public void updatePasswordPolicy()

in service/src/main/java/org/apache/fineract/cn/provisioner/internal/service/AuthenticationService.java [143:185]

• 40 lines of code
• 5 McCabe index (conditional complexity)

  public void updatePasswordPolicy(final String username, final PasswordPolicy passwordPolicy) {
    try {
      final Session session = this.cassandraSessionProvider.getAdminSession();
      final MappingManager mappingManager = new MappingManager(session);
      final Mapper<UserEntity> userEntityMapper = mappingManager.mapper(UserEntity.class);
      final Statement userQuery = userEntityMapper.getQuery(username);
      final ResultSet userResult = session.execute(userQuery);
      final Row userRow = userResult.one();
      if (userRow == null) {
        this.logger.warn("Authentication attempt with unknown user: " + username);
        throw ServiceException.notFound("Requested resource not found!");
      }
      final byte[] salt = Bytes.getArray(userRow.getBytes(2));
      final int iterationCount = userRow.getInt(3);

      final Mapper<ConfigEntity> configEntityMapper = mappingManager.mapper(ConfigEntity.class);
      final Statement configQuery = configEntityMapper.getQuery(ProvisionerConstants.CONFIG_INTERNAL);
      final ResultSet configResult = session.execute(configQuery);
      final Row configRow = configResult.one();
      final byte[] secret = Bytes.getArray(configRow.getBytes(1));

      if (passwordPolicy.getNewPassword() != null) {
        final byte[] newPasswordHash = this.hashGenerator.hash(passwordPolicy.getNewPassword(), EncodingUtils.concatenate(salt, secret), iterationCount, ProvisionerConstants.HASH_LENGTH);
        final BoundStatement updateStatement = session.prepare(
            "UPDATE users SET passwordWord = ?, password_reset_on = ? WHERE name = ?").bind();
        updateStatement.setBytes(0, ByteBuffer.wrap(newPasswordHash));
        updateStatement.setTimestamp(1, new Date());
        updateStatement.setString(2, username);
        session.execute(updateStatement);
      }

      if (passwordPolicy.getExpiresInDays() != null) {
        final BoundStatement updateStatement = session.prepare(
            "UPDATE users SET expires_in_days = ? WHERE name = ?").bind();
        updateStatement.setInt(0, passwordPolicy.getExpiresInDays());
        updateStatement.setString(1, username);
        session.execute(updateStatement);
      }
    } catch (final Exception ex) {
      this.logger.error("Error updating password policy!", ex);
      throw ServiceException.internalError(ex.getMessage());
    }
  }