diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/dto/AccountToAccountDTO.java b/aconnect/src/main/java/com/mfsys/aconnect/client/dto/AccountToAccountDTO.java index d6049e9..be3fd19 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/dto/AccountToAccountDTO.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/dto/AccountToAccountDTO.java @@ -16,6 +16,7 @@ public class AccountToAccountDTO { private String plcLocacode; private String porOrgacode; private String ppmPymdcode; + private String ptrTrancode; private String sgtGntrcreateusr; private String sgtGntrnarration; private LocalDate sgtGntrvaluedate; diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/dto/GlToAccountDTO.java b/aconnect/src/main/java/com/mfsys/aconnect/client/dto/GlToAccountDTO.java index 2d63607..2bfe1e4 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/dto/GlToAccountDTO.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/dto/GlToAccountDTO.java @@ -17,6 +17,7 @@ public class GlToAccountDTO { private String plcLocacode; private String porOrgacode; private String ppmPymdcode; + private String ptrTrancode; private String sgtGntrcreateusr; private String sgtGntrnarration; private LocalDate sgtGntrvaluedate; diff --git a/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionLogService.java b/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionLogService.java index 43d9b84..cd22545 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionLogService.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/client/service/TransactionLogService.java @@ -93,7 +93,7 @@ public class TransactionLogService { transactionLog.setUpdatedAt(LocalDateTime.now()); transactionLog.setSgtGntrdate(accountToAccountDTO.getSgtGntrvaluedate()); transactionLog.setTransactionUri(URI); - transactionLog.setTransactionCode(""); + transactionLog.setTransactionCode(accountToAccountDTO.getPtrTrancode()); return transactionLogRepository.save(transactionLog); } @@ -105,14 +105,12 @@ public class TransactionLogService { transactionLog.setCrMbmbkmsnumber(glToAccountDTO.getCreditAcc().getMbmBkmsnumber()); transactionLog.setDrMbmbkmsnumber(""); transactionLog.setCrPcaglacode(""); - transactionLog.setDrPcaGlacode(""); - transactionLog.setPpmPymdcode(glToAccountDTO.getPpmPymdcode()); transactionLog.setSgtGntrdate(glToAccountDTO.getSgtGntrvaluedate()); transactionLog.setCreatedAt(LocalDateTime.now()); transactionLog.setUpdatedAt(LocalDateTime.now()); transactionLog.setSgtGntrdate(glToAccountDTO.getSgtGntrvaluedate()); transactionLog.setTransactionUri(URI); - transactionLog.setTransactionCode(""); + transactionLog.setTransactionCode(glToAccountDTO.getPtrTrancode()); return transactionLogRepository.save(transactionLog); } } diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/exceptions/NewPasswordException.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/exceptions/NewPasswordException.java new file mode 100644 index 0000000..483449a --- /dev/null +++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/exceptions/NewPasswordException.java @@ -0,0 +1,10 @@ +package com.mfsys.aconnect.usermanagement.exceptions; + +import com.mfsys.common.configuration.constant.ERRCode; +import com.mfsys.common.configuration.exception.ApplicationException; + +public class NewPasswordException extends ApplicationException { + public NewPasswordException(String porOrgacode) { + super(porOrgacode, ERRCode.NEW_PASSWORD); + } +} \ No newline at end of file diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java index e1d2643..4778849 100644 --- a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java +++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java @@ -3,6 +3,7 @@ package com.mfsys.aconnect.usermanagement.service; import com.mfsys.aconnect.security.dto.ChangePasswordDTO; import com.mfsys.aconnect.security.dto.ResetPasswordDTO; import com.mfsys.aconnect.usermanagement.exceptions.EmailAlreadyExistException; +import com.mfsys.aconnect.usermanagement.exceptions.NewPasswordException; import com.mfsys.aconnect.usermanagement.exceptions.OldPasswordNotMatch; import com.mfsys.aconnect.usermanagement.exceptions.UsernameAlreadyExistException; import com.mfsys.aconnect.usermanagement.model.Role; @@ -55,9 +56,8 @@ public class UserService { User user = userRepository.findById(request.getUserId()) .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + request.getUserId())); - boolean isPasswordValid = PasswordEncryptionService.verifyPassword(request.getOldPassword(), user.getPassword()); - if(!isPasswordValid) { - throw new OldPasswordNotMatch(request.getPorOrgacode()); + if (passwordEncryptionService.matches(request.getNewPassword(), user.getPassword())) { + throw new NewPasswordException(request.getPorOrgacode()); } user.setPassword(passwordEncryptionService.hashPassword(request.getNewPassword())); userRepository.save(user); @@ -69,10 +69,9 @@ public class UserService { User user = userRepository.findById(request.getUserId()) .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + request.getUserId())); - boolean isPasswordValid = PasswordEncryptionService.verifyPassword(request.getOldPassword(), user.getPassword()); - if(!isPasswordValid) { - throw new OldPasswordNotMatch(request.getPorOrgacode()); - } + if (passwordEncryptionService.matches(request.getNewPassword(), user.getPassword())) { + throw new NewPasswordException(request.getPorOrgacode()); + } user.setPassword(passwordEncryptionService.hashPassword(request.getNewPassword())); user.setFirstLogin(false); userRepository.save(user); @@ -84,6 +83,9 @@ public class UserService { User user = userRepository.findById(request.getUserId()) .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + request.getUserId())); + if (passwordEncryptionService.matches(request.getNewPassword(), user.getPassword())) { + throw new NewPasswordException(request.getPorOrgacode()); + } user.setPassword(passwordEncryptionService.hashPassword(request.getNewPassword())); user.setFirstLogin(false); userRepository.save(user); diff --git a/common/src/main/java/com/mfsys/common/configuration/constant/ERRCode.java b/common/src/main/java/com/mfsys/common/configuration/constant/ERRCode.java index 170be19..9961a57 100644 --- a/common/src/main/java/com/mfsys/common/configuration/constant/ERRCode.java +++ b/common/src/main/java/com/mfsys/common/configuration/constant/ERRCode.java @@ -15,7 +15,8 @@ public enum ERRCode implements ErrorMessage { MISSING_GL_CODE("ERR_GL_0001","Credit and Debit GL codes are required"), SAMEGLCODE("ERR_GL_0002","Credit and Debit GL codes must be different"), MISSING_ACCOUNT_NUMBER("ERR_ACCT_0001","Account number is required"), - SAMEACCOUNTNUMBER("ERR_ACCT_0002","Account number must be different"); + SAMEACCOUNTNUMBER("ERR_ACCT_0002","Account number must be different"), + NEW_PASSWORD("ERR_SEC_0007","New password cannot be same as old password"); diff --git a/common/src/main/java/com/mfsys/common/configuration/service/PasswordEncryptionService.java b/common/src/main/java/com/mfsys/common/configuration/service/PasswordEncryptionService.java index 46962bc..2c247aa 100644 --- a/common/src/main/java/com/mfsys/common/configuration/service/PasswordEncryptionService.java +++ b/common/src/main/java/com/mfsys/common/configuration/service/PasswordEncryptionService.java @@ -14,4 +14,8 @@ public class PasswordEncryptionService { return BCrypt.checkpw(plainPassword, hashedPassword); } + public boolean matches(String rawPassword, String encodedPassword) { + return BCrypt.checkpw(rawPassword, encodedPassword); + } + }