001    /**
002     * Copyright (c) 2000-present Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.login.action;
016    
017    import com.liferay.portal.AddressCityException;
018    import com.liferay.portal.AddressStreetException;
019    import com.liferay.portal.AddressZipException;
020    import com.liferay.portal.CompanyMaxUsersException;
021    import com.liferay.portal.ContactBirthdayException;
022    import com.liferay.portal.ContactNameException;
023    import com.liferay.portal.DuplicateOpenIdException;
024    import com.liferay.portal.EmailAddressException;
025    import com.liferay.portal.GroupFriendlyURLException;
026    import com.liferay.portal.NoSuchCountryException;
027    import com.liferay.portal.NoSuchLayoutException;
028    import com.liferay.portal.NoSuchListTypeException;
029    import com.liferay.portal.NoSuchOrganizationException;
030    import com.liferay.portal.NoSuchRegionException;
031    import com.liferay.portal.OrganizationParentException;
032    import com.liferay.portal.PhoneNumberException;
033    import com.liferay.portal.RequiredFieldException;
034    import com.liferay.portal.RequiredUserException;
035    import com.liferay.portal.TermsOfUseException;
036    import com.liferay.portal.UserEmailAddressException;
037    import com.liferay.portal.UserIdException;
038    import com.liferay.portal.UserPasswordException;
039    import com.liferay.portal.UserScreenNameException;
040    import com.liferay.portal.UserSmsException;
041    import com.liferay.portal.WebsiteURLException;
042    import com.liferay.portal.kernel.captcha.CaptchaConfigurationException;
043    import com.liferay.portal.kernel.captcha.CaptchaMaxChallengesException;
044    import com.liferay.portal.kernel.captcha.CaptchaTextException;
045    import com.liferay.portal.kernel.captcha.CaptchaUtil;
046    import com.liferay.portal.kernel.servlet.SessionErrors;
047    import com.liferay.portal.kernel.servlet.SessionMessages;
048    import com.liferay.portal.kernel.util.Constants;
049    import com.liferay.portal.kernel.util.GetterUtil;
050    import com.liferay.portal.kernel.util.LocaleUtil;
051    import com.liferay.portal.kernel.util.ParamUtil;
052    import com.liferay.portal.kernel.util.PwdGenerator;
053    import com.liferay.portal.kernel.util.Validator;
054    import com.liferay.portal.kernel.workflow.WorkflowConstants;
055    import com.liferay.portal.model.Company;
056    import com.liferay.portal.model.CompanyConstants;
057    import com.liferay.portal.model.Layout;
058    import com.liferay.portal.model.User;
059    import com.liferay.portal.security.auth.PrincipalException;
060    import com.liferay.portal.service.LayoutLocalServiceUtil;
061    import com.liferay.portal.service.ServiceContext;
062    import com.liferay.portal.service.ServiceContextFactory;
063    import com.liferay.portal.service.UserLocalServiceUtil;
064    import com.liferay.portal.service.UserServiceUtil;
065    import com.liferay.portal.struts.PortletAction;
066    import com.liferay.portal.theme.ThemeDisplay;
067    import com.liferay.portal.util.PortalUtil;
068    import com.liferay.portal.util.PropsValues;
069    import com.liferay.portal.util.WebKeys;
070    import com.liferay.portlet.login.util.LoginUtil;
071    
072    import javax.portlet.ActionRequest;
073    import javax.portlet.ActionResponse;
074    import javax.portlet.PortletConfig;
075    import javax.portlet.PortletURL;
076    import javax.portlet.RenderRequest;
077    import javax.portlet.RenderResponse;
078    
079    import javax.servlet.http.HttpServletRequest;
080    import javax.servlet.http.HttpServletResponse;
081    import javax.servlet.http.HttpSession;
082    
083    import org.apache.struts.action.ActionForm;
084    import org.apache.struts.action.ActionForward;
085    import org.apache.struts.action.ActionMapping;
086    
087    /**
088     * @author Brian Wing Shun Chan
089     * @author Amos Fong
090     * @author Daniel Sanz
091     * @author Sergio Gonz??lez
092     */
093    public class CreateAccountAction extends PortletAction {
094    
095            @Override
096            public void processAction(
097                            ActionMapping actionMapping, ActionForm actionForm,
098                            PortletConfig portletConfig, ActionRequest actionRequest,
099                            ActionResponse actionResponse)
100                    throws Exception {
101    
102                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
103                            WebKeys.THEME_DISPLAY);
104    
105                    Company company = themeDisplay.getCompany();
106    
107                    if (!company.isStrangers()) {
108                            throw new PrincipalException();
109                    }
110    
111                    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
112    
113                    try {
114                            if (cmd.equals(Constants.ADD)) {
115                                    if (PropsValues.CAPTCHA_CHECK_PORTAL_CREATE_ACCOUNT) {
116                                            CaptchaUtil.check(actionRequest);
117                                    }
118    
119                                    addUser(actionRequest, actionResponse);
120                            }
121                            else if (cmd.equals(Constants.RESET)) {
122                                    resetUser(actionRequest, actionResponse);
123                            }
124                            else if (cmd.equals(Constants.UPDATE)) {
125                                    updateIncompleteUser(actionRequest, actionResponse);
126                            }
127                    }
128                    catch (Exception e) {
129                            if (e instanceof AddressCityException ||
130                                    e instanceof AddressStreetException ||
131                                    e instanceof AddressZipException ||
132                                    e instanceof CaptchaConfigurationException ||
133                                    e instanceof CaptchaMaxChallengesException ||
134                                    e instanceof CaptchaTextException ||
135                                    e instanceof CompanyMaxUsersException ||
136                                    e instanceof ContactBirthdayException ||
137                                    e instanceof ContactNameException ||
138                                    e instanceof DuplicateOpenIdException ||
139                                    e instanceof EmailAddressException ||
140                                    e instanceof GroupFriendlyURLException ||
141                                    e instanceof NoSuchCountryException ||
142                                    e instanceof NoSuchListTypeException ||
143                                    e instanceof NoSuchOrganizationException ||
144                                    e instanceof NoSuchRegionException ||
145                                    e instanceof OrganizationParentException ||
146                                    e instanceof PhoneNumberException ||
147                                    e instanceof RequiredFieldException ||
148                                    e instanceof RequiredUserException ||
149                                    e instanceof TermsOfUseException ||
150                                    e instanceof UserEmailAddressException ||
151                                    e instanceof UserIdException ||
152                                    e instanceof UserPasswordException ||
153                                    e instanceof UserScreenNameException ||
154                                    e instanceof UserSmsException ||
155                                    e instanceof WebsiteURLException) {
156    
157                                    SessionErrors.add(actionRequest, e.getClass(), e);
158                            }
159                            else if (e instanceof
160                                                    UserEmailAddressException.MustNotBeDuplicate ||
161                                             e instanceof UserScreenNameException.MustNotBeDuplicate) {
162    
163                                    String emailAddress = ParamUtil.getString(
164                                            actionRequest, "emailAddress");
165    
166                                    User user = UserLocalServiceUtil.fetchUserByEmailAddress(
167                                            themeDisplay.getCompanyId(), emailAddress);
168    
169                                    if ((user == null) ||
170                                            (user.getStatus() != WorkflowConstants.STATUS_INCOMPLETE)) {
171    
172                                            SessionErrors.add(actionRequest, e.getClass(), e);
173                                    }
174                                    else {
175                                            setForward(actionRequest, "portlet.login.update_account");
176                                    }
177                            }
178                            else {
179                                    throw e;
180                            }
181                    }
182    
183                    if (Validator.isNull(PropsValues.COMPANY_SECURITY_STRANGERS_URL)) {
184                            return;
185                    }
186    
187                    try {
188                            Layout layout = LayoutLocalServiceUtil.getFriendlyURLLayout(
189                                    themeDisplay.getScopeGroupId(), false,
190                                    PropsValues.COMPANY_SECURITY_STRANGERS_URL);
191    
192                            String redirect = PortalUtil.getLayoutURL(layout, themeDisplay);
193    
194                            sendRedirect(actionRequest, actionResponse, redirect);
195                    }
196                    catch (NoSuchLayoutException nsle) {
197                    }
198            }
199    
200            @Override
201            public ActionForward render(
202                            ActionMapping actionMapping, ActionForm actionForm,
203                            PortletConfig portletConfig, RenderRequest renderRequest,
204                            RenderResponse renderResponse)
205                    throws Exception {
206    
207                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
208                            WebKeys.THEME_DISPLAY);
209    
210                    Company company = themeDisplay.getCompany();
211    
212                    if (!company.isStrangers()) {
213                            return actionMapping.findForward("portlet.login.login");
214                    }
215    
216                    renderResponse.setTitle(themeDisplay.translate("create-account"));
217    
218                    return actionMapping.findForward(
219                            getForward(renderRequest, "portlet.login.create_account"));
220            }
221    
222            protected void addUser(
223                            ActionRequest actionRequest, ActionResponse actionResponse)
224                    throws Exception {
225    
226                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
227                            actionRequest);
228                    HttpSession session = request.getSession();
229    
230                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
231                            WebKeys.THEME_DISPLAY);
232    
233                    Company company = themeDisplay.getCompany();
234    
235                    boolean autoPassword = true;
236                    String password1 = null;
237                    String password2 = null;
238                    boolean autoScreenName = isAutoScreenName();
239                    String screenName = ParamUtil.getString(actionRequest, "screenName");
240                    String emailAddress = ParamUtil.getString(
241                            actionRequest, "emailAddress");
242                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
243                    String openId = ParamUtil.getString(actionRequest, "openId");
244                    String languageId = ParamUtil.getString(actionRequest, "languageId");
245                    String firstName = ParamUtil.getString(actionRequest, "firstName");
246                    String middleName = ParamUtil.getString(actionRequest, "middleName");
247                    String lastName = ParamUtil.getString(actionRequest, "lastName");
248                    long prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
249                    long suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
250                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
251                    int birthdayMonth = ParamUtil.getInteger(
252                            actionRequest, "birthdayMonth");
253                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
254                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
255                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
256                    long[] groupIds = null;
257                    long[] organizationIds = null;
258                    long[] roleIds = null;
259                    long[] userGroupIds = null;
260                    boolean sendEmail = true;
261    
262                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
263                            User.class.getName(), actionRequest);
264    
265                    if (PropsValues.LOGIN_CREATE_ACCOUNT_ALLOW_CUSTOM_PASSWORD) {
266                            autoPassword = false;
267    
268                            password1 = ParamUtil.getString(actionRequest, "password1");
269                            password2 = ParamUtil.getString(actionRequest, "password2");
270                    }
271    
272                    boolean openIdPending = false;
273    
274                    Boolean openIdLoginPending = (Boolean)session.getAttribute(
275                            WebKeys.OPEN_ID_LOGIN_PENDING);
276    
277                    if ((openIdLoginPending != null) && openIdLoginPending.booleanValue() &&
278                            Validator.isNotNull(openId)) {
279    
280                            sendEmail = false;
281                            openIdPending = true;
282                    }
283    
284                    User user = UserServiceUtil.addUserWithWorkflow(
285                            company.getCompanyId(), autoPassword, password1, password2,
286                            autoScreenName, screenName, emailAddress, facebookId, openId,
287                            LocaleUtil.fromLanguageId(languageId), firstName, middleName,
288                            lastName, prefixId, suffixId, male, birthdayMonth, birthdayDay,
289                            birthdayYear, jobTitle, groupIds, organizationIds, roleIds,
290                            userGroupIds, sendEmail, serviceContext);
291    
292                    if (openIdPending) {
293                            session.setAttribute(
294                                    WebKeys.OPEN_ID_LOGIN, new Long(user.getUserId()));
295    
296                            session.removeAttribute(WebKeys.OPEN_ID_LOGIN_PENDING);
297                    }
298                    else {
299    
300                            // Session messages
301    
302                            if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
303                                    SessionMessages.add(
304                                            request, "userAdded", user.getEmailAddress());
305                                    SessionMessages.add(
306                                            request, "userAddedPassword",
307                                            user.getPasswordUnencrypted());
308                            }
309                            else {
310                                    SessionMessages.add(
311                                            request, "userPending", user.getEmailAddress());
312                            }
313                    }
314    
315                    // Send redirect
316    
317                    String login = null;
318    
319                    String authType = company.getAuthType();
320    
321                    if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
322                            login = String.valueOf(user.getUserId());
323                    }
324                    else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
325                            login = user.getScreenName();
326                    }
327                    else {
328                            login = user.getEmailAddress();
329                    }
330    
331                    sendRedirect(
332                            actionRequest, actionResponse, themeDisplay, login,
333                            user.getPasswordUnencrypted());
334            }
335    
336            protected boolean isAutoScreenName() {
337                    return _AUTO_SCREEN_NAME;
338            }
339    
340            @Override
341            protected boolean isCheckMethodOnProcessAction() {
342                    return _CHECK_METHOD_ON_PROCESS_ACTION;
343            }
344    
345            protected void resetUser(
346                            ActionRequest actionRequest, ActionResponse actionResponse)
347                    throws Exception {
348    
349                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
350                            WebKeys.THEME_DISPLAY);
351    
352                    String emailAddress = ParamUtil.getString(
353                            actionRequest, "emailAddress");
354    
355                    User anonymousUser = UserLocalServiceUtil.getUserByEmailAddress(
356                            themeDisplay.getCompanyId(), emailAddress);
357    
358                    if (anonymousUser.getStatus() != WorkflowConstants.STATUS_INCOMPLETE) {
359                            throw new PrincipalException();
360                    }
361    
362                    UserLocalServiceUtil.deleteUser(anonymousUser.getUserId());
363    
364                    addUser(actionRequest, actionResponse);
365            }
366    
367            protected void sendRedirect(
368                            ActionRequest actionRequest, ActionResponse actionResponse,
369                            ThemeDisplay themeDisplay, String login, String password)
370                    throws Exception {
371    
372                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
373                            actionRequest);
374    
375                    String redirect = PortalUtil.escapeRedirect(
376                            ParamUtil.getString(actionRequest, "redirect"));
377    
378                    if (Validator.isNotNull(redirect)) {
379                            HttpServletResponse response = PortalUtil.getHttpServletResponse(
380                                    actionResponse);
381    
382                            LoginUtil.login(request, response, login, password, false, null);
383                    }
384                    else {
385                            PortletURL loginURL = LoginUtil.getLoginURL(
386                                    request, themeDisplay.getPlid());
387    
388                            loginURL.setParameter("login", login);
389    
390                            redirect = loginURL.toString();
391                    }
392    
393                    actionResponse.sendRedirect(redirect);
394            }
395    
396            protected void updateIncompleteUser(
397                            ActionRequest actionRequest, ActionResponse actionResponse)
398                    throws Exception {
399    
400                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
401                            actionRequest);
402    
403                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
404                            WebKeys.THEME_DISPLAY);
405    
406                    boolean autoPassword = true;
407                    String password1 = null;
408                    String password2 = null;
409                    boolean autoScreenName = false;
410                    String screenName = ParamUtil.getString(actionRequest, "screenName");
411                    String emailAddress = ParamUtil.getString(
412                            actionRequest, "emailAddress");
413    
414                    HttpSession session = request.getSession();
415    
416                    long facebookId = GetterUtil.getLong(
417                            session.getAttribute(WebKeys.FACEBOOK_INCOMPLETE_USER_ID));
418    
419                    if (facebookId > 0) {
420                            password1 = PwdGenerator.getPassword();
421                            password2 = password1;
422                    }
423    
424                    String openId = ParamUtil.getString(actionRequest, "openId");
425                    String firstName = ParamUtil.getString(actionRequest, "firstName");
426                    String middleName = ParamUtil.getString(actionRequest, "middleName");
427                    String lastName = ParamUtil.getString(actionRequest, "lastName");
428                    long prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
429                    long suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
430                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
431                    int birthdayMonth = ParamUtil.getInteger(
432                            actionRequest, "birthdayMonth");
433                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
434                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
435                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
436                    boolean updateUserInformation = true;
437                    boolean sendEmail = true;
438    
439                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
440                            User.class.getName(), actionRequest);
441    
442                    User user = UserServiceUtil.updateIncompleteUser(
443                            themeDisplay.getCompanyId(), autoPassword, password1, password2,
444                            autoScreenName, screenName, emailAddress, facebookId, openId,
445                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
446                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
447                            sendEmail, updateUserInformation, serviceContext);
448    
449                    if (facebookId > 0) {
450                            UserLocalServiceUtil.updateLastLogin(
451                                    user.getUserId(), user.getLoginIP());
452    
453                            UserLocalServiceUtil.updatePasswordReset(user.getUserId(), false);
454    
455                            UserLocalServiceUtil.updateEmailAddressVerified(
456                                    user.getUserId(), true);
457    
458                            session.removeAttribute(WebKeys.FACEBOOK_INCOMPLETE_USER_ID);
459    
460                            Company company = themeDisplay.getCompany();
461    
462                            // Send redirect
463    
464                            String login = null;
465    
466                            String authType = company.getAuthType();
467    
468                            if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
469                                    login = String.valueOf(user.getUserId());
470                            }
471                            else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
472                                    login = user.getScreenName();
473                            }
474                            else {
475                                    login = user.getEmailAddress();
476                            }
477    
478                            sendRedirect(
479                                    actionRequest, actionResponse, themeDisplay, login, password1);
480    
481                            return;
482                    }
483    
484                    // Session messages
485    
486                    if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
487                            SessionMessages.add(request, "userAdded", user.getEmailAddress());
488                            SessionMessages.add(
489                                    request, "userAddedPassword", user.getPasswordUnencrypted());
490                    }
491                    else {
492                            SessionMessages.add(request, "userPending", user.getEmailAddress());
493                    }
494    
495                    // Send redirect
496    
497                    String login = null;
498    
499                    Company company = themeDisplay.getCompany();
500    
501                    String authType = company.getAuthType();
502    
503                    if (authType.equals(CompanyConstants.AUTH_TYPE_ID)) {
504                            login = String.valueOf(user.getUserId());
505                    }
506                    else if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
507                            login = user.getScreenName();
508                    }
509                    else {
510                            login = user.getEmailAddress();
511                    }
512    
513                    sendRedirect(
514                            actionRequest, actionResponse, themeDisplay, login,
515                            user.getPasswordUnencrypted());
516            }
517    
518            private static final boolean _AUTO_SCREEN_NAME = false;
519    
520            private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
521    
522    }