1   /**
2    * Copyright (c) 2000-2009 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portlet.login.action;
24  
25  import com.liferay.portal.NoSuchUserException;
26  import com.liferay.portal.SendPasswordException;
27  import com.liferay.portal.UserEmailAddressException;
28  import com.liferay.portal.UserReminderQueryException;
29  import com.liferay.portal.kernel.captcha.CaptchaTextException;
30  import com.liferay.portal.kernel.captcha.CaptchaUtil;
31  import com.liferay.portal.kernel.language.LanguageUtil;
32  import com.liferay.portal.kernel.servlet.SessionErrors;
33  import com.liferay.portal.kernel.util.ParamUtil;
34  import com.liferay.portal.kernel.util.Validator;
35  import com.liferay.portal.model.User;
36  import com.liferay.portal.service.UserLocalServiceUtil;
37  import com.liferay.portal.struts.PortletAction;
38  import com.liferay.portal.theme.ThemeDisplay;
39  import com.liferay.portal.util.PortalUtil;
40  import com.liferay.portal.util.PropsValues;
41  import com.liferay.portal.util.WebKeys;
42  import com.liferay.portlet.login.util.LoginUtil;
43  
44  import javax.portlet.ActionRequest;
45  import javax.portlet.ActionResponse;
46  import javax.portlet.PortletConfig;
47  import javax.portlet.PortletPreferences;
48  import javax.portlet.RenderRequest;
49  import javax.portlet.RenderResponse;
50  
51  import org.apache.struts.action.ActionForm;
52  import org.apache.struts.action.ActionForward;
53  import org.apache.struts.action.ActionMapping;
54  
55  /**
56   * <a href="ForgotPasswordAction.java.html"><b><i>View Source</i></b></a>
57   *
58   * @author Brian Wing Shun Chan
59   *
60   */
61  public class ForgotPasswordAction extends PortletAction {
62  
63      public void processAction(
64              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
65              ActionRequest actionRequest, ActionResponse actionResponse)
66          throws Exception {
67  
68          try {
69              User user = getUser(actionRequest);
70  
71              if (PropsValues.USERS_REMINDER_QUERIES_ENABLED &&
72                  (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD ||
73                   (Validator.isNotNull(user.getReminderQueryQuestion()) &&
74                    Validator.isNotNull(user.getReminderQueryAnswer())))) {
75  
76                  actionRequest.setAttribute(
77                      ForgotPasswordAction.class.getName(), user);
78  
79                  int step = ParamUtil.getInteger(actionRequest, "step");
80  
81                  if (step == 2) {
82                      if (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD) {
83                          CaptchaUtil.check(actionRequest);
84                      }
85  
86                      sendPassword(actionRequest, actionResponse);
87                  }
88              }
89              else {
90                  if (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD) {
91                      CaptchaUtil.check(actionRequest);
92                  }
93  
94                  sendPassword(actionRequest, actionResponse);
95              }
96          }
97          catch (Exception e) {
98              if (e instanceof CaptchaTextException ||
99                  e instanceof NoSuchUserException ||
100                 e instanceof SendPasswordException ||
101                 e instanceof UserEmailAddressException ||
102                 e instanceof UserReminderQueryException) {
103 
104                 SessionErrors.add(actionRequest, e.getClass().getName());
105             }
106             else {
107                 PortalUtil.sendError(e, actionRequest, actionResponse);
108             }
109         }
110     }
111 
112     public ActionForward render(
113             ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
114             RenderRequest renderRequest, RenderResponse renderResponse)
115         throws Exception {
116 
117         ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
118             WebKeys.THEME_DISPLAY);
119 
120         renderResponse.setTitle(
121             LanguageUtil.get(
122                 themeDisplay.getCompanyId(), themeDisplay.getLocale(),
123                 "forgot-password"));
124 
125         return mapping.findForward("portlet.login.forgot_password");
126     }
127 
128     protected User getUser(ActionRequest actionRequest) throws Exception {
129         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
130             WebKeys.THEME_DISPLAY);
131 
132         long userId = ParamUtil.getLong(actionRequest, "userId");
133         String screenName = ParamUtil.getString(actionRequest, "screenName");
134         String emailAddress = ParamUtil.getString(
135             actionRequest, "emailAddress");
136 
137         User user = null;
138 
139         if (Validator.isNotNull(emailAddress)) {
140             user = UserLocalServiceUtil.getUserByEmailAddress(
141                 themeDisplay.getCompanyId(), emailAddress);
142         }
143         else if (Validator.isNotNull(screenName)) {
144             user = UserLocalServiceUtil.getUserByScreenName(
145                 themeDisplay.getCompanyId(), screenName);
146         }
147         else if (userId > 0) {
148             user = UserLocalServiceUtil.getUserById(userId);
149         }
150         else {
151             throw new NoSuchUserException();
152         }
153 
154         return user;
155     }
156 
157     protected boolean isCheckMethodOnProcessAction() {
158         return _CHECK_METHOD_ON_PROCESS_ACTION;
159     }
160 
161     protected void sendPassword(
162             ActionRequest actionRequest, ActionResponse actionResponse)
163         throws Exception {
164 
165         User user = getUser(actionRequest);
166 
167         if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
168             String answer = ParamUtil.getString(actionRequest, "answer");
169 
170             if (!user.getReminderQueryAnswer().equals(answer)) {
171                 throw new UserReminderQueryException();
172             }
173         }
174 
175         PortletPreferences preferences = actionRequest.getPreferences();
176 
177         String languageId = LanguageUtil.getLanguageId(actionRequest);
178 
179         String emailFromName = preferences.getValue("emailFromName", null);
180         String emailFromAddress = preferences.getValue(
181             "emailFromAddress", null);
182         String emailToAddress = user.getEmailAddress();
183         String subject = preferences.getValue(
184             "emailPasswordSentSubject_" + languageId, null);
185         String body = preferences.getValue(
186             "emailPasswordSentBody_" + languageId, null);
187 
188         LoginUtil.sendPassword(
189             actionRequest, emailFromName, emailFromAddress, emailToAddress,
190             subject, body);
191 
192         sendRedirect(actionRequest, actionResponse);
193     }
194 
195     private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
196 
197 }