source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.struts2.action.admin;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import java.util.Arrays;
  23
  24 import org.apache.archiva.redback.policy.UserSecurityPolicy;
  25 import org.apache.archiva.redback.rbac.Resource;
  26 import org.apache.archiva.redback.struts2.action.AbstractUserCredentialsAction;
  27 import org.apache.archiva.redback.struts2.action.AuditEvent;
  28 import org.apache.archiva.redback.users.User;
  29 import org.apache.archiva.redback.users.UserManager;
  30 import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
  31 import org.apache.archiva.redback.integration.interceptor.SecureActionException;
  32 import org.apache.archiva.redback.integration.model.CreateUserCredentials;
  33 import org.apache.archiva.redback.integration.role.RoleConstants;
  34 import org.springframework.context.annotation.Scope;
  35 import org.springframework.stereotype.Controller;
  36
  37 /**
  38  * UserCreateAction
  39  *
  40  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
  41  *
  42  */
  43 @Controller("redback-admin-user-create")
  44 @Scope("prototype")
  45 public class UserCreateAction
  46     extends AbstractUserCredentialsAction
  47 {
  48     // ------------------------------------------------------------------
  49     // Action Parameters
  50     // ------------------------------------------------------------------
  51
  52     private CreateUserCredentials user;
  53
  54     // ------------------------------------------------------------------
  55     // Action Entry Points - (aka Names)
  56     // ------------------------------------------------------------------
  57
  58     public String show()
  59     {
  60         if ( user == null )
  61         {
  62             user = new CreateUserCredentials();
  63         }
  64
  65         return INPUT;
  66     }
  67
  68     public String submit()
  69     {
  70         if ( user == null )
  71         {
  72             user = new CreateUserCredentials();
  73             addActionError( getText( "invalid.user.credentials" ) );
  74             return ERROR;
  75         }
  76
  77         internalUser = user;
  78
  79         validateCredentialsLoose();
  80
  81         // NOTE: Do not perform Password Rules Validation Here.
  82
  83         UserManager manager = super.securitySystem.getUserManager();
  84
  85         if ( manager.userExists( user.getUsername() ) )
  86         {
  87             // Means that the role name doesn't exist.
  88             // We need to fail fast and return to the previous page.
  89             addActionError( getText( "user.already.exists", Arrays.asList( ( Object ) user.getUsername() ) ) );
  90         }
  91
  92         if ( hasActionErrors() || hasFieldErrors() )
  93         {
  94             return ERROR;
  95         }
  96
  97         User u = manager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
  98         u.setPassword( user.getPassword() );
  99
 100         // force the user to change their password when they log in next
 101         u.setPasswordChangeRequired( true );
 102
 103         // Disable Password Rules for this creation.
 104         UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
 105         try
 106         {
 107                 // REDBACK-156
 108             securityPolicy.setEnabled( false );
 109             u.setValidated( true );
 110             manager.addUser( u );
 111             String currentUser = getCurrentUser();
 112             AuditEvent event = new AuditEvent( getText( "log.account.create" ) );
 113             event.setAffectedUser( u.getUsername() );
 114             event.setCurrentUser( currentUser );
 115             event.log();
 116         }
 117         finally
 118         {
 119             securityPolicy.setEnabled( true );
 120         }
 121
 122         return SUCCESS;
 123     }
 124
 125     // ------------------------------------------------------------------
 126     // Parameter Accessor Methods
 127     // ------------------------------------------------------------------
 128
 129     public CreateUserCredentials getUser()
 130     {
 131         return user;
 132     }
 133
 134     public void setUser( CreateUserCredentials user )
 135     {
 136         this.user = user;
 137     }
 138
 139     public SecureActionBundle initSecureActionBundle()
 140         throws SecureActionException
 141     {
 142         SecureActionBundle bundle = new SecureActionBundle();
 143         bundle.setRequiresAuthentication( true );
 144         bundle.addRequiredAuthorization( RoleConstants.USER_MANAGEMENT_USER_CREATE_OPERATION, Resource.GLOBAL );
 145         return bundle;
 146     }
 147
 148 }