View Javadoc
1   /**
2    * This file Copyright (c) 2011-2018 Magnolia International
3    * Ltd.  (http://www.magnolia-cms.com). All rights reserved.
4    *
5    *
6    * This file is dual-licensed under both the Magnolia
7    * Network Agreement and the GNU General Public License.
8    * You may elect to use one or the other of these licenses.
9    *
10   * This file is distributed in the hope that it will be
11   * useful, but AS-IS and WITHOUT ANY WARRANTY; without even the
12   * implied warranty of MERCHANTABILITY or FITNESS FOR A
13   * PARTICULAR PURPOSE, TITLE, or NONINFRINGEMENT.
14   * Redistribution, except as permitted by whichever of the GPL
15   * or MNA you select, is prohibited.
16   *
17   * 1. For the GPL license (GPL), you can redistribute and/or
18   * modify this file under the terms of the GNU General
19   * Public License, Version 3, as published by the Free Software
20   * Foundation.  You should have received a copy of the GNU
21   * General Public License, Version 3 along with this program;
22   * if not, write to the Free Software Foundation, Inc., 51
23   * Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
24   *
25   * 2. For the Magnolia Network Agreement (MNA), this file
26   * and the accompanying materials are made available under the
27   * terms of the MNA which accompanies this distribution, and
28   * is available at http://www.magnolia-cms.com/mna.html
29   *
30   * Any modifications to this file must keep this entire header
31   * intact.
32   *
33   */
34  package info.magnolia.ui.form.field;
35  
36  import info.magnolia.cms.security.SecurityUtil;
37  import info.magnolia.context.Context;
38  import info.magnolia.context.MgnlContext;
39  import info.magnolia.ui.form.field.definition.PasswordFieldDefinition;
40  
41  import javax.inject.Provider;
42  
43  import org.apache.commons.lang3.StringUtils;
44  
45  import com.vaadin.ui.Component;
46  import com.vaadin.v7.data.Property;
47  import com.vaadin.v7.data.Validator.InvalidValueException;
48  import com.vaadin.v7.ui.CustomField;
49  import com.vaadin.v7.ui.Label;
50  import com.vaadin.v7.ui.PasswordField;
51  import com.vaadin.v7.ui.VerticalLayout;
52  
53  /**
54   * Password field that is capable of
55   * <ul>
56   *     <li>Checking if current user password matches the entered one in the current password field (compared using BCrypt).</li>
57   *     <li>Verifying whether passwords entered in the password verification fields matches.</li>
58   * </ul>
59   */
60  public class PasswordFields extends CustomField<String> {
61  
62      private PasswordField passwordField;
63      private PasswordField verificationField;
64      private PasswordField currentPasswordField;
65      private Provider<Context> contextProvider;
66      private PasswordFieldDefinition definition;
67      private VerticalLayout layout;
68  
69      public PasswordFields(Provider<Context> contextProvider, PasswordFieldDefinition definition) {
70          this.contextProvider = contextProvider;
71          this.definition = definition;
72  
73          passwordField = new PasswordField();
74          passwordField.setNullRepresentation("");
75          passwordField.setWidth("100%");
76          passwordField.addValueChangeListener(event -> setValue((String) event.getProperty().getValue(), true));
77          if (this.definition.isVerification()) {
78              verificationField = new PasswordField();
79              verificationField.setNullRepresentation("");
80              verificationField.setWidth("100%");
81              verificationField.addValueChangeListener(event -> setValue((String) event.getProperty().getValue(), true));
82          }
83          if (this.definition.isVerificationCurrentPassword()) {
84              currentPasswordField = new PasswordField();
85              currentPasswordField.setNullRepresentation("");
86              currentPasswordField.setWidth("100%");
87          }
88  
89          getContent();
90      }
91  
92      /**
93       * Create a {@link CustomField} based on a {@link VerticalLayout}.
94       * The layout is composed by:
95       * - {@link PasswordField}.
96       * if verification:
97       * - {@link Label} (verificationMessage).
98       * - {@link PasswordField}.
99       * @deprecated since 5.5.2 - use {@link #PasswordFields(Provider, PasswordFieldDefinition)} instead.
100      */
101     @Deprecated
102     public PasswordFields(boolean verification, String verificationMessage, String verificationErrorMessage) {
103         this(MgnlContext::getInstance, new PasswordFieldDefinition());
104     }
105 
106     @Override
107     protected Component initContent() {
108         // Init layout
109         layout = new VerticalLayout();
110         if (definition.isVerificationCurrentPassword()) {
111             layout.addComponent(new Label(definition.getVerificationCurrentPasswordMessage()));
112             layout.addComponent(currentPasswordField);
113         }
114         // add inner label to passwordField only when currentPasswordField or verificationField are used because otherwise field label is enough
115         if (definition.isVerification() || definition.isVerificationCurrentPassword()) {
116             layout.addComponent(new Label(definition.getPasswordMessage()));
117         }
118         layout.addComponent(passwordField);
119         if (definition.isVerification()) {
120             layout.addComponent(new Label(definition.getVerificationMessage()));
121             layout.addComponent(verificationField);
122         }
123         return layout;
124     }
125 
126     public VerticalLayout getVerticalLayout() {
127         return this.layout;
128     }
129 
130     /**
131      * Check if both fields are equals.
132      */
133     @Override
134     public void validate() throws InvalidValueException {
135         super.validate();
136         if (StringUtils.isNotBlank(passwordField.getValue())) {
137             if (definition.isVerificationCurrentPassword()) {
138                 if (StringUtils.isBlank(currentPasswordField.getValue()) || !SecurityUtil.matchBCrypted(currentPasswordField.getValue(), contextProvider.get().getUser().getPassword())) {
139                     throw new InvalidValueException(definition.getVerificationCurrentPasswordErrorMessage());
140                 }
141             }
142             if (definition.isVerification()) {
143                 if (StringUtils.isBlank(passwordField.getValue()) || StringUtils.isBlank(verificationField.getValue())) {
144                     throw new InvalidValueException(definition.getVerificationErrorMessage());
145                 }
146                 if (!passwordField.getValue().equals(verificationField.getValue())) {
147                     throw new InvalidValueException(definition.getVerificationErrorMessage());
148                 }
149             }
150         }
151     }
152 
153     @Override
154     public boolean isValid() {
155         if (super.isValid()) {
156             try {
157                 this.validate();
158                 return true;
159             } catch (InvalidValueException ive) {
160                 return false;
161             }
162         } else {
163             return false;
164         }
165     }
166 
167     @Override
168     public Class<String> getType() {
169         return String.class;
170     }
171 
172     @Override
173     protected void setInternalValue(String newValue) {
174         super.setInternalValue(newValue);
175     }
176 
177     @Override
178     public void setReadOnly(boolean readOnly) {
179         super.setReadOnly(readOnly);
180         passwordField.setReadOnly(readOnly);
181         if (verificationField != null) {
182             verificationField.setReadOnly(readOnly);
183         }
184     }
185 
186     @Override
187     public String getValue() {
188         return super.getValue();
189     }
190 
191     @Override
192     public void setValue(String newValue) throws ReadOnlyException {
193         super.setValue(newValue);
194     }
195 
196     @Override
197     @SuppressWarnings("rawtypes")
198     public void setPropertyDataSource(Property newDataSource) {
199         newDataSource.setValue("");
200         passwordField.setPropertyDataSource(newDataSource);
201         if (definition.isVerification() && newDataSource.getValue() != null) {
202             verificationField.setValue(String.valueOf(newDataSource.getValue()));
203         }
204         super.setPropertyDataSource(newDataSource);
205     }
206 
207     @Override
208     public Property<?> getPropertyDataSource() {
209         return passwordField.getPropertyDataSource();
210     }
211 
212     @Override
213     public boolean isEmpty() {
214         // this method is used to evaluate if field contains non empty value for validation of required field
215         return StringUtils.isBlank(getInternalValue());
216     }
217 }