/**
* ***************************************************************************
* Copyright (c) 2010 Qcadoo Limited
* Project: Qcadoo Framework
* Version: 1.4
*
* This file is part of Qcadoo.
*
* Qcadoo is free software; you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published
* by the Free Software Foundation; either version 3 of the License,
* or (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty
* of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
* See the GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
* ***************************************************************************
*/
package com.qcadoo.security.internal.validators;
import org.springframework.stereotype.Service;
import com.qcadoo.model.api.DataDefinition;
import com.qcadoo.model.api.Entity;
@Service
public class PasswordValidationService {
private static final String L_PASSWORD = "password";
public boolean checkPassword(final DataDefinition dataDefinition, final Entity entity) {
String password = entity.getStringField(L_PASSWORD);
String passwordConfirmation = entity.getStringField("passwordConfirmation");
String oldPassword = entity.getStringField("oldPassword");
String viewIdentifier = entity.getId() == null ? "userChangePassword" : entity.getStringField("viewIdentifier");
if (!"profileChangePassword".equals(viewIdentifier) && !"userChangePassword".equals(viewIdentifier)) {
return true;
}
if ("profileChangePassword".equals(viewIdentifier)) {
if (oldPassword == null) {
entity.addError(dataDefinition.getField("oldPassword"), "qcadooUsers.validate.global.error.noOldPassword");
return false;
}
Object currentPassword = dataDefinition.get(entity.getId()).getField(L_PASSWORD);
if (!currentPassword.equals(oldPassword)) {
entity.addError(dataDefinition.getField("oldPassword"), "qcadooUsers.validate.global.error.wrongOldPassword");
return false;
}
}
if (password == null) {
entity.addError(dataDefinition.getField(L_PASSWORD), "qcadooUsers.validate.global.error.noPassword");
return false;
}
if (passwordConfirmation == null) {
entity.addError(dataDefinition.getField("passwordConfirmation"),
"qcadooUsers.validate.global.error.noPasswordConfirmation");
return false;
}
if (!password.equals(passwordConfirmation)) {
entity.addError(dataDefinition.getField(L_PASSWORD), "qcadooUsers.validate.global.error.notMatch");
entity.addError(dataDefinition.getField("passwordConfirmation"), "qcadooUsers.validate.global.error.notMatch");
return false;
}
return true;
}
}