@Override
public void onChangePassword(
GwtConversation conversation, String oldPassword, String newPassword) {
User user = conversation.getSession().getUser();
if (!user.matchesPassword(oldPassword)) throw new WrongPasswordException();
user.setPassword(newPassword);
log.info("password changed by", user);
}
@Override
public void onResetPassword(GwtConversation conversation, String userId) {
if (!conversation.getSession().getUser().isAdmin()) throw new PermissionDeniedException();
User user = userDao.getById(userId);
if (webApplication.getSystemConfig().isSmtpServerSet() && user.isEmailSet()) {
user.triggerPasswordReset();
} else {
user.setPassword(webApplication.getSystemConfig().getDefaultUserPassword());
}
}
