-
Bug
-
Resolution: Fixed
-
Neutral
-
None
-
None
The PUR contains a 'password reset' functionality. If you attempt to reset your password with a non-existing username the user gets a very ugly generic error message and a stack trace is logged.
The problem is in the error handling in the PasswordProcessor class in the PUR module. The problem is that the 'internalProcess' method catches the the FormProcessorFailedException for no reason and passes it on as a runtime exception.. The worst thing is that the internalProcess method is overridden but that the 'throws FormProcessorFailedException' was removed. This makes it impossible to subclass this method if you still want to throw this exception.
Here is my workaround:
package nl.info.researchant.magnolia.publicuserregistration.processors; import info.magnolia.cms.security.User; import info.magnolia.cms.security.UserManager; import info.magnolia.i18nsystem.SimpleTranslator; import info.magnolia.module.ModuleRegistry; import info.magnolia.module.form.processors.FormProcessorFailedException; import info.magnolia.module.publicuserregistration.PasswordRetrievalStrategy; import info.magnolia.module.publicuserregistration.PublicUserRegistrationConfig; import info.magnolia.module.publicuserregistration.processors.AbstractPURProcessor; import javax.inject.Inject; import javax.jcr.Node; import java.util.Map; /** * Replacement of the default PUR {@link info.magnolia.module.publicuserregistration.processors.PasswordProcessor} with * improved error handling. * * See: https://jira.info.nl/browse/TOKUE-404 */ public class ResearchAntPasswordProcessor extends AbstractPURProcessor { @Inject private SimpleTranslator i18n; @Inject public ResearchAntPasswordProcessor(ModuleRegistry moduleRegistry) { super(moduleRegistry); } @Override protected void internalProcess(Node content, Map<String, Object> parameters) throws FormProcessorFailedException { final String username = (String) parameters.get("username"); final PublicUserRegistrationConfig config = getModuleConfig(); final PasswordRetrievalStrategy passwordRetrievalStrategy = config.getConfiguration().getPasswordRetrievalStrategy(); final UserManager userManager = getUserManager(config); final User user = userManager.getUser(username); if (user == null) { throw new FormProcessorFailedException(i18n.translate("pur.passwordprocessor.user.does.not.exist")); } passwordRetrievalStrategy.retrievePassword(user); updateContext(user); } }
- is duplicated by
-
MGNLPUR-140 Invalid username in Password Reset Form results into Internal error
- Closed
- relates to
-
MGNLPUR-67 Password Reminder form displays ambiguous error message when a username can't be found
- Closed