@Override
@Transactional(readOnly = false)
public CommandProcessingResult updatePassword(Long userId, final JsonCommand command) {
User user = this.userRepository.findOne(userId);
if (user == null) {
throw new ResourceNotFoundException(
"error.entity.user.not.found", "User with id " + userId + " not found", userId);
}
if (this.context.authenticatedUser().isPublicUser()
|| command.parameterExists(OldPasswordParamName)) {
// validate old password
String oldPassword = command.stringValueOfParameterNamed(OldPasswordParamName);
if (!user.getPassword().equals(this.applicationPasswordEncoder.encode(oldPassword, user))) {
throw new GeneralPlatformRuleException(
"error.old.password.invalid", "Old Password is Incorrect");
}
}
user.updatePasswordFromCommand(command);
generateKeyUsedForPasswordSalting(user);
final String encodePassword = this.applicationPasswordEncoder.encode(user);
user.updatePassword(encodePassword);
this.userRepository.saveAndFlush(user);
return new CommandProcessingResultBuilder().withResourceIdAsString(user.getId()).build();
}
