws Exception { if (u.getPasswordHash() != null) u.addPasswordHistoryValue(u.getPasswordHash()); switch (v) { case ZERO: setV0Password (u, clearpass); break; case ONE: setV1Password (u, clearpass); break; } u.setPasswordChanged(new Date()); u.setForcePasswordChange(false); RevisionManager revmgr = new RevisionManager(db); if (author == null) author = u; revmgr.createRevision(author, "user." + u.getId(), "Password changed"); db.session().saveOrUpdate(u); }
public boolean saveUser (Binder binder, String clearPass) throws BLException { User u = (User) getOriginalEntity(); if (binder.writeBeanIfValid(getOriginalEntity())) { try { return (boolean) DB.execWithTransaction((db) -> { db.save(u); if (clearPass != null && !clearPass.isEmpty()) { UserManager mgr = new UserManager(db); try { mgr.setPassword(u, clearPass); } catch (BLException e) { return false; } addRevisionCreated(db, getEntityName(), u.getId().toString()); u.setForcePasswordChange(true); db.session().update(u); return true; } return false; }); } catch (Exception e) { getApp().getLog().error(e); return false; } } else { throw new BLException("Invalid user"); } }
public String resetUserPassword (User user) { String generatedPassword = PasswordGenerator.generateRandomPassword(); try { DB.execWithTransaction((db) -> { db.session().refresh(user); user.getPasswordhistory(); // hack to avoid LazyInitialization UserManager mgr = new UserManager(db); try { mgr.setPassword(user, generatedPassword); } catch (BLException e) { getApp().displayNotification("errorMessage.resetPassword"); return false; } user.setForcePasswordChange(true); user.setLoginAttempts(0); // reset login attempts db.session().saveOrUpdate(user); return true; }); } catch (Exception e) { getApp().getLog().error(e); return null; } return generatedPassword; }