legacy/argeo-commons/org.argeo.cms.ui.workbench/src/org/argeo/cms/ui/workbench/commands/OpenChangePasswordDialog.java

   1 package org.argeo.cms.ui.workbench.commands;
   2
   3 import static org.argeo.cms.CmsMsg.changePassword;
   4 import static org.argeo.cms.CmsMsg.currentPassword;
   5 import static org.argeo.cms.CmsMsg.newPassword;
   6 import static org.argeo.cms.CmsMsg.passwordChanged;
   7 import static org.argeo.cms.CmsMsg.repeatNewPassword;
   8 import static org.eclipse.jface.dialogs.IMessageProvider.INFORMATION;
   9
  10 import java.security.AccessController;
  11 import java.util.Arrays;
  12
  13 import javax.naming.InvalidNameException;
  14 import javax.naming.ldap.LdapName;
  15 import javax.security.auth.Subject;
  16 import javax.security.auth.x500.X500Principal;
  17
  18 import org.apache.commons.logging.Log;
  19 import org.apache.commons.logging.LogFactory;
  20 import org.argeo.api.security.CryptoKeyring;
  21 import org.argeo.cms.CmsException;
  22 import org.argeo.eclipse.ui.dialogs.ErrorFeedback;
  23 import org.argeo.osgi.transaction.WorkTransaction;
  24 import org.eclipse.core.commands.AbstractHandler;
  25 import org.eclipse.core.commands.ExecutionEvent;
  26 import org.eclipse.core.commands.ExecutionException;
  27 import org.eclipse.jface.dialogs.Dialog;
  28 import org.eclipse.jface.dialogs.MessageDialog;
  29 import org.eclipse.jface.dialogs.TitleAreaDialog;
  30 import org.eclipse.swt.SWT;
  31 import org.eclipse.swt.graphics.Point;
  32 import org.eclipse.swt.layout.GridData;
  33 import org.eclipse.swt.layout.GridLayout;
  34 import org.eclipse.swt.widgets.Composite;
  35 import org.eclipse.swt.widgets.Control;
  36 import org.eclipse.swt.widgets.Label;
  37 import org.eclipse.swt.widgets.Shell;
  38 import org.eclipse.swt.widgets.Text;
  39 import org.eclipse.ui.handlers.HandlerUtil;
  40 import org.osgi.service.useradmin.User;
  41 import org.osgi.service.useradmin.UserAdmin;
  42
  43 /** Open the change password dialog */
  44 public class OpenChangePasswordDialog extends AbstractHandler {
  45         private final static Log log = LogFactory.getLog(OpenChangePasswordDialog.class);
  46         private UserAdmin userAdmin;
  47         private WorkTransaction userTransaction;
  48         private CryptoKeyring keyring = null;
  49
  50         public Object execute(ExecutionEvent event) throws ExecutionException {
  51                 ChangePasswordDialog dialog = new ChangePasswordDialog(HandlerUtil.getActiveShell(event), userAdmin);
  52                 if (dialog.open() == Dialog.OK) {
  53                         MessageDialog.openInformation(HandlerUtil.getActiveShell(event), passwordChanged.lead(),
  54                                         passwordChanged.lead());
  55                 }
  56                 return null;
  57         }
  58
  59         @SuppressWarnings("unchecked")
  60         protected void changePassword(char[] oldPassword, char[] newPassword) {
  61                 Subject subject = Subject.getSubject(AccessController.getContext());
  62                 String name = subject.getPrincipals(X500Principal.class).iterator().next().toString();
  63                 LdapName dn;
  64                 try {
  65                         dn = new LdapName(name);
  66                 } catch (InvalidNameException e) {
  67                         throw new CmsException("Invalid user dn " + name, e);
  68                 }
  69                 User user = (User) userAdmin.getRole(dn.toString());
  70                 if (!user.hasCredential(null, oldPassword))
  71                         throw new CmsException("Invalid password");
  72                 if (Arrays.equals(newPassword, new char[0]))
  73                         throw new CmsException("New password empty");
  74                 try {
  75                         userTransaction.begin();
  76                         user.getCredentials().put(null, newPassword);
  77                         if (keyring != null) {
  78                                 keyring.changePassword(oldPassword, newPassword);
  79                                 // TODO change secret keys in the CMS session
  80                         }
  81                         userTransaction.commit();
  82                 } catch (Exception e) {
  83                         try {
  84                                 userTransaction.rollback();
  85                         } catch (Exception e1) {
  86                                 log.error("Could not roll back", e1);
  87                         }
  88                         if (e instanceof RuntimeException)
  89                                 throw (RuntimeException) e;
  90                         else
  91                                 throw new CmsException("Cannot change password", e);
  92                 }
  93         }
  94
  95         class ChangePasswordDialog extends TitleAreaDialog {
  96                 private static final long serialVersionUID = -6963970583882720962L;
  97                 private Text oldPassword, newPassword1, newPassword2;
  98
  99                 public ChangePasswordDialog(Shell parentShell, UserAdmin securityService) {
 100                         super(parentShell);
 101                 }
 102
 103                 protected Point getInitialSize() {
 104                         return new Point(400, 450);
 105                 }
 106
 107                 protected Control createDialogArea(Composite parent) {
 108                         Composite dialogarea = (Composite) super.createDialogArea(parent);
 109                         dialogarea.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true));
 110                         Composite composite = new Composite(dialogarea, SWT.NONE);
 111                         composite.setLayout(new GridLayout(2, false));
 112                         composite.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, false));
 113                         oldPassword = createLP(composite, currentPassword.lead());
 114                         newPassword1 = createLP(composite, newPassword.lead());
 115                         newPassword2 = createLP(composite, repeatNewPassword.lead());
 116
 117                         setMessage(changePassword.lead(), INFORMATION);
 118                         parent.pack();
 119                         oldPassword.setFocus();
 120                         return composite;
 121                 }
 122
 123                 @Override
 124                 protected void okPressed() {
 125                         try {
 126                                 if (!newPassword1.getText().equals(newPassword2.getText()))
 127                                         throw new CmsException("New passwords are different");
 128                                 changePassword(oldPassword.getTextChars(), newPassword1.getTextChars());
 129                                 close();
 130                         } catch (Exception e) {
 131                                 ErrorFeedback.show("Cannot change password", e);
 132                         }
 133                 }
 134
 135                 /** Creates label and password. */
 136                 protected Text createLP(Composite parent, String label) {
 137                         new Label(parent, SWT.NONE).setText(label);
 138                         Text text = new Text(parent, SWT.SINGLE | SWT.LEAD | SWT.PASSWORD | SWT.BORDER);
 139                         text.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, false));
 140                         return text;
 141                 }
 142
 143                 protected void configureShell(Shell shell) {
 144                         super.configureShell(shell);
 145                         shell.setText(changePassword.lead());
 146                 }
 147         }
 148
 149         public void setUserAdmin(UserAdmin userAdmin) {
 150                 this.userAdmin = userAdmin;
 151         }
 152
 153         public void setUserTransaction(WorkTransaction userTransaction) {
 154                 this.userTransaction = userTransaction;
 155         }
 156
 157         public void setKeyring(CryptoKeyring keyring) {
 158                 this.keyring = keyring;
 159         }
 160
 161 }