/** * Updates a user with the given data. */ @UserEditPermission @Validated(UserUtils.UpdateValidation.class) @Transactional(propagation=Propagation.REQUIRED, readOnly=false) public UserDto updateUser(U user, @Valid U updatedUser) { log.debug("Updating user: " + user); // checks LecjUtils.ensureCorrectVersion(user, updatedUser); // delegates to updateUserFields updateUserFields(user, updatedUser, LecwUtils.currentUser()); userRepository.save(user); log.debug("Updated user: " + user); UserDto userDto = user.toUserDto(); userDto.setPassword(null); return userDto; }
/** * Resends verification mail to the user. */ @UserEditPermission public void resendVerificationMail(U user) { // The user must exist LexUtils.ensureFound(user); // must be unverified LexUtils.validate(user.getRoles().contains(UserUtils.Role.UNVERIFIED), "com.naturalprogrammer.spring.alreadyVerified").go(); // send the verification mail sendVerificationMail(user); }
/** * Requests for email change. */ @UserEditPermission @Validated(UserUtils.ChangeEmailValidation.class) @Transactional(propagation=Propagation.REQUIRED, readOnly=false) public void requestEmailChange(U user, @Valid U updatedUser) { log.debug("Requesting email change: " + user); // checks LexUtils.ensureFound(user); LexUtils.validateField("updatedUser.password", passwordEncoder.matches(updatedUser.getPassword(), user.getPassword()), "com.naturalprogrammer.spring.wrong.password").go(); // preserves the new email id user.setNewEmail(updatedUser.getNewEmail()); //user.setChangeEmailCode(LemonUtils.uid()); userRepository.save(user); // after successful commit, mails a link to the user LecjUtils.afterCommit(() -> mailChangeEmailLink(user)); log.debug("Requested email change: " + user); }
/** * Changes the password. */ @UserEditPermission @Transactional(propagation=Propagation.REQUIRED, readOnly=false) public String changePassword(U user, @Valid ChangePasswordForm changePasswordForm) { log.debug("Changing password for user: " + user); // Get the old password of the logged in user (logged in user may be an ADMIN) UserDto currentUser = LecwUtils.currentUser(); U loggedIn = userRepository.findById(toId(currentUser.getId())).get(); String oldPassword = loggedIn.getPassword(); // checks LexUtils.ensureFound(user); LexUtils.validateField("changePasswordForm.oldPassword", passwordEncoder.matches(changePasswordForm.getOldPassword(), oldPassword), "com.naturalprogrammer.spring.wrong.password").go(); // sets the password user.setPassword(passwordEncoder.encode(changePasswordForm.getPassword())); user.setCredentialsUpdatedMillis(System.currentTimeMillis()); userRepository.save(user); log.debug("Changed password for user: " + user); return user.toUserDto().getUsername(); }