Revision 45:44d445ff7ee3
| src/main/java/my/com/upass/MinimalUPassControllerV2.java | ||
|---|---|---|
| 17 | 17 |
import my.com.upass.services.CreateUserService; |
| 18 | 18 |
import my.com.upass.services.ModifyUserService; |
| 19 | 19 |
import my.com.upass.services.VerifyStaticPasswordService; |
| 20 |
import my.com.upass.services.VerifyStaticPasswordService.ReturnBundle; |
|
| 20 | 21 |
import my.com.upass.spring.ldap.MaybankLdapDAO; |
| 21 | 22 |
|
| 22 | 23 |
import org.apache.log4j.Logger; |
| ... | ... | |
| 170 | 171 |
} |
| 171 | 172 |
int rc; |
| 172 | 173 |
try {
|
| 173 |
Integer appId = checkAppAccess(appAccessId, hashedSecretKey, txSession);
|
|
| 174 |
AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
|
|
| 174 | 175 |
|
| 175 |
if (appId == null) |
|
| 176 |
final Integer appId = checkResult.invokerAppId; |
|
| 177 |
if (appId == null && !checkResult.hasUPassAdminAccess()) {
|
|
| 178 |
|
|
| 179 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
|
| 180 |
|
|
| 181 |
} else {
|
|
| 182 |
user.setUserType(MinimalConstants.UTYPE_STATE_USER); |
|
| 183 |
user.setPstate(MinimalConstants.UID_STATE_ACTIVE); |
|
| 184 |
rc = createUserService.addUser( |
|
| 185 |
user, appId.intValue(), accessType, txSession, checkPassword); |
|
| 186 |
} |
|
| 187 |
|
|
| 188 |
} catch (UPassException e) {
|
|
| 189 |
rc = e.getErrorCode(); |
|
| 190 |
e.printStackTrace(); |
|
| 191 |
|
|
| 192 |
} catch (MultipleAppAccessesFound e) {
|
|
| 193 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
|
| 194 |
e.printStackTrace(); |
|
| 195 |
} |
|
| 196 |
logger.info("addUser - user alias: [" + userAlias + "] Return: " + rc);
|
|
| 197 |
return rc; |
|
| 198 |
} |
|
| 199 |
|
|
| 200 |
/** |
|
| 201 |
* This method is meant for USS only. |
|
| 202 |
*/ |
|
| 203 |
public int addUser( |
|
| 204 |
String adminUsername, String adminPassword, MinimalUserBean user, |
|
| 205 |
char accessType, int targetAppId, Session txSession, boolean checkPassword) {
|
|
| 206 |
|
|
| 207 |
final String userAlias = user.getUserAlias(); |
|
| 208 |
final String doubleHashedPassword = user.getPcipherText(); |
|
| 209 |
|
|
| 210 |
// check if password is similar to user alias |
|
| 211 |
if (userAlias.equalsIgnoreCase(doubleHashedPassword)) {
|
|
| 212 |
return MinimalConstants.ERR_PASSWORD_SAMEAS_USERALIAS; |
|
| 213 |
} |
|
| 214 |
int rc; |
|
| 215 |
try {
|
|
| 216 |
AccessCheckResult checkResult = checkAppAccess(adminUsername, adminPassword, txSession); |
|
| 217 |
|
|
| 218 |
if (!checkResult.hasUPassAdminAccess()) |
|
| 176 | 219 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
| 177 | 220 |
|
| 178 | 221 |
else {
|
| 179 | 222 |
user.setUserType(MinimalConstants.UTYPE_STATE_USER); |
| 180 | 223 |
user.setPstate(MinimalConstants.UID_STATE_ACTIVE); |
| 181 | 224 |
rc = createUserService.addUser( |
| 182 |
user, appId.intValue(), accessType, txSession, checkPassword);
|
|
| 225 |
user, targetAppId, accessType, txSession, checkPassword);
|
|
| 183 | 226 |
} |
| 184 | 227 |
|
| 185 | 228 |
} catch (MultipleAppAccessesFound e) {
|
| ... | ... | |
| 301 | 344 |
|
| 302 | 345 |
int rc; |
| 303 | 346 |
try {
|
| 304 |
Integer appId = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
| 347 |
AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
| 348 |
|
|
| 349 |
Integer appId = checkResult.invokerAppId; |
|
| 350 |
Integer userType = checkResult.invokerUserType; |
|
| 305 | 351 |
|
| 306 | 352 |
final Object appIdObj = AppAccessMgtService.profileToAppMap.get(profile.getClass()); |
| 307 | 353 |
final int appIdForProfile = ((Integer) appIdObj).intValue(); |
| 308 | 354 |
|
| 309 |
if (appId == null || appId.intValue() != appIdForProfile) |
|
| 355 |
if ((appId == null && !checkResult.hasUPassAdminAccess()) |
|
| 356 |
|| appId.intValue() != appIdForProfile) {
|
|
| 357 |
|
|
| 310 | 358 |
rc = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
| 311 | 359 |
|
| 312 |
else {
|
|
| 360 |
} else {
|
|
| 313 | 361 |
rc = modifyUserService.updateProfileShallowly(profile, txSession); |
| 314 | 362 |
} |
| 315 | 363 |
} catch (MultipleAppAccessesFound e) {
|
| ... | ... | |
| 393 | 441 |
|
| 394 | 442 |
// Helper methods |
| 395 | 443 |
|
| 396 |
protected Integer checkAppAccessToUser( |
|
| 444 |
public class AccessCheckResult {
|
|
| 445 |
|
|
| 446 |
private Integer invokerAppId; |
|
| 447 |
private Integer invokerUserType; |
|
| 448 |
|
|
| 449 |
public Integer getInvokerAppId() {
|
|
| 450 |
return invokerAppId; |
|
| 451 |
} |
|
| 452 |
|
|
| 453 |
public Integer getInvokerUserType() {
|
|
| 454 |
return invokerUserType; |
|
| 455 |
} |
|
| 456 |
|
|
| 457 |
public boolean hasUPassAdminAccess() {
|
|
| 458 |
return invokerUserType != null |
|
| 459 |
&& invokerUserType.intValue() == MinimalConstants.UTYPE_STATE_ADMIN; |
|
| 460 |
} |
|
| 461 |
} |
|
| 462 |
|
|
| 463 |
protected AccessCheckResult checkAppAccessToUser( |
|
| 397 | 464 |
String appAccessId, String hashedSecretKey, String username, final Session txSession) |
| 398 | 465 |
throws MultipleAppAccessesFound, UPassException {
|
| 399 | 466 |
|
| 400 |
Integer appId = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
| 467 |
AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
| 468 |
|
|
| 469 |
if (checkResult.hasUPassAdminAccess()) |
|
| 470 |
return checkResult; |
|
| 401 | 471 |
|
| 402 | 472 |
List appIdsForUser = appAccessMgtService.listAppIdsForUser(username, txSession); |
| 403 |
int rc = appIdsForUser.contains(appId) ?
|
|
| 473 |
int retCode = appIdsForUser.contains(checkResult.invokerAppId) ?
|
|
| 404 | 474 |
MinimalConstants.ERR_SUCCESS |
| 405 | 475 |
: MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
| 406 | 476 |
|
| 407 |
if (rc != MinimalConstants.ERR_SUCCESS)
|
|
| 408 |
throw new UPassException(rc);
|
|
| 477 |
if (retCode != MinimalConstants.ERR_SUCCESS)
|
|
| 478 |
throw new UPassException(retCode);
|
|
| 409 | 479 |
|
| 410 |
return appId;
|
|
| 480 |
return checkResult;
|
|
| 411 | 481 |
} |
| 412 | 482 |
|
| 413 |
public Integer checkAppAccess(
|
|
| 483 |
public AccessCheckResult checkAppAccess(
|
|
| 414 | 484 |
String appAccessId, String hashedSecretKey, final Session txSession) |
| 415 | 485 |
throws UPassException, MultipleAppAccessesFound {
|
| 416 | 486 |
|
| 417 |
int rc = verifyStaticPasswordService.verifyStaticPassword(
|
|
| 487 |
ReturnBundle ret = verifyStaticPasswordService.verifyStaticPassword_returnUser(
|
|
| 418 | 488 |
appAccessId, hashedSecretKey, false, 0, txSession); |
| 419 | 489 |
|
| 420 |
if (rc != MinimalConstants.ERR_SUCCESS) |
|
| 421 |
throw new UPassException(rc); |
|
| 490 |
final int retCode = ret.getCode(); |
|
| 491 |
if (retCode != MinimalConstants.ERR_SUCCESS) |
|
| 492 |
throw new UPassException(retCode); |
|
| 422 | 493 |
|
| 423 |
Integer appId = appAccessMgtService.getAppIdForAdmin(appAccessId, txSession); |
|
| 424 |
return appId; |
|
| 494 |
AccessCheckResult result = new AccessCheckResult(); |
|
| 495 |
result.invokerUserType = new Integer(ret.getUser().getUserType()); |
|
| 496 |
|
|
| 497 |
if (result.hasUPassAdminAccess()) |
|
| 498 |
return result; |
|
| 499 |
|
|
| 500 |
result.invokerAppId = appAccessMgtService.getAppIdForAdmin(appAccessId, txSession); |
|
| 501 |
return result; |
|
| 425 | 502 |
} |
| 426 | 503 |
|
| 427 | 504 |
public UserProfile findProfile( |
| ... | ... | |
| 438 | 515 |
throws UPassException {
|
| 439 | 516 |
|
| 440 | 517 |
try {
|
| 441 |
Integer invokingAppId = checkAppAccess(appAccessId, hashedSecretKey, txSession);
|
|
| 442 |
if (invokingAppId == null)
|
|
| 518 |
AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession);
|
|
| 519 |
if (checkResult.invokerAppId == null && !checkResult.hasUPassAdminAccess())
|
|
| 443 | 520 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
| 444 | 521 |
|
| 445 | 522 |
if (targetAppId == null) {
|
| 446 |
targetAppId = invokingAppId;
|
|
| 523 |
targetAppId = checkResult.invokerAppId;
|
|
| 447 | 524 |
|
| 448 |
} else if (!targetAppId.equals(invokingAppId)) {
|
|
| 525 |
} else if (!targetAppId.equals(checkResult.invokerAppId)) {
|
|
| 449 | 526 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
| 450 | 527 |
} |
| 451 | 528 |
List profiles = modifyUserService.listProfiles(username, txSession); |
| ... | ... | |
| 481 | 558 |
throws UPassException {
|
| 482 | 559 |
|
| 483 | 560 |
try {
|
| 484 |
Integer invokingAppId = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
| 485 |
if (invokingAppId == null) |
|
| 486 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
| 561 |
AccessCheckResult checkResult = checkAppAccess(appAccessId, hashedSecretKey, txSession); |
|
| 562 |
final boolean upassAdmin = checkResult.hasUPassAdminAccess(); |
|
| 563 |
if (!upassAdmin) {
|
|
| 564 |
if (checkResult.invokerAppId == null) |
|
| 565 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
| 487 | 566 |
|
| 488 |
if (targetAppId == null) {
|
|
| 489 |
targetAppId = invokingAppId;
|
|
| 567 |
if (targetAppId == null) {
|
|
| 568 |
targetAppId = checkResult.invokerAppId;
|
|
| 490 | 569 |
|
| 491 |
} else if (!targetAppId.equals(invokingAppId)) {
|
|
| 492 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
| 570 |
} else if (!targetAppId.equals(checkResult.invokerAppId)) {
|
|
| 571 |
throw new UPassException(MinimalConstants.ERR_APP_SERV_NOT_PERMITTED); |
|
| 572 |
} |
|
| 493 | 573 |
} |
| 494 | 574 |
List profiles = modifyUserService.listProfilesByExamples(exampleProfiles, txSession); |
| 575 |
if (!upassAdmin) |
|
| 576 |
for (Iterator iterator = profiles.iterator(); iterator.hasNext();) {
|
|
| 577 |
UserProfile profile = (UserProfile) iterator.next(); |
|
| 495 | 578 |
|
| 496 |
for (Iterator iterator = profiles.iterator(); iterator.hasNext();) {
|
|
| 497 |
UserProfile profile = (UserProfile) iterator.next();
|
|
| 579 |
final Integer appIdForProfile = (Integer) AppAccessMgtService
|
|
| 580 |
.profileToAppMap.get(profile.getClass());
|
|
| 498 | 581 |
|
| 499 |
final Integer appIdForProfile = (Integer) AppAccessMgtService |
|
| 500 |
.profileToAppMap.get(profile.getClass()); |
|
| 501 |
|
|
| 502 |
if (!targetAppId.equals(appIdForProfile)) |
|
| 503 |
iterator.remove(); |
|
| 504 |
} |
|
| 582 |
if (!targetAppId.equals(appIdForProfile)) |
|
| 583 |
iterator.remove(); |
|
| 584 |
} |
|
| 505 | 585 |
return profiles; |
| 506 | 586 |
|
| 507 | 587 |
} catch (MultipleAppAccessesFound e) {
|
| ... | ... | |
| 520 | 600 |
return maybankLdapDAO; |
| 521 | 601 |
} |
| 522 | 602 |
} |
| 603 |
|
|
| 523 | 604 |
} |
| src/main/java/my/com/upass/services/VerifyStaticPasswordService.java | ||
|---|---|---|
| 47 | 47 |
|
| 48 | 48 |
public VerifyStaticPasswordService(MinimalUPassControllerV2 upc) {
|
| 49 | 49 |
this.upc = upc; |
| 50 |
modifyUserService = new ModifyUserService(upc);
|
|
| 50 |
modifyUserService = new ModifyUserService(upc); |
|
| 51 | 51 |
} |
| 52 | 52 |
|
| 53 | 53 |
public int verifyStaticPassword( |
| 54 | 54 |
String userAlias, String password, |
| 55 | 55 |
boolean chkUserType, int userType, Session txSession) {
|
| 56 | 56 |
|
| 57 |
return verifyUserCredetial(userAlias, password, chkUserType, userType, false, txSession); |
|
| 57 |
return verifyUserCredetial( |
|
| 58 |
userAlias, password, chkUserType, userType, false, txSession); |
|
| 59 |
} |
|
| 60 |
|
|
| 61 |
public ReturnBundle verifyStaticPassword_returnUser( |
|
| 62 |
String userAlias, String password, |
|
| 63 |
boolean chkUserType, int userType, Session txSession) {
|
|
| 64 |
|
|
| 65 |
return verifyUserCredetial_returnUser( |
|
| 66 |
userAlias, password, chkUserType, userType, false, txSession); |
|
| 58 | 67 |
} |
| 59 | 68 |
|
| 60 | 69 |
/** |
| ... | ... | |
| 104 | 113 |
boolean chkUserType, int userType, |
| 105 | 114 |
boolean dormantCheck, Session txSession) {
|
| 106 | 115 |
|
| 107 |
int rc = MinimalConstants.ERR_SYSTEM_NOT_READY; |
|
| 116 |
final ReturnBundle ret = verifyUserCredetial_returnUser( |
|
| 117 |
userAlias, password, chkUserType, userType, dormantCheck, txSession); |
|
| 118 |
return ret.code; |
|
| 119 |
} |
|
| 120 |
|
|
| 121 |
public ReturnBundle verifyUserCredetial_returnUser( |
|
| 122 |
String userAlias, String password, |
|
| 123 |
boolean chkUserType, int userType, |
|
| 124 |
boolean dormantCheck, Session txSession) {
|
|
| 125 |
|
|
| 126 |
ReturnBundle ret = new ReturnBundle(); |
|
| 127 |
ret.code = MinimalConstants.ERR_SYSTEM_NOT_READY; |
|
| 108 | 128 |
|
| 109 | 129 |
if (userAlias == null || password == null) {
|
| 110 |
return MinimalConstants.ERR_INVALID_INPUT; |
|
| 130 |
ret.code = MinimalConstants.ERR_INVALID_INPUT; |
|
| 131 |
return ret; |
|
| 111 | 132 |
} |
| 112 |
|
|
| 113 | 133 |
try {
|
| 114 | 134 |
UserDAO userDao = MinimalDAOFactory.minimalInstance().getUserDAO(); |
| 115 |
MinimalUserBean userBean = userDao.getUserFromStore(userAlias, txSession);
|
|
| 135 |
ret.user = userDao.getUserFromStore(userAlias, txSession);
|
|
| 116 | 136 |
|
| 117 |
if (userBean == null) {
|
|
| 118 |
return MinimalConstants.ERR_USERALIAS_NOT_FOUND; |
|
| 137 |
if (ret.user == null) {
|
|
| 138 |
ret.code = MinimalConstants.ERR_USERALIAS_NOT_FOUND; |
|
| 139 |
return ret; |
|
| 119 | 140 |
} |
| 141 |
// -- migration period checking : START -- |
|
| 142 |
if (ret.user.getHashedPassword() == null) { // password null, so the user haven't get migrated.
|
|
| 120 | 143 |
|
| 121 |
//-- migration period checking : START -- |
|
| 122 |
if(userBean.getHashedPassword() == null){ //password null, so the user haven't get migrated.
|
|
| 123 |
|
|
| 124 |
//authenticate to ldap |
|
| 144 |
// authenticate to ldap |
|
| 125 | 145 |
Config cfg = Config.getInstance(); |
| 126 |
if("Y".equals(cfg.get(MinimalConstants.PROP_MIGRATION_PERIOD_FLAG).toString())){
|
|
| 127 |
if(!MinimalUPassControllerV2.getMaybankLdapDAO().authenticate(userAlias, password)){
|
|
| 128 |
return MinimalConstants.ERR_INVALID_CREDENTIAL; |
|
| 146 |
if ("Y".equals(cfg.get(MinimalConstants.PROP_MIGRATION_PERIOD_FLAG).toString())) {
|
|
| 147 |
if (!MinimalUPassControllerV2.getMaybankLdapDAO().authenticate(userAlias, password)) {
|
|
| 148 |
ret.code = MinimalConstants.ERR_INVALID_CREDENTIAL; |
|
| 149 |
return ret; |
|
| 129 | 150 |
} |
| 130 | 151 |
} |
| 131 |
|
|
| 132 |
//update password to upass |
|
| 133 |
int responseCode = modifyUserService.modifyUser(userAlias, MinimalConstants.UTYPE_STATE_USER, "", password, MinimalConstants.UID_STATE_ACTIVE, false); |
|
| 134 |
if(MinimalConstants.ERR_SUCCESS != responseCode){
|
|
| 135 |
return responseCode; |
|
| 152 |
|
|
| 153 |
// update password to upass |
|
| 154 |
int responseCode = modifyUserService.modifyUser(userAlias, MinimalConstants.UTYPE_STATE_USER, "", |
|
| 155 |
password, MinimalConstants.UID_STATE_ACTIVE, false); |
|
| 156 |
if (MinimalConstants.ERR_SUCCESS != responseCode) {
|
|
| 157 |
ret.code = responseCode; |
|
| 158 |
return ret; |
|
| 136 | 159 |
} |
| 137 |
|
|
| 138 |
//reload profile with password |
|
| 139 |
userBean = userDao.getUserFromStore(userAlias, txSession);
|
|
| 160 |
|
|
| 161 |
// reload profile with password
|
|
| 162 |
ret.user = userDao.getUserFromStore(userAlias, txSession);
|
|
| 140 | 163 |
} |
| 141 |
//-- migration period checking : END -- |
|
| 142 |
|
|
| 143 |
|
|
| 164 |
// -- migration period checking : END -- |
|
| 165 |
|
|
| 144 | 166 |
// verify user state, must be active (not inactive|locked|deleted) |
| 145 |
switch (userBean.getUstate()) {
|
|
| 167 |
switch (ret.user.getUstate()) {
|
|
| 146 | 168 |
|
| 147 | 169 |
case (MinimalConstants.UID_STATE_ACTIVE): |
| 148 | 170 |
break; |
| 149 | 171 |
case (MinimalConstants.UID_STATE_TMP_LOCKED): |
| 150 | 172 |
Date now = new Date(); |
| 151 |
if (userBean.getUdateLockedTo().after(now)) {
|
|
| 152 |
return MinimalConstants.ERR_INVALID_STATE; |
|
| 173 |
if (ret.user.getUdateLockedTo().after(now)) {
|
|
| 174 |
ret.code = MinimalConstants.ERR_INVALID_STATE; |
|
| 175 |
return ret; |
|
| 153 | 176 |
} |
| 154 | 177 |
break; |
| 155 | 178 |
default: |
| 156 |
return MinimalConstants.ERR_INVALID_STATE; |
|
| 179 |
ret.code = MinimalConstants.ERR_INVALID_STATE; |
|
| 180 |
return ret; |
|
| 157 | 181 |
} |
| 158 | 182 |
|
| 159 | 183 |
// verify user type |
| 160 |
if (chkUserType && userBean.getUserType() != userType) {
|
|
| 161 |
return MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
|
| 184 |
if (chkUserType && ret.user.getUserType() != userType) {
|
|
| 185 |
ret.code = MinimalConstants.ERR_APP_SERV_NOT_PERMITTED; |
|
| 186 |
return ret; |
|
| 162 | 187 |
} |
| 163 | 188 |
|
| 164 | 189 |
PasswordController pc = (PasswordController) MinimalUPassFactory.getPasswordController( |
| 165 |
userBean, upc.getConfigurationsMap());
|
|
| 190 |
ret.user, upc.getConfigurationsMap());
|
|
| 166 | 191 |
ConfigBean configBean = pc.getConfigBean(); |
| 167 | 192 |
|
| 168 |
userBean = (MinimalUserBean) pc.getUpdatedObject();
|
|
| 193 |
ret.user = (MinimalUserBean) pc.getUpdatedObject();
|
|
| 169 | 194 |
|
| 170 | 195 |
// verify user dormant period |
| 171 |
if (userBean.getPdateLastUsed() != null && dormantCheck && pc.isUserDormant()) {
|
|
| 172 |
rc = MinimalConstants.ERR_USER_DORMANT;
|
|
| 196 |
if (ret.user.getPdateLastUsed() != null && dormantCheck && pc.isUserDormant()) {
|
|
| 197 |
ret.code = MinimalConstants.ERR_USER_DORMANT;
|
|
| 173 | 198 |
|
| 174 | 199 |
Calendar deactivateDate = Calendar.getInstance(); |
| 175 | 200 |
deactivateDate.add(Calendar.DATE, +configBean.getUserDeactivatePeriod()); |
| 176 | 201 |
|
| 177 |
userBean.setUstate(MinimalConstants.UID_STATE_TMP_LOCKED);
|
|
| 178 |
userBean.setUdateLockedFrom((new Date()));
|
|
| 179 |
userBean.setUdateLockedTo((deactivateDate.getTime()));
|
|
| 180 |
userBean.setUdateLastLocked((new Date()));
|
|
| 202 |
ret.user.setUstate(MinimalConstants.UID_STATE_TMP_LOCKED);
|
|
| 203 |
ret.user.setUdateLockedFrom((new Date()));
|
|
| 204 |
ret.user.setUdateLockedTo((deactivateDate.getTime()));
|
|
| 205 |
ret.user.setUdateLastLocked((new Date()));
|
|
| 181 | 206 |
|
| 182 | 207 |
} else {
|
| 183 | 208 |
// verify user password |
| 184 |
rc = pc.VerifyPassword(password);
|
|
| 209 |
ret.code = pc.VerifyPassword(password);
|
|
| 185 | 210 |
|
| 186 | 211 |
// suspend if exceeded max retries |
| 187 |
if (rc == MinimalConstants.ERR_EXCEED_MAX_TRIES
|
|
| 188 |
&& (userBean.getUserType() != MinimalConstants.UTYPE_STATE_USER)) {
|
|
| 212 |
if (ret.code == MinimalConstants.ERR_EXCEED_MAX_TRIES
|
|
| 213 |
&& (ret.user.getUserType() != MinimalConstants.UTYPE_STATE_USER)) {
|
|
| 189 | 214 |
|
| 190 | 215 |
Calendar expiryDate = Calendar.getInstance(); |
| 191 | 216 |
expiryDate.add(Calendar.MINUTE, |
| 192 | 217 |
UPassParameters.SUPERVISOR_ID_SUSPEND); |
| 193 | 218 |
|
| 194 | 219 |
// Map<String, String> parametersMap = upc.getConfigurationsMap () |
| 195 |
// .get (userBean.getUcustomerType ());
|
|
| 220 |
// .get (retBundle.user.getUcustomerType ());
|
|
| 196 | 221 |
// UPassParameters._MAX_ERROR = Integer |
| 197 | 222 |
// .parseInt (parametersMap.get ( |
| 198 | 223 |
// "PASSWORD_MAX_ERROR").toString ()); |
| 199 | 224 |
|
| 200 |
userBean.setUstate(MinimalConstants.UID_STATE_TMP_LOCKED);
|
|
| 201 |
userBean.setPerrorCount(configBean.getPasswordMaxTryError() - 1);
|
|
| 202 |
userBean.setUdateLockedFrom((new Date()));
|
|
| 203 |
userBean.setUdateLockedTo(expiryDate.getTime());
|
|
| 204 |
userBean.setUdateLastLocked((new Date()));
|
|
| 225 |
ret.user.setUstate(MinimalConstants.UID_STATE_TMP_LOCKED);
|
|
| 226 |
ret.user.setPerrorCount(configBean.getPasswordMaxTryError() - 1);
|
|
| 227 |
ret.user.setUdateLockedFrom((new Date()));
|
|
| 228 |
ret.user.setUdateLockedTo(expiryDate.getTime());
|
|
| 229 |
ret.user.setUdateLastLocked((new Date()));
|
|
| 205 | 230 |
} |
| 206 | 231 |
} |
| 207 | 232 |
// update database |
| 208 |
boolean lrc = userDao.updateUserToStore(userBean, txSession);
|
|
| 233 |
boolean lrc = userDao.updateUserToStore(ret.user, txSession);
|
|
| 209 | 234 |
|
| 210 | 235 |
if (!lrc) {
|
| 211 |
rc = MinimalConstants.ERR_SYSTEM_NOT_READY;
|
|
| 236 |
ret.code = MinimalConstants.ERR_SYSTEM_NOT_READY;
|
|
| 212 | 237 |
} |
| 213 | 238 |
} catch (Exception e) {
|
| 214 | 239 |
e.printStackTrace(); |
| 215 |
return MinimalConstants.ERR_SYSTEM_NOT_READY; |
|
| 240 |
ret.code = MinimalConstants.ERR_SYSTEM_NOT_READY; |
|
| 241 |
return ret; |
|
| 216 | 242 |
} |
| 217 |
return rc; |
|
| 243 |
return ret; |
|
| 244 |
} |
|
| 245 |
|
|
| 246 |
public static class ReturnBundle {
|
|
| 247 |
private int code; |
|
| 248 |
private MinimalUserBean user; |
|
| 249 |
|
|
| 250 |
public int getCode() {
|
|
| 251 |
return code; |
|
| 252 |
} |
|
| 253 |
|
|
| 254 |
public MinimalUserBean getUser() {
|
|
| 255 |
return user; |
|
| 256 |
} |
|
| 218 | 257 |
} |
| 219 | 258 |
} |
Also available in: Unified diff