001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portlet.login.action;
016    
017    import com.liferay.portal.AddressCityException;
018    import com.liferay.portal.AddressStreetException;
019    import com.liferay.portal.AddressZipException;
020    import com.liferay.portal.CompanyMaxUsersException;
021    import com.liferay.portal.ContactFirstNameException;
022    import com.liferay.portal.ContactFullNameException;
023    import com.liferay.portal.ContactLastNameException;
024    import com.liferay.portal.DuplicateUserEmailAddressException;
025    import com.liferay.portal.DuplicateUserScreenNameException;
026    import com.liferay.portal.EmailAddressException;
027    import com.liferay.portal.NoSuchCountryException;
028    import com.liferay.portal.NoSuchLayoutException;
029    import com.liferay.portal.NoSuchListTypeException;
030    import com.liferay.portal.NoSuchOrganizationException;
031    import com.liferay.portal.NoSuchRegionException;
032    import com.liferay.portal.NoSuchUserException;
033    import com.liferay.portal.OrganizationParentException;
034    import com.liferay.portal.PhoneNumberException;
035    import com.liferay.portal.RequiredFieldException;
036    import com.liferay.portal.RequiredUserException;
037    import com.liferay.portal.ReservedUserEmailAddressException;
038    import com.liferay.portal.ReservedUserScreenNameException;
039    import com.liferay.portal.TermsOfUseException;
040    import com.liferay.portal.UserEmailAddressException;
041    import com.liferay.portal.UserIdException;
042    import com.liferay.portal.UserPasswordException;
043    import com.liferay.portal.UserScreenNameException;
044    import com.liferay.portal.UserSmsException;
045    import com.liferay.portal.WebsiteURLException;
046    import com.liferay.portal.kernel.captcha.CaptchaMaxChallengesException;
047    import com.liferay.portal.kernel.captcha.CaptchaTextException;
048    import com.liferay.portal.kernel.captcha.CaptchaUtil;
049    import com.liferay.portal.kernel.servlet.SessionErrors;
050    import com.liferay.portal.kernel.servlet.SessionMessages;
051    import com.liferay.portal.kernel.util.Constants;
052    import com.liferay.portal.kernel.util.ParamUtil;
053    import com.liferay.portal.kernel.util.Validator;
054    import com.liferay.portal.kernel.workflow.WorkflowConstants;
055    import com.liferay.portal.model.Company;
056    import com.liferay.portal.model.CompanyConstants;
057    import com.liferay.portal.model.Layout;
058    import com.liferay.portal.model.User;
059    import com.liferay.portal.security.auth.PrincipalException;
060    import com.liferay.portal.service.LayoutLocalServiceUtil;
061    import com.liferay.portal.service.ServiceContext;
062    import com.liferay.portal.service.ServiceContextFactory;
063    import com.liferay.portal.service.UserLocalServiceUtil;
064    import com.liferay.portal.service.UserServiceUtil;
065    import com.liferay.portal.struts.PortletAction;
066    import com.liferay.portal.theme.ThemeDisplay;
067    import com.liferay.portal.util.PortalUtil;
068    import com.liferay.portal.util.PropsValues;
069    import com.liferay.portal.util.WebKeys;
070    import com.liferay.portlet.login.util.LoginUtil;
071    
072    import javax.portlet.ActionRequest;
073    import javax.portlet.ActionResponse;
074    import javax.portlet.PortletConfig;
075    import javax.portlet.PortletURL;
076    import javax.portlet.RenderRequest;
077    import javax.portlet.RenderResponse;
078    
079    import javax.servlet.http.HttpServletRequest;
080    import javax.servlet.http.HttpServletResponse;
081    import javax.servlet.http.HttpSession;
082    
083    import org.apache.struts.action.ActionForm;
084    import org.apache.struts.action.ActionForward;
085    import org.apache.struts.action.ActionMapping;
086    
087    /**
088     * @author Brian Wing Shun Chan
089     * @author Amos Fong
090     * @author Daniel Sanz
091     * @author Sergio González
092     */
093    public class CreateAccountAction extends PortletAction {
094    
095            @Override
096            public void processAction(
097                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
098                            ActionRequest actionRequest, ActionResponse actionResponse)
099                    throws Exception {
100    
101                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
102                            WebKeys.THEME_DISPLAY);
103    
104                    Company company = themeDisplay.getCompany();
105    
106                    if (!company.isStrangers()) {
107                            throw new PrincipalException();
108                    }
109    
110                    String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
111    
112                    try {
113                            if (cmd.equals(Constants.ADD)) {
114                                    if (PropsValues.CAPTCHA_CHECK_PORTAL_CREATE_ACCOUNT) {
115                                            CaptchaUtil.check(actionRequest);
116                                    }
117    
118                                    addUser(actionRequest, actionResponse);
119                            }
120                            else if (cmd.equals(Constants.RESET)) {
121                                    resetUser(actionRequest, actionResponse);
122                            }
123                            else if (cmd.equals(Constants.UPDATE)) {
124                                    updateIncompleteUser(actionRequest, actionResponse);
125                            }
126                    }
127                    catch (Exception e) {
128                            if (e instanceof DuplicateUserEmailAddressException ||
129                                    e instanceof DuplicateUserScreenNameException) {
130    
131                                    String emailAddress = ParamUtil.getString(
132                                            actionRequest, "emailAddress");
133    
134                                    try {
135                                            User user = UserLocalServiceUtil.getUserByEmailAddress(
136                                                    themeDisplay.getCompanyId(), emailAddress);
137    
138                                            if (user.getStatus() !=
139                                                            WorkflowConstants.STATUS_INCOMPLETE) {
140    
141                                                    SessionErrors.add(
142                                                            actionRequest, e.getClass().getName(), e);
143                                            }
144                                            else {
145                                                    setForward(
146                                                            actionRequest, "portlet.login.update_account");
147                                            }
148                                    }
149                                    catch (NoSuchUserException nsue) {
150                                            SessionErrors.add(actionRequest, e.getClass().getName(), e);
151                                    }
152                            }
153                            else if (e instanceof AddressCityException ||
154                                             e instanceof AddressStreetException ||
155                                             e instanceof AddressZipException ||
156                                             e instanceof CaptchaMaxChallengesException ||
157                                             e instanceof CaptchaTextException ||
158                                             e instanceof CompanyMaxUsersException ||
159                                             e instanceof ContactFirstNameException ||
160                                             e instanceof ContactFullNameException ||
161                                             e instanceof ContactLastNameException ||
162                                             e instanceof EmailAddressException ||
163                                             e instanceof NoSuchCountryException ||
164                                             e instanceof NoSuchListTypeException ||
165                                             e instanceof NoSuchOrganizationException ||
166                                             e instanceof NoSuchRegionException ||
167                                             e instanceof OrganizationParentException ||
168                                             e instanceof PhoneNumberException ||
169                                             e instanceof RequiredFieldException ||
170                                             e instanceof RequiredUserException ||
171                                             e instanceof ReservedUserEmailAddressException ||
172                                             e instanceof ReservedUserScreenNameException ||
173                                             e instanceof TermsOfUseException ||
174                                             e instanceof UserEmailAddressException ||
175                                             e instanceof UserIdException ||
176                                             e instanceof UserPasswordException ||
177                                             e instanceof UserScreenNameException ||
178                                             e instanceof UserSmsException ||
179                                             e instanceof WebsiteURLException) {
180    
181                                    SessionErrors.add(actionRequest, e.getClass().getName(), e);
182                            }
183                            else {
184                                    throw e;
185                            }
186                    }
187    
188                    if (Validator.isNull(PropsValues.COMPANY_SECURITY_STRANGERS_URL)) {
189                            return;
190                    }
191    
192                    try {
193                            Layout layout = LayoutLocalServiceUtil.getFriendlyURLLayout(
194                                    themeDisplay.getScopeGroupId(), false,
195                                    PropsValues.COMPANY_SECURITY_STRANGERS_URL);
196    
197                            String redirect = PortalUtil.getLayoutURL(layout, themeDisplay);
198    
199                            sendRedirect(actionRequest, actionResponse, redirect);
200                    }
201                    catch (NoSuchLayoutException nsle) {
202                    }
203            }
204    
205            @Override
206            public ActionForward render(
207                            ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
208                            RenderRequest renderRequest, RenderResponse renderResponse)
209                    throws Exception {
210    
211                    ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
212                            WebKeys.THEME_DISPLAY);
213    
214                    Company company = themeDisplay.getCompany();
215    
216                    if (!company.isStrangers()) {
217                            return mapping.findForward("portlet.login.login");
218                    }
219    
220                    renderResponse.setTitle(themeDisplay.translate("create-account"));
221    
222                    return mapping.findForward(
223                            getForward(renderRequest, "portlet.login.create_account"));
224            }
225    
226            protected void addUser(
227                            ActionRequest actionRequest, ActionResponse actionResponse)
228                    throws Exception {
229    
230                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
231                            actionRequest);
232                    HttpSession session = request.getSession();
233    
234                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
235                            WebKeys.THEME_DISPLAY);
236    
237                    Company company = themeDisplay.getCompany();
238    
239                    boolean autoPassword = true;
240                    String password1 = null;
241                    String password2 = null;
242                    boolean autoScreenName = isAutoScreenName();
243                    String screenName = ParamUtil.getString(actionRequest, "screenName");
244                    String emailAddress = ParamUtil.getString(
245                            actionRequest, "emailAddress");
246                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
247                    String openId = ParamUtil.getString(actionRequest, "openId");
248                    String firstName = ParamUtil.getString(actionRequest, "firstName");
249                    String middleName = ParamUtil.getString(actionRequest, "middleName");
250                    String lastName = ParamUtil.getString(actionRequest, "lastName");
251                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
252                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
253                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
254                    int birthdayMonth = ParamUtil.getInteger(
255                            actionRequest, "birthdayMonth");
256                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
257                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
258                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
259                    long[] groupIds = null;
260                    long[] organizationIds = null;
261                    long[] roleIds = null;
262                    long[] userGroupIds = null;
263                    boolean sendEmail = true;
264    
265                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
266                            User.class.getName(), actionRequest);
267    
268                    if (PropsValues.LOGIN_CREATE_ACCOUNT_ALLOW_CUSTOM_PASSWORD) {
269                            autoPassword = false;
270    
271                            password1 = ParamUtil.getString(actionRequest, "password1");
272                            password2 = ParamUtil.getString(actionRequest, "password2");
273                    }
274    
275                    boolean openIdPending = false;
276    
277                    Boolean openIdLoginPending = (Boolean)session.getAttribute(
278                            WebKeys.OPEN_ID_LOGIN_PENDING);
279    
280                    if ((openIdLoginPending != null) &&
281                            (openIdLoginPending.booleanValue()) &&
282                            (Validator.isNotNull(openId))) {
283    
284                            sendEmail = false;
285                            openIdPending = true;
286                    }
287    
288                    User user = UserServiceUtil.addUserWithWorkflow(
289                            company.getCompanyId(), autoPassword, password1, password2,
290                            autoScreenName, screenName, emailAddress, facebookId, openId,
291                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
292                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
293                            groupIds, organizationIds, roleIds, userGroupIds, sendEmail,
294                            serviceContext);
295    
296                    if (openIdPending) {
297                            session.setAttribute(
298                                    WebKeys.OPEN_ID_LOGIN, new Long(user.getUserId()));
299    
300                            session.removeAttribute(WebKeys.OPEN_ID_LOGIN_PENDING);
301                    }
302                    else {
303    
304                            // Session messages
305    
306                            if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
307                                    SessionMessages.add(
308                                            request, "user_added", user.getEmailAddress());
309                                    SessionMessages.add(
310                                            request, "user_added_password",
311                                            user.getPasswordUnencrypted());
312                            }
313                            else {
314                                    SessionMessages.add(
315                                            request, "user_pending", user.getEmailAddress());
316                            }
317                    }
318    
319                    // Send redirect
320    
321                    String login = null;
322    
323                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
324                            login = String.valueOf(user.getUserId());
325                    }
326                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
327                            login = user.getScreenName();
328                    }
329                    else {
330                            login = user.getEmailAddress();
331                    }
332    
333                    sendRedirect(
334                            actionRequest, actionResponse, themeDisplay, login,
335                            user.getPasswordUnencrypted());
336            }
337    
338            protected boolean isAutoScreenName() {
339                    return _AUTO_SCREEN_NAME;
340            }
341    
342            @Override
343            protected boolean isCheckMethodOnProcessAction() {
344                    return _CHECK_METHOD_ON_PROCESS_ACTION;
345            }
346    
347            protected void resetUser(
348                            ActionRequest actionRequest, ActionResponse actionResponse)
349                    throws Exception {
350    
351                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
352                            WebKeys.THEME_DISPLAY);
353    
354                    String emailAddress = ParamUtil.getString(
355                            actionRequest, "emailAddress");
356    
357                    User anonymousUser = UserLocalServiceUtil.getUserByEmailAddress(
358                            themeDisplay.getCompanyId(), emailAddress);
359    
360                    UserLocalServiceUtil.deleteUser(anonymousUser.getUserId());
361    
362                    addUser(actionRequest, actionResponse);
363            }
364    
365            protected void sendRedirect(
366                            ActionRequest actionRequest, ActionResponse actionResponse,
367                            ThemeDisplay themeDisplay, String login, String password)
368                    throws Exception {
369    
370                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
371                            actionRequest);
372    
373                    String redirect = PortalUtil.escapeRedirect(
374                            ParamUtil.getString(actionRequest, "redirect"));
375    
376                    if (Validator.isNotNull(redirect)) {
377                            HttpServletResponse response = PortalUtil.getHttpServletResponse(
378                                    actionResponse);
379    
380                            LoginUtil.login(request, response, login, password, false, null);
381                    }
382                    else {
383                            PortletURL loginURL = LoginUtil.getLoginURL(
384                                    request, themeDisplay.getPlid());
385    
386                            loginURL.setParameter("login", login);
387    
388                            redirect = loginURL.toString();
389                    }
390    
391                    actionResponse.sendRedirect(redirect);
392            }
393    
394            protected void updateIncompleteUser(
395                            ActionRequest actionRequest, ActionResponse actionResponse)
396                    throws Exception {
397    
398                    HttpServletRequest request = PortalUtil.getHttpServletRequest(
399                            actionRequest);
400    
401                    ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
402                            WebKeys.THEME_DISPLAY);
403    
404                    boolean autoPassword = true;
405                    String password1 = null;
406                    String password2 = null;
407                    boolean autoScreenName = false;
408                    String screenName = ParamUtil.getString(actionRequest, "screenName");
409                    String emailAddress = ParamUtil.getString(
410                            actionRequest, "emailAddress");
411                    long facebookId = ParamUtil.getLong(actionRequest, "facebookId");
412                    String openId = ParamUtil.getString(actionRequest, "openId");
413                    String firstName = ParamUtil.getString(actionRequest, "firstName");
414                    String middleName = ParamUtil.getString(actionRequest, "middleName");
415                    String lastName = ParamUtil.getString(actionRequest, "lastName");
416                    int prefixId = ParamUtil.getInteger(actionRequest, "prefixId");
417                    int suffixId = ParamUtil.getInteger(actionRequest, "suffixId");
418                    boolean male = ParamUtil.getBoolean(actionRequest, "male", true);
419                    int birthdayMonth = ParamUtil.getInteger(
420                            actionRequest, "birthdayMonth");
421                    int birthdayDay = ParamUtil.getInteger(actionRequest, "birthdayDay");
422                    int birthdayYear = ParamUtil.getInteger(actionRequest, "birthdayYear");
423                    String jobTitle = ParamUtil.getString(actionRequest, "jobTitle");
424                    boolean updateUserInformation = true;
425                    boolean sendEmail = true;
426    
427                    ServiceContext serviceContext = ServiceContextFactory.getInstance(
428                            User.class.getName(), actionRequest);
429    
430                    User user = UserServiceUtil.updateIncompleteUser(
431                            themeDisplay.getCompanyId(), autoPassword, password1, password2,
432                            autoScreenName, screenName, emailAddress, facebookId, openId,
433                            themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
434                            suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
435                            sendEmail, updateUserInformation, serviceContext);
436    
437                    // Session messages
438    
439                    if (user.getStatus() == WorkflowConstants.STATUS_APPROVED) {
440                            SessionMessages.add(request, "user_added", user.getEmailAddress());
441                            SessionMessages.add(
442                                    request, "user_added_password", user.getPasswordUnencrypted());
443                    }
444                    else {
445                            SessionMessages.add(
446                                    request, "user_pending", user.getEmailAddress());
447                    }
448    
449                    // Send redirect
450    
451                    String login = null;
452    
453                    Company company = themeDisplay.getCompany();
454    
455                    if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_ID)) {
456                            login = String.valueOf(user.getUserId());
457                    }
458                    else if (company.getAuthType().equals(CompanyConstants.AUTH_TYPE_SN)) {
459                            login = user.getScreenName();
460                    }
461                    else {
462                            login = user.getEmailAddress();
463                    }
464    
465                    sendRedirect(
466                            actionRequest, actionResponse, themeDisplay, login,
467                            user.getPasswordUnencrypted());
468            }
469    
470            private static final boolean _AUTO_SCREEN_NAME = false;
471    
472            private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
473    
474    }