001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portlet.login.action;
016    
017    import com.liferay.portal.AddressCityException;
018    import com.liferay.portal.AddressStreetException;
019    import com.liferay.portal.AddressZipException;
020    import com.liferay.portal.CompanyMaxUsersException;
021    import com.liferay.portal.ContactFirstNameException;
022    import com.liferay.portal.ContactFullNameException;
023    import com.liferay.portal.ContactLastNameException;
024    import com.liferay.portal.DuplicateUserEmailAddressException;
025    import com.liferay.portal.DuplicateUserScreenNameException;
026    import com.liferay.portal.EmailAddressException;
027    import com.liferay.portal.GroupFriendlyURLException;
028    import com.liferay.portal.NoSuchCountryException;
029    import com.liferay.portal.NoSuchLayoutException;
030    import com.liferay.portal.NoSuchListTypeException;
031    import com.liferay.portal.NoSuchOrganizationException;
032    import com.liferay.portal.NoSuchRegionException;
033    import com.liferay.portal.NoSuchUserException;
034    import com.liferay.portal.OrganizationParentException;
035    import com.liferay.portal.PhoneNumberException;
036    import com.liferay.portal.RequiredFieldException;
037    import com.liferay.portal.RequiredUserException;
038    import com.liferay.portal.ReservedUserEmailAddressException;
039    import com.liferay.portal.ReservedUserScreenNameException;
040    import com.liferay.portal.TermsOfUseException;
041    import com.liferay.portal.UserEmailAddressException;
042    import com.liferay.portal.UserIdException;
043    import com.liferay.portal.UserPasswordException;
044    import com.liferay.portal.UserScreenNameException;
045    import com.liferay.portal.UserSmsException;
046    import com.liferay.portal.WebsiteURLException;
047    import com.liferay.portal.kernel.captcha.CaptchaMaxChallengesException;
048    import com.liferay.portal.kernel.captcha.CaptchaTextException;
049    import com.liferay.portal.kernel.captcha.CaptchaUtil;
050    import com.liferay.portal.kernel.servlet.SessionErrors;
051    import com.liferay.portal.kernel.servlet.SessionMessages;
052    import com.liferay.portal.kernel.util.Constants;
053    import com.liferay.portal.kernel.util.ParamUtil;
054    import com.liferay.portal.kernel.util.Validator;
055    import com.liferay.portal.kernel.workflow.WorkflowConstants;
056    import com.liferay.portal.model.Company;
057    import com.liferay.portal.model.CompanyConstants;
058    import com.liferay.portal.model.Layout;
059    import com.liferay.portal.model.User;
060    import com.liferay.portal.security.auth.PrincipalException;
061    import com.liferay.portal.service.LayoutLocalServiceUtil;
062    import com.liferay.portal.service.ServiceContext;
063    import com.liferay.portal.service.ServiceContextFactory;
064    import com.liferay.portal.service.UserLocalServiceUtil;
065    import com.liferay.portal.service.UserServiceUtil;
066    import com.liferay.portal.struts.PortletAction;
067    import com.liferay.portal.theme.ThemeDisplay;
068    import com.liferay.portal.util.PortalUtil;
069    import com.liferay.portal.util.PropsValues;
070    import com.liferay.portal.util.WebKeys;
071    import com.liferay.portlet.login.util.LoginUtil;
072    
073    import javax.portlet.ActionRequest;
074    import javax.portlet.ActionResponse;
075    import javax.portlet.PortletConfig;
076    import javax.portlet.PortletURL;
077    import javax.portlet.RenderRequest;
078    import javax.portlet.RenderResponse;
079    
080    import javax.servlet.http.HttpServletRequest;
081    import javax.servlet.http.HttpServletResponse;
082    import javax.servlet.http.HttpSession;
083    
084    import org.apache.struts.action.ActionForm;
085    import org.apache.struts.action.ActionForward;
086    import org.apache.struts.action.ActionMapping;
087    
088    /**
089     * @author Brian Wing Shun Chan
090     * @author Amos Fong
091     * @author Daniel Sanz
092     * @author Sergio González
093     */
094    public class CreateAccountAction extends PortletAction {
095    
096            @Override
097            public void processAction(
098                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
099                            ActionRequest actionRequest, ActionResponse actionResponse)
100                    throws Exception {
101    
102                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
103                            WebKeys.THEME_DISPLAY);
104    
105                    Company company = themeDisplay.getCompany();
106    
107                    if (!company.isStrangers()) {
108                            throw new PrincipalException();
109                    }
110    
111                    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
112    
113                    try {
114                            if (cmd.equals(Constants.ADD)) {
115                                    if (PropsValues.CAPTCHA_CHECK_PORTAL_CREATE_ACCOUNT) {
116                                            CaptchaUtil.check(actionRequest);
117                                    }
118    
119                                    addUser(actionRequest, actionResponse);
120                            }
121                            else if (cmd.equals(Constants.RESET)) {
122                                    resetUser(actionRequest, actionResponse);
123                            }
124                            else if (cmd.equals(Constants.UPDATE)) {
125                                    updateIncompleteUser(actionRequest, actionResponse);
126                            }
127                    }
128                    catch (Exception e) {
129                            if (e instanceof DuplicateUserEmailAddressException ||
130                                    e instanceof DuplicateUserScreenNameException) {
131    
132                                    String emailAddress = ParamUtil.getString(
133                                            actionRequest, "emailAddress");
134    
135                                    try {
136                                            User user = UserLocalServiceUtil.getUserByEmailAddress(
137                                                    themeDisplay.getCompanyId(), emailAddress);
138    
139                                            if (user.getStatus() !=
140                                                            WorkflowConstants.STATUS_INCOMPLETE) {
141    
142                                                    SessionErrors.add(actionRequest, e.getClass(), e);
143                                            }
144                                            else {
145                                                    setForward(
146                                                            actionRequest, "portlet.login.update_account");
147                                            }
148                                    }
149                                    catch (NoSuchUserException nsue) {
150                                            SessionErrors.add(actionRequest, e.getClass(), e);
151                                    }
152                            }
153                            else if (e instanceof AddressCityException ||
154                                             e instanceof AddressStreetException ||
155                                             e instanceof AddressZipException ||
156                                             e instanceof CaptchaMaxChallengesException ||
157                                             e instanceof CaptchaTextException ||
158                                             e instanceof CompanyMaxUsersException ||
159                                             e instanceof ContactFirstNameException ||
160                                             e instanceof ContactFullNameException ||
161                                             e instanceof ContactLastNameException ||
162                                             e instanceof EmailAddressException ||
163                                             e instanceof GroupFriendlyURLException ||
164                                             e instanceof NoSuchCountryException ||
165                                             e instanceof NoSuchListTypeException ||
166                                             e instanceof NoSuchOrganizationException ||
167                                             e instanceof NoSuchRegionException ||
168                                             e instanceof OrganizationParentException ||
169                                             e instanceof PhoneNumberException ||
170                                             e instanceof RequiredFieldException ||
171                                             e instanceof RequiredUserException ||
172                                             e instanceof ReservedUserEmailAddressException ||
173                                             e instanceof ReservedUserScreenNameException ||
174                                             e instanceof TermsOfUseException ||
175                                             e instanceof UserEmailAddressException ||
176                                             e instanceof UserIdException ||
177                                             e instanceof UserPasswordException ||
178                                             e instanceof UserScreenNameException ||
179                                             e instanceof UserSmsException ||
180                                             e instanceof WebsiteURLException) {
181    
182                                    SessionErrors.add(actionRequest, e.getClass(), e);
183                            }
184                            else {
185                                    throw e;
186                            }
187                    }
188    
189                    if (Validator.isNull(PropsValues.COMPANY_SECURITY_STRANGERS_URL)) {
190                            return;
191                    }
192    
193                    try {
194                            Layout layout = LayoutLocalServiceUtil.getFriendlyURLLayout(
195                                    themeDisplay.getScopeGroupId(), false,
196                                    PropsValues.COMPANY_SECURITY_STRANGERS_URL);
197    
198                            String redirect = PortalUtil.getLayoutURL(layout, themeDisplay);
199    
200                            sendRedirect(actionRequest, actionResponse, redirect);
201                    }
202                    catch (NoSuchLayoutException nsle) {
203                    }
204            }
205    
206            @Override
207            public ActionForward render(
208                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
209                            RenderRequest renderRequest, RenderResponse renderResponse)
210                    throws Exception {
211    
212                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
213                            WebKeys.THEME_DISPLAY);
214    
215                    Company company = themeDisplay.getCompany();
216    
217                    if (!company.isStrangers()) {
218                            return mapping.findForward("portlet.login.login");
219                    }
220    
221                    renderResponse.setTitle(themeDisplay.translate("create-account"));
222    
223                    return mapping.findForward(
224                            getForward(renderRequest, "portlet.login.create_account"));
225            }
226    
227            protected void addUser(
228                            ActionRequest actionRequest, ActionResponse actionResponse)
229                    throws Exception {
230    
231                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
232                            actionRequest);
233                    HttpSession session = request.getSession();
234    
235                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
236                            WebKeys.THEME_DISPLAY);
237    
238                    Company company = themeDisplay.getCompany();
239    
240                    boolean autoPassword = true;
241                    String password1 = null;
242                    String password2 = null;
243                    boolean autoScreenName = isAutoScreenName();
244                    String screenName = ParamUtil.getString(actionRequest, "screenName");
245                    String emailAddress = ParamUtil.getString(
246                            actionRequest, "emailAddress");
247                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
248                    String openId = ParamUtil.getString(actionRequest, "openId");
249                    String firstName = ParamUtil.getString(actionRequest, "firstName");
250                    String middleName = ParamUtil.getString(actionRequest, "middleName");
251                    String lastName = ParamUtil.getString(actionRequest, "lastName");
252                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
253                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
254                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
255                    int birthdayMonth = ParamUtil.getInteger(
256                            actionRequest, "birthdayMonth");
257                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
258                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
259                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
260                    long[] groupIds = null;
261                    long[] organizationIds = null;
262                    long[] roleIds = null;
263                    long[] userGroupIds = null;
264                    boolean sendEmail = true;
265    
266                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
267                            User.class.getName(), actionRequest);
268    
269                    if (PropsValues.LOGIN_CREATE_ACCOUNT_ALLOW_CUSTOM_PASSWORD) {
270                            autoPassword = false;
271    
272                            password1 = ParamUtil.getString(actionRequest, "password1");
273                            password2 = ParamUtil.getString(actionRequest, "password2");
274                    }
275    
276                    boolean openIdPending = false;
277    
278                    Boolean openIdLoginPending = (Boolean)session.getAttribute(
279                            WebKeys.OPEN_ID_LOGIN_PENDING);
280    
281                    if ((openIdLoginPending != null) && openIdLoginPending.booleanValue() &&
282                            Validator.isNotNull(openId)) {
283    
284                            sendEmail = false;
285                            openIdPending = true;
286                    }
287    
288                    User user = UserServiceUtil.addUserWithWorkflow(
289                            company.getCompanyId(), autoPassword, password1, password2,
290                            autoScreenName, screenName, emailAddress, facebookId, openId,
291                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
292                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
293                            groupIds, organizationIds, roleIds, userGroupIds, sendEmail,
294                            serviceContext);
295    
296                    if (openIdPending) {
297                            session.setAttribute(
298                                    WebKeys.OPEN_ID_LOGIN, new Long(user.getUserId()));
299    
300                            session.removeAttribute(WebKeys.OPEN_ID_LOGIN_PENDING);
301                    }
302                    else {
303    
304                            // Session messages
305    
306                            if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
307                                    SessionMessages.add(
308                                            request, "user_added", user.getEmailAddress());
309                                    SessionMessages.add(
310                                            request, "user_added_password",
311                                            user.getPasswordUnencrypted());
312                            }
313                            else {
314                                    SessionMessages.add(
315                                            request, "user_pending", user.getEmailAddress());
316                            }
317                    }
318    
319                    // Send redirect
320    
321                    String login = null;
322    
323                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
324                            login = String.valueOf(user.getUserId());
325                    }
326                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
327                            login = user.getScreenName();
328                    }
329                    else {
330                            login = user.getEmailAddress();
331                    }
332    
333                    sendRedirect(
334                            actionRequest, actionResponse, themeDisplay, login,
335                            user.getPasswordUnencrypted());
336            }
337    
338            protected boolean isAutoScreenName() {
339                    return _AUTO_SCREEN_NAME;
340            }
341    
342            @Override
343            protected boolean isCheckMethodOnProcessAction() {
344                    return _CHECK_METHOD_ON_PROCESS_ACTION;
345            }
346    
347            protected void resetUser(
348                            ActionRequest actionRequest, ActionResponse actionResponse)
349                    throws Exception {
350    
351                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
352                            WebKeys.THEME_DISPLAY);
353    
354                    String emailAddress = ParamUtil.getString(
355                            actionRequest, "emailAddress");
356    
357                    User anonymousUser = UserLocalServiceUtil.getUserByEmailAddress(
358                            themeDisplay.getCompanyId(), emailAddress);
359    
360                    UserLocalServiceUtil.deleteUser(anonymousUser.getUserId());
361    
362                    addUser(actionRequest, actionResponse);
363            }
364    
365            protected void sendRedirect(
366                            ActionRequest actionRequest, ActionResponse actionResponse,
367                            ThemeDisplay themeDisplay, String login, String password)
368                    throws Exception {
369    
370                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
371                            actionRequest);
372    
373                    String redirect = PortalUtil.escapeRedirect(
374                            ParamUtil.getString(actionRequest, "redirect"));
375    
376                    if (Validator.isNotNull(redirect)) {
377                            HttpServletResponse response = PortalUtil.getHttpServletResponse(
378                                    actionResponse);
379    
380                            LoginUtil.login(request, response, login, password, false, null);
381                    }
382                    else {
383                            PortletURL loginURL = LoginUtil.getLoginURL(
384                                    request, themeDisplay.getPlid());
385    
386                            loginURL.setParameter("login", login);
387    
388                            redirect = loginURL.toString();
389                    }
390    
391                    actionResponse.sendRedirect(redirect);
392            }
393    
394            protected void updateIncompleteUser(
395                            ActionRequest actionRequest, ActionResponse actionResponse)
396                    throws Exception {
397    
398                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
399                            actionRequest);
400    
401                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
402                            WebKeys.THEME_DISPLAY);
403    
404                    boolean autoPassword = true;
405                    String password1 = null;
406                    String password2 = null;
407                    boolean autoScreenName = false;
408                    String screenName = ParamUtil.getString(actionRequest, "screenName");
409                    String emailAddress = ParamUtil.getString(
410                            actionRequest, "emailAddress");
411                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
412                    String openId = ParamUtil.getString(actionRequest, "openId");
413                    String firstName = ParamUtil.getString(actionRequest, "firstName");
414                    String middleName = ParamUtil.getString(actionRequest, "middleName");
415                    String lastName = ParamUtil.getString(actionRequest, "lastName");
416                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
417                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
418                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
419                    int birthdayMonth = ParamUtil.getInteger(
420                            actionRequest, "birthdayMonth");
421                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
422                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
423                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
424                    boolean updateUserInformation = true;
425                    boolean sendEmail = true;
426    
427                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
428                            User.class.getName(), actionRequest);
429    
430                    User user = UserServiceUtil.updateIncompleteUser(
431                            themeDisplay.getCompanyId(), autoPassword, password1, password2,
432                            autoScreenName, screenName, emailAddress, facebookId, openId,
433                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
434                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
435                            sendEmail, updateUserInformation, serviceContext);
436    
437                    // Session messages
438    
439                    if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
440                            SessionMessages.add(request, "user_added", user.getEmailAddress());
441                            SessionMessages.add(
442                                    request, "user_added_password", user.getPasswordUnencrypted());
443                    }
444                    else {
445                            SessionMessages.add(
446                                    request, "user_pending", user.getEmailAddress());
447                    }
448    
449                    // Send redirect
450    
451                    String login = null;
452    
453                    Company company = themeDisplay.getCompany();
454    
455                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
456                            login = String.valueOf(user.getUserId());
457                    }
458                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
459                            login = user.getScreenName();
460                    }
461                    else {
462                            login = user.getEmailAddress();
463                    }
464    
465                    sendRedirect(
466                            actionRequest, actionResponse, themeDisplay, login,
467                            user.getPasswordUnencrypted());
468            }
469    
470            private static final boolean _AUTO_SCREEN_NAME = false;
471    
472            private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
473    
474    }