001/*
002 * This library is part of OpenCms -
003 * the Open Source Content Management System
004 *
005 * Copyright (c) Alkacon Software GmbH & Co. KG (http://www.alkacon.com)
006 *
007 * This library is free software; you can redistribute it and/or
008 * modify it under the terms of the GNU Lesser General Public
009 * License as published by the Free Software Foundation; either
010 * version 2.1 of the License, or (at your option) any later version.
011 *
012 * This library is distributed in the hope that it will be useful,
013 * but WITHOUT ANY WARRANTY; without even the implied warranty of
014 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
015 * Lesser General Public License for more details.
016 *
017 * For further information about Alkacon Software, please see the
018 * company website: http://www.alkacon.com
019 *
020 * For further information about OpenCms, please see the
021 * project website: http://www.opencms.org
022 *
023 * You should have received a copy of the GNU Lesser General Public
024 * License along with this library; if not, write to the Free Software
025 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
026 */
027
028package org.opencms.ui.login;
029
030import org.opencms.file.CmsObject;
031import org.opencms.file.CmsUser;
032import org.opencms.gwt.CmsVfsService;
033import org.opencms.main.CmsException;
034import org.opencms.main.CmsLog;
035import org.opencms.main.OpenCms;
036import org.opencms.security.CmsOrganizationalUnit;
037import org.opencms.ui.A_CmsUI;
038import org.opencms.ui.CmsVaadinUtils;
039import org.opencms.ui.I_CmsHasButtons;
040import org.opencms.ui.Messages;
041import org.opencms.util.CmsStringUtil;
042import org.opencms.workplace.CmsWorkplaceLoginHandler;
043
044import java.util.Arrays;
045import java.util.List;
046import java.util.Locale;
047
048import org.apache.commons.logging.Log;
049import org.apache.commons.mail.EmailException;
050
051import com.vaadin.data.Validator.InvalidValueException;
052import com.vaadin.data.validator.EmailValidator;
053import com.vaadin.ui.AbstractField;
054import com.vaadin.ui.Button;
055import com.vaadin.ui.Button.ClickEvent;
056import com.vaadin.ui.Notification;
057import com.vaadin.ui.Notification.Type;
058import com.vaadin.ui.TextField;
059import com.vaadin.ui.VerticalLayout;
060
061/**
062 * Dialog to request a password reset link if you forgot your passsword.<p>
063 */
064public class CmsForgotPasswordDialog extends VerticalLayout implements I_CmsHasButtons {
065
066    /** The logger instance for this class. */
067    private static final Log LOG = CmsLog.getLog(CmsForgotPasswordDialog.class);
068
069    /** Serial version id. */
070    private static final long serialVersionUID = 1L;
071
072    /** Field for the email address. */
073    protected TextField m_emailField;
074
075    /** The user field. */
076    protected TextField m_userField;
077
078    /** The OU selector. */
079    protected CmsLoginOuSelector m_ouSelect;
080
081    /** Button to request the mail with the password reset link .*/
082    protected Button m_mailButton;
083
084    /** Button to cancel. */
085    protected Button m_cancelButton;
086
087    /**
088     * Creates a new instance.<p>
089     */
090    public CmsForgotPasswordDialog() {
091        Locale locale = A_CmsUI.get().getLocale();
092        CmsVaadinUtils.readAndLocalizeDesign(this, OpenCms.getWorkplaceManager().getMessages(locale), null);
093        List<CmsOrganizationalUnit> ouList = CmsLoginHelper.getOrgUnitsForLoginDialog(A_CmsUI.getCmsObject(), null);
094        m_ouSelect.initOrgUnits(ouList);
095        String notEmptyMessage = CmsVaadinUtils.getMessageText(Messages.GUI_VALIDATION_FIELD_EMPTY_0);
096        m_userField.setRequired(true);
097        m_userField.setRequiredError(notEmptyMessage);
098        m_emailField.setRequired(true);
099        m_emailField.setRequiredError(notEmptyMessage);
100        m_emailField.addValidator(
101            new EmailValidator(
102                Messages.get().getBundle(A_CmsUI.get().getLocale()).key(Messages.GUI_PWCHANGE_INVALID_EMAIL_0)));
103        m_cancelButton.addClickListener(new Button.ClickListener() {
104
105            /**Serial version id. */
106            private static final long serialVersionUID = 1L;
107
108            public void buttonClick(ClickEvent event) {
109
110                cancel();
111            }
112        });
113
114        m_mailButton.addClickListener(new Button.ClickListener() {
115
116            /** Serial version id. */
117            private static final long serialVersionUID = 1L;
118
119            public void buttonClick(ClickEvent event) {
120
121                boolean valid = true;
122                for (AbstractField<?> field : Arrays.asList(m_userField, m_emailField)) {
123                    try {
124                        field.validate();
125                    } catch (InvalidValueException e) {
126                        valid = false;
127                    }
128                }
129                if (!valid) {
130                    return;
131                }
132                String selectedOu = m_ouSelect.getValue();
133                selectedOu = (selectedOu != null) ? selectedOu : "";
134                String fullName = CmsStringUtil.joinPaths(selectedOu, m_userField.getValue());
135                if (sendPasswordResetLink(CmsLoginUI.m_adminCms, fullName, m_emailField.getValue())) {
136
137                    // Since we need to actually go to a different page here, we can't use a Vaadin notification,
138                    // because we don't get notified on the server when the user clicks it.
139                    CmsVaadinUtils.showAlert(
140                        Messages.get().getBundle(A_CmsUI.get().getLocale()).key(
141                            Messages.GUI_PWCHANGE_MAILSENT_HEADER_0),
142                        Messages.get().getBundle(A_CmsUI.get().getLocale()).key(
143                            Messages.GUI_PWCHANGE_MAILSENT_MESSAGE_0),
144                        new Runnable() {
145
146                        public void run() {
147
148                            A_CmsUI.get().getPage().setLocation(
149                                OpenCms.getLinkManager().substituteLinkForUnknownTarget(
150                                    CmsLoginUI.m_adminCms,
151                                    CmsWorkplaceLoginHandler.LOGIN_HANDLER,
152                                    false));
153
154                        }
155
156                    });
157                }
158            }
159        });
160
161    }
162
163    /**
164     * Tries to find a user with the given email address, and if one is found, sends a mail with the password reset link to them.<p>
165     *
166     * @param cms the CMS Context
167     * @param fullUserName the full user name including OU
168     * @param email the email address entered by the user
169     * @return true if the mail could be sent
170     */
171    public static boolean sendPasswordResetLink(CmsObject cms, String fullUserName, String email) {
172
173        LOG.info("Trying to find user for email " + email);
174        email = email.trim();
175
176        try {
177            CmsUser foundUser = null;
178            try {
179                foundUser = cms.readUser(fullUserName);
180            } catch (CmsException e) {
181                LOG.error(e.getLocalizedMessage(), e);
182            }
183            if ((foundUser == null)
184                || CmsStringUtil.isEmptyOrWhitespaceOnly(email)
185                || !email.equals(foundUser.getEmail())
186                || foundUser.isManaged()
187                || foundUser.isWebuser()) {
188                Notification.show(
189                    CmsVaadinUtils.getMessageText(Messages.GUI_PWCHANGE_EMAIL_MISMATCH_0),
190                    Type.ERROR_MESSAGE);
191                return false;
192            }
193            long now = System.currentTimeMillis();
194            long expiration = OpenCms.getLoginManager().getTokenLifetime() + now;
195            String expirationStr = CmsVfsService.formatDateTime(cms, expiration);
196            String token = CmsTokenValidator.createToken(cms, foundUser, now);
197            String link = OpenCms.getLinkManager().getWorkplaceLink(cms, CmsWorkplaceLoginHandler.LOGIN_HANDLER, false)
198                + "?at="
199                + token;
200            LOG.info("Sending password reset link to user " + foundUser.getName() + ": " + link);
201            CmsPasswordChangeNotification notification = new CmsPasswordChangeNotification(
202                cms,
203                foundUser,
204                link,
205                expirationStr);
206            try {
207                notification.send();
208            } catch (EmailException e) {
209                Notification.show(
210                    Messages.get().getBundle(A_CmsUI.get().getLocale()).key(Messages.GUI_PWCHANGE_MAIL_SEND_ERROR_0),
211                    Type.ERROR_MESSAGE);
212                LOG.error(e.getLocalizedMessage(), e);
213                return false;
214            }
215
216        } catch (Exception e) {
217            LOG.error(e.getLocalizedMessage(), e);
218            Notification.show(e.getLocalizedMessage(), Type.ERROR_MESSAGE);
219            return false;
220        }
221        return true;
222    }
223
224    /**
225     * Cancels the dialog.<p>
226     */
227    public void cancel() {
228
229        CmsObject cms = A_CmsUI.getCmsObject();
230        String link = OpenCms.getLinkManager().substituteLinkForUnknownTarget(
231            cms,
232            CmsWorkplaceLoginHandler.LOGIN_HANDLER,
233            false);
234        A_CmsUI.get().getPage().setLocation(link);
235    }
236
237    /**
238     * @see org.opencms.ui.I_CmsHasButtons#getButtons()
239     */
240    public List<Button> getButtons() {
241
242        return Arrays.asList(m_mailButton, m_cancelButton);
243    }
244
245}