@RequestMapping(value = "/update-email", method = RequestMethod.POST)
  @RequireHardLogIn
  public String updateEmail(
      final UpdateEmailForm updateEmailForm,
      final BindingResult bindingResult,
      final Model model,
      final RedirectAttributes redirectAttributes,
      final HttpServletRequest request)
      throws CMSItemNotFoundException {
    getEmailValidator().validate(updateEmailForm, bindingResult);

    String returnAction = REDIRECT_TO_PROFILE_PAGE;

    if (!bindingResult.hasErrors()
        && !updateEmailForm.getEmail().equals(updateEmailForm.getChkEmail())) {
      bindingResult.rejectValue(
          "chkEmail",
          "validation.checkEmail.equals",
          new Object[] {},
          "validation.checkEmail.equals");
    }

    if (bindingResult.hasErrors()) {
      returnAction = errorUpdatingEmail(model);
    } else {
      try {
        customerFacade.changeUid(updateEmailForm.getEmail(), updateEmailForm.getPassword());
        GlobalMessages.addFlashMessage(
            redirectAttributes,
            GlobalMessages.CONF_MESSAGES_HOLDER,
            "text.account.profile.confirmationUpdated",
            null);

        // Replace the spring security authentication with the new UID
        final String newUid = customerFacade.getCurrentCustomer().getUid().toLowerCase();
        final Authentication oldAuthentication =
            SecurityContextHolder.getContext().getAuthentication();
        final UsernamePasswordAuthenticationToken newAuthentication =
            new UsernamePasswordAuthenticationToken(
                newUid, null, oldAuthentication.getAuthorities());
        newAuthentication.setDetails(oldAuthentication.getDetails());
        SecurityContextHolder.getContext().setAuthentication(newAuthentication);
      } catch (final DuplicateUidException e) {
        bindingResult.rejectValue("email", "profile.email.unique");
        returnAction = errorUpdatingEmail(model);
      } catch (final PasswordMismatchException passwordMismatchException) {
        bindingResult.rejectValue("password", "profile.currentPassword.invalid");
        returnAction = errorUpdatingEmail(model);
      }
    }

    return returnAction;
  }
 @RequestMapping(value = "/change", method = RequestMethod.POST)
 public String changePassword(
     @Valid final UpdatePwdForm form,
     final BindingResult bindingResult,
     final Model model,
     final RedirectAttributes redirectModel)
     throws CMSItemNotFoundException {
   if (bindingResult.hasErrors()) {
     prepareErrorMessage(model, UPDATE_PWD_CMS_PAGE);
     return ControllerConstants.Views.Pages.Password.PasswordResetChangePage;
   }
   if (!StringUtils.isBlank(form.getToken())) {
     try {
       customerFacade.updatePassword(form.getToken(), form.getPwd());
       GlobalMessages.addFlashMessage(
           redirectModel,
           GlobalMessages.CONF_MESSAGES_HOLDER,
           "account.confirmation.password.updated");
     } catch (final TokenInvalidatedException e) {
       GlobalMessages.addFlashMessage(
           redirectModel, GlobalMessages.ERROR_MESSAGES_HOLDER, "updatePwd.token.invalidated");
     } catch (final RuntimeException e) {
       GlobalMessages.addFlashMessage(
           redirectModel, GlobalMessages.ERROR_MESSAGES_HOLDER, "updatePwd.token.invalid");
     }
   }
   return REDIRECT_LOGIN;
 }
  @RequestMapping(value = "/request/external", method = RequestMethod.POST)
  public String externalPasswordRequest(
      @Valid final ForgottenPwdForm form,
      final BindingResult bindingResult,
      final Model model,
      final RedirectAttributes redirectModel)
      throws CMSItemNotFoundException {
    storeCmsPageInModel(model, getContentPageForLabelOrId(null));
    setUpMetaDataForContentPage(model, getContentPageForLabelOrId(null));
    model.addAttribute(
        WebConstants.BREADCRUMBS_KEY,
        resourceBreadcrumbBuilder.getBreadcrumbs("forgottenPwd.title"));

    if (bindingResult.hasErrors()) {
      return ControllerConstants.Views.Pages.Password.PasswordResetRequest;
    } else {
      try {
        customerFacade.forgottenPassword(form.getEmail());
        GlobalMessages.addFlashMessage(
            redirectModel,
            GlobalMessages.CONF_MESSAGES_HOLDER,
            "account.confirmation.forgotten.password.link.sent");
      } catch (final UnknownIdentifierException unknownIdentifierException) {
        LOG.warn("Email: " + form.getEmail() + " does not exist in the database.");
      }
      return REDIRECT_PWD_REQ_CONF;
    }
  }
 protected AddressForm getPreparedAddressForm() {
   final CustomerData currentCustomerData = customerFacade.getCurrentCustomer();
   final AddressForm addressForm = new AddressForm();
   addressForm.setFirstName(currentCustomerData.getFirstName());
   addressForm.setLastName(currentCustomerData.getLastName());
   addressForm.setTitleCode(currentCustomerData.getTitleCode());
   return addressForm;
 }
  @RequestMapping(value = "/update-profile", method = RequestMethod.POST)
  @RequireHardLogIn
  public String updateProfile(
      final UpdateProfileForm updateProfileForm,
      final BindingResult bindingResult,
      final Model model,
      final RedirectAttributes redirectAttributes)
      throws CMSItemNotFoundException {
    getProfileValidator().validate(updateProfileForm, bindingResult);

    String returnAction = ControllerConstants.Views.Pages.Account.AccountProfileEditPage;
    final CustomerData currentCustomerData = customerFacade.getCurrentCustomer();
    final CustomerData customerData = new CustomerData();
    customerData.setTitleCode(updateProfileForm.getTitleCode());
    customerData.setFirstName(updateProfileForm.getFirstName());
    customerData.setLastName(updateProfileForm.getLastName());
    customerData.setUid(currentCustomerData.getUid());
    customerData.setDisplayUid(currentCustomerData.getDisplayUid());

    model.addAttribute("titleData", userFacade.getTitles());

    if (bindingResult.hasErrors()) {
      GlobalMessages.addErrorMessage(model, "form.global.error");
    } else {
      try {
        customerFacade.updateProfile(customerData);
        GlobalMessages.addFlashMessage(
            redirectAttributes,
            GlobalMessages.CONF_MESSAGES_HOLDER,
            "text.account.profile.confirmationUpdated",
            null);
        returnAction = REDIRECT_TO_PROFILE_PAGE;
      } catch (final DuplicateUidException e) {
        bindingResult.rejectValue("email", "registration.error.account.exists.title");
        GlobalMessages.addErrorMessage(model, "form.global.error");
      }
    }

    storeCmsPageInModel(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));
    setUpMetaDataForContentPage(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));
    model.addAttribute(
        "breadcrumbs", accountBreadcrumbBuilder.getBreadcrumbs("text.account.profile"));
    return returnAction;
  }
 @RequestMapping(value = "/my-company", method = RequestMethod.GET)
 @RequireHardLogIn
 public String myCompany(final Model model) throws CMSItemNotFoundException {
   storeCmsPageInModel(model, getContentPageForLabelOrId(MY_COMPANY_CMS_PAGE));
   setUpMetaDataForContentPage(model, getContentPageForLabelOrId(MY_COMPANY_CMS_PAGE));
   model.addAttribute("breadcrumbs", myCompanyBreadcrumbBuilder.getBreadcrumbs(null));
   model.addAttribute("unitUid", companyB2BCommerceFacade.getParentUnit().getUid());
   model.addAttribute("userUid", customerFacade.getCurrentCustomer().getUid());
   model.addAttribute("metaRobots", "no-index,no-follow");
   return getViewForPage(model);
 }
 @RequestMapping(value = "/payment-details", method = RequestMethod.GET)
 @RequireHardLogIn
 public String paymentDetails(final Model model) throws CMSItemNotFoundException {
   model.addAttribute("customerData", customerFacade.getCurrentCustomer());
   model.addAttribute("paymentInfoData", userFacade.getCCPaymentInfos(true));
   storeCmsPageInModel(model, getContentPageForLabelOrId(PAYMENT_DETAILS_CMS_PAGE));
   setUpMetaDataForContentPage(model, getContentPageForLabelOrId(ADD_EDIT_ADDRESS_CMS_PAGE));
   model.addAttribute(
       "breadcrumbs", accountBreadcrumbBuilder.getBreadcrumbs("text.account.paymentDetails"));
   model.addAttribute("metaRobots", "no-index,no-follow");
   return ControllerConstants.Views.Pages.Account.AccountPaymentInfoPage;
 }
 @RequestMapping(value = "/request", method = RequestMethod.POST)
 public String passwordRequest(
     @Valid final ForgottenPwdForm form, final BindingResult bindingResult, final Model model)
     throws CMSItemNotFoundException {
   if (bindingResult.hasErrors()) {
     return ControllerConstants.Views.Fragments.Password.PasswordResetRequestPopup;
   } else {
     try {
       customerFacade.forgottenPassword(form.getEmail());
     } catch (final UnknownIdentifierException unknownIdentifierException) {
       LOG.warn("Email: " + form.getEmail() + " does not exist in the database.");
     }
     return ControllerConstants.Views.Fragments.Password.ForgotPasswordValidationMessage;
   }
 }
  @RequestMapping(value = "/update-password", method = RequestMethod.POST)
  @RequireHardLogIn
  public String updatePassword(
      final UpdatePasswordForm updatePasswordForm,
      final BindingResult bindingResult,
      final Model model,
      final RedirectAttributes redirectAttributes)
      throws CMSItemNotFoundException {
    getPasswordValidator().validate(updatePasswordForm, bindingResult);
    if (!bindingResult.hasErrors()) {
      if (updatePasswordForm.getNewPassword().equals(updatePasswordForm.getCheckNewPassword())) {
        try {
          customerFacade.changePassword(
              updatePasswordForm.getCurrentPassword(), updatePasswordForm.getNewPassword());
        } catch (final PasswordMismatchException localException) {
          bindingResult.rejectValue(
              "currentPassword",
              "profile.currentPassword.invalid",
              new Object[] {},
              "profile.currentPassword.invalid");
        }
      } else {
        bindingResult.rejectValue(
            "checkNewPassword",
            "validation.checkPwd.equals",
            new Object[] {},
            "validation.checkPwd.equals");
      }
    }

    if (bindingResult.hasErrors()) {
      GlobalMessages.addErrorMessage(model, "form.global.error");
      storeCmsPageInModel(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));
      setUpMetaDataForContentPage(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));

      model.addAttribute(
          "breadcrumbs",
          accountBreadcrumbBuilder.getBreadcrumbs("text.account.profile.updatePasswordForm"));
      return ControllerConstants.Views.Pages.Account.AccountChangePasswordPage;
    } else {
      GlobalMessages.addFlashMessage(
          redirectAttributes,
          GlobalMessages.CONF_MESSAGES_HOLDER,
          "text.account.confirmation.password.updated",
          null);
      return REDIRECT_TO_PROFILE_PAGE;
    }
  }
  @RequestMapping(value = "/update-email", method = RequestMethod.GET)
  @RequireHardLogIn
  public String editEmail(final Model model) throws CMSItemNotFoundException {
    final CustomerData customerData = customerFacade.getCurrentCustomer();
    final UpdateEmailForm updateEmailForm = new UpdateEmailForm();

    updateEmailForm.setEmail(customerData.getDisplayUid());

    model.addAttribute("updateEmailForm", updateEmailForm);

    storeCmsPageInModel(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));
    setUpMetaDataForContentPage(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));
    model.addAttribute(
        "breadcrumbs", accountBreadcrumbBuilder.getBreadcrumbs("text.account.profile"));
    model.addAttribute("metaRobots", "no-index,no-follow");
    return ControllerConstants.Views.Pages.Account.AccountProfileEmailEditPage;
  }
  protected void setupAuthenticationHandler() {
    BDDMockito.doReturn(Boolean.FALSE)
        .when(authenticationSuccessHandler)
        .isAlwaysUseDefaultTargetUrl();

    BDDMockito.doNothing().when(customerFacade).loginSuccess();
    final CustomerData customer = BDDMockito.mock(CustomerData.class);
    BDDMockito.given(customer.getUid()).willReturn("customer");
    BDDMockito.given(customerFacade.getCurrentCustomer()).willReturn(customer);

    BDDMockito.given(authenticationSuccessHandler.getCartFacade().getCartsForCurrentUser())
        .willReturn(savedCarts);
    BDDMockito.given(cartFacade.hasSessionCart()).willReturn(Boolean.TRUE);
    BDDMockito.given(cartFacade.getSessionCart()).willReturn(sessionCart);

    BDDMockito.doNothing().when(bruteForceAttackCounter).resetUserCounter("customer");
  }
  @RequestMapping(value = "/profile", method = RequestMethod.GET)
  @RequireHardLogIn
  public String profile(final Model model) throws CMSItemNotFoundException {
    final List<TitleData> titles = userFacade.getTitles();

    final CustomerData customerData = customerFacade.getCurrentCustomer();
    if (customerData.getTitleCode() != null) {
      model.addAttribute("title", findTitleForCode(titles, customerData.getTitleCode()));
    }

    model.addAttribute("customerData", customerData);

    storeCmsPageInModel(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));
    setUpMetaDataForContentPage(model, getContentPageForLabelOrId(PROFILE_CMS_PAGE));
    model.addAttribute(
        "breadcrumbs", accountBreadcrumbBuilder.getBreadcrumbs("text.account.profile"));
    model.addAttribute("metaRobots", "no-index,no-follow");
    return ControllerConstants.Views.Pages.Account.AccountProfilePage;
  }
  protected String unitDetails(
      final String unit, final Model model, final HttpServletRequest request)
      throws CMSItemNotFoundException {
    storeCmsPageInModel(model, getContentPageForLabelOrId(MANAGE_UNITS_CMS_PAGE));
    setUpMetaDataForContentPage(model, getContentPageForLabelOrId(MANAGE_UNITS_CMS_PAGE));
    final List<Breadcrumb> breadcrumbs =
        myCompanyBreadcrumbBuilder.createManageUnitsDetailsBreadcrumbs(unit);
    model.addAttribute("breadcrumbs", breadcrumbs);

    B2BUnitData unitData = companyB2BCommerceFacade.getUnitForUid(unit);
    if (unitData == null) {
      unitData = new B2BUnitData();
      GlobalMessages.addErrorMessage(model, "b2bunit.notfound");
    } else if (!unitData.isActive()) {
      GlobalMessages.addInfoMessage(model, "b2bunit.disabled.infomsg");
    }

    model.addAttribute("unit", unitData);
    model.addAttribute("user", customerFacade.getCurrentCustomer());
    model.addAttribute("metaRobots", "no-index,no-follow");
    return ControllerConstants.Views.Pages.MyCompany.MyCompanyManageUnitDetailsPage;
  }
  @RequestMapping(value = "/update-profile", method = RequestMethod.GET)
  @RequireHardLogIn
  public String editProfile(final Model model) throws CMSItemNotFoundException {
    model.addAttribute("titleData", userFacade.getTitles());

    final CustomerData customerData = customerFacade.getCurrentCustomer();
    final UpdateProfileForm updateProfileForm = new UpdateProfileForm();

    updateProfileForm.setTitleCode(customerData.getTitleCode());
    updateProfileForm.setFirstName(customerData.getFirstName());
    updateProfileForm.setLastName(customerData.getLastName());

    model.addAttribute("updateProfileForm", updateProfileForm);

    storeCmsPageInModel(model, getContentPageForLabelOrId(UPDATE_PROFILE_CMS_PAGE));
    setUpMetaDataForContentPage(model, getContentPageForLabelOrId(UPDATE_PROFILE_CMS_PAGE));

    model.addAttribute(
        "breadcrumbs", accountBreadcrumbBuilder.getBreadcrumbs("text.account.profile"));
    model.addAttribute("metaRobots", "noindex,nofollow");
    return getViewForPage(model);
  }
 @ModelAttribute("user")
 public CustomerData getUser() {
   return customerFacade.getCurrentCustomer();
 }
  protected String editUser(
      final String user,
      final B2BCustomerForm b2BCustomerForm,
      final BindingResult bindingResult,
      final Model model,
      final RedirectAttributes redirectModel)
      throws CMSItemNotFoundException {
    if (bindingResult.hasErrors()) {
      GlobalMessages.addErrorMessage(model, "form.global.error");
      model.addAttribute(b2BCustomerForm);
      return editUser(b2BCustomerForm.getUid(), model);
    }

    // A B2B Admin should not be able to downgrade their roles, they must at lest belong to B2B
    // Administrator role
    if (customerFacade.getCurrentCustomer().getUid().equals(b2BCustomerForm.getUid())) {
      final Collection<String> roles =
          b2BCustomerForm.getRoles() != null ? b2BCustomerForm.getRoles() : new ArrayList<String>();
      if (!roles.contains(B2BConstants.B2BADMINGROUP)) {
        GlobalMessages.addErrorMessage(model, "form.b2bcustomer.adminrole.error");
        roles.add(B2BConstants.B2BADMINGROUP);
        b2BCustomerForm.setRoles(roles);
        model.addAttribute(b2BCustomerForm);
        return editUser(b2BCustomerForm.getUid(), model);
      } else {
        // A session user can't modify their own parent unit.
        final B2BUnitData parentUnit = companyB2BCommerceFacade.getParentUnit();
        if (!parentUnit.getUid().equals(b2BCustomerForm.getParentB2BUnit())) {
          GlobalMessages.addErrorMessage(model, "form.b2bcustomer.parentunit.error");
          b2BCustomerForm.setParentB2BUnit(parentUnit.getUid());
          model.addAttribute(b2BCustomerForm);
          return editUser(b2BCustomerForm.getUid(), model);
        }
      }
    }

    final CustomerData b2bCustomerData = new CustomerData();
    b2bCustomerData.setUid(b2BCustomerForm.getUid());
    b2bCustomerData.setTitleCode(b2BCustomerForm.getTitleCode());
    b2bCustomerData.setFirstName(b2BCustomerForm.getFirstName());
    b2bCustomerData.setLastName(b2BCustomerForm.getLastName());
    b2bCustomerData.setEmail(b2BCustomerForm.getEmail());
    b2bCustomerData.setDisplayUid(b2BCustomerForm.getEmail());
    b2bCustomerData.setUnit(
        companyB2BCommerceFacade.getUnitForUid(b2BCustomerForm.getParentB2BUnit()));
    b2bCustomerData.setRoles(
        b2BCustomerForm.getRoles() != null
            ? b2BCustomerForm.getRoles()
            : Collections.<String>emptyList());
    model.addAttribute(b2BCustomerForm);
    model.addAttribute("titleData", getUserFacade().getTitles());
    model.addAttribute("roles", populateRolesCheckBoxes(companyB2BCommerceFacade.getUserGroups()));

    storeCmsPageInModel(model, getContentPageForLabelOrId(ORGANIZATION_MANAGEMENT_CMS_PAGE));
    setUpMetaDataForContentPage(
        model, getContentPageForLabelOrId(ORGANIZATION_MANAGEMENT_CMS_PAGE));
    final List<Breadcrumb> breadcrumbs =
        myCompanyBreadcrumbBuilder.createManageUserDetailsBreadcrumb(user);
    model.addAttribute("breadcrumbs", breadcrumbs);

    try {
      b2bCommerceUserFacade.updateCustomer(b2bCustomerData);
      b2bCustomerData.setUid(b2BCustomerForm.getEmail().toLowerCase());
      GlobalMessages.addFlashMessage(
          redirectModel, GlobalMessages.CONF_MESSAGES_HOLDER, "text.confirmation.user.edited");
    } catch (final DuplicateUidException e) {
      bindingResult.rejectValue("email", "text.manageuser.error.email.exists.title");
      GlobalMessages.addErrorMessage(model, "form.global.error");
      model.addAttribute("b2BCustomerForm", b2BCustomerForm);
      return editUser(b2BCustomerForm.getUid(), model);
    }
    return String.format(REDIRECT_TO_USER_DETAILS, urlEncode(b2bCustomerData.getUid()));
  }