1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   *
13   */
14  
15  package com.liferay.portal.action;
16  
17  import com.liferay.portal.NoSuchUserException;
18  import com.liferay.portal.UserPasswordException;
19  import com.liferay.portal.kernel.servlet.SessionErrors;
20  import com.liferay.portal.kernel.util.Constants;
21  import com.liferay.portal.kernel.util.ParamUtil;
22  import com.liferay.portal.kernel.util.Validator;
23  import com.liferay.portal.security.auth.AuthTokenUtil;
24  import com.liferay.portal.security.auth.PrincipalException;
25  import com.liferay.portal.service.UserServiceUtil;
26  import com.liferay.portal.struts.ActionConstants;
27  import com.liferay.portal.util.PortalUtil;
28  import com.liferay.portal.util.WebKeys;
29  
30  import javax.servlet.http.HttpServletRequest;
31  import javax.servlet.http.HttpServletResponse;
32  import javax.servlet.http.HttpSession;
33  
34  import org.apache.struts.action.Action;
35  import org.apache.struts.action.ActionForm;
36  import org.apache.struts.action.ActionForward;
37  import org.apache.struts.action.ActionMapping;
38  
39  /**
40   * <a href="UpdatePasswordAction.java.html"><b><i>View Source</i></b></a>
41   *
42   * @author Brian Wing Shun Chan
43   */
44  public class UpdatePasswordAction extends Action {
45  
46      public ActionForward execute(
47              ActionMapping mapping, ActionForm form, HttpServletRequest request,
48              HttpServletResponse response)
49          throws Exception {
50  
51          String cmd = ParamUtil.getString(request, Constants.CMD);
52  
53          if (Validator.isNull(cmd)) {
54              return mapping.findForward("portal.update_password");
55          }
56  
57          try {
58              updatePassword(request, response);
59  
60              return mapping.findForward(ActionConstants.COMMON_REFERER);
61          }
62          catch (Exception e) {
63              if (e instanceof UserPasswordException) {
64                  SessionErrors.add(request, e.getClass().getName(), e);
65  
66                  return mapping.findForward(ActionConstants.COMMON_REFERER);
67              }
68              else if (e instanceof NoSuchUserException ||
69                       e instanceof PrincipalException) {
70  
71                  SessionErrors.add(request, e.getClass().getName());
72  
73                  return mapping.findForward("portal.error");
74              }
75              else {
76                  PortalUtil.sendError(e, request, response);
77  
78                  return null;
79              }
80          }
81      }
82  
83      protected void updatePassword(
84              HttpServletRequest request, HttpServletResponse response)
85          throws Exception {
86  
87          AuthTokenUtil.check(request);
88  
89          HttpSession session = request.getSession();
90  
91          long userId = PortalUtil.getUserId(request);
92          String password1 = ParamUtil.getString(request, "password1");
93          String password2 = ParamUtil.getString(request, "password2");
94          boolean passwordReset = false;
95  
96          UserServiceUtil.updatePassword(
97              userId, password1, password2, passwordReset);
98  
99          session.setAttribute(WebKeys.USER_PASSWORD, password1);
100     }
101 
102 }