001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.login.action;
016    
017    import com.liferay.portal.AddressCityException;
018    import com.liferay.portal.AddressStreetException;
019    import com.liferay.portal.AddressZipException;
020    import com.liferay.portal.CompanyMaxUsersException;
021    import com.liferay.portal.ContactFirstNameException;
022    import com.liferay.portal.ContactFullNameException;
023    import com.liferay.portal.ContactLastNameException;
024    import com.liferay.portal.DuplicateUserEmailAddressException;
025    import com.liferay.portal.DuplicateUserScreenNameException;
026    import com.liferay.portal.EmailAddressException;
027    import com.liferay.portal.GroupFriendlyURLException;
028    import com.liferay.portal.NoSuchCountryException;
029    import com.liferay.portal.NoSuchLayoutException;
030    import com.liferay.portal.NoSuchListTypeException;
031    import com.liferay.portal.NoSuchOrganizationException;
032    import com.liferay.portal.NoSuchRegionException;
033    import com.liferay.portal.NoSuchUserException;
034    import com.liferay.portal.OrganizationParentException;
035    import com.liferay.portal.PhoneNumberException;
036    import com.liferay.portal.RequiredFieldException;
037    import com.liferay.portal.RequiredUserException;
038    import com.liferay.portal.ReservedUserEmailAddressException;
039    import com.liferay.portal.ReservedUserScreenNameException;
040    import com.liferay.portal.TermsOfUseException;
041    import com.liferay.portal.UserEmailAddressException;
042    import com.liferay.portal.UserIdException;
043    import com.liferay.portal.UserPasswordException;
044    import com.liferay.portal.UserScreenNameException;
045    import com.liferay.portal.UserSmsException;
046    import com.liferay.portal.WebsiteURLException;
047    import com.liferay.portal.kernel.captcha.CaptchaMaxChallengesException;
048    import com.liferay.portal.kernel.captcha.CaptchaTextException;
049    import com.liferay.portal.kernel.captcha.CaptchaUtil;
050    import com.liferay.portal.kernel.servlet.SessionErrors;
051    import com.liferay.portal.kernel.servlet.SessionMessages;
052    import com.liferay.portal.kernel.util.Constants;
053    import com.liferay.portal.kernel.util.ParamUtil;
054    import com.liferay.portal.kernel.util.Validator;
055    import com.liferay.portal.kernel.workflow.WorkflowConstants;
056    import com.liferay.portal.model.Company;
057    import com.liferay.portal.model.CompanyConstants;
058    import com.liferay.portal.model.Layout;
059    import com.liferay.portal.model.User;
060    import com.liferay.portal.security.auth.PrincipalException;
061    import com.liferay.portal.service.LayoutLocalServiceUtil;
062    import com.liferay.portal.service.ServiceContext;
063    import com.liferay.portal.service.ServiceContextFactory;
064    import com.liferay.portal.service.UserLocalServiceUtil;
065    import com.liferay.portal.service.UserServiceUtil;
066    import com.liferay.portal.struts.PortletAction;
067    import com.liferay.portal.theme.ThemeDisplay;
068    import com.liferay.portal.util.PortalUtil;
069    import com.liferay.portal.util.PropsValues;
070    import com.liferay.portal.util.WebKeys;
071    import com.liferay.portlet.login.util.LoginUtil;
072    
073    import javax.portlet.ActionRequest;
074    import javax.portlet.ActionResponse;
075    import javax.portlet.PortletConfig;
076    import javax.portlet.PortletURL;
077    import javax.portlet.RenderRequest;
078    import javax.portlet.RenderResponse;
079    
080    import javax.servlet.http.HttpServletRequest;
081    import javax.servlet.http.HttpServletResponse;
082    import javax.servlet.http.HttpSession;
083    
084    import org.apache.struts.action.ActionForm;
085    import org.apache.struts.action.ActionForward;
086    import org.apache.struts.action.ActionMapping;
087    
088    /**
089     * @author Brian Wing Shun Chan
090     * @author Amos Fong
091     * @author Daniel Sanz
092     * @author Sergio González
093     */
094    public class CreateAccountAction extends PortletAction {
095    
096            @Override
097            public void processAction(
098                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
099                            ActionRequest actionRequest, ActionResponse actionResponse)
100                    throws Exception {
101    
102                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
103                            WebKeys.THEME_DISPLAY);
104    
105                    Company company = themeDisplay.getCompany();
106    
107                    if (!company.isStrangers()) {
108                            throw new PrincipalException();
109                    }
110    
111                    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
112    
113                    try {
114                            if (cmd.equals(Constants.ADD)) {
115                                    if (PropsValues.CAPTCHA_CHECK_PORTAL_CREATE_ACCOUNT) {
116                                            CaptchaUtil.check(actionRequest);
117                                    }
118    
119                                    addUser(actionRequest, actionResponse);
120                            }
121                            else if (cmd.equals(Constants.RESET)) {
122                                    resetUser(actionRequest, actionResponse);
123                            }
124                            else if (cmd.equals(Constants.UPDATE)) {
125                                    updateIncompleteUser(actionRequest, actionResponse);
126                            }
127                    }
128                    catch (Exception e) {
129                            if (e instanceof DuplicateUserEmailAddressException ||
130                                    e instanceof DuplicateUserScreenNameException) {
131    
132                                    String emailAddress = ParamUtil.getString(
133                                            actionRequest, "emailAddress");
134    
135                                    try {
136                                            User user = UserLocalServiceUtil.getUserByEmailAddress(
137                                                    themeDisplay.getCompanyId(), emailAddress);
138    
139                                            if (user.getStatus() !=
140                                                            WorkflowConstants.STATUS_INCOMPLETE) {
141    
142                                                    SessionErrors.add(actionRequest, e.getClass(), e);
143                                            }
144                                            else {
145                                                    setForward(
146                                                            actionRequest, "portlet.login.update_account");
147                                            }
148                                    }
149                                    catch (NoSuchUserException nsue) {
150                                            SessionErrors.add(actionRequest, e.getClass(), e);
151                                    }
152                            }
153                            else if (e instanceof AddressCityException ||
154                                             e instanceof AddressStreetException ||
155                                             e instanceof AddressZipException ||
156                                             e instanceof CaptchaMaxChallengesException ||
157                                             e instanceof CaptchaTextException ||
158                                             e instanceof CompanyMaxUsersException ||
159                                             e instanceof ContactFirstNameException ||
160                                             e instanceof ContactFullNameException ||
161                                             e instanceof ContactLastNameException ||
162                                             e instanceof EmailAddressException ||
163                                             e instanceof GroupFriendlyURLException ||
164                                             e instanceof NoSuchCountryException ||
165                                             e instanceof NoSuchListTypeException ||
166                                             e instanceof NoSuchOrganizationException ||
167                                             e instanceof NoSuchRegionException ||
168                                             e instanceof OrganizationParentException ||
169                                             e instanceof PhoneNumberException ||
170                                             e instanceof RequiredFieldException ||
171                                             e instanceof RequiredUserException ||
172                                             e instanceof ReservedUserEmailAddressException ||
173                                             e instanceof ReservedUserScreenNameException ||
174                                             e instanceof TermsOfUseException ||
175                                             e instanceof UserEmailAddressException ||
176                                             e instanceof UserIdException ||
177                                             e instanceof UserPasswordException ||
178                                             e instanceof UserScreenNameException ||
179                                             e instanceof UserSmsException ||
180                                             e instanceof WebsiteURLException) {
181    
182                                    SessionErrors.add(actionRequest, e.getClass(), e);
183                            }
184                            else {
185                                    throw e;
186                            }
187                    }
188    
189                    if (Validator.isNull(PropsValues.COMPANY_SECURITY_STRANGERS_URL)) {
190                            return;
191                    }
192    
193                    try {
194                            Layout layout = LayoutLocalServiceUtil.getFriendlyURLLayout(
195                                    themeDisplay.getScopeGroupId(), false,
196                                    PropsValues.COMPANY_SECURITY_STRANGERS_URL);
197    
198                            String redirect = PortalUtil.getLayoutURL(layout, themeDisplay);
199    
200                            sendRedirect(actionRequest, actionResponse, redirect);
201                    }
202                    catch (NoSuchLayoutException nsle) {
203                    }
204            }
205    
206            @Override
207            public ActionForward render(
208                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
209                            RenderRequest renderRequest, RenderResponse renderResponse)
210                    throws Exception {
211    
212                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
213                            WebKeys.THEME_DISPLAY);
214    
215                    Company company = themeDisplay.getCompany();
216    
217                    if (!company.isStrangers()) {
218                            return mapping.findForward("portlet.login.login");
219                    }
220    
221                    renderResponse.setTitle(themeDisplay.translate("create-account"));
222    
223                    return mapping.findForward(
224                            getForward(renderRequest, "portlet.login.create_account"));
225            }
226    
227            protected void addUser(
228                            ActionRequest actionRequest, ActionResponse actionResponse)
229                    throws Exception {
230    
231                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
232                            actionRequest);
233                    HttpSession session = request.getSession();
234    
235                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
236                            WebKeys.THEME_DISPLAY);
237    
238                    Company company = themeDisplay.getCompany();
239    
240                    boolean autoPassword = true;
241                    String password1 = null;
242                    String password2 = null;
243                    boolean autoScreenName = isAutoScreenName();
244                    String screenName = ParamUtil.getString(actionRequest, "screenName");
245                    String emailAddress = ParamUtil.getString(
246                            actionRequest, "emailAddress");
247                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
248                    String openId = ParamUtil.getString(actionRequest, "openId");
249                    String firstName = ParamUtil.getString(actionRequest, "firstName");
250                    String middleName = ParamUtil.getString(actionRequest, "middleName");
251                    String lastName = ParamUtil.getString(actionRequest, "lastName");
252                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
253                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
254                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
255                    int birthdayMonth = ParamUtil.getInteger(
256                            actionRequest, "birthdayMonth");
257                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
258                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
259                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
260                    long[] groupIds = null;
261                    long[] organizationIds = null;
262                    long[] roleIds = null;
263                    long[] userGroupIds = null;
264                    boolean sendEmail = true;
265    
266                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
267                            User.class.getName(), actionRequest);
268    
269                    if (PropsValues.LOGIN_CREATE_ACCOUNT_ALLOW_CUSTOM_PASSWORD) {
270                            autoPassword = false;
271    
272                            password1 = ParamUtil.getString(actionRequest, "password1");
273                            password2 = ParamUtil.getString(actionRequest, "password2");
274                    }
275    
276                    boolean openIdPending = false;
277    
278                    Boolean openIdLoginPending = (Boolean)session.getAttribute(
279                            WebKeys.OPEN_ID_LOGIN_PENDING);
280    
281                    if ((openIdLoginPending != null) && openIdLoginPending.booleanValue() &&
282                            Validator.isNotNull(openId)) {
283    
284                            sendEmail = false;
285                            openIdPending = true;
286                    }
287    
288                    User user = UserServiceUtil.addUserWithWorkflow(
289                            company.getCompanyId(), autoPassword, password1, password2,
290                            autoScreenName, screenName, emailAddress, facebookId, openId,
291                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
292                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
293                            groupIds, organizationIds, roleIds, userGroupIds, sendEmail,
294                            serviceContext);
295    
296                    if (openIdPending) {
297                            session.setAttribute(
298                                    WebKeys.OPEN_ID_LOGIN, new Long(user.getUserId()));
299    
300                            session.removeAttribute(WebKeys.OPEN_ID_LOGIN_PENDING);
301                    }
302                    else {
303    
304                            // Session messages
305    
306                            if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
307                                    SessionMessages.add(
308                                            request, "user_added", user.getEmailAddress());
309                                    SessionMessages.add(
310                                            request, "user_added_password",
311                                            user.getPasswordUnencrypted());
312                            }
313                            else {
314                                    SessionMessages.add(
315                                            request, "user_pending", user.getEmailAddress());
316                            }
317                    }
318    
319                    // Send redirect
320    
321                    String login = null;
322    
323                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
324                            login = String.valueOf(user.getUserId());
325                    }
326                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
327                            login = user.getScreenName();
328                    }
329                    else {
330                            login = user.getEmailAddress();
331                    }
332    
333                    sendRedirect(
334                            actionRequest, actionResponse, themeDisplay, login,
335                            user.getPasswordUnencrypted());
336            }
337    
338            protected boolean isAutoScreenName() {
339                    return _AUTO_SCREEN_NAME;
340            }
341    
342            @Override
343            protected boolean isCheckMethodOnProcessAction() {
344                    return _CHECK_METHOD_ON_PROCESS_ACTION;
345            }
346    
347            protected void resetUser(
348                            ActionRequest actionRequest, ActionResponse actionResponse)
349                    throws Exception {
350    
351                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
352                            WebKeys.THEME_DISPLAY);
353    
354                    String emailAddress = ParamUtil.getString(
355                            actionRequest, "emailAddress");
356    
357                    User anonymousUser = UserLocalServiceUtil.getUserByEmailAddress(
358                            themeDisplay.getCompanyId(), emailAddress);
359    
360                    if (anonymousUser.getStatus() != WorkflowConstants.STATUS_INCOMPLETE) {
361                            throw new PrincipalException();
362                    }
363    
364                    UserLocalServiceUtil.deleteUser(anonymousUser.getUserId());
365    
366                    addUser(actionRequest, actionResponse);
367            }
368    
369            protected void sendRedirect(
370                            ActionRequest actionRequest, ActionResponse actionResponse,
371                            ThemeDisplay themeDisplay, String login, String password)
372                    throws Exception {
373    
374                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
375                            actionRequest);
376    
377                    String redirect = PortalUtil.escapeRedirect(
378                            ParamUtil.getString(actionRequest, "redirect"));
379    
380                    if (Validator.isNotNull(redirect)) {
381                            HttpServletResponse response = PortalUtil.getHttpServletResponse(
382                                    actionResponse);
383    
384                            LoginUtil.login(request, response, login, password, false, null);
385                    }
386                    else {
387                            PortletURL loginURL = LoginUtil.getLoginURL(
388                                    request, themeDisplay.getPlid());
389    
390                            loginURL.setParameter("login", login);
391    
392                            redirect = loginURL.toString();
393                    }
394    
395                    actionResponse.sendRedirect(redirect);
396            }
397    
398            protected void updateIncompleteUser(
399                            ActionRequest actionRequest, ActionResponse actionResponse)
400                    throws Exception {
401    
402                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
403                            actionRequest);
404    
405                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
406                            WebKeys.THEME_DISPLAY);
407    
408                    boolean autoPassword = true;
409                    String password1 = null;
410                    String password2 = null;
411                    boolean autoScreenName = false;
412                    String screenName = ParamUtil.getString(actionRequest, "screenName");
413                    String emailAddress = ParamUtil.getString(
414                            actionRequest, "emailAddress");
415                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
416                    String openId = ParamUtil.getString(actionRequest, "openId");
417                    String firstName = ParamUtil.getString(actionRequest, "firstName");
418                    String middleName = ParamUtil.getString(actionRequest, "middleName");
419                    String lastName = ParamUtil.getString(actionRequest, "lastName");
420                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
421                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
422                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
423                    int birthdayMonth = ParamUtil.getInteger(
424                            actionRequest, "birthdayMonth");
425                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
426                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
427                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
428                    boolean updateUserInformation = true;
429                    boolean sendEmail = true;
430    
431                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
432                            User.class.getName(), actionRequest);
433    
434                    User user = UserServiceUtil.updateIncompleteUser(
435                            themeDisplay.getCompanyId(), autoPassword, password1, password2,
436                            autoScreenName, screenName, emailAddress, facebookId, openId,
437                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
438                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
439                            sendEmail, updateUserInformation, serviceContext);
440    
441                    // Session messages
442    
443                    if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
444                            SessionMessages.add(request, "user_added", user.getEmailAddress());
445                            SessionMessages.add(
446                                    request, "user_added_password", user.getPasswordUnencrypted());
447                    }
448                    else {
449                            SessionMessages.add(
450                                    request, "user_pending", user.getEmailAddress());
451                    }
452    
453                    // Send redirect
454    
455                    String login = null;
456    
457                    Company company = themeDisplay.getCompany();
458    
459                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
460                            login = String.valueOf(user.getUserId());
461                    }
462                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
463                            login = user.getScreenName();
464                    }
465                    else {
466                            login = user.getEmailAddress();
467                    }
468    
469                    sendRedirect(
470                            actionRequest, actionResponse, themeDisplay, login,
471                            user.getPasswordUnencrypted());
472            }
473    
474            private static final boolean _AUTO_SCREEN_NAME = false;
475    
476            private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
477    
478    }