Changeset 73 for branches/TaskRewrite

Timestamp:

Mar 14, 2009, 10:04:39 AM (16 years ago)

Author:

gav

Message:

Add changePassword under options view so that users can change their own password.
Adjust for password validation, userCache etc. Only a small bug during "edit" is left on second "update" command.

Location:

branches/TaskRewrite/src/grails-app

Files:

• conf/BootStrap.groovy (modified) (6 diffs)
• conf/SecurityConfig.groovy (modified) (1 diff)
• controllers/AppCoreController.groovy (modified) (1 diff)
• controllers/LoginController.groovy (modified) (1 diff)
• controllers/PersonController.groovy (modified) (2 diffs)
• domain/Person.groovy (modified) (1 diff)
• i18n/messages.properties (modified) (2 diffs)
• views/_adminmenubar.gsp (modified) (1 diff)
• views/appCore/changePassword.gsp (added)
• views/appCore/create.gsp (deleted)
• views/appCore/edit.gsp (deleted)
• views/appCore/home.gsp (modified) (1 diff)
• views/appCore/list.gsp (deleted)
• views/appCore/options.gsp (modified) (1 diff)
• views/appCore/show.gsp (deleted)
• views/layouts/main.gsp (modified) (2 diffs)
• views/person/create.gsp (modified) (1 diff)
• views/person/edit.gsp (modified) (2 diffs)

branches/TaskRewrite/src/grails-app/conf/BootStrap.groovy

@@ -72 +72 @@
             
         //Person
-        def passwordEncoded = authenticateService.encodePassword("pass")
+        def passClearText = "pass"
+        def passwordEncoded = authenticateService.encodePassword(passClearText)
         def personInstance
 
@@ -78 +79 @@
                                     firstName:"Admin",
                                     lastName:"Powers",
+                                    pass:passClearText,
                                     password:passwordEncoded,
                                     email:"admin@example.com")
+        BootStrapSaveAndTest(personInstance)
+        personInstance.addToAuthorities(Authority.get(1))
+        personInstance.addToAuthorities(Authority.get(2))
+        personInstance.addToPersonGroups(PersonGroup.findByName("gnuMims"))
+
+        personInstance = new Person(loginName:"admin2",
+                                    firstName:"Admin2",
+                                    lastName:"Powers2",
+                                    pass:passClearText,
+                                    password:passwordEncoded,
+                                    email:"admin2@example.com")
         BootStrapSaveAndTest(personInstance)
         personInstance.addToAuthorities(Authority.get(1))
@@ -88 +101 @@
                                     firstName:"Demo",
                                     lastName:"Danza",
+                                    pass:passClearText,
                                     password:passwordEncoded,
                                     email:"user@example.com")
@@ -97 +111 @@
                                     firstName:"Craig",
                                     lastName:"SuperTech",
+                                    pass:passClearText,
                                     password:passwordEncoded,
                                     email:"user@example.com")
@@ -103 +118 @@
         personInstance.addToPersonGroups(PersonGroup.findByName("Electrical"))
 
-        personInstance = new Person(loginName:"joe",
-                                    firstName:"Joe",
+        personInstance = new Person(loginName:"john",
+                                    firstName:"John",
                                     lastName:"Samples",
+                                    pass:passClearText,
                                     password:passwordEncoded,
                                     email:"user@example.com")
@@ -115 +131 @@
                                     firstName:"Production",
                                     lastName:"Mann",
+                                    pass:passClearText,
                                     password:passwordEncoded,
                                     email:"user@example.com")

branches/TaskRewrite/src/grails-app/conf/SecurityConfig.groovy

@@ -46 +46 @@
     alwaysUseDefaultTargetUrl = true
 
+    //User caching, turned this off so that password changes take effect.
+    //It would appear that user is still in the session as logout/login
+    // is still required for role changes to take effect.
+    //If this option causes high database load try:
+    //  import org.acegisecurity.providers.dao.DaoAuthenticationProvider
+    //  import org.acegisecurity.context.SecurityContextHolder
+    //  DaoAuthenticationProvider daoAuthenticationProvider 
+    //  def user = SecurityContextHolder.context.authentication.principal.username 
+    //  daoAuthenticationProvider.userCache.removeUserFromCache(user)
+    //  in logout controller and perhaps on password change and role change.
+    cacheUsers = false
+
 }

branches/TaskRewrite/src/grails-app/controllers/AppCoreController.groovy

@@ -10 +10 @@
     //def allowedMethods = [delete:'POST', save:'POST', update:'POST']
 
-
     def home = {
     }
 
     def options = {
-        def principal = authenticateService.principal()
-        println principal.getUsername()//get username
-        println principal.getAuthorities()//get authorities()
     }
+
+    def changePassword = {
+        //def principal = authenticateService.principal()
+        //println principal.getAuthorities()
+
+        if (request.method == 'GET') {
+            def personInstance = Person.get(authenticateService.userDomain().id)
+            return [ personInstance : personInstance ]       
+        }  
+
+        if (request.method == 'POST') {
+            def personInstance = Person.get(authenticateService.userDomain().id)
+    
+            personInstance.pass = params.pass
+            personInstance.password = authenticateService.encodePassword(personInstance.pass)
+
+            if (!personInstance.hasErrors() && personInstance.save()) {
+                //userCache.removeUserFromCache(personInstance.loginName)
+                flash.message = "Password changed successfully."
+                redirect(action:options)
+            }
+            else {
+                render(view:'changePassword',model:[personInstance:personInstance])
+            }                          
+        }  
+    }
+
 
     @Secured(['ROLE_AppAdmin'])   

branches/TaskRewrite/src/grails-app/controllers/LoginController.groovy

@@ -49 +49 @@
         def auth = {
 
-                nocache response
+                nocache(response)
 
                 if (isLoggedIn()) {

branches/TaskRewrite/src/grails-app/controllers/PersonController.groovy

@@ -96 +96 @@
                 }
 
-                def oldPassword = person.password
                 person.properties = params
-                if (!params.password.equals(oldPassword)) {
-                        person.password = authenticateService.encodePassword(params.password)
-                }
-                if (person.save()) {
-                        Authority.findAll().each { it.removeFromPersons(person) }
-                        addRoles(person)
-                        redirect action: show, id: person.id
-                }
-                else {
-                        render view: 'edit', model: buildPersonModel(person)
-                }
+
+        if (person.pass != "") {
+            if (!person.hasErrors()) {
+                person.password = authenticateService.encodePassword(params.pass)
+            }
+        }
+        else {
+            person.pass = "NothingToClearValidation"
+        }
+
+        if (!person.hasErrors() && person.save()) {
+            Authority.findAll().each { it.removeFromPersons(person) }
+            addRoles(person)
+            redirect action: show, id: person.id
+        }
+        else {
+            render view: 'edit', model: buildPersonModel(person)
+        }
+
         }
 
@@ -122 +129 @@
                 def person = new Person()
                 person.properties = params
-                person.password = authenticateService.encodePassword(params.password)
+                person.password = authenticateService.encodePassword(params.pass)
                 if (person.save()) {
                         addRoles(person)

branches/TaskRewrite/src/grails-app/domain/Person.groovy

@@ -27 +27 @@
 
         /** plain password to create a MD5 password */
-        String pass = '[secret]'
+        String pass
 
         static constraints = {
-                loginName(blank: false, unique: true)//minSize:7
+                loginName(blank: false, unique: true, minSize:4)//minSize:7
                 firstName(blank: false)
         lastName(blank: false)
-                password(blank: false) //minSize:7
         employeeID(blank: true, nullable:true)
+        description()
+        email()
+        emailShow()
+        isActive()
+        //Enforcing minSize on password does not work since "" gets encoded to a string.
+                password(blank: false)
+        //So we need to use pass for validation then encode it for above.
+        pass(blank: false, minSize:4)
+
         }
 

branches/TaskRewrite/src/grails-app/i18n/messages.properties

@@ +1 @@
+person.pass.minSize.notmet=Password is less than the minimum size of [{3}]
+person.pass.blank=Password cannot be blank
+
 default.doesnt.match.message=Property [{0}] of class [{1}] with value [{2}] does not match the required pattern [{3}]
 default.invalid.url.message=Property [{0}] of class [{1}] with value [{2}] is not a valid URL
@@ -29 +32 @@
 typeMismatch.java.math.BigDecimal=Property {0} must be a valid number
 typeMismatch.java.math.BigInteger=Property {0} must be a valid number
+
+

branches/TaskRewrite/src/grails-app/views/_adminmenubar.gsp

@@ -14 +14 @@
     <span class="appControlButton">
         <g:link controller="logout">
-                Log out
+                Log out (<g:loggedInUsername/>)
         </g:link>
     </span>

branches/TaskRewrite/src/grails-app/views/appCore/home.gsp

@@ -15 +15 @@
                 <div class="message">${flash.message}</div>
             </g:if>
-            <g:hasErrors bean="${appCoreInstance}">
+            <g:hasErrors bean="${appCore}">
                 <div class="errors">
-                    <g:renderErrors bean="${appCoreInstance}" as="list" />
+                    <g:renderErrors bean="${appCore}" as="list" />
                 </div>
             </g:hasErrors>

branches/TaskRewrite/src/grails-app/views/appCore/options.gsp

@@ -11 +11 @@
         <div class="body">
             <h1>Welcome to Options</h1>
+            <g:if test="${flash.message}">
+            <div class="message">${flash.message}</div>
+            </g:if>
             <br/>
             <div class="dialog">
+            <a href="${createLink(action:'changePassword')}">Change Password</a>
 
             </div>

branches/TaskRewrite/src/grails-app/views/layouts/main.gsp

@@ -7 +7 @@
         <g:javascript library="application" />
     </head>
-    <body>
+    
+    <!-- Added g:pageProperty so that onload in each page works -->
+    <body onload="<g:pageProperty name='body.onload'/>">
     <div id="wrapper" style="height: 100%;">
     <div id="top">
@@ -24 +26 @@
         </div>
         <div class="appControl">
-            <g:render template="/adminmenubar" />
+             <g:render template="/adminmenubar" />
         </div>
         <!-- Body wrapper div for IE -->

branches/TaskRewrite/src/grails-app/views/person/create.gsp

@@ -49 +49 @@
 
                                         <tr class="prop">
-                                                <td valign="top" class="name"><label for="password">Password:</label></td>
-                                                <td valign="top" class="value ${hasErrors(bean:person,field:'password','errors')}">
-                                                        <input type="password" id="password" name="password" value="${person.password?.encodeAsHTML()}"/>
+                                                <td valign="top" class="name"><label for="pass">Password:</label></td>
+                                                <td valign="top" class="value ${hasErrors(bean:person,field:'pass','errors')}">
+                                                        <input type="password" id="pass" name="pass"/>
                                                 </td>
                                         </tr>

branches/TaskRewrite/src/grails-app/views/person/edit.gsp

@@ -31 +31 @@
                         <input type="hidden" name="id" value="${person.id}" />
                         <input type="hidden" name="version" value="${person.version}" />
+            <input type="hidden" name="password" value="${person.password}" />
                         <div class="dialog">
                                 <table>
@@ -57 +58 @@
 
                                         <tr class="prop">
-                                                <td valign="top" class="name"><label for="password">Password:</label></td>
-                                                <td valign="top" class="value ${hasErrors(bean:person,field:'password','errors')}">
-                                                        <input type="password" id="password" name="password" value="${person.password?.encodeAsHTML()}"/>
+                                                <td valign="top" class="name"><label for="pass">Password:</label></td>
+                                                <td valign="top" class="value ${hasErrors(bean:person,field:'pass','errors')}">
+                                                        <input type="password" id="pass" name="pass"/>
                                                 </td>
                                         </tr>