]> git.argeo.org Git - lgpl/argeo-commons.git/blobdiff - security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java
projects / lgpl / argeo-commons.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Improve security
[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.core / src / main / java / org / argeo / security / core / DefaultSecurityService.java
diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java
index 74aa57cd50b8759f047890b51f324be21c13e93f..ef64337ebed1d99762cf642a0c496a8892447980 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/DefaultSecurityService.java
@@ -1,5 +1,6 @@
 package org.argeo.security.core;
 
+import org.argeo.ArgeoException;
 import org.argeo.security.ArgeoSecurity;
 import org.argeo.security.ArgeoSecurityDao;
 import org.argeo.security.ArgeoSecurityService;
@@ -25,6 +26,14 @@ public class DefaultSecurityService implements ArgeoSecurityService {
                securityDao.update(user);
        }
 
+       public void updateCurrentUserPassword(String oldPassword, String newPassword) {
+               SimpleArgeoUser user = new SimpleArgeoUser(securityDao.getCurrentUser());
+               if (!user.getPassword().equals(oldPassword))
+                       throw new ArgeoException("Old password is not correct.");
+               user.setPassword(newPassword);
+               securityDao.update(user);
+       }
+
        public void newUser(ArgeoUser user) {
                user.getUserNatures().clear();
                argeoSecurity.beforeCreate(user);
@@ -36,7 +45,7 @@ public class DefaultSecurityService implements ArgeoSecurityService {
                                .getPassword();
                SimpleArgeoUser simpleArgeoUser = new SimpleArgeoUser(user);
                simpleArgeoUser.setPassword(password);
-               securityDao.update(user);
+               securityDao.update(simpleArgeoUser);
        }
 
        public void setArgeoSecurity(ArgeoSecurity argeoSecurity) {
Argeo Commons - Lightweight integration framework in pure Java/OSGi