portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pau...@apache.org
Subject cvs commit: jakarta-jetspeed/docs/site changes.html
Date Wed, 20 Mar 2002 06:55:48 GMT
paulsp      02/03/19 22:55:48

  Modified:    src/java/org/apache/jetspeed/modules/actions
                        CreateNewUserAndConfirm.java
                        JetspeedSessionValidator.java UpdateAccount.java
               src/java/org/apache/jetspeed/modules/actions/portlets/security
                        UserUpdateAction.java
               src/java/org/apache/jetspeed/modules/localization
                        JetspeedLocalization_en.properties
               src/java/org/apache/jetspeed/services/security
                        JetspeedDBSecurityService.java
               webapp/WEB-INF/templates/vm GlobalMacros.vm
               webapp/WEB-INF/templates/vm/portlets/html user-form.vm
               webapp/WEB-INF/templates/vm/screens/html EditAccount.vm
               xdocs    changes.xml
               docs/site changes.html
  Log:
  o Fix - Bug 7142 - When password are saved encryped when encryption is enabled
  o Fix - Bug 7142 - Users must enter their current password to change their password
  o Fix - Password are correctly cased, based on JR.p JetspeedSecurity.caseinsensitive properites
  o Fix - Username is no longer updatable in UserBrowser Edit and Delete screens
  o Fix - JetspeedSecurity is used instead of TurbineSecurity when appropiate. Mainly everywhere
other then JetspeedDBSecurityService
  o Add - formReadOnlyText to GlobalMacro.vm for readonly field in a form
  PR: 7142
  
  Revision  Changes    Path
  1.29      +2 -4      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/CreateNewUserAndConfirm.java
  
  Index: CreateNewUserAndConfirm.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/CreateNewUserAndConfirm.java,v
  retrieving revision 1.28
  retrieving revision 1.29
  diff -u -r1.28 -r1.29
  --- CreateNewUserAndConfirm.java	23 Feb 2002 23:10:15 -0000	1.28
  +++ CreateNewUserAndConfirm.java	20 Mar 2002 06:55:47 -0000	1.29
  @@ -85,7 +85,6 @@
   
   // security
   import org.apache.jetspeed.services.JetspeedSecurity;
  -import org.apache.turbine.services.security.TurbineSecurity;
   import org.apache.turbine.util.security.AccessControlList;
   
   /**
  @@ -122,6 +121,7 @@
           
               String pass1 = data.getParameters().getString("password", "");
               String pass2 = data.getParameters().getString("password_confirm", "");    
   
  +
               // make sure the passwords are not empty
               if ( (pass1.length() == 0 || pass2.length() == 0 )
                   || ! pass1.equals ( pass2 ) )
  @@ -164,7 +164,6 @@
                   User user = JetspeedSecurity.getUserInstance();                
                   
                   user.setUserName( username );   
  -                user.setPassword ( pass1 );
                   user.setCreateDate(now);
                   user.setLastLogin(new Date(0));
                   user.setFirstName( data.getParameters().getString("firstname") );
  @@ -200,7 +199,7 @@
                   data.setMessage(Localization.getString("CREATENEWUSERANDCONFIRM_CREATE"));
                   if (enableMail || newUserNotification || newUserApproval)
                   {
  -                    data.setUser(TurbineSecurity.getAnonymousUser());
  +                    data.setUser(JetspeedSecurity.getAnonymousUser());
                       data.getParameters().add("username", username);
                       data.getParameters().add("password", pass1);
                       if ( ! newUserApproval )
  @@ -308,6 +307,5 @@
               data.setScreenTemplate("Error");
           }
         }
  -
   
   }
  
  
  
  1.15      +6 -5      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JetspeedSessionValidator.java
  
  Index: JetspeedSessionValidator.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/JetspeedSessionValidator.java,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- JetspeedSessionValidator.java	19 Feb 2002 14:02:08 -0000	1.14
  +++ JetspeedSessionValidator.java	20 Mar 2002 06:55:48 -0000	1.15
  @@ -60,13 +60,14 @@
   import org.apache.turbine.util.RunData;
   import org.apache.turbine.util.Log;
   import org.apache.turbine.util.security.UnknownEntityException;
  -import org.apache.turbine.services.security.TurbineSecurity;
   import org.apache.turbine.om.security.User;
   import org.apache.turbine.modules.actions.sessionvalidator.TemplateSessionValidator;
   import org.apache.turbine.services.resources.TurbineResources;
  -import org.apache.jetspeed.services.rundata.JetspeedRunData;
  -import org.apache.jetspeed.services.Profiler;
  +
   import org.apache.jetspeed.om.profile.Profile;
  +import org.apache.jetspeed.services.JetspeedSecurity;
  +import org.apache.jetspeed.services.Profiler;
  +import org.apache.jetspeed.services.rundata.JetspeedRunData;
   import org.apache.jetspeed.services.resources.JetspeedResources;
   
   /**
  @@ -82,7 +83,7 @@
   @author <a href="mailto:ingo@raleigh.ibm.com">Ingo Schuster</a>
   @author <a href="mailto:raphael@apache.org">RaphaŽl Luta</a>
   @author <a href="mailto:sgala@apache.org">Santiago Gala</a>
  -@version $Id: JetspeedSessionValidator.java,v 1.14 2002/02/19 14:02:08 kimptoc Exp $
  +@version $Id: JetspeedSessionValidator.java,v 1.15 2002/03/20 06:55:48 paulsp Exp $
   */
   public class JetspeedSessionValidator extends TemplateSessionValidator
   {
  @@ -113,7 +114,7 @@
               if ( userName.length() > 0 && loginCookieValue.length() >0 )
               {
                 try {
  -                user = TurbineSecurity.getUser(userName);
  +                user = JetspeedSecurity.getUser(userName);
                   if (user.getPerm("logincookie","").equals(loginCookieValue)) {
                     //cookie is present and correct - log the user in
                     data.setUser(user);
  
  
  
  1.15      +34 -16    jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/UpdateAccount.java
  
  Index: UpdateAccount.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/UpdateAccount.java,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- UpdateAccount.java	22 Feb 2002 11:57:15 -0000	1.14
  +++ UpdateAccount.java	20 Mar 2002 06:55:48 -0000	1.15
  @@ -55,22 +55,24 @@
   package org.apache.jetspeed.modules.actions;
   
   
  -// JDK Stuff
  +// Java
   import java.sql.Connection;
   import java.util.Hashtable;
  -
   import javax.servlet.http.Cookie;
   
  -// External Stuff
  +// Jetspeed
  +import org.apache.jetspeed.services.resources.JetspeedResources;
  +import org.apache.jetspeed.services.JetspeedSecurity;
  +
  +// Turbine
   import org.apache.turbine.modules.Action;
   import org.apache.turbine.modules.ActionLoader;
  +import org.apache.turbine.om.security.User;
   import org.apache.turbine.services.localization.Localization;
  -import org.apache.turbine.services.security.TurbineSecurity;
   import org.apache.turbine.util.RunData;
   import org.apache.turbine.util.Log;
   import org.apache.turbine.util.GenerateUniqueId;
  -import org.apache.turbine.om.security.User;
  -import org.apache.jetspeed.services.resources.JetspeedResources;
  +import org.apache.turbine.util.security.PasswordMismatchException;
   
   /**
    *
  @@ -91,8 +93,9 @@
   
           String cancelBtn = data.getParameters().getString( "CancelBtn" , "" );
           String username  = data.getParameters().getString( "username" , "" );
  -        String password  = data.getParameters().getString( "password" , "" );
  -        String password2 = data.getParameters().getString( "password_confirm" , "" );
  +        String oldPassword  = JetspeedSecurity.convertPassword(data.getParameters().getString(
"old_password" , "" ));
  +        String password  = JetspeedSecurity.convertPassword(data.getParameters().getString(
"password" , "" ));
  +        String password2 = JetspeedSecurity.convertPassword(data.getParameters().getString(
"password_confirm" , "" ));
           String firstname = data.getParameters().getString( "firstname", "" );
           String lastname  = data.getParameters().getString( "lastname" , "" );
           String email     = data.getParameters().getString( "email" , "" );
  @@ -126,14 +129,20 @@
               changepass = true;
           }
           
  -        if ( changepass == true && ! password.equals ( password2 ) )
  +        if ( changepass == true && ! password.equals( password2 ) )
           {
               data.setMessage(Localization.getString("UPDATEACCOUNT_PWNOTMATCH"));
               backToEditAccount( data, screenData );
               return;
           }
           
  -        // FIRSTNAME
  +        if ( changepass == true && password.equals( oldPassword ) )
  +        {
  +            // old password = new passwod, so do not change.
  +            changepass = false;
  +        }
  +
  +            // FIRSTNAME
           //
           // make sure the firstname exists
           if ( firstname.length() == 0 )
  @@ -206,7 +215,7 @@
                 {
                   loginCookieValue = ""+Math.random();
                   data.getUser().setPerm("logincookie",loginCookieValue);
  -                TurbineSecurity.saveUser( data.getUser() );
  +                JetspeedSecurity.saveUser( data.getUser() );
                 }
   
                 Cookie userName = new Cookie("username",data.getUser().getUserName());
  @@ -260,7 +269,7 @@
                   //Send confirmation email if different than current
                   data.getUser().setEmail( email );
                   data.getUser().setConfirmed( GenerateUniqueId.getIdentifier() );
  -                TurbineSecurity.saveUser( data.getUser() );
  +                JetspeedSecurity.saveUser( data.getUser() );
                   ActionLoader.getInstance().exec(data, "SendConfirmationEmail");
                   // add in the username to the parameters because ConfirmRegistration needs
it
                   data.getParameters().add("username", data.getUser().getUserName() );
  @@ -269,21 +278,30 @@
               }
           else
               {       
  -                TurbineSecurity.saveUser( data.getUser() );
  +                JetspeedSecurity.saveUser( data.getUser() );
               }
               
           // update currently logged in information that might have changed
           data.getUser().setFirstName( firstname );
           data.getUser().setLastName( lastname );
           data.getUser().setEmail( email );
  -        if ( changepass ) {
  -            data.getUser().setPassword(password);
  +        if ( changepass )
  +        {
  +            try
  +            {
  +              JetspeedSecurity.changePassword(data.getUser(),oldPassword, password);
  +            } catch (PasswordMismatchException e)
  +            {
  +                data.setMessage(Localization.getString("UPDATEACCOUNT_BADOLDPASSWORD"));
  +                backToEditAccount( data, screenData );
  +                return;
  +            }
           }
   
           //allow sub-classes to update additional information
           updateUser(data);
   
  -        TurbineSecurity.saveUser( data.getUser() );
  +        JetspeedSecurity.saveUser( data.getUser() );
           data.setMessage (Localization.getString("UPDATEACCOUNT_DONE"));
           
       }
  
  
  
  1.9       +3 -7      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java
  
  Index: UserUpdateAction.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/actions/portlets/security/UserUpdateAction.java,v
  retrieving revision 1.8
  retrieving revision 1.9
  diff -u -r1.8 -r1.9
  --- UserUpdateAction.java	11 Mar 2002 07:22:11 -0000	1.8
  +++ UserUpdateAction.java	20 Mar 2002 06:55:48 -0000	1.9
  @@ -104,7 +104,7 @@
    * @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
    * @author <a href="mailto:kimptoc_mail@yahoo.com">Chris Kimpton</a>
    * @author <a href="mailto:paulsp@apache.org">Paul Spencer</a>
  - * @version $Id: UserUpdateAction.java,v 1.8 2002/03/11 07:22:11 taylor Exp $
  + * @version $Id: UserUpdateAction.java,v 1.9 2002/03/20 06:55:48 paulsp Exp $
    */
   public class UserUpdateAction extends VelocityPortletAction
   {
  @@ -236,9 +236,6 @@
               if (password == null)
                   password = "";
               
  -            // convert case if configured
  -            password = JetspeedSecurity.convertPassword(password);
  -            user.setPassword(JetspeedSecurity.convertPassword(user.getPassword()));
               user.setUserName(JetspeedSecurity.convertUserName(user.getUserName()));
   
               Date now = new Date();            
  @@ -480,8 +477,7 @@
               rundata.getParameters().setProperties(user);    
               user.setLastAccessDate();
   
  -            // convert case if configured
  -            user.setPassword(JetspeedSecurity.convertPassword(user.getPassword()));
  +            JetspeedSecurity.forcePassword(user,rundata.getParameters().getString("password"));
   
               String strDisabled = rundata.getParameters().getString("disabled");       

               boolean disabled = (strDisabled != null);
  @@ -501,7 +497,7 @@
               if (currentUser.getUserName().equals(user.getUserName()))
               {
                   // same user as admin -- need to update in memory
  -                currentUser.setPassword(user.getPassword());
  +                currentUser.setPassword(user.getPassword()); // Contains Encrypted password
                   currentUser.setFirstName(user.getFirstName());
                   currentUser.setLastName(user.getLastName());                
                   currentUser.setEmail(user.getEmail());
  
  
  
  1.15      +2 -1      jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties
  
  Index: JetspeedLocalization_en.properties
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/modules/localization/JetspeedLocalization_en.properties,v
  retrieving revision 1.14
  retrieving revision 1.15
  diff -u -r1.14 -r1.15
  --- JetspeedLocalization_en.properties	19 Mar 2002 21:35:42 -0000	1.14
  +++ JetspeedLocalization_en.properties	20 Mar 2002 06:55:48 -0000	1.15
  @@ -67,7 +67,7 @@
   UPDATEACCOUNT_DONE=Your account has been updated!
   UPDATEACCOUNT_NOUSER=Could not find correct user.
   UPDATEACCOUNT_NEWEMAILCONFIRM=You have changed your email address. You must re-confirm
in order to continue using the system. Please check your email account.
  -
  +UPDATEACCOUNT_BADOLDPASSWORD=Sorry, the old password is incorrect
   CONFIRMREGISTRATION_TITLE=Confirm Registration
   CONFIRMREGISTRATION_NOUSERNAME=Sorry, a username must be available.
   CONFIRMREGISTRATION_MESSAGE=Please check your email for your secret key.  The secret key
is required to confirm your registration
  @@ -92,6 +92,7 @@
   USERFORM_UPDATE=Update Account
   USERFORM_CREATE=Create New Account
   USERFORM_LOGIN=Login
  +USERFORM_OLDPASSWORDMSG=Old Password
   USERFORM_PASSWORDSEND=Email Password
   USERFORM_PASSWORDREMINDER=Forgotten your password?<br>Enter your username<br>
and click Password?
   USERFORM_FORGOTPASSWORD_NOTICE=Please e-mail my password.
  
  
  
  1.17      +85 -18    jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java
  
  Index: JetspeedDBSecurityService.java
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/src/java/org/apache/jetspeed/services/security/JetspeedDBSecurityService.java,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- JetspeedDBSecurityService.java	25 Feb 2002 04:38:13 -0000	1.16
  +++ JetspeedDBSecurityService.java	20 Mar 2002 06:55:48 -0000	1.17
  @@ -55,19 +55,38 @@
   package org.apache.jetspeed.services.security;
   
   import java.util.HashMap;
  -import org.apache.jetspeed.services.JetspeedSecurity;
  +import javax.servlet.ServletConfig;
  +
  +// Jetspeed
  +import org.apache.jetspeed.om.profile.Profile;
  +import org.apache.jetspeed.om.profile.ProfileLocator;
  +import org.apache.jetspeed.om.profile.BaseProfile;
  +import org.apache.jetspeed.om.profile.BaseProfileLocator;
  +import org.apache.jetspeed.om.profile.ProfileException;
  +import org.apache.jetspeed.om.registry.RegistryEntry;
  +import org.apache.jetspeed.om.registry.Security;
   import org.apache.jetspeed.om.security.JetspeedUser;
   
  -import org.apache.turbine.services.security.db.*;
   import org.apache.jetspeed.portal.Portlet;
  -import org.apache.jetspeed.portal.PortletSet;
   import org.apache.jetspeed.portal.PortletController;
  +import org.apache.jetspeed.portal.PortletSet;
  +
  +import org.apache.jetspeed.services.JetspeedSecurity;
  +import org.apache.jetspeed.services.Profiler;
  +import org.apache.jetspeed.services.PsmlManager;
   import org.apache.jetspeed.services.Registry;
  -import org.apache.jetspeed.om.registry.*;
  +
  +// Turbine
   import org.apache.turbine.om.security.User;
   import org.apache.turbine.om.security.Group;
   import org.apache.turbine.om.security.Role;
   
  +import org.apache.turbine.services.TurbineServices;
  +import org.apache.turbine.services.InitializationException;
  +import org.apache.turbine.services.resources.ResourceService;
  +import org.apache.turbine.services.security.db.DBSecurityService;
  +
  +import org.apache.turbine.util.Log;
   import org.apache.turbine.util.RunData;
   import org.apache.turbine.util.security.AccessControlList;
   import org.apache.turbine.util.security.DataBackendException;
  @@ -75,19 +94,6 @@
   import org.apache.turbine.util.security.UnknownEntityException;
   import org.apache.turbine.util.security.PasswordMismatchException;
   
  -import org.apache.jetspeed.om.profile.Profile;
  -import org.apache.jetspeed.om.profile.ProfileLocator;
  -import org.apache.jetspeed.om.profile.BaseProfile;
  -import org.apache.jetspeed.om.profile.BaseProfileLocator;
  -import org.apache.jetspeed.om.profile.ProfileException;
  -import org.apache.jetspeed.services.Profiler;
  -import org.apache.jetspeed.services.PsmlManager;
  -
  -import org.apache.turbine.services.TurbineServices;
  -import org.apache.turbine.services.InitializationException;
  -import javax.servlet.ServletConfig;
  -import org.apache.turbine.services.resources.ResourceService;
  -import org.apache.turbine.util.Log;
   
   /**
    * <p>This is an implementation of the <code>JetspeedSecurityService</code>
interface.
  @@ -95,7 +101,7 @@
    *
    * @author <a href="mailto:david@bluesunrise.com">David Sean Taylor</a>
    * @author <a href="mailto:sgala@hisitech.com">Santiago Gala</a>
  - * @version $Id: JetspeedDBSecurityService.java,v 1.16 2002/02/25 04:38:13 taylor Exp $
  + * @version $Id: JetspeedDBSecurityService.java,v 1.17 2002/03/20 06:55:48 paulsp Exp $
    */
   
   
  @@ -552,5 +558,66 @@
               }
           }
           stat.reset();
  +    }
  +    
  +    /**
  +     * Creates new user account with specified attributes. The password will be
  +     * converted using convertPassword()
  +     *
  +     * @param user the object describing account to be created.
  +     * @throws DataBackendException if there was an error accessing the data backend.
  +     * @throws EntityExistsException if the user account already exists.
  +     * @see convertPassword()
  +     */
  +    public void addUser( User user, String password )
  +        throws DataBackendException, EntityExistsException
  +    {
  +        super.addUser(user, convertPassword(password));
  +    }
  +
  +
  +    /**
  +     * Change the password for an User.  The password will be converted
  +     * using convertPassword()
  +     *
  +     * @param user an User to change password for.
  +     * @param oldPassword the current password supplied by the user.
  +     * @param newPassword the current password requested by the user.
  +     * @exception PasswordMismatchException if the supplied password was 
  +     *            incorrect.
  +     * @exception UnknownEntityException if the user's record does not
  +     *            exist in the database.
  +     * @exception DataBackendException if there is a problem accessing the
  +     *            storage.
  +     * @see convertPassword()
  +     */
  +    public void changePassword( User user, String oldPassword, String newPassword )
  +        throws PasswordMismatchException, UnknownEntityException, 
  +               DataBackendException
  +    {
  +        super.changePassword(user, convertPassword(oldPassword), convertPassword(newPassword));
  +    }
  +
  +    /**
  +     * Forcibly sets new password for an User.  The password will be converted
  +     * using convertPassword()
  +     *
  +     * This is supposed by the administrator to change the forgotten or
  +     * compromised passwords. Certain implementatations of this feature
  +     * would require administrative level access to the authenticating
  +     * server / program.
  +     *
  +     * @param user an User to change password for.
  +     * @param password the new password.
  +     * @exception UnknownEntityException if the user's record does not
  +     *           exist in the database.
  +     * @exception DataBackendException if there is a problem accessing the
  +     *           storage.
  +     * @see convertPassword()
  +     */
  +    public void forcePassword( User user, String password )
  +        throws UnknownEntityException, DataBackendException
  +    {
  +        super.forcePassword(user, convertPassword(password));
       }
   }
  
  
  
  1.5       +11 -7     jakarta-jetspeed/webapp/WEB-INF/templates/vm/GlobalMacros.vm
  
  Index: GlobalMacros.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/GlobalMacros.vm,v
  retrieving revision 1.4
  retrieving revision 1.5
  diff -u -r1.4 -r1.5
  --- GlobalMacros.vm	25 Feb 2002 04:25:37 -0000	1.4
  +++ GlobalMacros.vm	20 Mar 2002 06:55:48 -0000	1.5
  @@ -30,7 +30,7 @@
   
   #macro (textField $name $value $size)
     <font face="$ui.sansSerifFonts">
  -    <input type="text" size="30" name="$name" value="$value">
  +    <input type="text" size="$size" name="$name" value="$value">
     </font>
   #end
   
  @@ -41,16 +41,20 @@
   #end
   
   #macro (formPasswordCell $label $name $value)
  +  #formLabel("$label")
     <td bgcolor="$!{skin.TitleBackgroundColor}">
  -    <b>
  -      <font face="$ui.sansSerifFonts">
  -        $label
  -      </font>
  -    </b>
  +    <font face="$ui.sansSerifFonts">
  +      <input type="password" size="30" name="$name" value="$value">
  +    </font>
     </td>
  +#end
  +
  +#macro (formReadOnlyCell $label $name $value)
  +  #formLabel("$label")
     <td bgcolor="$!{skin.TitleBackgroundColor}">
       <font face="$ui.sansSerifFonts">
  -      <input type="password" size="30" name="$name" value="$value">
  +      <input type="hidden" size="30" name="$name" value="$value">
  +      $value
       </font>
     </td>
   #end
  
  
  
  1.6       +6 -2      jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-form.vm
  
  Index: user-form.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/portlets/html/user-form.vm,v
  retrieving revision 1.5
  retrieving revision 1.6
  diff -u -r1.5 -r1.6
  --- user-form.vm	11 Mar 2002 07:20:30 -0000	1.5
  +++ user-form.vm	20 Mar 2002 06:55:48 -0000	1.6
  @@ -3,7 +3,7 @@
   Display the details of a user.
   
   @author <a href="mailto:taylor@apache.org">David Sean Taylor</a>
  -@version $Id: user-form.vm,v 1.5 2002/03/11 07:20:30 taylor Exp $
  +@version $Id: user-form.vm,v 1.6 2002/03/20 06:55:48 paulsp Exp $
   *#
   
   <form method="post" action="$jlink.setPanel("UserBrowser").setAction("portlets.security.UserUpdateAction")">
  @@ -40,7 +40,11 @@
             #set ($email = $user.Email)
             #set ($disabled = $user.Disabled)
           #end 
  -        #formCell ("Username" "username" $name)
  +        #if (($mode == "delete") || ($mode=="update"))
  +          #formReadOnlyCell ("Username" "username" $name)
  +        #else
  +          #formCell ("Username" "username" $name)
  +        #end
         </tr>
         <tr>        
           #formPasswordCell ("Password" "password" $pw)
  
  
  
  1.8       +7 -0      jakarta-jetspeed/webapp/WEB-INF/templates/vm/screens/html/EditAccount.vm
  
  Index: EditAccount.vm
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/webapp/WEB-INF/templates/vm/screens/html/EditAccount.vm,v
  retrieving revision 1.7
  retrieving revision 1.8
  diff -u -r1.7 -r1.8
  --- EditAccount.vm	9 Jan 2002 12:14:20 -0000	1.7
  +++ EditAccount.vm	20 Mar 2002 06:55:48 -0000	1.8
  @@ -28,6 +28,13 @@
                     </td>
                   </tr>
                   <tr>
  +                  <td>$l10n.USERFORM_OLDPASSWORDMSG</td>
  +                  <td>&nbsp;</td>
  +                  <td align="left">
  +                    <input name="old_password" type="PASSWORD" value="">
  +                  </td>
  +                </tr>
  +                <tr>
                     <td>$l10n.USERFORM_PASSWORDMSG</td>
                     <td>&nbsp;</td>
                     <td align="left">
  
  
  
  1.30      +13 -1     jakarta-jetspeed/xdocs/changes.xml
  
  Index: changes.xml
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/xdocs/changes.xml,v
  retrieving revision 1.29
  retrieving revision 1.30
  diff -u -r1.29 -r1.30
  --- changes.xml	15 Mar 2002 19:01:30 -0000	1.29
  +++ changes.xml	20 Mar 2002 06:55:48 -0000	1.30
  @@ -1,6 +1,6 @@
   <?xml version="1.0" encoding="iso-8859-1"?>
   <!--
  -$Id: changes.xml,v 1.29 2002/03/15 19:01:30 paulsp Exp $
  +$Id: changes.xml,v 1.30 2002/03/20 06:55:48 paulsp Exp $
   -->
   <document>
     <properties>
  @@ -202,6 +202,18 @@
     <ul>
       <li>Implemented IdGenerator services</li>
       <li>Customizer now uses IdGenerator service</li>
  +  </ul>
  +</li>
  +<li>
  +  Fix - 2002/03/20 - (PS)
  +  <ul>
  +    <li>Fix - Bug 7142 - When password are saved encryped when encryption is enabled</li>
  +    <li>Fix - Bug 7142 - Users must enter their current password to change their
password</li>
  +    <li>Fix - Password are correctly cased, based on JR.p JetspeedSecurity.caseinsensitive
properites</li>
  +    <li>Fix - Username is no longer updatable in UserBrowser Edit and Delete screens</li>
  +    <li>Fix - JetspeedSecurity is used instead of TurbineSecurity when appropiate.
 Mainly everywhere other
  +        then JetspeedDBSecurityService</li>
  +    <li>Add - formReadOnlyText to GlobalMacro.vm for readonly field in a form</li>
     </ul>
   </li>
   </ul>
  
  
  
  1.17      +12 -0     jakarta-jetspeed/docs/site/changes.html
  
  Index: changes.html
  ===================================================================
  RCS file: /home/cvs/jakarta-jetspeed/docs/site/changes.html,v
  retrieving revision 1.16
  retrieving revision 1.17
  diff -u -r1.16 -r1.17
  --- changes.html	15 Mar 2002 19:01:30 -0000	1.16
  +++ changes.html	20 Mar 2002 06:55:48 -0000	1.17
  @@ -308,6 +308,18 @@
       <li>Customizer now uses IdGenerator service</li>
     </ul>
   </li>
  +<li>
  +  Fix - 2002/03/20 - (PS)
  +  <ul>
  +    <li>Fix - Bug 7142 - When password are saved encryped when encryption is enabled</li>
  +    <li>Fix - Bug 7142 - Users must enter their current password to change their
password</li>
  +    <li>Fix - Password are correctly cased, based on JR.p JetspeedSecurity.caseinsensitive
properites</li>
  +    <li>Fix - Username is no longer updatable in UserBrowser Edit and Delete screens</li>
  +    <li>Fix - JetspeedSecurity is used instead of TurbineSecurity when appropiate.
 Mainly everywhere other
  +        then JetspeedDBSecurityService</li>
  +    <li>Add - formReadOnlyText to GlobalMacro.vm for readonly field in a form</li>
  +  </ul>
  +</li>
   </ul>
                               </blockquote>
           </p>
  
  
  

--
To unsubscribe, e-mail:   <mailto:jetspeed-dev-unsubscribe@jakarta.apache.org>
For additional commands, e-mail: <mailto:jetspeed-dev-help@jakarta.apache.org>


Mime
View raw message