X-Git-Url: https://git.opendaylight.org/gerrit/gitweb?a=blobdiff_plain;f=opendaylight%2Fweb%2Froot%2Fsrc%2Fmain%2Fjava%2Forg%2Fopendaylight%2Fcontroller%2Fweb%2FDaylightWebAdmin.java;h=c748171685ebcbe7886229987d1eda67c62d03ab;hb=refs%2Fchanges%2F47%2F447%2F2;hp=bc3d39aa2124136f35602f0ffbcb78eb6f3de673;hpb=ccc77a1f4f9ec898ee54ac4695f22b59cb56828f;p=controller.git

diff --git a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java
index bc3d39aa21..c748171685 100644
--- a/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java
+++ b/opendaylight/web/root/src/main/java/org/opendaylight/controller/web/DaylightWebAdmin.java
@@ -1,4 +1,3 @@
-
 /*
  * Copyright (c) 2013 Cisco Systems, Inc. and others.  All rights reserved.
  *
@@ -11,12 +10,14 @@ package org.opendaylight.controller.web;
 
 import java.util.List;
 
+import javax.servlet.http.HttpServletRequest;
+
 import org.opendaylight.controller.sal.authorization.UserLevel;
 import org.opendaylight.controller.sal.utils.ServiceHelper;
 import org.opendaylight.controller.sal.utils.Status;
+import org.opendaylight.controller.sal.utils.StatusCode;
 import org.opendaylight.controller.usermanager.IUserManager;
 import org.opendaylight.controller.usermanager.internal.UserConfig;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -50,56 +51,82 @@ public class DaylightWebAdmin {
     @ResponseBody
     public String saveLocalUserConfig(
             @RequestParam(required = true) String json,
-            @RequestParam(required = true) String action) {
+            @RequestParam(required = true) String action,
+            HttpServletRequest request) {
 
-    	IUserManager userManager = (IUserManager) ServiceHelper
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
-        	return "Internal Error";
+            return "Internal Error";
         }
-        
-        if (!authorize(userManager, UserLevel.NETWORKADMIN)) {
-			return "Operation not permitted";
+
+        if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+            return "Operation not permitted";
         }
-    	
+
         Gson gson = new Gson();
         UserConfig config = gson.fromJson(json, UserConfig.class);
-        
-        Status result = (action.equals("add")) ? 
-        		userManager.addLocalUser(config)
-                   : userManager.removeLocalUser(config);
+
+        Status result = (action.equals("add")) ? userManager
+                .addLocalUser(config) : userManager.removeLocalUser(config);
 
         return result.getDescription();
     }
-    
+
     @RequestMapping(value = "/users/{username}", method = RequestMethod.POST)
     @ResponseBody
-    public String removeLocalUser(@PathVariable("username") String userName) {
-    	if(SecurityContextHolder.getContext().getAuthentication()
-    			.getName().equals(userName)) {
-    		return "Invalid Request: User cannot delete itself";
-    	}
-    	
-    	IUserManager userManager = (IUserManager) ServiceHelper
+    public String removeLocalUser(@PathVariable("username") String userName,
+            HttpServletRequest request) {
+
+        String username = request.getUserPrincipal().getName();
+        if (username.equals(userName)) {
+            return "Invalid Request: User cannot delete itself";
+        }
+
+        IUserManager userManager = (IUserManager) ServiceHelper
                 .getGlobalInstance(IUserManager.class, this);
         if (userManager == null) {
-        	return "Internal Error";
+            return "Internal Error";
         }
-        
-        if (!authorize(userManager, UserLevel.NETWORKADMIN)) {
-			return "Operation not permitted";
+
+        if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+            return "Operation not permitted";
         }
-        
+
         return userManager.removeLocalUser(userName).getDescription();
     }
-    
+
+    @RequestMapping(value = "/users/password/{username}", method = RequestMethod.POST)
+    @ResponseBody
+    public Status changePassword(@PathVariable("username") String username, HttpServletRequest request,
+            @RequestParam("currentPassword") String currentPassword, @RequestParam("newPassword") String newPassword) {
+        IUserManager userManager = (IUserManager) ServiceHelper
+                .getGlobalInstance(IUserManager.class, this);
+        if (userManager == null) {
+            return new Status(StatusCode.GONE, "User Manager not found");
+        }
+
+        if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+            return new Status(StatusCode.FORBIDDEN, "Operation not permitted");
+        }
+
+        if (newPassword.isEmpty()) {
+            return new Status(StatusCode.BADREQUEST, "Empty passwords not allowed");
+        }
+
+        Status status = userManager.changeLocalUserPassword(username, currentPassword, newPassword);
+
+        return status;
+    }
+
     /**
      * Is the operation permitted for the given level
-     * 
+     *
      * @param level
      */
-    private boolean authorize(IUserManager userManager, UserLevel level) {
-        String username = SecurityContextHolder.getContext().getAuthentication().getName();
+    private boolean authorize(IUserManager userManager, UserLevel level,
+            HttpServletRequest request) {
+        String username = request.getUserPrincipal().getName();
         UserLevel userLevel = userManager.getUserLevel(username);
         return userLevel.toNumber() <= level.toNumber();
     }