Changeset 3716 in main

Timestamp:

04/14/12 03:01:36 (10 years ago)

Author:

Garth Braithwaite

Message:

java and view - user profile account access UI polished a little more.

Location:

trunk/src/main

Files:

• java/org/ibisph/user/modelmap/AbstractUserStatus.java (modified) (5 diffs)
• java/org/ibisph/user/modelmap/ProcessUserRegistration.java (modified) (8 diffs)
• java/org/ibisph/user/modelmap/SendAccess.java (modified) (7 diffs)
• java/org/ibisph/user/modelmap/VerifyUserRegistration.java (modified) (4 diffs)
• java/org/ibisph/user/service/EmailAccountAccess.java (modified) (1 diff)
• webapps/ibisph-admin/WEB-INF/lib/ibisph-2.1.jar (modified) (previous)
• webapps/ibisph-view/WEB-INF/config/spring/user.xml (modified) (1 diff)
• webapps/ibisph-view/WEB-INF/jsp/access_denied.jsp (modified) (1 diff)
• webapps/ibisph-view/WEB-INF/lib/ibisph-2.1.jar (modified) (previous)
• webapps/ibisph-view/xml/user/html_content/Status.xml (modified) (4 diffs)

trunk/src/main/java/org/ibisph/user/modelmap/AbstractUserStatus.java

@@ -3 +3 @@
 import java.util.Date;
 
+import org.dom4j.Document;
 import org.dom4j.Element;
 
@@ -9 +10 @@
 import org.ibisph.web.servlet.AWTCaptchaServlet;
 
-
 /**
- * Processes a submitted user registration
+ * Core definitions that the status type model maps extend from.
  * 
  * @author Garth Braithwaite, STG
@@ -18 +18 @@
   protected static org.slf4j.Logger logger = org.slf4j.LoggerFactory.getLogger(AbstractUserStatus.class);
 
+  // user status values that the status view page keys off of.
   public static final String NO_USER_ID_STATUS              = "INVALID_USER_ID";
   public static final String USER_DOES_NOT_EXIST_STATUS     = "USER_DOES_NOT_EXIST";
@@ -35 +36 @@
 
 
+  public void setCaptchaSessionName(String captchaSessionName) {
+    this.captchaSessionName = captchaSessionName;
+  }
   public void setUserProfileModelMapKey(String userProfileModelMapKey) {
     this.userProfileModelMapKey = userProfileModelMapKey;
@@ -45 +49 @@
   /**
    * Localizes setting of the user profile status.
-   * @param userProfileElement
-   * @param statusCode
+   * @param userProfileDocument
+   * @param status
    */
-  protected void setStatus(Element userProfileElement, String statusCode) {
-    Element statusCodeElement = XMLLib.newElement("STATUS", statusCode);
-    Element dateElement       = XMLLib.newElement("UPDATED_DTS", (new Date()).toString());
-    XMLLib.replaceElement(userProfileElement, statusCodeElement);
-    XMLLib.replaceElement(userProfileElement, dateElement);
+  protected void setStatus(Document userProfileDocument, String status) {
+    Element statusElement = XMLLib.newElement("STATUS", status);
+    Element dateElement   = XMLLib.newElement("UPDATED_DTS", (new Date()).toString());
+    XMLLib.replaceElement(userProfileDocument.getRootElement(), statusElement);
+    XMLLib.replaceElement(userProfileDocument.getRootElement(), dateElement);
   } //-------------------------- End of Method ------------------------------
 

trunk/src/main/java/org/ibisph/user/modelmap/ProcessUserRegistration.java

@@ -17 +17 @@
 
 /**
- * Processes a submitted user registration
+ * Processes a submitted new user registration.  Various tests are performed 
+ * with a user XML model being returned.  The status page view uses the user's
+ * status to determine which message to show the user.  If all goes well the
+ * verification email is sent and the user's XML is saved.
  * 
  * @author Garth Braithwaite, STG
@@ -70 +73 @@
     Element userProfileElement = (Element)modelMap.get(this.userProfileModelMapKey);
 
-    // the xslt parameter can't deal with Element objects - convert to document.
+    // The status page uses the user XML as a model to determine which message 
+    // to show.  So, for the first set of status codes need to have a user doc.
+    // as the XSLT only deals with documents - can't handle elements.
     Document userProfileDocument = XMLLib.newDocument(userProfileElement);
     modelMap.put(this.userProfileModelMapKey, userProfileDocument);
@@ -77 +82 @@
     if(!StrLib.isSomething(id)) {
       logger.warn(".processModelMap - NO USER ID.  User's IP: {}", request.getRemoteAddr());
-      setStatus(userProfileElement, AbstractUserStatus.NO_USER_ID_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.NO_USER_ID_STATUS);
       return;
     }
@@ -85 +90 @@
     if(null != userProfile) {
       logger.warn(".processModelMap - USER ALREADY EXISTS.  User's ID: {}, User's IP: {}", id, request.getRemoteAddr());
-      setStatus(userProfileElement, AbstractUserStatus.USER_PROFILE_EXISTS_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.USER_PROFILE_EXISTS_STATUS);
       return;
     }
@@ -94 +99 @@
     if((null == userSessionCaptcha) || (null == userProfileCaptcha) || !userProfileCaptcha.equals(userSessionCaptcha)) {
       logger.info(".processModelMap - INVALID CAPTCHA.  User's ID: {}, User's IP: {}", id, request.getRemoteAddr());
-      setStatus(userProfileElement, AbstractUserStatus.INVALID_CAPTCHA_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.INVALID_CAPTCHA_STATUS);
       return;
     }
 
-    // send the verification email message and set status accordingly.
     String emailAddress = XMLLib.getText(userProfileElement, "EMAIL_ADDRESS");
     if(!StrLib.isSomething(emailAddress)) {
       logger.warn(".processModelMap - MISSING EMAIL ADDRESS, User's IP: {}", request.getRemoteAddr());
-      setStatus(userProfileElement, AbstractUserStatus.INVALID_EMAIL_ADDRESS_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.INVALID_EMAIL_ADDRESS_STATUS);
       return;
     }
 
+    // If here then so far so good - send the verification email message and 
+    // set status accordingly.
     String verificationValue = request.getSession().getId();
-    if(sendVerificationEmail(request, userProfileElement, id, emailAddress, verificationValue)) {
+    if(sendVerificationEmail(request, userProfileDocument, id, emailAddress, verificationValue)) {
       // if here then all was normal.  set the status code.
       Element verificationElement = XMLLib.newElement("VERIFICATION", verificationValue);
-      XMLLib.replaceElement(userProfileElement, verificationElement);
-      setStatus(userProfileElement, AbstractUserStatus.VERIFICATION_EMAIL_SENT_STATUS);
+      XMLLib.replaceElement(userProfileDocument.getRootElement(), verificationElement);
       this.userProfileService.saveUser(userProfileDocument);
     }
@@ -121 +126 @@
    * Localized code for sending the verification email.
    * @param request
-   * @param userProfileElement
+   * @param userProfileDocument
    * @param id
    * @param emailAddress
@@ -129 +134 @@
   protected boolean sendVerificationEmail(
     HttpServletRequest request,
-    Element userProfileElement,
+    Document userProfileDocument,
     String id,
     String emailAddress,
@@ -157 +162 @@
     catch(AddressException ae) {
       logger.warn(".processModelMap - Email Address error, Address: {}", emailAddress);
-      setStatus(userProfileElement, AbstractUserStatus.INVALID_EMAIL_ADDRESS_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.INVALID_EMAIL_ADDRESS_STATUS);
       return(false);
     }
     catch(Exception e) {
       logger.error(".processModelMap - General Email Error. Address: {}", emailAddress, e);
-      setStatus(userProfileElement, AbstractUserStatus.EMAIL_ERROR_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.EMAIL_ERROR_STATUS);
       return(false);
     }
 
+    setStatus(userProfileDocument, AbstractUserStatus.VERIFICATION_EMAIL_SENT_STATUS);
     return(true);
-} //-------------------------- End of Method ------------------------------
-
+  } //-------------------------- End of Method ------------------------------
 
 } //============================ END OF CLASS =================================

trunk/src/main/java/org/ibisph/user/modelmap/SendAccess.java

@@ -16 +16 @@
 
 /**
- * Processes the send password or verification email.
+ * Processes the send password or send verification email.
  * 
  * @author Garth Braithwaite, STG
@@ -33 +33 @@
 
   /**
-   * returns a user profile document with an appropriate message string.
+   * Modify's the user profile document with an appropriate message string.
+   * Note that this code does NOT save any user XML - it simply reads the
+   * content and sets an internal memory model for the status page.
    * 
    * @param request HttpServletRequest .
@@ -41 +43 @@
     Element userProfileElement = (Element)modelMap.get(this.userProfileModelMapKey);
 
-    // the xslt parameter can't deal with Element objects - convert to document.
+    // The status page uses the user XML as a model to determine which message 
+    // to show.  So, for the first set of status codes need to have a user doc.
+    // as the XSLT only deals with documents - can't handle elements.
     Document userProfileDocument = XMLLib.newDocument(userProfileElement);
     modelMap.put(this.userProfileModelMapKey, userProfileDocument);
@@ -47 +51 @@
     String id = XMLLib.getText(userProfileElement, "ID");
     if(!StrLib.isSomething(id)) {
-      setStatus(userProfileElement, AbstractUserStatus.NO_USER_ID_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.NO_USER_ID_STATUS);
       return;
     }
@@ -56 +60 @@
     if((null == userSessionCaptcha) || (null == userProfileCaptcha) || !userProfileCaptcha.equals(userSessionCaptcha)) {
       logger.info(".processModelMap - INVALID CAPTCHA.  User's ID: {}, User's IP: {}", id, request.getRemoteAddr());
-      setStatus(userProfileElement, AbstractUserStatus.INVALID_CAPTCHA_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.INVALID_CAPTCHA_STATUS);
       return;
     }
 
     // check to see if user profile exists.  If not return message.
-    Document userProfile = this.userProfileService.getUser(id);
-    if(null == userProfile) {
+    userProfileDocument = this.userProfileService.getUser(id);
+    modelMap.put(this.userProfileModelMapKey, userProfileDocument);
+    if(null == userProfileDocument) {
+      userProfileDocument = XMLLib.newDocument(userProfileElement);
+      modelMap.put(this.userProfileModelMapKey, userProfileDocument);
       logger.warn(".processModelMap - USER DOES NOT EXIST.  User's ID: {}, User's IP: {}", id, request.getRemoteAddr());
-      setStatus(userProfileElement, AbstractUserStatus.USER_DOES_NOT_EXIST_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.USER_DOES_NOT_EXIST_STATUS);
       return;
     }
@@ -70 +77 @@
     // if here then check the status.  If verified then send the password else
     // send the verify email.
-    userProfileElement  = userProfile.getRootElement();
-    String userStatus   = XMLLib.getText(userProfileElement, "STATUS");
-    String emailAddress = XMLLib.getText(userProfileElement, "EMAIL_ADDRESS");
+    String userStatus   = XMLLib.getText(userProfileDocument, "/USER/STATUS");
+    String emailAddress = XMLLib.getText(userProfileDocument, "/USER/EMAIL_ADDRESS");
     if(AbstractUserStatus.REGISTRATION_VERIFIED_STATUS.equals(userStatus)) {
-      String password = XMLLib.getText(userProfileElement, "PASSWORD");
+      String password = XMLLib.getText(userProfileDocument, "/USER/PASSWORD");
       try {
         emailPasswordService.sendMergedEmailMessage(
@@ -83 +89 @@
       catch(AddressException ae) {
         logger.warn(".processModelMap - Email Address error, Address: {}", emailAddress);
-        setStatus(userProfileElement, AbstractUserStatus.INVALID_EMAIL_ADDRESS_STATUS);
+        setStatus(userProfileDocument, AbstractUserStatus.INVALID_EMAIL_ADDRESS_STATUS);
         return;
       }
       catch(Exception e) {
         logger.error(".processModelMap - General Email Error. Address: {}", emailAddress, e);
-        setStatus(userProfileElement, AbstractUserStatus.EMAIL_ERROR_STATUS);
+        setStatus(userProfileDocument, AbstractUserStatus.EMAIL_ERROR_STATUS);
         return;
       }
-      
+
       logger.info(".processModelMap - PASSWORD EMAILED.  Email Address: {}, User's IP: {}", emailAddress, request.getRemoteAddr());
-      setStatus(userProfileElement, AbstractUserStatus.PASSWORD_EMAIL_SENT_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.PASSWORD_EMAIL_SENT_STATUS);
     }
 
     // else send the verification 
     else {
-      String verificationValue = XMLLib.getText(userProfileElement, "VERIFICATION");
-      sendVerificationEmail(request, userProfileElement, id, emailAddress, verificationValue);
-      setStatus(userProfileElement, AbstractUserStatus.VERIFICATION_EMAIL_SENT_STATUS);
+      String verificationValue = XMLLib.getText(userProfileDocument, "/USER/VERIFICATION");
+      sendVerificationEmail(request, userProfileDocument, id, emailAddress, verificationValue);
     }
     

trunk/src/main/java/org/ibisph/user/modelmap/VerifyUserRegistration.java

@@ -7 +7 @@
 
 import org.dom4j.Document;
-import org.dom4j.Element;
 
 import org.ibisph.modelmap.GetModelMapFromHTTPRequest;
@@ -16 +15 @@
 
 /**
- * Checks the verification email and sets the user's status to VERIFIED if matches.
+ * Verification email response handler.  Sets the user's XML status to VERIFIED 
+ * if matches and to appropriate value if an issue exists.  The model is the
+ * user XML that the status page keys off of.
  * 
  * @author Garth Braithwaite, STG
@@ -24 +25 @@
   //------------------------ M A I N   R E Q U E S T   M O D E L   M E T H O D 
   /**
-   * returns appropriate message string for the new registration.
+   * Checks the user's verification value against the value from the request
+   * URL.  Returns a user XML document which has an appropriate status value
+   * that the status page will key off of.  The request URL is of the form:
+   *  verify/user/registration/braithwaitegarth%40msn.com/C162EB04DFF67A5850B32DFC104865BB
    * 
    * @param request HttpServletRequest .
@@ -30 +34 @@
    */
   public Map<String, Object> getModelMap(HttpServletRequest request) throws Exception {
-// verify/user/registration/braithwaitegarth%40msn.com/C162EB04DFF67A5850B32DFC104865BB
     String requestVerificationValue = IOPath.getFilename(request.getPathInfo());
     String path = IOPath.getPath(request.getPathInfo());
     String userID = IOPath.getFilename(path);
     Document userProfileDocument = this.userProfileService.getUser(userID);
-    Element  userElement = userProfileDocument.getRootElement();
-    String userVerificationValue = XMLLib.getText(userElement, "VERIFICATION");
+    String userVerificationValue = XMLLib.getText(userProfileDocument, "/USER/VERIFICATION");
 
     if(!StrLib.isSomething(userID)) {
       logger.error(".processModelMap - INVALID USER ID.  User's IP: {}", request.getRemoteAddr());
-      userElement = XMLLib.newElement("USER");
-      userProfileDocument = XMLLib.newDocument(userElement);
-      setStatus(userElement, AbstractUserStatus.NO_USER_ID_STATUS);
+      userProfileDocument = XMLLib.newDocument(XMLLib.newElement("USER"));
+      setStatus(userProfileDocument, AbstractUserStatus.NO_USER_ID_STATUS);
     }
 
     else if((null == requestVerificationValue) || (null == userVerificationValue) || !requestVerificationValue.equals(userVerificationValue)) {
       logger.error(".processModelMap - INVALID VERFICATION.  Email Address: {}, User's IP: {}", userID, request.getRemoteAddr());
-      setStatus(userElement, AbstractUserStatus.INVALID_VERIFICATION_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.INVALID_VERIFICATION_STATUS);
     }
 
     else {
       // if here then verified.  set the status, save the user, and return.
-      setStatus(userElement, AbstractUserStatus.REGISTRATION_VERIFIED_STATUS);
+      setStatus(userProfileDocument, AbstractUserStatus.REGISTRATION_VERIFIED_STATUS);
       this.userProfileService.saveUser(userProfileDocument);
     }

trunk/src/main/java/org/ibisph/user/service/EmailAccountAccess.java

@@ -12 +12 @@
 
 /**
- * Sends a simple merged value Email message to an address.
+ * Sends a HTML or merged value HTEML Email message to an address.
  * 
  * @author Garth Braithwaite, STG

trunk/src/main/webapps/ibisph-view/WEB-INF/config/spring/user.xml

@@ -227 +227 @@
 
                                                 <h2>Password: [Password_SearchReplaceSignature]</h2>
-                                                <br/><br/>
-
-                                                If you did NOT register for an account or is you did not
-                                                request your password to be emailed to you please report
-                                                this to the system administrator.
+                                                <br/>
+
+                                                If you did NOT register for an account or if you did not
+                                                request this password reminder email please report this 
+                                                potential security issue to the system administrator.
                                         </body>
                                 </html>

trunk/src/main/webapps/ibisph-view/WEB-INF/jsp/access_denied.jsp

@@ -60 +60 @@
                                         A problem was encountered while trying to access the application.
                                         Possible Reasons:
-                                        <hr/>
                                         <ul>
                                                 <li>Invalid login credentials (username and/or password)</li>

trunk/src/main/webapps/ibisph-view/xml/user/html_content/Status.xml

@@ -92 +92 @@
                         be shown a "Verified" message.  You will then be able to login to
                         your account using your email and the password you specified.  Once
-                        logged in you can then create saved query definitions and query
-                        criteria.  
+                        logged in you can create saved query definitions and query criteria.  
                         <br/><br/>
 
@@ -99 +98 @@
                         check you junk email folder.  If you still do not get a message
                         you should check with your email provider to make sure that they 
-                        are not screening the email as junk.  If you would like your 
+                        are not filtering the email as junk.  If you would like your 
                         verification email sent again please visit the <a ibis:href="user/AccountAccess.html">Account
                         Access</a> page.  
@@ -139 +138 @@
                 <ibis:ContiditionalSection id="VERIFIED">
                         <h2>Account Verified and Active</h2>
+                        You have successfully verified and activated your IBIS-PH user account.
+                        You can now save query dataset definitions and criteria definitions.  
+                        You can login to your account at the time of saving your definition 
+                        or you can login now via the <a ibis:href="user/Login.html">User Login</a>
+                        page.
+                        <br/><br/>
+
+                        If you have forgotten your password please visit the <a ibis:href="user/AccountAccess.html">Account
+                        Access</a> page.  If you have concerns about your account please 
+                        contact this application's system administrator.
                 </ibis:ContiditionalSection>
 
@@ -145 +154 @@
                         An email has been sent to your email address that contains your 
                         password.  Please wait a few seconds then check your inbox.  If 
-                        you do NOT receive a password email message please check you junk 
+                        you do NOT receive a password email message, please check you junk 
                         email folder.  If you still do not get a message you should check 
-                        with your email provider to make sure that they are not screening 
-                        the email as junk.  
+                        with your email provider to make sure that they are not filtering 
+                        out email messages from us.  
                         <br/><br/>