From ab3812c6442806597284828d1b5c104af8e51adf Mon Sep 17 00:00:00 2001
From: Aleksandr Sharaban <a.sharaban@aimprosoft.com>
Date: Thu, 9 Jun 2016 20:59:39 +0300
Subject: [PATCH] Email validation

---
 pom.xml                                            |  9 ++++++++-
 .../org/genesys2/server/service/UserService.java   |  2 +-
 .../server/service/impl/UserServiceImpl.java       | 14 ++++++++++++--
 .../servlet/controller/UserProfileController.java  | 14 ++++++++++++--
 .../servlet/controller/rest/UsersController.java   |  8 +++++++-
 src/main/webapp/WEB-INF/jsp/user/edit.jsp          |  3 +++
 6 files changed, 43 insertions(+), 7 deletions(-)

diff --git a/pom.xml b/pom.xml
index a3f10c75b..6a447a5b8 100644
--- a/pom.xml
+++ b/pom.xml
@@ -69,7 +69,8 @@
 		<commons.fileupload.version>1.2.2</commons.fileupload.version>
 		<commons.io.version>2.4</commons.io.version>
 		<commons.lang.version>2.6</commons.lang.version>
-		<commons.logging.version>1.1.1</commons.logging.version>
+		<commons.logging.version>1.2</commons.logging.version>
+		<commons.validator.version>1.4.0</commons.validator.version>
 
 		<jstl.version>1.2</jstl.version>
 		<servlet-api.version>2.5</servlet-api.version>
@@ -162,6 +163,12 @@
 			<version>1.10</version>
 		</dependency>
 
+		<dependency>
+			<groupId>commons-validator</groupId>
+			<artifactId>commons-validator</artifactId>
+			<version>${commons.validator.version}</version>
+		</dependency>
+
 		<!-- Logging dependencies -->
 		<dependency>
 			<groupId>org.slf4j</groupId>
diff --git a/src/main/java/org/genesys2/server/service/UserService.java b/src/main/java/org/genesys2/server/service/UserService.java
index 549774298..cae74993f 100644
--- a/src/main/java/org/genesys2/server/service/UserService.java
+++ b/src/main/java/org/genesys2/server/service/UserService.java
@@ -64,7 +64,7 @@ public interface UserService {
 	UserWrapper getWrappedById(long userId) throws UserException;
 
 	@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId")
-	User updateData(long userId, String name, String email);
+	User updateData(long userId, String name, String email) throws UserException;
 
 	User getSystemUser(String string);
 
diff --git a/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java b/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
index 4c9fde0ba..12674ff03 100644
--- a/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
+++ b/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
@@ -29,6 +29,7 @@ import org.apache.commons.collections4.ListUtils;
 import org.apache.commons.lang.StringUtils;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
+import org.apache.commons.validator.routines.EmailValidator;
 import org.genesys2.server.exception.NoUserFoundException;
 import org.genesys2.server.exception.NotUniqueUserException;
 import org.genesys2.server.exception.UserException;
@@ -75,6 +76,8 @@ public class UserServiceImpl implements UserService {
 
 	private final List<UserRole> availableRoles = ListUtils.unmodifiableList(Arrays.asList(UserRole.values()));
 
+	private EmailValidator emailValidator = EmailValidator.getInstance();
+
 	/**
 	 * Set number of milliseconds for user account lockout
 	 */
@@ -250,8 +253,15 @@ public class UserServiceImpl implements UserService {
 
 	@Override
 	@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId")
-	@Transactional(readOnly = false)
-	public User updateData(long userId, String name, String email) {
+	@Transactional(readOnly = false, rollbackFor = NotUniqueUserException.class)
+	public User updateData(long userId, String name, String email) throws UserException {
+		if (!emailValidator.isValid(email)) {
+			throw new UserException();
+		}
+		if (userPersistence.findByEmail(email) != null) {
+			throw new NotUniqueUserException(new Throwable(), email);
+		}
+
 		final User user = userPersistence.findOne(userId);
 		user.setName(name);
 		user.setEmail(email);
diff --git a/src/main/java/org/genesys2/server/servlet/controller/UserProfileController.java b/src/main/java/org/genesys2/server/servlet/controller/UserProfileController.java
index c677b8127..7fef5b5b5 100644
--- a/src/main/java/org/genesys2/server/servlet/controller/UserProfileController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/UserProfileController.java
@@ -19,6 +19,7 @@ package org.genesys2.server.servlet.controller;
 import java.util.List;
 
 import org.apache.commons.lang.StringUtils;
+import org.genesys2.server.exception.NotUniqueUserException;
 import org.genesys2.server.exception.UserException;
 import org.genesys2.server.model.impl.User;
 import org.genesys2.server.service.EMailVerificationService;
@@ -36,6 +37,7 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 
 @Controller
 @RequestMapping("/profile")
@@ -163,13 +165,21 @@ public class UserProfileController extends BaseController {
 	@RequestMapping(value = "/{uuid:.+}/update", method = { RequestMethod.POST })
 	@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
 	public String update(ModelMap model, @PathVariable("uuid") String uuid, @RequestParam("name") String name, @RequestParam("email") String email,
-			@RequestParam("pwd1") String pwd1, @RequestParam("pwd2") String pwd2) {
+			@RequestParam("pwd1") String pwd1, @RequestParam("pwd2") String pwd2, RedirectAttributes redirectAttributes) {
 		final User user = userService.getUserByUuid(uuid);
 		if (user == null) {
 			throw new ResourceNotFoundException();
 		}
 
-		userService.updateData(user.getId(), name, email);
+		try {
+			userService.updateData(user.getId(), name, email);
+		} catch (NotUniqueUserException e) {
+			redirectAttributes.addFlashAttribute("emailError", "User with e-mail address " + e.getEmail() + " already exists");
+			return "redirect:/profile/" + user.getUuid() + "/edit";
+		} catch (UserException e) {
+			redirectAttributes.addFlashAttribute("emailError", "E-mail address is incorrect");
+			return "redirect:/profile/" + user.getUuid() + "/edit";
+		}
 
 		if (StringUtils.isNotBlank(pwd1)) {
 			if (pwd1.equals(pwd2)) {
diff --git a/src/main/java/org/genesys2/server/servlet/controller/rest/UsersController.java b/src/main/java/org/genesys2/server/servlet/controller/rest/UsersController.java
index 58a6eb4fb..5e39bac30 100644
--- a/src/main/java/org/genesys2/server/servlet/controller/rest/UsersController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/rest/UsersController.java
@@ -115,7 +115,13 @@ public class UsersController extends RestController {
             throw new ResourceNotFoundException();
         }
 
-        userService.updateData(user.getId(), userData.getName(), userData.getEmail());
+        try {
+            userService.updateData(user.getId(), userData.getName(), userData.getEmail());
+        } catch (NotUniqueUserException e) {
+            LOG.warn("User with e-mail address " + e.getEmail() + " already exists");
+        } catch (UserException e) {
+            LOG.warn("E-mail address is incorrect");
+        }
 
         if (StringUtils.isNotBlank(userData.getPwd1())) {
             if (userData.getPwd1().equals(userData.getPwd2())) {
diff --git a/src/main/webapp/WEB-INF/jsp/user/edit.jsp b/src/main/webapp/WEB-INF/jsp/user/edit.jsp
index cf3acf846..e2065ad32 100644
--- a/src/main/webapp/WEB-INF/jsp/user/edit.jsp
+++ b/src/main/webapp/WEB-INF/jsp/user/edit.jsp
@@ -12,6 +12,9 @@
 		<spring:message code="userprofile.update.title" />
 	</h1>
 
+	<c:if test="${not empty emailError}">
+		<div class="alert alert-danger">${emailError}</div>
+	</c:if>
 	<form role="form" class="form-horizontal validate" action="<c:url value="/profile/${user.uuid}/update" />" method="post">
 		<div class="form-group">
 			<label for="name" class="col-lg-2 control-label"><spring:message code="registration.full-name" /></label>
-- 
GitLab