source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.redback.struts2.action;
   2
   3 /*
   4  * Licensed to the Apache Software Foundation (ASF) under one
   5  * or more contributor license agreements.  See the NOTICE file
   6  * distributed with this work for additional information
   7  * regarding copyright ownership.  The ASF licenses this file
   8  * to you under the Apache License, Version 2.0 (the
   9  * "License"); you may not use this file except in compliance
  10  * with the License.  You may obtain a copy of the License at
  11  *
  12  * http://www.apache.org/licenses/LICENSE-2.0
  13  *
  14  * Unless required by applicable law or agreed to in writing,
  15  * software distributed under the License is distributed on an
  16  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  17  * KIND, either express or implied.  See the License for the
  18  * specific language governing permissions and limitations
  19  * under the License.
  20  */
  21
  22 import org.apache.archiva.redback.keys.AuthenticationKey;
  23 import org.apache.archiva.redback.policy.UserSecurityPolicy;
  24 import org.apache.archiva.redback.role.RoleManager;
  25 import org.apache.archiva.redback.role.RoleManagerException;
  26 import org.apache.archiva.redback.users.User;
  27 import org.apache.archiva.redback.keys.KeyManagerException;
  28 import org.apache.archiva.redback.users.UserManager;
  29 import org.apache.archiva.redback.users.UserNotFoundException;
  30 import org.apache.archiva.redback.integration.interceptor.SecureActionBundle;
  31 import org.apache.archiva.redback.integration.interceptor.SecureActionException;
  32 import org.apache.archiva.redback.integration.mail.Mailer;
  33 import org.apache.archiva.redback.integration.model.CreateUserCredentials;
  34 import org.apache.archiva.redback.integration.security.role.RedbackRoleConstants;
  35 import org.springframework.context.annotation.Scope;
  36 import org.springframework.stereotype.Controller;
  37
  38 import javax.inject.Inject;
  39 import java.util.Arrays;
  40
  41 /**
  42  * RegisterAction
  43  *
  44  * @author <a href="mailto:joakim@erdfelt.com">Joakim Erdfelt</a>
  45  *
  46  */
  47 @Controller( "redback-register" )
  48 @Scope( "prototype" )
  49 public class RegisterAction
  50     extends AbstractUserCredentialsAction
  51     implements CancellableAction
  52 {
  53     protected static final String REGISTER_SUCCESS = "security-register-success";
  54
  55     private static final String VALIDATION_NOTE = "validation-note";
  56
  57     private static final String RESEND_VALIDATION_EMAIL = "security-resend-validation-email";
  58
  59     // ------------------------------------------------------------------
  60     //  Component Requirements
  61     // ------------------------------------------------------------------
  62
  63     /**
  64      *
  65      */
  66     @Inject
  67     private Mailer mailer;
  68
  69     /**
  70      *
  71      */
  72     @Inject
  73     private RoleManager roleManager;
  74
  75     private CreateUserCredentials user;
  76
  77     private boolean emailValidationRequired;
  78
  79     private String username;
  80
  81     // ------------------------------------------------------------------
  82     // Action Entry Points - (aka Names)
  83     // ------------------------------------------------------------------
  84
  85     public String show()
  86     {
  87         if ( user == null )
  88         {
  89             user = new CreateUserCredentials();
  90         }
  91
  92         emailValidationRequired = securitySystem.getPolicy().getUserValidationSettings().isEmailValidationRequired();
  93
  94         return INPUT;
  95     }
  96
  97     public String register()
  98     {
  99         if ( user == null )
 100         {
 101             user = new CreateUserCredentials();
 102             addActionError( getText( "invalid.user.credentials" ) );
 103             return ERROR;
 104         }
 105
 106         UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
 107
 108         emailValidationRequired = securityPolicy.getUserValidationSettings().isEmailValidationRequired();
 109
 110         internalUser = user;
 111
 112         if ( securityPolicy.getUserValidationSettings().isEmailValidationRequired() )
 113         {
 114             validateCredentialsLoose();
 115         }
 116         else
 117         {
 118             validateCredentialsStrict();
 119         }
 120
 121         // NOTE: Do not perform Password Rules Validation Here.
 122         UserManager manager = super.securitySystem.getUserManager();
 123
 124         if ( manager.userExists( user.getUsername() ) )
 125         {
 126             // Means that the role name doesn't exist.
 127             // We need to fail fast and return to the previous page.
 128             addActionError( getText( "user.already.exists", Arrays.asList( (Object) user.getUsername() ) ) );
 129         }
 130
 131         if ( hasActionErrors() || hasFieldErrors() )
 132         {
 133             return ERROR;
 134         }
 135
 136         User u = manager.createUser( user.getUsername(), user.getFullName(), user.getEmail() );
 137         u.setPassword( user.getPassword() );
 138         u.setValidated( false );
 139         u.setLocked( false );
 140
 141         try
 142         {
 143             roleManager.assignRole( RedbackRoleConstants.REGISTERED_USER_ROLE_ID, u.getPrincipal().toString() );
 144         }
 145         catch ( RoleManagerException rpe )
 146         {
 147             addActionError( getText( "assign.role.failure" ) );
 148             log.error( "RoleProfile Error: " + rpe.getMessage(), rpe );
 149             return ERROR;
 150         }
 151
 152         if ( securityPolicy.getUserValidationSettings().isEmailValidationRequired() )
 153         {
 154             u.setLocked( true );
 155
 156             try
 157             {
 158                 AuthenticationKey authkey =
 159                     securitySystem.getKeyManager().createKey( u.getPrincipal().toString(), "New User Email Validation",
 160                                                               securityPolicy.getUserValidationSettings().getEmailValidationTimeout() );
 161
 162                 mailer.sendAccountValidationEmail( Arrays.asList( u.getEmail() ), authkey, getBaseUrl() );
 163
 164                 securityPolicy.setEnabled( false );
 165                 manager.addUser( u );
 166
 167                 return VALIDATION_NOTE;
 168             }
 169             catch ( KeyManagerException e )
 170             {
 171                 addActionError( getText( "cannot.register.user" ) );
 172                 log.error( "Unable to register a new user.", e );
 173                 return ERROR;
 174             }
 175             finally
 176             {
 177                 securityPolicy.setEnabled( true );
 178             }
 179         }
 180         else
 181         {
 182             manager.addUser( u );
 183         }
 184
 185         AuditEvent event = new AuditEvent( getText( "log.account.create" ) );
 186         event.setAffectedUser( username );
 187         event.log();
 188
 189         return REGISTER_SUCCESS;
 190     }
 191
 192     public String resendRegistrationEmail()
 193     {
 194         UserSecurityPolicy securityPolicy = securitySystem.getPolicy();
 195
 196         try
 197         {
 198             User user = super.securitySystem.getUserManager().findUser( username );
 199
 200             AuthenticationKey authkey =
 201                 securitySystem.getKeyManager().createKey( user.getPrincipal().toString(), "New User Email Validation",
 202                                                           securityPolicy.getUserValidationSettings().getEmailValidationTimeout() );
 203
 204             mailer.sendAccountValidationEmail( Arrays.asList( user.getEmail() ), authkey, getBaseUrl() );
 205
 206             return RESEND_VALIDATION_EMAIL;
 207         }
 208         catch ( KeyManagerException e )
 209         {
 210             addActionError( getText( "cannot.register.user" ) );
 211             log.error( "Unable to register a new user.", e );
 212             return ERROR;
 213         }
 214         catch ( UserNotFoundException e )
 215         {
 216             addActionError( getText( "cannot.find.user" ) );
 217             log.error( "Unable to find user.", e );
 218             return ERROR;
 219         }
 220     }
 221
 222     public String cancel()
 223     {
 224         return CANCEL;
 225     }
 226
 227     // ------------------------------------------------------------------
 228     // Parameter Accessor Methods
 229     // ------------------------------------------------------------------
 230
 231     public CreateUserCredentials getUser()
 232     {
 233         return user;
 234     }
 235
 236     public void setUser( CreateUserCredentials user )
 237     {
 238         this.user = user;
 239     }
 240
 241     public boolean isEmailValidationRequired()
 242     {
 243         return emailValidationRequired;
 244     }
 245
 246     public void setEmailValidationRequired( boolean emailValidationRequired )
 247     {
 248         this.emailValidationRequired = emailValidationRequired;
 249     }
 250
 251     public String getUsername()
 252     {
 253         return username;
 254     }
 255
 256     public void setUsername( String username )
 257     {
 258         this.username = username;
 259     }
 260
 261     public SecureActionBundle initSecureActionBundle()
 262         throws SecureActionException
 263     {
 264         return SecureActionBundle.OPEN;
 265     }
 266 }