001/*
002 * (C) Copyright 2011 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 * Contributors:
016 * Nuxeo - initial API and implementation
017 */
018
019package org.nuxeo.ecm.user.registration;
020
021import java.io.Serializable;
022import java.io.StringWriter;
023import java.util.HashMap;
024import java.util.Map;
025
026import javax.mail.MessagingException;
027import javax.naming.NamingException;
028
029import org.apache.commons.lang.StringUtils;
030import org.apache.commons.logging.Log;
031import org.apache.commons.logging.LogFactory;
032import org.nuxeo.common.utils.IdUtils;
033import org.nuxeo.ecm.core.api.CoreSession;
034import org.nuxeo.ecm.core.api.DocumentModel;
035import org.nuxeo.ecm.core.api.NuxeoException;
036import org.nuxeo.ecm.core.api.PropertyException;
037import org.nuxeo.ecm.core.api.UnrestrictedSessionRunner;
038import org.nuxeo.ecm.core.api.security.ACE;
039import org.nuxeo.ecm.core.api.security.ACL;
040import org.nuxeo.ecm.core.api.security.ACP;
041import org.nuxeo.ecm.core.api.security.SecurityConstants;
042import org.nuxeo.ecm.core.api.security.impl.ACLImpl;
043import org.nuxeo.ecm.core.api.security.impl.ACPImpl;
044import org.nuxeo.ecm.platform.rendering.api.RenderingException;
045import org.nuxeo.ecm.platform.usermanager.NuxeoPrincipalImpl;
046import org.nuxeo.ecm.platform.usermanager.UserManager;
047import org.nuxeo.ecm.user.invite.RegistrationRules;
048import org.nuxeo.ecm.user.invite.UserInvitationComponent;
049import org.nuxeo.ecm.user.invite.UserRegistrationConfiguration;
050import org.nuxeo.ecm.user.invite.UserRegistrationException;
051import org.nuxeo.ecm.user.invite.UserRegistrationInfo;
052import org.nuxeo.runtime.api.Framework;
053
054public class UserRegistrationComponent extends UserInvitationComponent implements UserRegistrationService {
055
056    protected static Log log = LogFactory.getLog(UserRegistrationService.class);
057
058    private static final String REGISTRATION_SUBMITTED_EVENT = "registrationSubmitted";
059
060    private static final String REGISTRATION_ACCEPTED_EVENT = "registrationAccepted";
061
062    private static final String REGISTRATION_REJECTED_EVENT = "registrationRejected";
063
064    private static final String REGISTRATION_VALIDATED_EVENT = "registrationValidated";
065
066    protected class RegistrationCreator extends UnrestrictedSessionRunner {
067
068        protected UserRegistrationInfo userInfo;
069
070        protected DocumentRegistrationInfo docInfo;
071
072        protected Map<String, Serializable> additionnalInfo;
073
074        protected String registrationUuid;
075
076        protected String principalName;
077
078        protected ValidationMethod validationMethod;
079
080        protected UserRegistrationConfiguration configuration;
081
082        public String getRegistrationUuid() {
083            return registrationUuid;
084        }
085
086        public RegistrationCreator(String configurationName, UserRegistrationInfo userInfo,
087                DocumentRegistrationInfo docInfo, Map<String, Serializable> additionnalInfo,
088                ValidationMethod validationMethod, String principalName) {
089            super(getTargetRepositoryName());
090            this.userInfo = userInfo;
091            this.additionnalInfo = additionnalInfo;
092            this.validationMethod = validationMethod;
093            this.docInfo = docInfo;
094            this.configuration = getConfiguration(configurationName);
095            this.principalName = principalName;
096        }
097
098        @Override
099        public void run() {
100
101            // Check if login is defined - if not define it with email
102            userInfo.setLogin(userInfo.getLogin() == null ? userInfo.getEmail() : userInfo.getLogin());
103
104            String title = "registration request for " + userInfo.getLogin() + " (" + userInfo.getEmail() + " "
105                    + userInfo.getCompany() + ") ";
106            String name = IdUtils.generateId(title + "-" + System.currentTimeMillis(), "-", true, 24);
107
108            String targetPath = getOrCreateRootDocument(session, configuration.getName()).getPathAsString();
109
110            DocumentModel doc = session.createDocumentModel(configuration.getRequestDocType());
111            doc.setPathInfo(targetPath, name);
112            doc.setPropertyValue("dc:title", title);
113
114            // store userinfo
115            doc.setPropertyValue(configuration.getUserInfoUsernameField(), userInfo.getLogin());
116            doc.setPropertyValue(configuration.getUserInfoFirstnameField(), userInfo.getFirstName());
117            doc.setPropertyValue(configuration.getUserInfoLastnameField(), userInfo.getLastName());
118            doc.setPropertyValue(configuration.getUserInfoEmailField(), userInfo.getEmail());
119            doc.setPropertyValue(configuration.getUserInfoCompanyField(), userInfo.getCompany());
120            doc.setPropertyValue(configuration.getUserInfoGroupsField(), (Serializable) userInfo.getGroups());
121            doc.setPropertyValue(configuration.getUserInfoTenantIdField(), userInfo.getTenantId());
122
123            // validation method
124            doc.setPropertyValue("registration:validationMethod", validationMethod.toString());
125
126            // Document info
127            doc.setPropertyValue(DocumentRegistrationInfo.DOCUMENT_ID_FIELD, docInfo.getDocumentId());
128            doc.setPropertyValue(DocumentRegistrationInfo.DOCUMENT_RIGHT_FIELD, docInfo.getPermission());
129            doc.setPropertyValue(DocumentRegistrationInfo.DOCUMENT_TITLE_FIELD, docInfo.getDocumentTitle());
130            doc.setPropertyValue(DocumentRegistrationInfo.DOCUMENT_BEGIN_FIELD, docInfo.getBegin());
131            doc.setPropertyValue(DocumentRegistrationInfo.DOCUMENT_END_FIELD, docInfo.getEnd());
132
133            // additionnal infos
134            for (String key : additionnalInfo.keySet()) {
135                try {
136                    doc.setPropertyValue(key, additionnalInfo.get(key));
137                } catch (PropertyException e) {
138                    // skip silently
139                }
140            }
141
142            doc = session.createDocument(doc);
143
144            // Set the ACP for the UserRegistration object
145            ACP acp = new ACPImpl();
146            ACE denyEverything = new ACE(SecurityConstants.EVERYONE, SecurityConstants.EVERYTHING, false);
147            ACE allowEverything = new ACE(principalName, SecurityConstants.EVERYTHING, true);
148            ACL acl = new ACLImpl();
149            acl.setACEs(new ACE[] { allowEverything, denyEverything });
150            acp.addACL(acl);
151            doc.setACP(acp, true);
152
153            registrationUuid = doc.getId();
154
155            sendEvent(session, doc, getNameEventRegistrationSubmitted());
156
157            session.save();
158        }
159
160    }
161
162    public String submitRegistrationRequest(UserRegistrationInfo userInfo, Map<String, Serializable> additionnalInfo,
163            ValidationMethod validationMethod, boolean autoAccept, String principalName) {
164        return submitRegistrationRequest(CONFIGURATION_NAME, userInfo, new DocumentRegistrationInfo(), additionnalInfo,
165                validationMethod, autoAccept, principalName);
166    }
167
168    @Override
169    public String submitRegistrationRequest(String configurationName, UserRegistrationInfo userInfo,
170            DocumentRegistrationInfo docInfo, Map<String, Serializable> additionnalInfo,
171            ValidationMethod validationMethod, boolean autoAccept, String principalName)
172            throws UserRegistrationException {
173        RegistrationCreator creator = new RegistrationCreator(configurationName, userInfo, docInfo, additionnalInfo,
174                validationMethod, principalName);
175        creator.runUnrestricted();
176        String registrationUuid = creator.getRegistrationUuid();
177
178        boolean userAlreadyExists = null != Framework.getService(UserManager.class)
179                                                     .getPrincipal(userInfo.getLogin());
180        // Directly accept registration if the configuration allow it and the
181        // user already exists
182        RegistrationRules registrationRules = getRegistrationRules(configurationName);
183        boolean byPassAdminValidation = autoAccept;
184        byPassAdminValidation |= userAlreadyExists && registrationRules.allowDirectValidationForExistingUser();
185        byPassAdminValidation |= !userAlreadyExists && registrationRules.allowDirectValidationForNonExistingUser();
186        if (byPassAdminValidation) {
187            // Build validationBaseUrl with nuxeo.url property as request is
188            // not accessible.
189            if (!additionnalInfo.containsKey("enterPasswordUrl")) {
190                String baseUrl = Framework.getProperty(NUXEO_URL_KEY);
191
192                baseUrl = StringUtils.isBlank(baseUrl) ? "/" : baseUrl;
193                if (!baseUrl.endsWith("/")) {
194                    baseUrl += "/";
195                }
196                String enterPasswordUrl = getConfiguration(configurationName).getEnterPasswordUrl();
197                if (enterPasswordUrl.startsWith("/")) {
198                    enterPasswordUrl = enterPasswordUrl.substring(1);
199                }
200                additionnalInfo.put("enterPasswordUrl", baseUrl.concat(enterPasswordUrl));
201            }
202            acceptRegistrationRequest(registrationUuid, additionnalInfo);
203        }
204        return registrationUuid;
205    }
206
207    public Map<String, Serializable> validateRegistrationAndSendEmail(String requestId,
208            Map<String, Serializable> additionnalInfo) throws UserRegistrationException {
209
210        Map<String, Serializable> registrationInfo = validateRegistration(requestId, additionnalInfo);
211
212        Map<String, Serializable> input = new HashMap<String, Serializable>();
213        input.putAll(registrationInfo);
214        input.put("info", (Serializable) additionnalInfo);
215        StringWriter writer = new StringWriter();
216
217        UserRegistrationConfiguration configuration = getConfiguration(
218                (DocumentModel) registrationInfo.get(REGISTRATION_DATA_DOC));
219        try {
220            rh.getRenderingEngine().render(configuration.getSuccessEmailTemplate(), input, writer);
221        } catch (RenderingException e) {
222            throw new NuxeoException("Error during rendering email", e);
223        }
224
225        String emailAdress = ((NuxeoPrincipalImpl) registrationInfo.get("registeredUser")).getEmail();
226        String body = writer.getBuffer().toString();
227        String title = configuration.getValidationEmailTitle();
228        if (!Framework.isTestModeSet()) {
229            try {
230                generateMail(emailAdress, null, title, body);
231            } catch (NamingException | MessagingException e) {
232                throw new NuxeoException("Error while sending mail", e);
233            }
234        } else {
235            testRendering = body;
236        }
237
238        return registrationInfo;
239    }
240
241    @Override
242    public void addRightsOnDoc(CoreSession session, DocumentModel registrationDoc) {
243        UserRegistrationConfiguration configuration = getConfiguration(registrationDoc);
244        DocumentModel document = ((DefaultRegistrationUserFactory) getRegistrationUserFactory(
245                configuration)).doAddDocumentPermission(session, registrationDoc, configuration);
246        if (document != null) {
247            ((RegistrationUserFactory) getRegistrationUserFactory(configuration)).doPostAddDocumentPermission(session,
248                    registrationDoc, document);
249        }
250    }
251
252    @Override
253    public String getNameEventRegistrationSubmitted() {
254        return REGISTRATION_SUBMITTED_EVENT;
255    }
256
257    @Override
258    public String getNameEventRegistrationAccepted() {
259        return REGISTRATION_ACCEPTED_EVENT;
260    }
261
262    @Override
263    public String getNameEventRegistrationRejected() {
264        return REGISTRATION_REJECTED_EVENT;
265    }
266
267    @Override
268    public String getNameEventRegistrationValidated() {
269        return REGISTRATION_VALIDATED_EVENT;
270    }
271}