New password twice as in the form it asks for 'new password' and 'confirm new password'. One of the validation checks is that 'new password' equals the 'confirm new password' value.
I could go down the route of another service but I'm trying hard to avoid going in the direction of an 'anemic domain model' with fat services and thin business objects. This is why I'm keen to get this logic into User where I think it probably belongs. I'm going with John's earlier suggestion in the meantime and see where it gets me. As the saying goes there are many ways to skin the cat! Alan ----- Original Message ---- From: Tom Chiverton <[EMAIL PROTECTED]> To: [email protected] Sent: Monday, October 20, 2008 12:51:04 PM Subject: [CFCDEV] Re: User password changes and OO confusion On Monday 20 Oct 2008, Alan Livie wrote: > That's what I'm currently doing, a validatePasswordChange() method in the > service. As it is passed 3 password fields and a User object it just feels > wrong. It's got the User (with the existing encrypted password), the old password , plus the new password twice ? I'm not sure you need to bother with the new password twice. Your GUI will make it look nice, the double password here is just a backstop, and everything that uses the service will just dump the same user input into both the 'new password' fields, no ? > it also uses the User for a > validatePasswordStrength() that also smells as it takes a password arg > instead of using an instance variable. Only then it sets setPassword() in > the User and runs User.save(). You could factor these out to their own Password service. -- Tom Chiverton **************************************************** This email is sent for and on behalf of Halliwells LLP. Halliwells LLP is a limited liability partnership registered in England and Wales under registered number OC307980 whose registered office address is at Halliwells LLP, 3 Hardman Square, Spinningfields, Manchester, M3 3EB. A list of members is available for inspection at the registered office. Any reference to a partner in relation to Halliwells LLP means a member of Halliwells LLP. Regulated by The Solicitors Regulation Authority. CONFIDENTIALITY This email is intended only for the use of the addressee named above and may be confidential or legally privileged. If you are not the addressee you must not read it and must not use any information contained in nor copy it nor inform any person other than Halliwells LLP or the addressee of its existence or contents. If you have received this email in error please delete it and notify Halliwells LLP IT Department on 0870 365 2500. For more information about Halliwells LLP visit www.halliwells.com. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CFCDev" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfcdev?hl=en -~----------~----~----~----~------~----~------~--~---
