前台:
<title>modify approver Password</title>
<script type="text/javascript">
$(document).ready(function(){
var oldPass = $("#oldPassword");
var pass = $("#password");
var rePass = $("#rePassword");
$("#content").hide("slow");
//检查要提交的修改密码表单
$("#passForm").submit(function() {
//flag用于判断是否提交表单
var flag = false;
if(oldPass.val() == '') {
alert("请输入您的原始密码!");
oldPass[0].focus();
return false;
}else if(rePass.val() != pass.val()){
$("#content").show("slow");
rePass[0].focus();
return false;
}else if(rePass.val() == '' || pass.val() == ''){
alert("请输入您的新密码!");
return false;
}else{
$.ajax({
type : 'GET',
contentType : 'application/json',
url : '${ctx}/approverPassword/checkPassword.do',
data: 'oldPass=' + oldPass.val(),
dataType : 'text',
//同步
async : false,
success : function(data) {
if("false" == data) {
alert("原始密码输入错误!");
oldPass.val('');
oldPass[0].focus();
flag = false;
}else if("true" == data) {
flag = true;
}
},
error : function() {
alert("修改密码错误,请重新输入");
flag = false;
}
});
}
/* if(flag) {
alert("密码修改成功,请您重新登录!");
} */
return flag;
});
});
</script>
</head>
<body>
modify approver password.<br/>
<form action="${ctx}/approverPassword/modifyUserPassword.do" id="passForm" name="passForm" method="post">
<table>
<tr><td><input type="hidden" id="userId" name="userId" value="${user.id }"> </td></tr>
<tr>
<td>原始密码:</td>
<td><input type="text" id="oldPassword" name="oldPassword" maxlength="20"/> </td>
</tr>
<tr>
<td>新密码:</td>
<td><input type="password" id="password" name="password" maxlength="20"/></td>
</tr>
<tr>
<td>再次输入新密码:</td>
<td>
<input type="password" id="rePassword" name="rePassword" maxlength="20" />
<span id="content" style="font-size: 12px; color:red;">两次输入的密码不一样</span>
</td>
</tr>
<tr>
<td><input type="submit" id="submit" name="submit" value="submit"/></td>
<td><input type="button" id="cancel" name="cancel" value="cancel"/></td>
</tr>
</table>
</form>
</body>后台:
/**
* check User password
* @param request
* @param response
* @return ModelAndView
*/
@RequestMapping(value="/userPassword/checkPassword", method={RequestMethod.GET, RequestMethod.POST})
@ResponseBody
public String checkPassword(@RequestParam("oldPass") String oldPass) {
String flag1 = "false";
//取得当前用户的密码
long id = SecurityUtil.getUserSession().getId();
User user = userService.findById(id);
String password = user.getPassword();
//从界面接收的旧密码
String oldPassword = Md5.createMD5Password(oldPass);
//两个密码进行比较
if(oldPassword.equals(password)) {
flag1 = "true";
}else{
flag1 = "false";
}
return flag1;
}/**
* modify user password
* @return ModelAndView
*/
@RequestMapping(value="/userPassword/modifyUserPassword", method={RequestMethod.GET, RequestMethod.POST})
public ModelAndView modifyUserPassword(HttpServletRequest request, HttpServletResponse response) {
ModelAndView mv = new ModelAndView("redirect:/login/goIndexPage.do");
ModelAndView mv1 = new ModelAndView("passwordError");
//获取参数
String oldPass = request.getParameter("oldPassword");
long id = Long.valueOf(request.getParameter("userId"));
String password = request.getParameter("rePassword");
//对String类型的密码进行Md5加密
String Md5Password = Md5.createMD5Password(password);
//得到要修改的实体
User user = userService.findById(id);
//根据user实体user1在表user_access_role表中查找一个UserAccessRole实体 1(user):1(accessRole)
List<UserAccessRole> list = this.userAccessRoleService.getAccessRoleId("user", user);
//从list<UserAccessRole>取出实体accessRole
AccessRole accessRole = list.get(0).getAccessRole();
//得到实体accessRole的角色名name id
String roleName = accessRole.getName();
long roleId = accessRole.getId();
user.setPassword(Md5Password);
//判断权限
if(roleId == userAccessRoleService.USER_ACCESS_ROLE_ID && "true".equals(this.checkPassword(oldPass))) {
//1.修改pccw_iaas表中的userPassword
userService.merge(user);
//2.修改cloud表中的userPassword
cloudStackUserService.modifyCloudStackUserPassword(user.getCloudUserId(), user.getUserName(), Md5Password);
return mv;
}else {
return mv1;
}
}