public void setPassword (User u, String clearpass, User author) throws Exception { setPassword(u, clearpass, author, version); }
public void setPassword (User u, String clearpass) throws Exception { setPassword(u, clearpass, null, version); }
public boolean upgradePassword (User u, String clearpass) throws Exception { assertNotNull(clearpass, "Invalid pass"); String passwordHash = u.getPasswordHash(); assertNotNull(passwordHash, "Password is null"); HashVersion v = HashVersion.getVersion(passwordHash); if (v == HashVersion.ZERO && checkV0Password(passwordHash, u.getId(), clearpass)) { setPassword(u, clearpass, null, HashVersion.ONE); return true; } return false; }
db.session().save(user); if (line.hasOption('p')) { mgr.setPassword(user, line.getOptionValue('p'));
public boolean saveUser (Binder binder, String clearPass) throws BLException { User u = (User) getOriginalEntity(); if (binder.writeBeanIfValid(getOriginalEntity())) { try { return (boolean) DB.execWithTransaction((db) -> { db.save(u); if (clearPass != null && !clearPass.isEmpty()) { UserManager mgr = new UserManager(db); try { mgr.setPassword(u, clearPass); } catch (BLException e) { return false; } addRevisionCreated(db, getEntityName(), u.getId().toString()); u.setForcePasswordChange(true); db.session().update(u); return true; } return false; }); } catch (Exception e) { getApp().getLog().error(e); return false; } } else { throw new BLException("Invalid user"); } }
private void createUser() throws Exception { db.beginTransaction(); User user = new User(); user.setNick("admin"); user.setName("User Administrator"); user.setActive(true); db.session().save(user); UserManager mgr = new UserManager(db, HashVersion.ZERO); mgr.setPassword(user, "test", null); RealmManager rmgr = new RealmManager(db); Realm testRealm = rmgr.getRealmByName("TEST"); Realm prodRealm = rmgr.getRealmByName("PROD"); Role r = createRole(db, null, "admin", "login", "admin"); user.getRoles().add(r); // user permissions: `login`, `admin`, `role.admin` Role r1 = createRole (db, testRealm, "tester", "testread", "testwrite"); r1.setParent(r); user.getRoles().add(r1); // adds permissions: `TEST.testread`, `TEST.testwrite` db.commit(); } public void checkUser() throws Exception {
public String resetUserPassword (User user) { String generatedPassword = PasswordGenerator.generateRandomPassword(); try { DB.execWithTransaction((db) -> { db.session().refresh(user); user.getPasswordhistory(); // hack to avoid LazyInitialization UserManager mgr = new UserManager(db); try { mgr.setPassword(user, generatedPassword); } catch (BLException e) { getApp().displayNotification("errorMessage.resetPassword"); return false; } user.setForcePasswordChange(true); user.setLoginAttempts(0); // reset login attempts db.session().saveOrUpdate(user); return true; }); } catch (Exception e) { getApp().getLog().error(e); return null; } return generatedPassword; }
newPasswordOK = mgr.checkNewPassword(user, newClearPass); if (passwordOK && newPasswordOK) { mgr.setPassword(user, newClearPass); updated = true; } else if (!newPasswordOK) {
assertNotEquals("User hash has changed", "ee89026a6c5603c51b4504d218ac60f6874b7750", u.getPasswordHash()); assertFalse("Password has to be in history", mgr.checkNewPassword(u, "test")); mgr.setPassword(u, "test1"); mgr.setPassword(u, "test2"); mgr.setPassword(u, "test3"); assertFalse("Password 1 has to be in history", mgr.checkNewPassword(u, "test1")); assertFalse("Password 2 has to be in history", mgr.checkNewPassword(u, "test2")); assertFalse("Password 3 has to be in history", mgr.checkNewPassword(u, "test3")); assertTrue("User password is now 'test3'", mgr.checkPassword(u, "test3")); mgr.setPassword(u, "test"); assertTrue("User password is back to 'test'", mgr.checkPassword(u, "test")); assertEquals ("History size is ", 5, u.getPasswordhistory().size());