From 7b8c7a22757fd5cef1b2e4d4181afd543e54ad19 Mon Sep 17 00:00:00 2001
From: Noriko Hosoi <nhosoi@redhat.com>
Date: Dec 10 2007 18:24:13 +0000
Subject: Resolves: #400341

Summary: Console: unable to reset admin user password (Comment #7)
Description: Adding the code to check if the login user matches the
Admin User or not using the regular expression.

---

diff --git a/src/com/netscape/management/admserv/panel/CGIAccessSetup.java b/src/com/netscape/management/admserv/panel/CGIAccessSetup.java
index 6bcf96f..c26cfd0 100644
--- a/src/com/netscape/management/admserv/panel/CGIAccessSetup.java
+++ b/src/com/netscape/management/admserv/panel/CGIAccessSetup.java
@@ -50,6 +50,7 @@ public class CGIAccessSetup extends CGIDataModel {
     /**
       * CGI arguments used in setConfiguration()
      */
+    // We may want to remove this since we won't be calling set with a new UID
     public String getCGIParamsForSetOp() {
         String uid = getAttribute(AttrNames.ADMPW_UID);
         return "op=set&" + AttrNames.ADMPW_UID + "=" +
@@ -61,7 +62,7 @@ public class CGIAccessSetup extends CGIDataModel {
 
         super.save();
 
-        // Use change-sie-passwod command to change the password
+        // Use change-sie-password command to change the password
         String pwd = getAttribute(AttrNames.ADMPW_PWD);
 
         if (pwd != null) {
@@ -74,21 +75,25 @@ public class CGIAccessSetup extends CGIDataModel {
                         _consoleInfo.getAuthenticationDN(),
                         _consoleInfo.getAuthenticationPassword());
             } catch (MalformedURLException e) {
-                Debug.println("CGIAccessSetup.save: "+e);
+                Debug.println("CGIDataModel.setConfiguration "+e);
                 throw new RemoteRequestException(e);
             }
 
             if (0 == task.exec()) {
                 // Since we've updated the Admin Password, 
                 // let's update the one in _consoleInfo.
-                _consoleInfo.setAuthenticationPassword(pwd);
+                // But, only do this if we are logged in as the admin user!
+                String authDN = _consoleInfo.getAuthenticationDN().toLowerCase();
+                String authUID = getAttribute(AttrNames.ADMPW_UID).toLowerCase();
+                if (authDN.matches("uid=" + authUID + ", *ou=administrators, *ou=topologymanagement, *o=netscaperoot")) {
+                    _consoleInfo.setAuthenticationPassword(pwd);
+                }
             }
 
             int status = task.getStatus();
+            Debug.println(adminURL + " "+status);
             AdminOperation.processAdmTaskStatus(adminURL, task,
                     _consoleInfo);
         }
     }
-
-
 }