1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * This library is free software; you can redistribute it and/or modify it under
5    * the terms of the GNU Lesser General Public License as published by the Free
6    * Software Foundation; either version 2.1 of the License, or (at your option)
7    * any later version.
8    *
9    * This library is distributed in the hope that it will be useful, but WITHOUT
10   * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
11   * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
12   * details.
13   */
14  
15  package com.liferay.portlet.login.action;
16  
17  import com.liferay.portal.NoSuchUserException;
18  import com.liferay.portal.RequiredReminderQueryException;
19  import com.liferay.portal.SendPasswordException;
20  import com.liferay.portal.UserEmailAddressException;
21  import com.liferay.portal.UserReminderQueryException;
22  import com.liferay.portal.kernel.captcha.CaptchaTextException;
23  import com.liferay.portal.kernel.captcha.CaptchaUtil;
24  import com.liferay.portal.kernel.language.LanguageUtil;
25  import com.liferay.portal.kernel.servlet.SessionErrors;
26  import com.liferay.portal.kernel.util.ParamUtil;
27  import com.liferay.portal.kernel.util.Validator;
28  import com.liferay.portal.model.Company;
29  import com.liferay.portal.model.User;
30  import com.liferay.portal.service.UserLocalServiceUtil;
31  import com.liferay.portal.struts.PortletAction;
32  import com.liferay.portal.theme.ThemeDisplay;
33  import com.liferay.portal.util.PortalUtil;
34  import com.liferay.portal.util.PropsValues;
35  import com.liferay.portal.util.WebKeys;
36  import com.liferay.portlet.login.util.LoginUtil;
37  
38  import javax.portlet.ActionRequest;
39  import javax.portlet.ActionResponse;
40  import javax.portlet.PortletConfig;
41  import javax.portlet.PortletPreferences;
42  import javax.portlet.RenderRequest;
43  import javax.portlet.RenderResponse;
44  
45  import org.apache.struts.action.ActionForm;
46  import org.apache.struts.action.ActionForward;
47  import org.apache.struts.action.ActionMapping;
48  
49  /**
50   * <a href="ForgotPasswordAction.java.html"><b><i>View Source</i></b></a>
51   *
52   * @author Brian Wing Shun Chan
53   */
54  public class ForgotPasswordAction extends PortletAction {
55  
56      public void processAction(
57              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
58              ActionRequest actionRequest, ActionResponse actionResponse)
59          throws Exception {
60  
61          try {
62              User user = getUser(actionRequest);
63  
64              if (PropsValues.USERS_REMINDER_QUERIES_ENABLED &&
65                  (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD ||
66                   user.hasReminderQuery())) {
67  
68                  actionRequest.setAttribute(
69                      ForgotPasswordAction.class.getName(), user);
70  
71                  int step = ParamUtil.getInteger(actionRequest, "step");
72  
73                  if (step == 2) {
74                      if (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD) {
75                          CaptchaUtil.check(actionRequest);
76                      }
77  
78                      sendPassword(actionRequest, actionResponse);
79                  }
80              }
81              else {
82                  if (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD) {
83                      CaptchaUtil.check(actionRequest);
84                  }
85  
86                  sendPassword(actionRequest, actionResponse);
87              }
88          }
89          catch (Exception e) {
90              if (e instanceof CaptchaTextException ||
91                  e instanceof NoSuchUserException ||
92                  e instanceof RequiredReminderQueryException ||
93                  e instanceof SendPasswordException ||
94                  e instanceof UserEmailAddressException ||
95                  e instanceof UserReminderQueryException) {
96  
97                  SessionErrors.add(actionRequest, e.getClass().getName());
98              }
99              else {
100                 PortalUtil.sendError(e, actionRequest, actionResponse);
101             }
102         }
103     }
104 
105     public ActionForward render(
106             ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
107             RenderRequest renderRequest, RenderResponse renderResponse)
108         throws Exception {
109 
110         ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
111             WebKeys.THEME_DISPLAY);
112 
113         renderResponse.setTitle(themeDisplay.translate("forgot-password"));
114 
115         return mapping.findForward("portlet.login.forgot_password");
116     }
117 
118     protected User getUser(ActionRequest actionRequest)
119         throws Exception {
120 
121         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
122             WebKeys.THEME_DISPLAY);
123 
124         long userId = ParamUtil.getLong(actionRequest, "userId");
125         String screenName = ParamUtil.getString(actionRequest, "screenName");
126         String emailAddress = ParamUtil.getString(
127             actionRequest, "emailAddress");
128 
129         User user = null;
130 
131         if (Validator.isNotNull(emailAddress)) {
132             user = UserLocalServiceUtil.getUserByEmailAddress(
133                 themeDisplay.getCompanyId(), emailAddress);
134         }
135         else if (Validator.isNotNull(screenName)) {
136             user = UserLocalServiceUtil.getUserByScreenName(
137                 themeDisplay.getCompanyId(), screenName);
138         }
139         else if (userId > 0) {
140             user = UserLocalServiceUtil.getUserById(userId);
141         }
142         else {
143             throw new NoSuchUserException();
144         }
145 
146         return user;
147     }
148 
149     protected boolean isCheckMethodOnProcessAction() {
150         return _CHECK_METHOD_ON_PROCESS_ACTION;
151     }
152 
153     protected void sendPassword(
154             ActionRequest actionRequest, ActionResponse actionResponse)
155         throws Exception {
156 
157         ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
158             WebKeys.THEME_DISPLAY);
159 
160         Company company = themeDisplay.getCompany();
161 
162         User user = getUser(actionRequest);
163 
164         if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
165             if (PropsValues.USERS_REMINDER_QUERIES_REQUIRED &&
166                 !user.hasReminderQuery()) {
167 
168                 throw new RequiredReminderQueryException(
169                     "No reminder query or answer is defined for user " +
170                         user.getUserId());
171             }
172 
173             String answer = ParamUtil.getString(actionRequest, "answer");
174 
175             if (!user.getReminderQueryAnswer().equals(answer)) {
176                 throw new UserReminderQueryException();
177             }
178         }
179 
180         PortletPreferences preferences = actionRequest.getPreferences();
181 
182         String languageId = LanguageUtil.getLanguageId(actionRequest);
183 
184         String emailFromName = preferences.getValue("emailFromName", null);
185         String emailFromAddress = preferences.getValue(
186             "emailFromAddress", null);
187         String emailToAddress = user.getEmailAddress();
188 
189         String emailParam = "emailPasswordSent";
190 
191         if (company.isSendPasswordResetLink()) {
192             emailParam = "emailPasswordReset";
193         }
194 
195         String subject = preferences.getValue(
196             emailParam + "Subject_" + languageId, null);
197         String body = preferences.getValue(
198             emailParam + "Body_" + languageId, null);
199 
200         LoginUtil.sendPassword(
201             actionRequest, emailFromName, emailFromAddress, emailToAddress,
202             subject, body);
203 
204         sendRedirect(actionRequest, actionResponse);
205     }
206 
207     private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
208 
209 }