Bug #13873

Fix the bug by specifying the id of the sender as system (id -1), so the
email and same properties will be fetched from the
org/silverpeas/notificationserver/channel/smtp/smtpSettings.properties
configuration file.

Author: mmoqui

core-library/src/main/java/org/silverpeas/core/admin/user/UserRegistrationServiceLegacy.java

@@ -189,7 +189,7 @@ private void sendCredentialsToUser(UserFull user, String password, String silver
       template.setAttribute("url", url.toString());
       templates.put(DisplayI18NHelper.getDefaultLanguage(), template);
       notifMetaData.addLanguage(DisplayI18NHelper.getDefaultLanguage(), subject, "");
-      notifMetaData.setSender("0");
+      notifMetaData.setSender(UserDetail.SYSTEM_USER_ID);
       notifMetaData.addUserRecipients(new UserRecipient(user.getId()));
 
       notifyUser(notifMetaData);

core-library/src/main/java/org/silverpeas/core/util/MailSettings.java

@@ -31,7 +31,8 @@
 import javax.mail.internet.AddressException;
 import javax.mail.internet.InternetAddress;
 import java.io.UnsupportedEncodingException;
-import java.util.*;
+import java.util.HashSet;
+import java.util.Set;
 
 /**
  * @author ehugonnet
@@ -46,36 +47,16 @@ public class MailSettings {
   private static final String SMTP_DEBUG = "SMTPDebug";
   private static final String SMTP_SECURE = "SMTPSecure";
 
-  private static final String mailhost;
-  private static final boolean authenticated;
-  private static final boolean secure;
-  private static final boolean debug;
-  private static final int port;
-  private static final String login;
-  private static final String password;
-  private static final String notificationAddress;
-  private static final String notificationPersonalName;
-  private static final boolean forceReplyToSenderField;
   private static Set<String> domains;
   public static final SettingBundle configuration = ResourceLocator.getSettingBundle(
       "org.silverpeas.notificationserver.channel.smtp.smtpSettings");
 
   static {
-    mailhost = configuration.getString(SMTP_SERVER);
-    authenticated = configuration.getBoolean(SMTP_AUTH, false);
-    port = configuration.getInteger(SMTP_PORT, 25);
-    login = configuration.getString(SMTP_LOGIN);
-    password = configuration.getString(SMTP_PASSWORD);
-    debug = configuration.getBoolean(SMTP_DEBUG, false);
-    secure = configuration.getBoolean(SMTP_SECURE, false);
-    notificationAddress = configuration.getString("NotificationAddress");
-    notificationPersonalName = configuration.getString("NotificationPersonalName");
-    forceReplyToSenderField = configuration.getBoolean("ForceReplyToSenderField", false);
     reloadConfiguration(configuration.getString("AuthorizedDomains", ""));
   }
 
   public static boolean isForceReplyToSenderField() {
-    return forceReplyToSenderField;
+    return configuration.getBoolean("ForceReplyToSenderField", false);
   }
 
   /**
@@ -115,7 +96,8 @@ public static synchronized InternetAddress getAuthorizedEmailAddress(String pFro
     // - If email is authorized (senderAddress.equals(pFrom)), use it as it (personalName)
     // - If email is not authorized (!senderAddress.equals(pFrom)), use default one and default
     //   personal name too (notificationPersonalName)
-    String personal = senderAddress.equals(pFrom) ? personalName : notificationPersonalName;
+    String personal = senderAddress.equals(pFrom) ? personalName :
+        configuration.getString("NotificationPersonalName");
     if (StringUtil.isDefined(personal)) {
       address.setPersonal(personal, Charsets.UTF_8.name());
     }
@@ -126,35 +108,35 @@ public static synchronized String getAuthorizedEmail(String email) {
     if (isDomainAuthorized(email)) {
       return email;
     }
-    return notificationAddress;
+    return configuration.getString("NotificationAddress");
   }
 
   public static String getMailServer() {
-    return mailhost;
+    return configuration.getString(SMTP_SERVER);
   }
 
   public static boolean isAuthenticated() {
-    return authenticated;
+    return configuration.getBoolean(SMTP_AUTH, false);
   }
 
   public static boolean isDebug() {
-    return debug;
+    return configuration.getBoolean(SMTP_DEBUG, false);
   }
 
   public static String getLogin() {
-    return login;
+    return configuration.getString(SMTP_LOGIN);
   }
 
   public static String getPassword() {
-    return password;
+    return configuration.getString(SMTP_PASSWORD);
   }
 
   public static int getPort() {
-    return port;
+    return configuration.getInteger(SMTP_PORT, 25);
   }
 
   public static boolean isSecure() {
-    return secure;
+    return configuration.getBoolean(SMTP_SECURE, false);
   }
 
   private MailSettings() {

core-library/src/test/java/org/silverpeas/core/util/MailSettingsTest.java

@@ -23,31 +23,31 @@
  */
 package org.silverpeas.core.util;
 
-import org.junit.jupiter.api.Test;
 import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.Test;
 import org.silverpeas.kernel.test.UnitTest;
 
 import javax.mail.internet.InternetAddress;
 
-import static org.hamcrest.Matchers.is;
 import static org.hamcrest.MatcherAssert.assertThat;
+import static org.hamcrest.Matchers.is;
 
 /**
  * @author ehugonnet
  */
 @UnitTest
-public class MailSettingsTest {
+class MailSettingsTest {
 
   @AfterEach
-  public void tearDown() {
+  void tearDown() {
     MailSettings.reloadConfiguration(null);
   }
 
   /**
    * Test of isDomainAuthorized method, of class MailSettings.
    */
   @Test
-  public void testIsDomainAuthorized() {
+  void testIsDomainAuthorized() {
     String email = "toto@silverpeas.com";
     boolean result = MailSettings.isDomainAuthorized(email);
     assertThat(result, is(true));
@@ -63,7 +63,7 @@ public void testIsDomainAuthorized() {
    * Test of getAuthorizedEmail method, of class MailSettings.
    */
   @Test
-  public void testGetAuthorizedEmail() {
+  void testGetAuthorizedEmail() {
     MailSettings.reloadConfiguration("Silverpeas.COM,silverpeas.org");
     String authorizedEmail = "toto@silverpeas.com";
     String result = MailSettings.getAuthorizedEmail(authorizedEmail);
@@ -77,7 +77,7 @@ public void testGetAuthorizedEmail() {
    * Test of getAuthorizedEmail method, of class MailSettings.
    */
   @Test
-  public void testGetAuthorizedEmailWithNoDomain() {
+  void testGetAuthorizedEmailWithNoDomain() {
     MailSettings.reloadConfiguration(null);
     String authorizedEmail = "toto@silverpeas.com";
     String result = MailSettings.getAuthorizedEmail(authorizedEmail);
@@ -89,7 +89,7 @@ public void testGetAuthorizedEmailWithNoDomain() {
   }
 
   @Test
-  public void testGetAuthorizedEmailAddress() throws Exception {
+  void testGetAuthorizedEmailAddress() throws Exception {
     MailSettings.reloadConfiguration("Silverpeas.COM,silverpeas.org");
     String authorizedEmail = "toto@silverpeas.com";
     InternetAddress result = MailSettings.getAuthorizedEmailAddress(authorizedEmail, "Toto");

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/ChangeExpiredPasswordHandler.java

@@ -25,8 +25,6 @@
 
 import org.silverpeas.core.annotation.Service;
 import org.silverpeas.core.security.authentication.AuthenticationCredential;
-import org.silverpeas.core.security.authentication.AuthenticationService;
-import org.silverpeas.core.security.authentication.AuthenticationServiceProvider;
 import org.silverpeas.core.security.authentication.exception.AuthenticationException;
 import org.silverpeas.kernel.bundle.ResourceLocator;
 import org.silverpeas.kernel.bundle.SettingBundle;

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/ChangePasswordFunctionHandler.java

@@ -23,6 +23,7 @@
  */
 package org.silverpeas.core.web.authentication.credentials;
 
+import org.silverpeas.core.admin.service.AdminException;
 import org.silverpeas.core.admin.user.model.User;
 import org.silverpeas.core.admin.user.model.UserDetail;
 import org.silverpeas.core.security.authentication.AuthenticationCredential;
@@ -33,6 +34,7 @@
 
 import javax.inject.Inject;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpSession;
 
 /**
  * User: Yohann Chastagnier Date: 06/02/13
@@ -42,6 +44,19 @@ public abstract class ChangePasswordFunctionHandler extends ChangeCredentialFunc
   @Inject
   private AuthenticationService authenticator;
 
+  /**
+   * Gets the current user behind the incoming HTTP request.
+   * @param request the HTTP request
+   * @return the requester.
+   * @throws AdminException if the user behind the HTTP request cannot be identified.
+   */
+  protected UserDetail getRequester(HttpServletRequest request) throws AdminException {
+    HttpSession session = request.getSession(true);
+    String key = (String) session.getAttribute("svplogin_Key");
+    String userId = getAdminService().identify(key, session.getId(), false, false);
+    return getAdminService().getUserDetail(userId);
+  }
+
   /**
    * Handle bad credential error.
    *
@@ -91,6 +106,7 @@ protected void assertPasswordHasBeenCorrectlyChecked(String checkId, String pass
 
   /**
    * Changes the password of the specified user with the new one passed in the given request.
+   *
    * @param request the incoming HTTP request with the new password.
    * @param user the user requesting the password modification.
    * @return the new password of the user.

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/ChangePasswordHandler.java

@@ -25,8 +25,6 @@
 
 import org.silverpeas.core.annotation.Service;
 import org.silverpeas.core.security.authentication.AuthenticationCredential;
-import org.silverpeas.core.security.authentication.AuthenticationService;
-import org.silverpeas.core.security.authentication.AuthenticationServiceProvider;
 import org.silverpeas.kernel.logging.SilverLogger;
 
 import javax.servlet.http.HttpServletRequest;

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/EffectiveChangePasswordBeforeExpirationHandler.java

@@ -25,15 +25,12 @@
 
 import org.silverpeas.core.admin.user.model.UserDetail;
 import org.silverpeas.core.annotation.Service;
-import org.silverpeas.core.security.authentication.AuthenticationCredential;
-import org.silverpeas.core.security.authentication.AuthenticationService;
-import org.silverpeas.core.security.authentication.AuthenticationServiceProvider;
 import org.silverpeas.core.security.authentication.exception.AuthenticationException;
+import org.silverpeas.core.web.mvc.controller.MainSessionController;
+import org.silverpeas.core.web.util.viewgenerator.html.GraphicElementFactory;
 import org.silverpeas.kernel.bundle.ResourceLocator;
 import org.silverpeas.kernel.bundle.SettingBundle;
 import org.silverpeas.kernel.logging.SilverLogger;
-import org.silverpeas.core.web.mvc.controller.MainSessionController;
-import org.silverpeas.core.web.util.viewgenerator.html.GraphicElementFactory;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/EffectiveChangePasswordFromLoginHandler.java

@@ -25,13 +25,11 @@
 
 import org.silverpeas.core.annotation.Service;
 import org.silverpeas.core.security.authentication.AuthenticationCredential;
-import org.silverpeas.core.security.authentication.AuthenticationService;
-import org.silverpeas.core.security.authentication.AuthenticationServiceProvider;
 import org.silverpeas.core.security.authentication.exception.AuthenticationException;
 import org.silverpeas.kernel.bundle.ResourceLocator;
 import org.silverpeas.kernel.bundle.SettingBundle;
-import org.silverpeas.kernel.util.StringUtil;
 import org.silverpeas.kernel.logging.SilverLogger;
+import org.silverpeas.kernel.util.StringUtil;
 
 import javax.servlet.http.HttpServletRequest;
 

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/EffectiveChangePasswordHandler.java

@@ -31,7 +31,6 @@
 
 import javax.inject.Inject;
 import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
 
 /**
  * Navigation case : user has committed change password form.
@@ -51,11 +50,8 @@ public String getFunction() {
 
   @Override
   public String doAction(HttpServletRequest request) {
-    HttpSession session = request.getSession(true);
-    String key = (String) session.getAttribute("svplogin_Key");
     try {
-      String userId = getAdminService().identify(key, session.getId(), false, false);
-      UserDetail ud = getAdminService().getUserDetail(userId);
+      UserDetail ud = getRequester(request);
       return doPasswordChange(request, ud);
     } catch (AdminException e) {
       SilverLogger.getLogger(this).error(e);

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/ForcePasswordChangeHandler.java

@@ -29,14 +29,13 @@
 import org.silverpeas.kernel.logging.SilverLogger;
 
 import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpSession;
 
 /**
  * Navigation case : force user to change his password.
  * @author ehugonnet
  */
 @Service
-public class ForcePasswordChangeHandler extends CredentialsFunctionHandler {
+public class ForcePasswordChangeHandler extends ChangePasswordFunctionHandler {
 
   @Override
   public String getFunction() {
@@ -45,16 +44,12 @@ public String getFunction() {
 
   @Override
   public String doAction(HttpServletRequest request) {
-    HttpSession session = request.getSession(true);
-    String key = (String) session.getAttribute("svplogin_Key");
     try {
-      String userId = getAdminService().identify(key, session.getId(), false, false);
-      UserDetail ud = getAdminService().getUserDetail(userId);
+      UserDetail ud = getRequester(request);
       request.setAttribute("userDetail", ud);
       return getGeneral().getString("userLoginForcePasswordChangePage");
     } catch (AdminException e) {
-      SilverLogger.getLogger(this)
-          .error("force change password error with key {0}", new String[]{key}, e);
+      SilverLogger.getLogger(this).error("force change password error", e);
       return "/Login?ErrorCode=2";
     }
   }

core-web/src/main/java/org/silverpeas/core/web/authentication/credentials/ResetPasswordHandler.java

@@ -28,7 +28,6 @@
 import org.silverpeas.core.annotation.Service;
 import org.silverpeas.core.security.authentication.AuthenticationCredential;
 import org.silverpeas.core.security.authentication.AuthenticationService;
-import org.silverpeas.core.security.authentication.AuthenticationServiceProvider;
 import org.silverpeas.core.security.authentication.exception.AuthenticationException;
 import org.silverpeas.core.security.authentication.password.ForgottenPasswordException;
 import org.silverpeas.core.security.authentication.password.ForgottenPasswordMailParameters;