# Copyright (c) 2003-2007 bivio Software, Inc.  All Rights Reserved.
#
# Visit http://www.bivio.biz for more info.
# 
# This library is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as
# published by the Free Software Foundation; either version 2.1 of the
# License, or (at your option) any later version.
# 
# This library is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
# Lesser General Public License for more details.
# 
# You should have received a copy of the GNU Lesser General Public
# License along with this library;  If not, you may get a copy from:
# http://www.opensource.org/licenses/lgpl-license.html
# 
# $Id: UserPasswordForm.pm,v 2.11 2008/08/15 04:09:28 nagler Exp $
package Bivio::Biz::Model::UserPasswordForm;
use strict;
use Bivio::Base 'Bivio::Biz::FormModel';

our($VERSION) = sprintf('%d.%02d', q$Revision: 2.11 $ =~ /\d+/g);

sub PASSWORD_FIELD_LIST {
    return qw(new_password old_password confirm_new_password);
}

sub execute_ok {
    my($self) = @_;
    # Updates the password in the database and the cookie.
    my($req) = $self->get_request;
    $self->get_instance('UserLoginForm')->execute($req, {
	realm_owner => $req->get_nested(qw(auth_realm owner))
	    ->update_password($self->get('new_password')),
    });
    return;
}

sub internal_initialize {
    my($self) = @_;
    # Return config.
    return $self->merge_initialize_info($self->SUPER::internal_initialize, {
        version => 1,
	require_context => 1,
	$self->field_decl(
	    visible => [
		[old_password => undef, 'NONE'],
		qw(new_password confirm_new_password),
	    ],
	    hidden => [
		[qw(display_old_password  Boolean)],
		[query_password => undef, 'NONE'],
	    ],
	    'Password', 'NOT_NULL',
	),
    });
}

sub internal_pre_execute {
    my($self, $method) = @_;
    # Sets the 'display_old_password' field based on if the user is the
    # super user.
    my($req) = $self->get_request;
    my($qp) = $req->unsafe_get_nested(qw(Action.UserPasswordQuery password));
    $self->internal_put_field(query_password => $qp)
	if $qp;
    $self->internal_put_field(old_password => $qp)
	if $qp ||= $self->unsafe_get('query_password');
    $self->internal_put_field(
	display_old_password => $qp || $req->is_substitute_user ? 0 : 1);
    return;
}

sub internal_validate_new {
    return;
}

sub internal_validate_old {
    my($self) = @_;
    return $self->internal_put_error(qw(old_password PASSWORD_MISMATCH))
	unless $self->use('Type.Password')->is_equal(
	    $self->req(qw(auth_realm owner password)),
	    $self->get('old_password'),
    );
    return 1;
}

sub validate {
    my($self) = @_;
    return if $self->in_error;
    unless ($self->req->is_substitute_user) {
	return
	    unless $self->validate_not_null('old_password')
	    && $self->internal_validate_old;
    }
    return $self->internal_put_error(qw(confirm_new_password CONFIRM_PASSWORD))
        unless $self->get('new_password') eq $self->get('confirm_new_password');
    $self->internal_validate_new;
    return;
}

1;