Changeset 1138 for trunk/grails-app/controllers

Timestamp:

Nov 15, 2010, 1:36:42 PM (10 years ago)

Author:

robert@…

Message:

Implemented ability to changed password and email address when logged in (ticket 165).

File:

• trunk/grails-app/controllers/dbnp/authentication/UserRegistrationController.groovy (modified) (5 diffs)

trunk/grails-app/controllers/dbnp/authentication/UserRegistrationController.groovy

@@ -18 +18 @@
 class UserRegistrationController {
     def springSecurityService
+        def authenticationService
     
     /**
@@ -23 +24 @@
      */
     def index = {
-
     }
 
@@ -51 +51 @@
            email: params.email,
            password: springSecurityService.encodePassword(password, params.username),
-           userConfirmed: true, adminConfirmed: true)
+           userConfirmed: false, adminConfirmed: false)
        
         // Redirect user if save fails
@@ -149 +149 @@
     }
 
+    @Secured(['IS_AUTHENTICATED_REMEMBERED'])
+        def profile = {
+                [ user: authenticationService.getLoggedInUser() ]
+        }
+
+    @Secured(['IS_AUTHENTICATED_REMEMBERED'])
+        def updateProfile = { ProfileCommand command ->
+                def user = authenticationService.getLoggedInUser();
+                command.username = user.username
+                command.oldPass = user.password
+                command.validate()
+
+                if (command.hasErrors()) {
+                        render( view: 'profile', model: [user: user, command: command]);
+                        return
+                }
+
+                String salt = user.username
+                RegistrationCode.withTransaction { status ->
+                        user.password = springSecurityService.encodePassword(command.password, salt)
+                        user.email = command.email
+                        user.save()
+                }
+
+                redirect controller: 'home'
+        }
+
     private String generatePassword( int length ) {
         String validChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_-!@#%^&*()/\\;:"
@@ -163 +190 @@
         return resultID
     }
+
+        static final passwordValidator = { String password, command ->
+                if( password == "" ) {
+                        return
+                }
+
+                if (command.username && command.username.equals(password)) {
+                        return 'command.password.error.username'
+                }
+
+                if (password && password.length() >= 8 && password.length() <= 64 &&
+                                (!password.matches('^.*\\p{Alpha}.*$') ||
+                                !password.matches('^.*\\p{Digit}.*$') ||
+                                !password.matches('^.*[!@#$%^&].*$'))) {
+                        return 'command.password.error.strength'
+                }
+        }
+
+        static final password2Validator = { value, command ->
+                if (command.password != command.password2) {
+                        return 'command.password2.error.mismatch'
+                }
+        }
 }
+
+class ProfileCommand {
+
+        String username
+        String oldPass
+        String email
+        String password
+        String password2
+
+        static constraints = {
+                username blank: false
+                email blank: false, email: true
+                password blank: true, minSize: 8, maxSize: 64, validator: UserRegistrationController.passwordValidator
+                password2 validator: UserRegistrationController.password2Validator
+        }
+}
+