1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23 package org.apache.struts.webapp.example;
24
25
26 import java.lang.reflect.InvocationTargetException;
27
28 import jakarta.servlet.ServletException;
29 import jakarta.servlet.http.HttpServletRequest;
30 import jakarta.servlet.http.HttpServletResponse;
31 import jakarta.servlet.http.HttpSession;
32
33 import org.apache.commons.beanutils.PropertyUtils;
34 import org.apache.struts.action.Action;
35 import org.apache.struts.action.ActionForm;
36 import org.apache.struts.action.ActionForward;
37 import org.apache.struts.action.ActionMapping;
38 import org.apache.struts.action.ActionMessage;
39 import org.apache.struts.action.ActionMessages;
40 import org.apache.struts.apps.mailreader.dao.User;
41 import org.apache.struts.apps.mailreader.dao.UserDatabase;
42 import org.slf4j.Logger;
43 import org.slf4j.LoggerFactory;
44
45
46
47
48
49
50
51
52
53
54
55 public final class SaveRegistrationAction extends Action {
56 private static final long serialVersionUID = -8108970888606534899L;
57
58
59
60
61
62
63
64
65 private final static Logger LOG =
66 LoggerFactory.getLogger(SaveRegistrationAction.class);
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87 public ActionForward execute(ActionMapping mapping,
88 ActionForm form,
89 HttpServletRequest request,
90 HttpServletResponse response)
91 throws Exception {
92
93
94 HttpSession session = request.getSession();
95 RegistrationForm regform = (RegistrationForm) form;
96 String action = regform.getAction();
97 if (action == null) {
98 action = "Create";
99 }
100 UserDatabase database = (UserDatabase)
101 servlet.getServletContext().getAttribute(Constants.DATABASE_KEY);
102 LOG.debug("SaveRegistrationAction: Processing {} action",
103 action);
104
105
106 User user = (User) session.getAttribute(Constants.USER_KEY);
107 if (!"Create".equals(action) && (user == null)) {
108 LOG.trace(" User is not logged on in session {}",
109 session.getId());
110 return (mapping.findForward("logon"));
111 }
112
113
114 if (isCancelled(request)) {
115 LOG.trace(" Transaction '{}' was cancelled", action);
116 session.removeAttribute(Constants.SUBSCRIPTION_KEY);
117 return (mapping.findForward("failure"));
118 }
119
120
121 ActionMessages errors = new ActionMessages();
122 LOG.trace(" Checking transactional control token");
123 if (!isTokenValid(request)) {
124 errors.add(ActionMessages.GLOBAL_MESSAGE,
125 new ActionMessage("error.transaction.token"));
126 }
127 resetToken(request);
128
129
130 LOG.trace(" Performing extra validations");
131 String value = null;
132 value = regform.getUsername();
133 if (("Create".equals(action)) &&
134 (database.findUser(value) != null)) {
135 errors.add("username",
136 new ActionMessage("error.username.unique",
137 regform.getUsername()));
138 }
139 if ("Create".equals(action)) {
140 value = regform.getPassword();
141 if ((value == null) || (value.length() <1)) {
142 errors.add("password",
143 new ActionMessage("error.password.required"));
144 }
145 value = regform.getPassword2();
146 if ((value == null) || (value.length() < 1)) {
147 errors.add("password2",
148 new ActionMessage("error.password2.required"));
149 }
150 }
151
152
153 if (!errors.isEmpty()) {
154 saveErrors(request, errors);
155 saveToken(request);
156 return (mapping.getInputForward());
157 }
158
159
160 try {
161 if ("Create".equals(action)) {
162 user = database.createUser(regform.getUsername());
163 }
164 String oldPassword = user.getPassword();
165 PropertyUtils.copyProperties(user, regform);
166 if ((regform.getPassword() == null) ||
167 (regform.getPassword().length() < 1)) {
168 user.setPassword(oldPassword);
169 }
170 } catch (InvocationTargetException e) {
171 Throwable t = e.getTargetException();
172 if (t == null) {
173 t = e;
174 }
175 LOG.error("Registration.populate", t);
176 throw new ServletException("Registration.populate", t);
177 } catch (Throwable t) {
178 LOG.error("Registration.populate", t);
179 throw new ServletException("Subscription.populate", t);
180 }
181
182 try {
183 database.save();
184 } catch (Exception e) {
185 LOG.error("Database save", e);
186 }
187
188
189 if ("Create".equals(action)) {
190 session.setAttribute(Constants.USER_KEY, user);
191 LOG.trace(" User '{}' logged on in session {}",
192 user.getUsername(), session.getId());
193 }
194
195
196 if (mapping.getAttribute() != null) {
197 if ("request".equals(mapping.getScope()))
198 request.removeAttribute(mapping.getAttribute());
199 else
200 session.removeAttribute(mapping.getAttribute());
201 }
202
203
204 LOG.trace(" Forwarding to success page");
205 return (mapping.findForward("success"));
206
207 }
208 }