1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 package org.apache.jetspeed.modules.actions;
18
19
20
21 import java.util.Date;
22
23 import org.apache.jetspeed.om.security.JetspeedUser;
24
25
26 import org.apache.jetspeed.services.logging.JetspeedLogFactoryService;
27 import org.apache.jetspeed.services.logging.JetspeedLogger;
28 import org.apache.jetspeed.util.template.JetspeedLink;
29 import org.apache.jetspeed.util.template.JetspeedLinkFactory;
30
31
32 import org.apache.turbine.modules.Action;
33 import org.apache.turbine.modules.ActionLoader;
34
35
36 import org.apache.turbine.services.localization.Localization;
37 import org.apache.jetspeed.services.resources.JetspeedResources;
38
39
40 import org.apache.turbine.services.template.TurbineTemplate;
41
42
43 import org.apache.turbine.util.RunData;
44 import org.apache.turbine.util.GenerateUniqueId;
45 import org.apache.turbine.util.StringUtils;
46
47
48 import org.apache.jetspeed.services.JetspeedSecurity;
49 import org.apache.jetspeed.services.security.JetspeedSecurityException;
50
51 /***
52 This action validates the form input from the NewAccount Screen.
53 If it is valid, then it will check to make sure that the user account
54 does not already exist. If it does, then it will show the NewAccount
55 screen again. If it doesn't alread exist, then it will create the new
56 user and set the CONFIRM_VALUE to be the users session id. This part should
57 probably be re-done to get a better less hackable CONFIRM_VALUE, but this
58 should work for now. If everything goes well, this action will send the user
59 a confirmation email and then show the ConfirmRegistration screen.
60
61 @author Jon S. Stevens <a href="mailto:jon@clearink.com">jon@clearink.com</a>
62 @author David S. Taylor <a href="mailto:david@bluesunrise.com">david@bluesunrise.com</a>
63 @author Tom Adams <a href="mailto:tom@PIsoftware.com">tom@PIsoftware.com</a>
64
65 */
66 public class CreateNewUserAndConfirm extends Action
67 {
68
69 /***
70 * Static initialization of the logger for this class
71 */
72 private static final JetspeedLogger logger = JetspeedLogFactoryService.getLogger(CreateNewUserAndConfirm.class.getName());
73
74 public void doPerform( RunData data ) throws Exception
75 {
76 try
77 {
78
79 String submit = "submit1";
80 String str = (String) data.getUser().getTemp ( submit, "asdfasdf" );
81 if ( str != null && str
82 .equalsIgnoreCase( data.getParameters().getString(submit, "")) )
83 {
84 data.getUser().removeTemp(submit);
85 data.setScreenTemplate( TurbineTemplate.getDefaultScreen() );
86 return;
87 }
88
89 String pass1 = data.getParameters().getString("password", "");
90 String pass2 = data.getParameters().getString("password_confirm", "");
91
92
93 if ( (pass1.length() == 0 || pass2.length() == 0 )
94 || ! pass1.equals ( pass2 ) )
95 {
96 data.setMessage(Localization.getString(data, "CREATENEWUSERANDCONFIRM_PWNOTMATCH"));
97 data.setScreenTemplate("NewAccount");
98 return;
99 }
100
101 String username = data.getParameters().getString("username", "");
102
103
104 username = JetspeedSecurity.convertUserName(username);
105 pass1 = JetspeedSecurity.convertPassword(pass1);
106 pass2 = JetspeedSecurity.convertPassword(pass2);
107
108
109 if ( username.length() == 0 )
110 {
111 data.setMessage(Localization.getString(data, "CREATENEWUSERANDCONFIRM_NOUSERNAME"));
112 data.setScreenTemplate("NewAccount");
113 return;
114 }
115
116 String email = data.getParameters().getString("email", "");
117
118 if ( email.length() == 0 )
119 {
120 data.setMessage(Localization.getString(data, "CREATENEWUSERANDCONFIRM_NOEMAIL"));
121 data.setScreenTemplate("NewAccount");
122 return;
123 }
124
125 String CHNAME = Localization.getString(data, "CREATENEWUSERANDCONFIRM_DUPLICATEMSG");
126
127 boolean accountExists = true;
128 try
129 {
130 JetspeedSecurity.getUser(username);
131 }
132 catch(JetspeedSecurityException e)
133 {
134 accountExists = false;
135 }
136
137 if (!accountExists)
138 {
139 Date now = new Date();
140
141 JetspeedUser user = JetspeedSecurity.getUserInstance();
142
143 user.setUserName( username );
144 user.setCreateDate(now);
145 user.setLastLogin(new Date(0));
146 user.setFirstName( data.getParameters().getString("firstname") );
147 user.setLastName( data.getParameters().getString("lastname") );
148 user.setEmail( data.getParameters().getString("email") );
149
150 createUser(user, data);
151
152
153 String confirmValue = GenerateUniqueId.getIdentifier();
154
155
156 boolean newUserNotification = JetspeedResources.getBoolean("newuser.notification.enable", false);
157 boolean newUserApproval = JetspeedResources.getBoolean("newuser.approval.enable", false);
158 boolean enableMail = JetspeedResources.getBoolean("newuser.confirm.enable", false);
159 if (false == enableMail)
160 confirmValue = JetspeedResources.CONFIRM_VALUE;
161
162 if (true == newUserApproval)
163 confirmValue = JetspeedResources.CONFIRM_VALUE_PENDING;
164
165 user.setConfirmed( confirmValue );
166
167
168 data.setUser(user);
169
170 user.setPassword(pass1);
171 JetspeedSecurity.addUser(user);
172 if (!enableMail && !newUserApproval)
173 {
174 user.setHasLoggedIn(new Boolean (true));
175 user.setLastLogin(new Date(0));
176 }
177 data.setMessage(Localization.getString(data, "CREATENEWUSERANDCONFIRM_CREATE"));
178 if (enableMail || newUserNotification || newUserApproval)
179 {
180 data.setUser(JetspeedSecurity.getAnonymousUser());
181 data.getParameters().add("username", username);
182 data.getParameters().add("password", pass1);
183 if ( ! newUserApproval )
184 {
185 ActionLoader.getInstance().exec(data, "SendConfirmationEmail");
186 data.setScreenTemplate("ConfirmRegistration");
187 }
188 else
189 {
190 data.setScreenTemplate("NewUserAwaitingAcceptance");
191 }
192
193
194 if ( newUserNotification )
195 {
196 ActionLoader.getInstance().exec(data, "SendNewUserNotificationEmail");
197 }
198 }
199 else
200 {
201 bypassConfirmMail(data, username, pass1);
202 }
203
204 }
205 else
206 {
207 data.setMessage(Localization.getString(data, "CREATENEWUSERANDCONFIRM_CHOOSENEWNAME"));
208 data.setScreenTemplate("NewAccount");
209
210
211 data.getParameters().add("username", CHNAME);
212 }
213 }
214 catch (Exception e)
215 {
216 logger.error("CreateNewUserAndConfirm",e);
217 data.setMessage(e.toString());
218 data.setStackTrace(StringUtils.stackTrace(e), e);
219 data.setScreenTemplate(JetspeedResources.getString("template.error","Error"));
220 }
221 }
222
223 /***
224 * createUser creates a new user.
225 * Subclasses can override this method - adding additional user property settings as needed.
226 * The default implementation does nothing.
227 *
228 * @param user the new user that has been created
229 * @param data the current RunData instance
230 *
231 * @throws Exception passed up from JetspeedSecurity
232 */
233 protected void createUser(JetspeedUser user, RunData data) throws Exception
234 {
235 }
236
237 /***
238 * bypassConfirmMail allows configurations to bypass sending the confirmation email
239 * The new user is logged on and then redirected to the home page
240 *
241 * @param data Turbine information.
242 * @param username The user's username.
243 * @param password The user's password.
244 */
245 private void bypassConfirmMail(RunData data, String username, String password)
246 {
247 JetspeedUser usr = null;
248 try
249 {
250
251 usr = JetspeedSecurity.login( username, password );
252
253
254 JetspeedLink jslink = JetspeedLinkFactory.getInstance(data);
255 data.setRedirectURI(jslink.getHomePage().toString());
256 JetspeedLinkFactory.putInstance(jslink);
257 }
258 catch ( Exception e )
259 {
260 logger.error("Exception", e);
261 data.setMessage(e.toString());
262 data.setStackTrace(StringUtils.stackTrace(e), e);
263 data.setScreenTemplate(JetspeedResources.getString("template.error","Error"));
264 }
265 }
266
267 }