@RequestMapping(value = "/staffchangepasswordsubmit", method = RequestMethod.POST) public ModelAndView changePasswordSubmit( @ModelAttribute("form") ChangePasswordForm form, BindingResult result) { log.debug("Entering ...."); ModelAndView modelAndView = new ModelAndView("staffchangepassword"); validateChangePassword(form, result); if (!result.hasErrors()) { if (form.getNewPassword().equals(form.getNewPasswordRep())) { User user = loginService.getUserByProfileId(form.getTenantId(), form.getStaffProfileId()); if (user != null && form.getCurrentPassword().equals(user.getPassword())) { user.setPassword(form.getNewPassword()); loginService.updateUser(user); modelAndView.addObject("successMessage", "Password changed successfully !!!"); } else { result.addError(new ObjectError("currentPassword", "Current password is wrong")); } } else { result.addError(new ObjectError("newPassword", "New password doesn't match")); } } modelAndView.addObject("form", form); log.debug("Existing.........."); return modelAndView; }
/** * Change Password page load for staff * * @param tenantId * @param profileId * @return */ @RequestMapping(value = "/staffchangepassword", method = RequestMethod.GET) public ModelAndView changePassword( @RequestParam(value = "tenantid") String tenantId, @RequestParam(value = "profileid") String profileId) { log.debug("Entering...."); ChangePasswordForm form = new ChangePasswordForm(); ModelAndView modelAndView = new ModelAndView("staffchangepassword"); form.setTenantId(tenantId); form.setStaffProfileId(profileId); User user = loginService.getUserByProfileId(form.getTenantId(), form.getStaffProfileId()); if (user != null && user.getRole() != null) { Role role = user.getRole(); if (STAFF_ADMIN_ROLE.equals(role.getSecondary())) { modelAndView.addObject("role", STAFF_ADMIN_ROLE); } } modelAndView.addObject("form", form); log.debug("Existing.........."); return modelAndView; }