svn commit: r1811424 - /ofbiz/ofbiz-framework/trunk/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

svn commit: r1811424 - /ofbiz/ofbiz-framework/trunk/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java

mbrohl
Author: mbrohl
Date: Sat Oct  7 14:06:21 2017
New Revision: 1811424

URL: http://svn.apache.org/viewvc?rev=1811424&view=rev
Log:
Improved: Fixing defects reported by FindBugs, package
org.apache.ofbiz.common.login.
(OFBIZ-9630)

Thanks Dennis Balkir for reporting and providing the patch.

Modified:
    ofbiz/ofbiz-framework/trunk/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java

Modified: ofbiz/ofbiz-framework/trunk/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java
URL: http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java?rev=1811424&r1=1811423&r2=1811424&view=diff
==============================================================================
--- ofbiz/ofbiz-framework/trunk/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java (original)
+++ ofbiz/ofbiz-framework/trunk/framework/common/src/main/java/org/apache/ofbiz/common/login/LoginServices.java Sat Oct  7 14:06:21 2017
@@ -87,13 +87,12 @@ public class LoginServices {
                 String errMsg = UtilProperties.getMessage(resource, "loginservices.ldap_authentication_failed", locale);
                 if ("true".equals(EntityUtilProperties.getPropertyValue("security", "security.ldap.fail.login", delegator))) {
                     return ServiceUtil.returnError(errMsg);
-                } else {
-                    Debug.logInfo(errMsg, module);
                 }
+                Debug.logInfo(errMsg, module);
             }
         }
 
-        Map<String, Object> result =  new LinkedHashMap<String, Object>();
+        Map<String, Object> result =  new LinkedHashMap<>();
         boolean useEncryption = "true".equals(EntityUtilProperties.getPropertyValue("security", "password.encrypt", delegator));
 
         // if isServiceAuth is not specified, default to not a service auth
@@ -115,10 +114,10 @@ public class LoginServices {
         } else {
 
             if ("true".equalsIgnoreCase(EntityUtilProperties.getPropertyValue("security", "username.lowercase", delegator))) {
-                username = username.toLowerCase();
+                username = username.toLowerCase(Locale.getDefault());
             }
             if ("true".equalsIgnoreCase(EntityUtilProperties.getPropertyValue("security", "password.lowercase", delegator))) {
-                password = password.toLowerCase();
+                password = password.toLowerCase(Locale.getDefault());
             }
 
             boolean repeat = true;
@@ -158,7 +157,7 @@ public class LoginServices {
 
                 if (userLogin != null) {
                     String ldmStr = EntityUtilProperties.getPropertyValue("security", "login.disable.minutes", delegator);
-                    long loginDisableMinutes = 30;
+                    long loginDisableMinutes;
 
                     try {
                         loginDisableMinutes = Long.parseLong(ldmStr);
@@ -471,12 +470,12 @@ public class LoginServices {
      *@return Map with the result of the service, the output parameters
      */
     public static Map<String, Object> createUserLogin(DispatchContext ctx, Map<String, ?> context) {
-        Map<String, Object> result =  new LinkedHashMap<String, Object>();
+        Map<String, Object> result =  new LinkedHashMap<>();
         Delegator delegator = ctx.getDelegator();
         LocalDispatcher dispatcher = ctx.getDispatcher();
         Security security = ctx.getSecurity();
         GenericValue loggedInUserLogin = (GenericValue) context.get("userLogin");
-        List<String> errorMessageList = new LinkedList<String>();
+        List<String> errorMessageList = new LinkedList<>();
         Locale locale = (Locale) context.get("locale");
 
         boolean useEncryption = "true".equals(EntityUtilProperties.getPropertyValue("security", "password.encrypt", delegator));
@@ -566,8 +565,7 @@ public class LoginServices {
 
         try {
             if (UtilValidate.isNotEmpty(securityAnswer)) {
-                Map<String, Object> resultMap = new HashMap<String, Object>();
-                resultMap = dispatcher.runSync("createUserLoginSecurityQuestion",
+                Map<String, Object> resultMap = dispatcher.runSync("createUserLoginSecurityQuestion",
                         UtilMisc.toMap("userLogin", loggedInUserLogin, "userLoginId", userLoginId, "questionEnumId", questionEnumId, "securityAnswer", securityAnswer));
                 if (ServiceUtil.isError(resultMap)) {
                     errMsg = ServiceUtil.getErrorMessage(resultMap);
@@ -643,7 +641,7 @@ public class LoginServices {
             try {
                 authenticated = AuthHelper.authenticate(userLoginId, currentPassword, true);
             } catch (AuthenticatorException e) {
-                // safe to ingore this; but we'll log it just in case
+                // safe to ignore this; but we'll log it just in case
                 Debug.logWarning(e, e.getMessage(), module);
             }
 
@@ -658,22 +656,21 @@ public class LoginServices {
                     return ServiceUtil.returnError(errMsg);
                 }
                 //result.put(ModelService.RESPONSE_MESSAGE, ModelService.RESPOND_SUCCESS);
-                result.put("updatedUserLogin", userLoginToUpdate);
+                result.put("updatedUserLogin", null);
                 return result;
-            } else {
-                Map<String, String> messageMap = UtilMisc.toMap("userLoginId", userLoginId);
-                errMsg = UtilProperties.getMessage(resource,"loginservices.could_not_change_password_userlogin_with_id_not_exist", messageMap, locale);
-                return ServiceUtil.returnError(errMsg);
             }
+            Map<String, String> messageMap = UtilMisc.toMap("userLoginId", userLoginId);
+            errMsg = UtilProperties.getMessage(resource,"loginservices.could_not_change_password_userlogin_with_id_not_exist", messageMap, locale);
+            return ServiceUtil.returnError(errMsg);
         }
 
         if ("true".equals(EntityUtilProperties.getPropertyValue("security", "password.lowercase", delegator))) {
-            currentPassword = currentPassword.toLowerCase();
-            newPassword = newPassword.toLowerCase();
-            newPasswordVerify = newPasswordVerify.toLowerCase();
+            currentPassword = currentPassword.toLowerCase(Locale.getDefault());
+            newPassword = newPassword.toLowerCase(Locale.getDefault());
+            newPasswordVerify = newPasswordVerify.toLowerCase(Locale.getDefault());
         }
 
-        List<String> errorMessageList = new LinkedList<String>();
+        List<String> errorMessageList = new LinkedList<>();
         if (newPassword != null) {
             checkNewPassword(userLoginToUpdate, currentPassword, newPassword, newPasswordVerify,
                 passwordHint, errorMessageList, adminUser, locale);
@@ -720,17 +717,17 @@ public class LoginServices {
      *@return Map with the result of the service, the output parameters
      */
     public static Map<String, Object> updateUserLoginId(DispatchContext ctx, Map<String, ?> context) {
-        Map<String, Object> result =  new LinkedHashMap<String, Object>();
+        Map<String, Object> result =  new LinkedHashMap<>();
         Delegator delegator = ctx.getDelegator();
         GenericValue loggedInUserLogin = (GenericValue) context.get("userLogin");
-        List<String> errorMessageList = new LinkedList<String>();
+        List<String> errorMessageList = new LinkedList<>();
         Locale locale = (Locale) context.get("locale");
 
         String userLoginId = (String) context.get("userLoginId");
         String errMsg = null;
 
         if ((userLoginId != null) && ("true".equals(EntityUtilProperties.getPropertyValue("security", "username.lowercase", delegator)))) {
-            userLoginId = userLoginId.toLowerCase();
+            userLoginId = userLoginId.toLowerCase(Locale.getDefault());
         }
 
         String partyId = loggedInUserLogin.getString("partyId");
@@ -824,7 +821,7 @@ public class LoginServices {
      *@return Map with the result of the service, the output parameters
      */
     public static Map<String, Object> updateUserLoginSecurity(DispatchContext ctx, Map<String, ?> context) {
-        Map<String, Object> result =  new LinkedHashMap<String, Object>();
+        Map<String, Object> result =  new LinkedHashMap<>();
         Delegator delegator = ctx.getDelegator();
         Security security = ctx.getSecurity();
         GenericValue loggedInUserLogin = (GenericValue) context.get("userLogin");
@@ -912,7 +909,7 @@ public class LoginServices {
             // if the password.accept.encrypted.and.plain property in security is set to true allow plain or encrypted passwords
             // if this is a system account don't bother checking the passwords
             boolean passwordMatches = checkPassword(userLogin.getString("currentPassword"), useEncryption, currentPassword);
-            if ((currentPassword == null) || (userLogin != null && currentPassword != null && !passwordMatches)) {
+            if ((currentPassword == null) || (!passwordMatches)) {
                 errMsg = UtilProperties.getMessage(resource,"loginservices.old_password_not_correct_reenter", locale);
                 errorMessageList.add(errMsg);
             }
@@ -939,7 +936,7 @@ public class LoginServices {
             passwordChangeHistoryLimit = 0;
         }
         Debug.logInfo(" password.change.history.limit is set to " + passwordChangeHistoryLimit, module);
-        if (passwordChangeHistoryLimit > 0 && userLogin != null) {
+        if (passwordChangeHistoryLimit > 0) {
             Debug.logInfo(" checkNewPassword Checking if user is tyring to use old password " + passwordChangeHistoryLimit, module);
             try {
                 List<GenericValue> pwdHistList = EntityQuery.use(delegator)
@@ -985,7 +982,6 @@ public class LoginServices {
                     String passwordPatternMessage = EntityUtilProperties.getPropertyValue("security",
                             "security.login.password.pattern.description", "loginservices.password_must_be_least_characters_long", delegator);
                     errMsg = UtilProperties.getMessage(resource, passwordPatternMessage, messageMap, locale);
-                    messageMap = UtilMisc.toMap("passwordPatternMessage", errMsg);
                     errorMessageList.add(errMsg);
                 }
             } else {
@@ -995,11 +991,11 @@ public class LoginServices {
                     errorMessageList.add(errMsg);
                 }
             }
-            if (userLogin != null && newPassword.equalsIgnoreCase(userLogin.getString("userLoginId"))) {
+            if (newPassword.equalsIgnoreCase(userLogin.getString("userLoginId"))) {
                 errMsg = UtilProperties.getMessage(resource,"loginservices.password_may_not_equal_username", locale);
                 errorMessageList.add(errMsg);
             }
-            if (UtilValidate.isNotEmpty(passwordHint) && (passwordHint.toUpperCase().indexOf(newPassword.toUpperCase()) >= 0)) {
+            if (UtilValidate.isNotEmpty(passwordHint) && (passwordHint.toUpperCase(Locale.getDefault()).indexOf(newPassword.toUpperCase(Locale.getDefault())) >= 0)) {
                 errMsg = UtilProperties.getMessage(resource,"loginservices.password_hint_may_not_contain_password", locale);
                 errorMessageList.add(errMsg);
             }