Merge branch '4.5.4'

pom.xml

@@ -4,7 +4,7 @@
     <groupId>org.jbei</groupId>
     <artifactId>ice</artifactId>
     <packaging>war</packaging>
-    <version>4.5.3</version>
+    <version>4.5.4</version>
     <name>ice</name>
     <description>Inventory of Composable Elements (ICE) for Synthetic Biology</description>
     <repositories>

src/main/java/org/jbei/ice/lib/account/AccountController.java

@@ -159,27 +159,29 @@ public boolean resetPassword(final String targetEmail) {
     }
 
     /**
-     * Updates account password associated the account email. It encrypts it before associating it
-     * with the account
+     * Updates the specified user account's password
      *
-     * @param userId
-     * @param transfer
+     * @param userId   email of user making change. If it is not the same as the email associated with the
+     *                 <code>id</code>, then this account must have administrator privileges
+     * @param id       unique (db) identifier for user whose password is to be changed.
+     * @param transfer wrapper around new password
      * @return updated account object
+     * @throws PermissionException if the account associated with <code>userId</code> and <code>id</code> are not
+     *                             the same but the <code>userId</code> does not have administrative privileges
      */
-    public AccountTransfer updatePassword(final String userId, final AccountTransfer transfer) {
-        final Account userAccount = getByEmail(transfer.getEmail());
-        if (userAccount == null) {
-            throw new IllegalArgumentException("Could not retrieve account by id "
-                    + transfer.getEmail());
+    public AccountTransfer updatePassword(String userId, long id, AccountTransfer transfer) throws PermissionException {
+        Account account = get(id);
+        if (account == null) {
+            throw new IllegalArgumentException("Could not retrieve account by id " + id);
         }
 
-        if (!isAdministrator(userId) && !userAccount.getEmail().equalsIgnoreCase(userId)) {
-            return null;
+        if (!isAdministrator(userId) && !account.getEmail().equalsIgnoreCase(userId)) {
+            throw new PermissionException("User " + userId + " does not have permission to change "
+                    + transfer.getEmail() + "'s password");
         }
 
-        userAccount.setPassword(AccountUtils.encryptNewUserPassword(transfer.getPassword(),
-                userAccount.getSalt()));
-        return dao.update(userAccount).toDataTransferObject();
+        account.setPassword(AccountUtils.encryptNewUserPassword(transfer.getPassword(), account.getSalt()));
+        return dao.update(account).toDataTransferObject();
     }
 
     /**

src/main/java/org/jbei/ice/services/rest/UserResource.java

@@ -210,11 +210,6 @@ public AccountTransfer update(@Context final UriInfo info, @PathParam("id") fina
         return controller.updateAccount(user, userId, transfer);
     }
 
-    /**
-     * @param info
-     * @param transfer
-     * @return Response for success or failure
-     */
     @POST
     @Consumes(MediaType.APPLICATION_JSON)
     @Produces(MediaType.APPLICATION_JSON)
@@ -234,10 +229,12 @@ public Response resetPassword(@Context final UriInfo info, final AccountTransfer
     @PUT
     @Consumes(MediaType.APPLICATION_JSON)
     @Produces(MediaType.APPLICATION_JSON)
-    @Path("/password")
-    public AccountTransfer updatePassword(final AccountTransfer transfer) {
+    @Path("/{id}/password")
+    public AccountTransfer updatePassword(@PathParam("id") final long userId,
+                                          final AccountTransfer transfer) {
         final String user = getUserId();
-        return controller.updatePassword(user, transfer);
+        log(user, "changing password for user " + userId);
+        return controller.updatePassword(user, userId, transfer);
     }
 
     /**
@@ -247,8 +244,10 @@ public AccountTransfer updatePassword(final AccountTransfer transfer) {
     @PUT
     @Consumes(MediaType.APPLICATION_JSON)
     @Produces(MediaType.APPLICATION_JSON)
-    public Response createNewUser(final AccountTransfer accountTransfer) {
-        final AccountTransfer created = controller.createNewAccount(accountTransfer, true);
+    public Response createNewUser(
+            @DefaultValue("true") @QueryParam("sendEmail") boolean sendEmail,
+            final AccountTransfer accountTransfer) {
+        final AccountTransfer created = controller.createNewAccount(accountTransfer, sendEmail);
         return super.respond(created);
     }
 

src/main/webapp/index.jsp

@@ -90,7 +90,7 @@
             </div>
             <div class="text-right">
                 &copy;&nbsp;<a href="https://github.com/JBEI/ice">JBEI ICE Registry</a> <span
-                    class="label label-primary">v4.5.3</span><br>
+                    class="label label-primary">v4.5.4</span><br>
                 All rights reserved. <br>
                 <a href="https://github.com/JBEI/ice/issues/new">Submit an Issue</a>&nbsp; <span class="text-muted">|</span> &nbsp;<a
                     href="http://public-registry.jbei.org/manual">Help</a>

src/main/webapp/scripts/admin/adminController.js

@@ -151,7 +151,8 @@ angular.module('ice.admin.controller', [])
             $scope.submitSetting(booleanSetting);
         }
     })
-    .controller('AdminTransferredEntriesController', function ($rootScope, $cookieStore, $filter, $location, $scope, Folders, Entry, Util) {
+    .controller('AdminTransferredEntriesController', function ($rootScope, $cookieStore, $filter, $location, $scope,
+                                                               Folders, Entry, Util) {
         $scope.maxSize = 5;
         $scope.currentPage = 1;
         $scope.selectedTransferredEntries = [];
@@ -314,7 +315,7 @@ angular.module('ice.admin.controller', [])
     .controller('AdminUserController', function ($rootScope, $scope, $stateParams, $cookieStore, User) {
         $scope.maxSize = 5;
         $scope.currentPage = 1;
-        $scope.newProfile = undefined;
+        $scope.newProfile = {show: false};
         $scope.userListParams = {sort: 'lastName', asc: true, currentPage: 1, status: undefined};
 
         var user = User($cookieStore.get("sessionId"));
@@ -336,11 +337,10 @@ angular.module('ice.admin.controller', [])
         };
 
         $scope.createProfile = function () {
+            $scope.newProfile.sendEmail = false;
             user.createUser($scope.newProfile, function (result) {
-                $scope.showCreateProfile = false;
+                $scope.newProfile.password = result.password;
                 getUsers();
-            }, function (error) {
-
             })
         };
 

src/main/webapp/scripts/admin/users.html

@@ -1,7 +1,7 @@
 <div ng-controller="AdminUserController">
     <div class="pad_top">
 
-        <button type="button" ng-click="showCreateProfile=true" class="ice-button">
+        <button type="button" ng-click="newProfile.show=true" class="ice-button">
             <i style="font-size: 14px" class="blue fa fa-user"></i> Create Account
         </button>
 
@@ -13,8 +13,24 @@
         </span>
     </div>
 
-    <div class="margin-top-10 panel panel-default font-95em" ng-show="showCreateProfile">
-        <form class="panel-body" role="form" ng-submit="createProfile()">
+    <div class="margin-top-10 panel panel-default font-95em" ng-show="newProfile.show">
+        <div ng-if="newProfile.password" class="pad-8">
+            Account successfully created
+            <br><br>
+            <b>Username</b>: {{newProfile.email}} <br>
+            <b>Password:</b> {{newProfile.password}}
+            <br><br>
+            The password can be changed on the profile page.
+            <br><br><br>
+
+            &nbsp;&nbsp;
+            <button type="button" class="btn btn-primary btn-sm"
+                    ng-click="newProfile.show=false;newProfile.password=undefined">Ok
+            </button>
+            <br>
+        </div>
+
+        <form class="panel-body" role="form" ng-submit="createProfile()" ng-if="!newProfile.password">
             <div class="col-md-2 pad-top-5 text-right">
                 <span style="white-space:nowrap">First name <span class="required">*</span> </span>
             </div>

src/main/webapp/scripts/controllers.js

@@ -324,7 +324,8 @@ iceControllers.controller('MessageController', function ($scope, $location, $coo
     });
 });
 
-iceControllers.controller('LoginController', function ($scope, $location, $cookieStore, $cookies, $rootScope, Authentication, Settings, AccessToken) {
+iceControllers.controller('LoginController', function ($scope, $location, $cookieStore, $cookies, $rootScope,
+                                                       Authentication, Settings, AccessToken) {
     $scope.login = {};
 
     $scope.submit = function () {
@@ -369,8 +370,6 @@ iceControllers.controller('LoginController', function ($scope, $location, $cooki
                 $scope.errMsg = "Login failed";
             }
         );
-
-//        Authentication.login($scope.userId, $scope.userPassword);
     };
 
     $scope.goToRegister = function () {

src/main/webapp/scripts/profile/profile-information.html

@@ -66,27 +66,34 @@
 
 <div class=" margin-top-10 panel panel-default" ng-if="showChangePassword">
     <div class="panel-body">
+        <h4>Change password
+            <small ng-if="userId != user.id"><i class="fa fa-exclamation-circle fa-fw orange"></i>Changing another
+                user's password
+            </small>
+        </h4>
+
         <div class="alert alert-danger" style="width: 435px; padding: 8px" ng-if="changePasswordError">
             <i style="font-size: 15px" class="fa fa-exclamation-triangle"></i>
             <span class="font-90em">{{changePasswordError}}</span>
         </div>
 
         <div class="alert alert-info" style="width: 435px; padding: 8px"
              ng-if="passwordChangeSuccess&&!changePasswordError">
-            <i style="font-size: 15px" class="fa fa-exclamation-triangle"></i>
+            <i style="font-size: 15px" class="fa fa-info-circle"></i>
             <span class="font-90em">Password successfully changed</span>
         </div>
 
-        <form class="font-95em" role="form" ng-submit="updatePassword()"
-              ng-if="!passwordChangeSuccess&&!changePasswordError">
-            <div class="col-md-2 pad-top-5">
-                <span style="white-space:nowrap">Current password <span class="required">*</span> </span>
-            </div>
-            <div class="col-md-10 pad-top-5">
-                <input type="password" ng-model="changePass.current" ng-change="currentError=false"
-                       ng-class="{'input_box':!currentError, 'input_box_error':currentError}" ng-trim="true"
-                       maxlength="125" style="width: 205px;">
-            </div>
+        <form class="font-95em" role="form" ng-submit="updatePassword()" ng-if="!passwordChangeSuccess">
+            <!--<div class="col-md-2 pad-top-5">-->
+            <!--<span style="white-space:nowrap">Verify your password <span class="required">*</span> </span>-->
+            <!--</div>-->
+            <!--<div class="col-md-10 pad-top-5">-->
+            <!--<input type="password" ng-model="changePass.current" ng-change="currentError=false"-->
+            <!--ng-class="{'input_box':!currentError, 'input_box_error':currentError}" ng-trim="true"-->
+            <!--maxlength="125" style="width: 205px;">-->
+            <!--</div>-->
+
+            <div class="col-md-12">&nbsp;</div>
 
             <div class="col-md-2 pad-top-5">
                 <span style="white-space:nowrap">New password <span class="required">*</span></span>
@@ -98,17 +105,23 @@
             </div>
 
             <div class="col-md-2 pad-top-5">
-                <span style="white-space:nowrap">Confirm new password</span>
+                <span style="white-space:nowrap">Confirm new password <span class="required">*</span></span>
             </div>
             <div class="col-md-10 pad-top-5">
                 <input type="password" ng-model="changePass.new2" class="input_box" maxlength="125"
                        style="width: 205px;">
+                <i class="fa fa-fw fa-check green font-12em"
+                   ng-if="changePass.new2 && changePass.new === changePass.new2"></i>
+                <i class="fa fa-fw fa-minus-circle red font-12em" tooltip="Passwords do not match"
+                   ng-if="changePass.new2 && changePass.new !== changePass.new2"></i>
             </div>
 
             <br>
 
             <div class="col-xs-offset-2 col-md-10 pad_top">
-                <button type="submit" class="btn btn-xs btn-primary">Save</button>
+                <button type="submit" class="btn btn-xs btn-primary"
+                        ng-disabled="!changePass.new2 || !changePass.new">Update
+                </button>
                 <button type="button" ng-click="editClick(false, false, false)" class="btn btn-xs btn-default">Cancel
                 </button>
             </div>

src/main/webapp/scripts/profile/profileController.js

@@ -102,7 +102,7 @@ angular.module('ice.profile.controller', [])
 
         var user = User($cookieStore.get('sessionId'));
         var profileOption = $stateParams.option;
-        var profileId = $stateParams.id;
+        var profileId = $scope.userId = $stateParams.id;
 
         $scope.savePreference = function (pref) {
             if (!$scope.preferences[pref.id]) {
@@ -219,31 +219,30 @@ angular.module('ice.profile.controller', [])
 
         $scope.updatePassword = function () {
             var pass = $scope.changePass;
-            console.log(pass);
 
-            if (!$scope.changePass || $scope.changePass.current === undefined || !$scope.changePass.current.length) {
-                $scope.changePasswordError = "Please enter your current password";
-                $scope.currentError = true;
-                return;
-            }
+            //if (!$scope.changePass || $scope.changePass.current === undefined || !$scope.changePass.current.length) {
+            //    $scope.changePasswordError = "Please enter your current password";
+            //    $scope.currentError = true;
+            //    return;
+            //}
 
             // check new password value
             if (pass.new === undefined || pass.new.length === 0) {
-                $scope.changePasswordError = "Please enter a new password for your account";
+                $scope.changePasswordError = "Please enter a new password";
                 $scope.newPassError = true;
                 return;
             }
 
             // check for new password confirm value
             if (pass.new2 === undefined || pass.new2.length === 0) {
-                $scope.changePasswordError = "Please confirm the new password for your account";
+                $scope.changePasswordError = "Please confirm the new password";
                 $scope.newPass2Error = true;
                 return;
             }
 
             // check for matching password values
             if (pass.new2 !== pass.new) {
-                $scope.changePasswordError = "The password for your account does not match";
+                $scope.changePasswordError = "Passwords do not match";
                 $scope.newPassError = true;
                 $scope.newPass2Error = true;
                 return;
@@ -252,36 +251,21 @@ angular.module('ice.profile.controller', [])
             var user = User($cookieStore.get("sessionId"));
 
             // validate existing password
-            var userId = $cookieStore.get('userId');
             $scope.passwordChangeSuccess = undefined;
             $scope.changePasswordError = undefined;
 
-//        var userObj = {sessionId:$cookieStore.get("sessionId"), password:$scope.changePass.current, email:userId};
-
-            // authenticate new password
-//        user.resetPassword({}, userObj, function (result) {
-//            if (result == null) {
-//                $scope.changePasswordError = "Current password is invalid";
-//                $scope.currentError = true;
-//                return;
-//            }
-
-            user.changePassword({},
-                {email: userId, password: pass.new},
+            // server call
+            user.changePassword({userId: $stateParams.id}, {password: pass.new},
                 function (success) {
                     console.log("password change", success);
                     if (!success) {
-                        $scope.changePasswordError = "There was an error changing your password";
+                        $scope.changePasswordError = "There was an error changing the password";
                     } else {
                         $scope.passwordChangeSuccess = true;
                     }
                 }, function (error) {
                     $scope.changePasswordError = "There was an error changing your password";
                 });
-            //  change password
-//        }, function (error) {
-//            $scope.changePasswordError = "There was an error changing your password";
-//        });
         };
 
         $scope.updateProfile = function () {

src/main/webapp/scripts/services.js

@@ -46,7 +46,7 @@ iceServices.factory('Permission', function ($resource, $cookieStore) {
 
 iceServices.factory('User', function ($resource) {
     return function (sessionId) {
-        return $resource('rest/users', {userId:'@userId', preferenceKey:'@preferenceKey'}, {
+        return $resource('rest/users', {userId: '@userId', preferenceKey: '@preferenceKey', sendEmail: '@sendEmail'}, {
             query:{
                 method:'GET',
                 responseType:"json",
@@ -127,7 +127,7 @@ iceServices.factory('User', function ($resource) {
 
             changePassword:{
                 method:'PUT',
-                url:'rest/users/password',
+                url: 'rest/users/:userId/password',
                 responseType:'json',
                 headers:{'X-ICE-Authentication-SessionId':sessionId}
             },

src/test/java/org/jbei/ice/lib/account/AccountControllerTest.java

@@ -72,7 +72,7 @@ public void testUpdatePassword() throws Exception {
         Account account = AccountCreator.createTestAccount("testUpdatePassword", false);
         AccountTransfer transfer = account.toDataTransferObject();
         transfer.setPassword("p455W0rd");
-        controller.updatePassword(account.getEmail(), transfer);
+        controller.updatePassword(account.getEmail(), transfer.getId(), transfer);
     }
 
     @Test
@@ -120,7 +120,7 @@ public void testGetAccountBySessionKey() throws Exception {
         Account account = AccountCreator.createTestAccount("testGetAccountBySessionKey", false);
         AccountTransfer transfer = account.toDataTransferObject();
         transfer.setPassword("p455W0rd");
-        controller.updatePassword(account.getEmail(), transfer);
+        controller.updatePassword(account.getEmail(), transfer.getId(), transfer);
         AccountTransfer info = controller.authenticate(new AccountTransfer(account.getEmail(), "p455W0rd"));
         Assert.assertNotNull(info);
         Assert.assertFalse(info.getSessionId().isEmpty());