public Boolean updateMe()

in redback-integrations/redback-rest/redback-rest-services/src/main/java/org/apache/archiva/redback/rest/services/DefaultUserService.java [309:377]

• 56 lines of code
• 10 McCabe index (conditional complexity)

    public Boolean updateMe( User user )
        throws RedbackServiceException
    {
        // check username == one in the session
        RedbackRequestInformation redbackRequestInformation = RedbackAuthenticationThreadLocal.get();
        if ( redbackRequestInformation == null || redbackRequestInformation.getUser() == null )
        {
            log.warn( "RedbackRequestInformation from ThreadLocal is null" );
            throw new RedbackServiceException( new ErrorMessage( "you must be logged to update your profile" ),
                                               Response.Status.FORBIDDEN.getStatusCode() );
        }
        if ( user == null )
        {
            throw new RedbackServiceException( new ErrorMessage( "user parameter is mandatory" ),
                                               Response.Status.BAD_REQUEST.getStatusCode() );
        }
        if ( !StringUtils.equals( redbackRequestInformation.getUser().getUsername(), user.getUsername() ) )
        {
            throw new RedbackServiceException( new ErrorMessage( "you can update only your profile" ),
                                               Response.Status.FORBIDDEN.getStatusCode() );
        }

        if ( StringUtils.isEmpty( user.getPreviousPassword() ) )
        {
            throw new RedbackServiceException( new ErrorMessage( "previous password is empty" ),
                                               Response.Status.BAD_REQUEST.getStatusCode() );
        }

        User realUser = getUser( user.getUsername() );
        try
        {
            String previousEncodedPassword =
                securitySystem.getUserManager().findUser( user.getUsername(), false ).getEncodedPassword();

            // check oldPassword with the current one

            PasswordEncoder encoder = securitySystem.getPolicy().getPasswordEncoder();

            if ( !encoder.isPasswordValid( previousEncodedPassword, user.getPreviousPassword() ) )
            {

                throw new RedbackServiceException( new ErrorMessage( "password.provided.does.not.match.existing" ),
                                                   Response.Status.BAD_REQUEST.getStatusCode() );
            }
        }
        catch ( UserNotFoundException e )
        {
            throw new RedbackServiceException( new ErrorMessage( "user not found" ),
                                               Response.Status.BAD_REQUEST.getStatusCode() );
        }
        catch ( UserManagerException e )
        {
            throw new RedbackServiceException( new ErrorMessage( e.getMessage() ) );
        }
        // only 3 fields to update
        realUser.setFullName( user.getFullName() );
        realUser.setEmail( user.getEmail() );
        // ui can limit to not update password
        if ( StringUtils.isNotBlank( user.getPassword() ) )
        {
            passwordValidator.validatePassword( user.getPassword(), user.getUsername() );

            realUser.setPassword( user.getPassword() );
        }

        updateUser( realUser );

        return Boolean.TRUE;
    }