1. Project Clover database Tue Dec 20 2016 21:24:09 CET
  2. Package com.xpn.xwiki.web

File RegisterAction.java

 

Coverage histogram

../../../../img/srcFileCovDistChart8.png
54% of files have more coverage

Code metrics

16
37
3
1
134
77
13
0.35
12.33
3
4.33

Classes

Class Line # Actions
RegisterAction 39 37 0% 13 15
0.7321428773.2%
 

Contributing tests

No tests hitting this source file were found.

Source view

1    /*
2    * See the NOTICE file distributed with this work for additional
3    * information regarding copyright ownership.
4    *
5    * This is free software; you can redistribute it and/or modify it
6    * under the terms of the GNU Lesser General Public License as
7    * published by the Free Software Foundation; either version 2.1 of
8    * the License, or (at your option) any later version.
9    *
10    * This software is distributed in the hope that it will be useful,
11    * but WITHOUT ANY WARRANTY; without even the implied warranty of
12    * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13    * Lesser General Public License for more details.
14    *
15    * You should have received a copy of the GNU Lesser General Public
16    * License along with this software; if not, write to the Free
17    * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
18    * 02110-1301 USA, or see the FSF site: http://www.fsf.org.
19    */
20    package com.xpn.xwiki.web;
21   
22    import javax.script.ScriptContext;
23   
24    import org.slf4j.Logger;
25    import org.slf4j.LoggerFactory;
26    import org.xwiki.captcha.CaptchaVerifier;
27    import org.xwiki.model.reference.DocumentReference;
28   
29    import com.xpn.xwiki.XWiki;
30    import com.xpn.xwiki.XWikiContext;
31    import com.xpn.xwiki.XWikiException;
32    import com.xpn.xwiki.doc.XWikiDocument;
33   
34    /**
35    * Register xwiki action.
36    *
37    * @version $Id: 2e3400dafbe229235141f4cfb9eea6eeea66db83 $
38    */
 
39    public class RegisterAction extends XWikiAction
40    {
41    /** Name of the corresponding template and URL parameter. */
42    private static final String REGISTER = "register";
43   
44    /** Logger. */
45    private static final Logger LOGGER = LoggerFactory.getLogger(RegisterAction.class);
46   
47    /** Space where the registration config and class are stored. */
48    private static final String WIKI_SPACE = "XWiki";
49   
50    /** For verifying, if needed, the captcha answer submitted. */
51    private static CaptchaVerifier verifier = Utils.getComponent(CaptchaVerifier.class, "image");
52   
 
53  163 toggle @Override
54    public boolean action(XWikiContext context) throws XWikiException
55    {
56  163 XWiki xwiki = context.getWiki();
57  163 XWikiRequest request = context.getRequest();
58  163 XWikiResponse response = context.getResponse();
59   
60  163 String register = request.getParameter(REGISTER);
61  163 if (register != null && register.equals("1")) {
62    // CSRF prevention
63  30 if (!csrfTokenCheck(context)) {
64  1 return false;
65    }
66    // Let's verify that the user submitted the right captcha (if required).
67  29 if (!verifyCaptcha(context, xwiki)) {
68  0 return false;
69    }
70   
71  29 int useemail = xwiki.getXWikiPreferenceAsInt("use_email_verification", 0, context);
72  29 int result;
73  29 if (useemail == 1) {
74  0 result = xwiki.createUser(true, "edit", context);
75    } else {
76  29 result = xwiki.createUser(context);
77    }
78  29 getCurrentScriptContext().setAttribute("reg", Integer.valueOf(result), ScriptContext.ENGINE_SCOPE);
79   
80    // Redirect if a redirection parameter is passed.
81  29 String redirect = Utils.getRedirect(request, null);
82  29 if (redirect == null) {
83  6 return true;
84    } else {
85  23 sendRedirect(response, redirect);
86  23 return false;
87    }
88    }
89   
90  133 return true;
91    }
92   
 
93  139 toggle @Override
94    public String render(XWikiContext context) throws XWikiException
95    {
96  139 return REGISTER;
97    }
98   
99    /**
100    * Verifies the user captcha answer (if required).
101    *
102    * @param context Current context
103    * @param xwiki Current wiki
104    * @return true If the user submitted the correct answer or if no captcha is required
105    * @throws XWikiException exception
106    */
 
107  29 toggle private boolean verifyCaptcha(XWikiContext context, XWiki xwiki) throws XWikiException
108    {
109    // No verification if the current user has programming rights.
110  29 if (xwiki.getRightService().hasProgrammingRights(context)) {
111  0 return true;
112    }
113  29 XWikiRequest request = context.getRequest();
114    // The document where the "requirecaptcha" parameter is stored.
115  29 DocumentReference configRef = new DocumentReference(context.getWikiId(), WIKI_SPACE, "RegistrationConfig");
116  29 DocumentReference classReference = new DocumentReference(context.getWikiId(), WIKI_SPACE, "Registration");
117  29 XWikiDocument configDoc = xwiki.getDocument(configRef, context);
118    // Retrieve the captcha configuration.
119  29 int captcha = configDoc.getIntValue(classReference, "requireCaptcha");
120   
121  29 if (captcha == 1) {
122  0 try {
123  0 if (!verifier.isAnswerCorrect(verifier.getUserId(request), request.get("captcha_answer"))) {
124  0 LOGGER.warn("Incorrect captcha answer");
125  0 return false;
126    }
127    } catch (Exception e) {
128  0 LOGGER.warn("Cannot verify captcha answer: {}", e.getMessage());
129  0 return false;
130    }
131    }
132  29 return true;
133    }
134    }