@Test
public void activationTest() {
User user = getUser(UserRole.ROLE_ORG_USER, UserRole.ROLE_GROUP_USER);
user = userService.getByEmail(user.getEmail());
assertFalse(user.isActivated());
boolean activated = userService.activate(user.getId(), user.getActivationCode());
assertTrue(activated);
assertTrue(user.isActivated());
}
@Override
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
throws IOException {
HttpSession session = request.getSession();
boolean redirect = false;
if (session != null) {
SecurityContext context = (SecurityContext) session.getAttribute("SPRING_SECURITY_CONTEXT");
if (context != null) {
if (context.getAuthentication() != null
&& context.getAuthentication().getPrincipal() != null
&& context.getAuthentication().getPrincipal() instanceof User) {
User user = userService.getUserFromSecurityContext();
String servletPath = request.getServletPath();
if (!servletPath.startsWith("/auth")
&& !servletPath.startsWith("/resources")
&& user != null) {
boolean skipValidation = false;
if (user.isPasswordExpired()
&& !servletPath.startsWith("/profile/changePassword")
&& !servletPath.startsWith("/auth/forgotPassword")) {
response.sendRedirect(request.getContextPath() + "/profile/changePassword");
skipValidation = true;
redirect = true;
} else if (user.isPasswordExpired()
&& (servletPath.startsWith("/profile/changePassword")
|| servletPath.startsWith("/auth/forgotPassword"))) {
skipValidation = true;
}
if (!user.isActivated() && !servletPath.startsWith("/activate") && !skipValidation) {
response.sendRedirect(request.getContextPath() + "/activate");
redirect = true;
}
}
}
}
}
// We do not want the healthcheck to ever populate the WebRequest object
if (request != null
&& !StringUtils.startsWithIgnoreCase(request.getServletPath(), "/healthcheck")) {
String serverName;
// If ApplicationDomain is set on the properties then use that as the server name, else use
// what came off the request
if (StringUtils.hasText(applicationDomain)
&& !("${" + SystemProperties.APPLICATION_DOMAIN + "}")
.equalsIgnoreCase(applicationDomain)) {
serverName = applicationDomain;
} else {
serverName = request.getServerName();
}
WebRequest.getInstance(
request.getScheme(), serverName, request.getServerPort(), request.getContextPath());
}
if (redirect) {
return false;
}
return true;
}