ActionMapping mapping,
ActionForm actionForm,
HttpServletRequest request,
HttpServletResponse response)
throws IOException, ServletException {
UserFormEx form = (UserFormEx)actionForm;
RollerRequest rreq = RollerRequest.getRollerRequest(request);
ServletContext ctx = rreq.getServletContext();
RollerContext rollerContext = RollerContext.getRollerContext();
boolean reg_allowed =
RollerRuntimeConfig.getBooleanProperty("users.registration.enabled");
if ( !reg_allowed && !request.isUserInRole("admin")) {
throw new ServletException("New users disabled!");
}
ActionMessages msgs = new ActionMessages();
ActionMessages errors = validate(form, new ActionErrors());
if (!errors.isEmpty()) {
saveErrors(request, errors);
} else try {
// Add new user
UserManager mgr = RollerFactory.getRoller().getUserManager();
UserData ud = new UserData();
form.copyTo(ud, request.getLocale()); // doesn't copy password
ud.setId(null);
ud.setDateCreated(new java.util.Date());
ud.setEnabled(Boolean.TRUE);
// If user set both password and passwordConfirm then reset password
if ( !StringUtils.isEmpty(form.getPasswordText())
&& !StringUtils.isEmpty(form.getPasswordConfirm())) {
ud.resetPassword(RollerFactory.getRoller(),
form.getPasswordText(), form.getPasswordConfirm());
}
// save new user
mgr.addUser(ud);
RollerFactory.getRoller().flush();
if (form.getAdminCreated()) {
// User created for admin, so return to new user page with empty form
msgs.add(ActionMessages.GLOBAL_MESSAGE,
new ActionMessage("newUser.created"));
saveMessages(request, msgs);
form.reset(mapping, request);
return createUser(mapping, actionForm, request, response);
} else {
// User registered, so go to welcome page
request.setAttribute("contextURL",
RollerRuntimeConfig.getAbsoluteContextURL());
// Invalidate session, otherwise new user who was originally authenticated
// via LDAP/SSO will remain logged in with a but without a valid Roller role.
request.getSession().invalidate();
return mapping.findForward("welcome.page");
}
} catch (RollerException e) {
errors.add(ActionErrors.GLOBAL_ERROR, new ActionError(e.getMessage()));
saveErrors(request,errors);
mLogger.error("ERROR in addUser", e);
form.setUserName("");
}
if (form.getAdminCreated()) {
return mapping.findForward("createUser");
} else {
// Error occured, send user back to new user form
return mapping.findForward("registerUser");
}