View Javadoc

1   /*
2    * Copyright (C) 2007 Alf Mikula
3    * 
4    * This file is part of PromoteGo.
5    *
6    * PromoteGo is free software: you can redistribute it and/or modify
7    * it under the terms of the GNU General Public License as published by
8    * the Free Software Foundation, either version 3 of the License, or
9    * (at your option) any later version.
10   *
11   * PromoteGo is distributed in the hope that it will be useful,
12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
14   * GNU General Public License for more details.
15   *
16   * You should have received a copy of the GNU General Public License
17   * along with PromoteGo.  If not, see <http://www.gnu.org/licenses/>.
18   */
19  package org.promotego.controllers;
20  
21  import javax.servlet.http.HttpServletRequest;
22  import javax.servlet.http.HttpServletResponse;
23  
24  import org.promotego.beans.User;
25  import org.promotego.beans.UserHolder;
26  import org.promotego.beans.ValidationRecord;
27  import org.promotego.dao.interfaces.UserDao;
28  import org.promotego.dao.interfaces.ValidationRecordDao;
29  import org.springframework.beans.factory.annotation.Required;
30  import org.springframework.transaction.annotation.Transactional;
31  import org.springframework.web.servlet.ModelAndView;
32  import org.springframework.web.servlet.mvc.AbstractController;
33  
34  /***
35   * Validate the logged-in user with the provided key.
36   * 
37   * TODO Fix validation flow so that user gets a clear message that she is
38   * required to log in first, and validation is automatically completed after
39   * login.
40   * 
41   * @author alf
42   *
43   */
44  public class ValidateUserController extends AbstractController
45  {
46  	private UserHolder m_userHolder;
47  	private ValidationRecordDao m_validationRecordDao;
48  	private UserDao m_userDao;
49  	
50  	@Transactional
51  	@Override
52  	protected ModelAndView handleRequestInternal(HttpServletRequest request,
53  			HttpServletResponse response) throws Exception
54  	{
55  		String validationKey = request.getParameter("validationKey");
56  		
57  		User theUser = m_userHolder.getUser();
58  		assert theUser != null : "User object may not be null";
59  		
60  		// NOTE: User has to be reattached before compared to the user on the
61  		// validationrecord below, or we end up with two different User objects,
62  		// and attempting to update the wrong one will result in an exception.
63  		m_userDao.reattach(theUser);
64  		
65  		ValidationRecord validationRecord = m_validationRecordDao.getRecordByValidationKey(validationKey);
66  		
67  		if (validationRecord == null || !validationRecord.getUser().equals(m_userHolder.getUser()))
68  		{
69  			// record incorrect or expired, render error message
70  			return new ModelAndView("validationFailure");
71  		}
72  		else // Correct record, correct user
73  		{
74  			// set validation on user
75  			theUser.setValidated(true);
76  			m_userDao.update(theUser);
77  			
78  			// Delete validation record
79  			m_validationRecordDao.delete(validationRecord);
80  			
81  			// render message on success
82  			return new ModelAndView("validationSuccess");
83  		}
84  	}
85  
86  	@Required
87  	public void setUserHolder(UserHolder userHolder)
88  	{
89  		m_userHolder = userHolder;
90  	}
91  
92  	@Required
93  	public void setValidationRecordDao(ValidationRecordDao validationRecordDao)
94  	{
95  		m_validationRecordDao = validationRecordDao;
96  	}
97  
98  	@Required
99  	public void setUserDao(UserDao userDao)
100 	{
101 		m_userDao = userDao;
102 	}
103 }