Changeset 791:291246f5412e

Timestamp:

01/19/12 21:48:23 (4 months ago)

Author:

xeraph

Branch:

default

Message:

added dom.passwd for password reset
added password change enforcement

Location:

kraken-dom/src/main/java/org/krakenapps/dom

Files:

• api/impl/AdminApiImpl.java (modified) (2 diffs)
• model/User.java (modified) (3 diffs)
• script/DomScript.java (modified) (6 diffs)

kraken-dom/src/main/java/org/krakenapps/dom/api/impl/AdminApiImpl.java

@@ -228 +228 @@
                         }
 
+                        enforcePasswordChange(domain, admin);
+
                         Integer maxSession = orgApi.getOrganizationParameter(domain, "max_sessions", Integer.class);
                         if (maxSession != null) {
@@ -284 +286 @@
                         throw e;
                 }
+        }
+
+        private void enforcePasswordChange(String domain, Admin admin) {
+                logger.trace("kraken dom: last password change [{}]", admin.getUser().getLastPasswordChange());
+                long interval = new Date().getTime() - admin.getUser().getLastPasswordChange().getTime();
+
+                Integer passwordExpiry = (Integer) orgApi.getOrganizationParameter(domain, "dom.user.password_expiry");
+                if (passwordExpiry == null)
+                        passwordExpiry = 365;
+
+                long baseline = passwordExpiry * 86400 * 1000L;
+                logger.trace("kraken dom: checking expired password interval [{}], last change [{}]", interval, baseline);
+
+                if (interval > baseline)
+                        throw new DOMException("expired-password");
         }
 

kraken-dom/src/main/java/org/krakenapps/dom/model/User.java

@@ -63 +63 @@
         private Date updated = new Date();
 
+        @FieldOption(nullable = false)
+        private Date lastPasswordChange;
+
         public String getLoginName() {
                 return loginName;
@@ -101 +104 @@
         public void setPassword(String password) {
                 this.password = password;
+                this.lastPasswordChange = new Date();
         }
 
@@ -158 +162 @@
                 this.updated = updated;
         }
+
+        public Date getLastPasswordChange() {
+                return lastPasswordChange;
+        }
+
+        public void setLastPasswordChange(Date lastPasswordChange) {
+                this.lastPasswordChange = lastPasswordChange;
+        }
+
 }

kraken-dom/src/main/java/org/krakenapps/dom/script/DomScript.java

@@ -20 +20 @@
 import org.krakenapps.dom.model.ProgramPack;
 import org.krakenapps.dom.model.ProgramProfile;
+import org.krakenapps.dom.model.User;
 import org.krakenapps.dom.model.Vendor;
 
@@ -34 +35 @@
         private ApplicationApi appApi;
 
-        public DomScript(GlobalConfigApi globalConfigApi, OrganizationApi orgApi, UserApi userApi, RoleApi roleApi, ProgramApi programApi,
-                        AreaApi areaApi, HostApi hostApi, ApplicationApi appApi) {
+        public DomScript(GlobalConfigApi globalConfigApi, OrganizationApi orgApi, UserApi userApi, RoleApi roleApi,
+                        ProgramApi programApi, AreaApi areaApi, HostApi hostApi, ApplicationApi appApi) {
                 this.globalConfigApi = globalConfigApi;
                 this.orgApi = orgApi;
@@ -51 +52 @@
         }
 
+        @ScriptUsage(description = "reset password", arguments = {
+                        @ScriptArgument(name = "domain", type = "string", description = "org domain"),
+                        @ScriptArgument(name = "login name", type = "string", description = "login name"),
+                        @ScriptArgument(name = "password", type = "string", description = "new password") })
+        public void passwd(String[] args) {
+                String domain = args[0];
+                String loginName = args[1];
+                String password = args[2];
+
+                User user = userApi.getUser(domain, loginName);
+                user.setPassword(password);
+
+                userApi.updateUser(domain, user, true);
+                context.println("password reset");
+        }
+
         public void install(String[] args) {
                 InitialSchema.generate(context, globalConfigApi, orgApi, roleApi, programApi, areaApi, userApi);
@@ -68 +85 @@
         }
 
-        @ScriptUsage(description = "add vendor", arguments = { @ScriptArgument(name = "domain", type = "string", description = "domain"),
+        @ScriptUsage(description = "add vendor", arguments = {
+                        @ScriptArgument(name = "domain", type = "string", description = "domain"),
                         @ScriptArgument(name = "name", type = "string", description = "name") })
         public void addVendor(String[] args) {
@@ -77 +95 @@
         }
 
-        @ScriptUsage(description = "add host type", arguments = { @ScriptArgument(name = "domain", type = "string", description = ""),
+        @ScriptUsage(description = "add host type", arguments = {
+                        @ScriptArgument(name = "domain", type = "string", description = ""),
                         @ScriptArgument(name = "vendor guid", type = "string", description = ""),
                         @ScriptArgument(name = "name", type = "string", description = ""),
@@ -92 +111 @@
         }
 
-        @ScriptUsage(description = "add host extension", arguments = { @ScriptArgument(name = "domain", type = "string", description = ""),
+        @ScriptUsage(description = "add host extension", arguments = {
+                        @ScriptArgument(name = "domain", type = "string", description = ""),
                         @ScriptArgument(name = "host type guid", type = "string", description = ""),
                         @ScriptArgument(name = "type", type = "string", description = "host extension type"),