legacy/argeo-commons/org.argeo.cms.ui.workbench/src/org/argeo/cms/ui/workbench/commands/OpenChangePasswordDialog.java

   1 package org.argeo.cms.ui.workbench.commands;
   2
   3 import static org.argeo.cms.CmsMsg.changePassword;
   4 import static org.argeo.cms.CmsMsg.currentPassword;
   5 import static org.argeo.cms.CmsMsg.newPassword;
   6 import static org.argeo.cms.CmsMsg.passwordChanged;
   7 import static org.argeo.cms.CmsMsg.repeatNewPassword;
   8 import static org.eclipse.jface.dialogs.IMessageProvider.INFORMATION;
   9
  10 import java.security.AccessController;
  11 import java.util.Arrays;
  12
  13 import javax.naming.InvalidNameException;
  14 import javax.naming.ldap.LdapName;
  15 import javax.security.auth.Subject;
  16 import javax.security.auth.x500.X500Principal;
  17
  18 import org.argeo.api.cms.CmsLog;
  19 import org.argeo.cms.CmsException;
  20 import org.argeo.cms.security.CryptoKeyring;
  21 import org.argeo.eclipse.ui.dialogs.ErrorFeedback;
  22 import org.argeo.osgi.transaction.WorkTransaction;
  23 import org.eclipse.core.commands.AbstractHandler;
  24 import org.eclipse.core.commands.ExecutionEvent;
  25 import org.eclipse.core.commands.ExecutionException;
  26 import org.eclipse.jface.dialogs.Dialog;
  27 import org.eclipse.jface.dialogs.MessageDialog;
  28 import org.eclipse.jface.dialogs.TitleAreaDialog;
  29 import org.eclipse.swt.SWT;
  30 import org.eclipse.swt.graphics.Point;
  31 import org.eclipse.swt.layout.GridData;
  32 import org.eclipse.swt.layout.GridLayout;
  33 import org.eclipse.swt.widgets.Composite;
  34 import org.eclipse.swt.widgets.Control;
  35 import org.eclipse.swt.widgets.Label;
  36 import org.eclipse.swt.widgets.Shell;
  37 import org.eclipse.swt.widgets.Text;
  38 import org.eclipse.ui.handlers.HandlerUtil;
  39 import org.osgi.service.useradmin.User;
  40 import org.osgi.service.useradmin.UserAdmin;
  41
  42 /** Open the change password dialog */
  43 public class OpenChangePasswordDialog extends AbstractHandler {
  44         private final static CmsLog log = CmsLog.getLog(OpenChangePasswordDialog.class);
  45         private UserAdmin userAdmin;
  46         private WorkTransaction userTransaction;
  47         private CryptoKeyring keyring = null;
  48
  49         public Object execute(ExecutionEvent event) throws ExecutionException {
  50                 ChangePasswordDialog dialog = new ChangePasswordDialog(HandlerUtil.getActiveShell(event), userAdmin);
  51                 if (dialog.open() == Dialog.OK) {
  52                         MessageDialog.openInformation(HandlerUtil.getActiveShell(event), passwordChanged.lead(),
  53                                         passwordChanged.lead());
  54                 }
  55                 return null;
  56         }
  57
  58         @SuppressWarnings("unchecked")
  59         protected void changePassword(char[] oldPassword, char[] newPassword) {
  60                 Subject subject = Subject.getSubject(AccessController.getContext());
  61                 String name = subject.getPrincipals(X500Principal.class).iterator().next().toString();
  62                 LdapName dn;
  63                 try {
  64                         dn = new LdapName(name);
  65                 } catch (InvalidNameException e) {
  66                         throw new CmsException("Invalid user dn " + name, e);
  67                 }
  68                 User user = (User) userAdmin.getRole(dn.toString());
  69                 if (!user.hasCredential(null, oldPassword))
  70                         throw new CmsException("Invalid password");
  71                 if (Arrays.equals(newPassword, new char[0]))
  72                         throw new CmsException("New password empty");
  73                 try {
  74                         userTransaction.begin();
  75                         user.getCredentials().put(null, newPassword);
  76                         if (keyring != null) {
  77                                 keyring.changePassword(oldPassword, newPassword);
  78                                 // TODO change secret keys in the CMS session
  79                         }
  80                         userTransaction.commit();
  81                 } catch (Exception e) {
  82                         try {
  83                                 userTransaction.rollback();
  84                         } catch (Exception e1) {
  85                                 log.error("Could not roll back", e1);
  86                         }
  87                         if (e instanceof RuntimeException)
  88                                 throw (RuntimeException) e;
  89                         else
  90                                 throw new CmsException("Cannot change password", e);
  91                 }
  92         }
  93
  94         class ChangePasswordDialog extends TitleAreaDialog {
  95                 private static final long serialVersionUID = -6963970583882720962L;
  96                 private Text oldPassword, newPassword1, newPassword2;
  97
  98                 public ChangePasswordDialog(Shell parentShell, UserAdmin securityService) {
  99                         super(parentShell);
 100                 }
 101
 102                 protected Point getInitialSize() {
 103                         return new Point(400, 450);
 104                 }
 105
 106                 protected Control createDialogArea(Composite parent) {
 107                         Composite dialogarea = (Composite) super.createDialogArea(parent);
 108                         dialogarea.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, true));
 109                         Composite composite = new Composite(dialogarea, SWT.NONE);
 110                         composite.setLayout(new GridLayout(2, false));
 111                         composite.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, false));
 112                         oldPassword = createLP(composite, currentPassword.lead());
 113                         newPassword1 = createLP(composite, newPassword.lead());
 114                         newPassword2 = createLP(composite, repeatNewPassword.lead());
 115
 116                         setMessage(changePassword.lead(), INFORMATION);
 117                         parent.pack();
 118                         oldPassword.setFocus();
 119                         return composite;
 120                 }
 121
 122                 @Override
 123                 protected void okPressed() {
 124                         try {
 125                                 if (!newPassword1.getText().equals(newPassword2.getText()))
 126                                         throw new CmsException("New passwords are different");
 127                                 changePassword(oldPassword.getTextChars(), newPassword1.getTextChars());
 128                                 close();
 129                         } catch (Exception e) {
 130                                 ErrorFeedback.show("Cannot change password", e);
 131                         }
 132                 }
 133
 134                 /** Creates label and password. */
 135                 protected Text createLP(Composite parent, String label) {
 136                         new Label(parent, SWT.NONE).setText(label);
 137                         Text text = new Text(parent, SWT.SINGLE | SWT.LEAD | SWT.PASSWORD | SWT.BORDER);
 138                         text.setLayoutData(new GridData(SWT.FILL, SWT.FILL, true, false));
 139                         return text;
 140                 }
 141
 142                 protected void configureShell(Shell shell) {
 143                         super.configureShell(shell);
 144                         shell.setText(changePassword.lead());
 145                 }
 146         }
 147
 148         public void setUserAdmin(UserAdmin userAdmin) {
 149                 this.userAdmin = userAdmin;
 150         }
 151
 152         public void setUserTransaction(WorkTransaction userTransaction) {
 153                 this.userTransaction = userTransaction;
 154         }
 155
 156         public void setKeyring(CryptoKeyring keyring) {
 157                 this.keyring = keyring;
 158         }
 159
 160 }