@Transactional public String save() { LOGGER.info("save called"); // FIXME: this is the way to deal with faces messages, performance wise // that is final FacesMessages facesMessages = FacesMessages.instance(); // only persist if all data are correct and valid final boolean old = ((oldPasswd != null) && (oldPasswd.trim().length() > 0)); final boolean new1 = ((passwd != null) && (passwd.trim().length() > 0)); final boolean new2 = ((passwdConfirm != null) && (passwdConfirm.trim().length() > 0)); if (old && new1 && new2) { LOGGER.debug("we have three new passwds"); if (CustomHash.instance().checkPassword(oldPasswd, charmsUser)) { LOGGER.debug("old passwd check is ok"); if (passwd.equals(passwdConfirm)) { LOGGER.debug("new paswords are identical"); // everything is ok facesMessages.addFromResourceBundle("page.user.properties.changed"); charmsUser.setPasswd( CustomHash.instance().generateSaltedHash(passwd, charmsUser.getName())); return merge(); } else { LOGGER.debug("new paswords are NOT identical"); // new passwords dont match facesMessages.addFromResourceBundle( Severity.ERROR, "page.user.properties.confirmWrong", passwdConfirm); return "invalid"; } } else { LOGGER.debug("old passwd wrong, checkPassword failed"); // old passwd wrong facesMessages.addFromResourceBundle( Severity.ERROR, "page.user.properties.oldPasswdWrong", oldPasswd); return "invalid"; } } else if (!old && !new1 && !new2) { LOGGER.debug("all passwds are empty"); // no passwd filled out, now changes to do // set the view properties facesMessages.addFromResourceBundle("page.user.properties.changed"); return merge(); } else { LOGGER.debug("not all passwords are empty, but nt all passwords are filled out"); // at least one of the passwds is missing if (!old) { facesMessages.addFromResourceBundle( Severity.ERROR, "page.user.properties.oldPasswdMissing", oldPasswd); } if (!new1) { facesMessages.addFromResourceBundle( Severity.ERROR, "page.user.properties.newPasswdMissing", passwd); } if (!new2) { facesMessages.addFromResourceBundle( Severity.ERROR, "page.user.properties.confirmPasswdMissing", passwdConfirm); } return "invalid"; } }