/** * @return <code>null</code> if failed. The browser is already redirected to retry by the time * this method returns. a valid {@link User} object if the user creation was successful. */ private User createAccount(StaplerRequest req, StaplerResponse rsp, String formView) throws ServletException, IOException { SignupInfo si = new SignupInfo(req); String puid = authenticateInWwpass(si.ticket, certFile, keyFile); try { if (loadUserByUsername(puid) != null) { si.errorMessages.add(Messages.WwpassSecurityRealm_PuidIsAlreadyTaken()); } } catch (UsernameNotFoundException e) { } if (si.nickname == null || si.nickname.length() == 0) si.errorMessages.add(Messages.WwpassSecurityRealm_NicknameIsRequired()); else { User user = User.get(si.nickname, false); if (null != user) if (user.getProperty(WwpassIdentity.class) != null) si.errorMessages.add(Messages.WwpassSecurityRealm_NicknameIsAlreadyTaken()); } if (si.fullname == null || si.fullname.length() == 0) si.errorMessages.add(Messages.WwpassSecurityRealm_FullnameIsRequired()); else { User user = User.get(si.fullname, false); if (null != user) if (user.getProperty(WwpassIdentity.class) != null) si.errorMessages.add(Messages.WwpassSecurityRealm_FullnameIsAlreadyTaken()); } if (si.email == null || !si.email.contains("@")) si.errorMessages.add(Messages.WwpassSecurityRealm_InvalidEmailAddress()); if (!si.errorMessages.isEmpty()) { // failed. ask the user to try again. req.setAttribute("data", si); req.getView(this, formView).forward(req, rsp); return null; } // register the user WwpassIdentity id = new WwpassIdentity(puid); id.populate(si); User user = createAccount(id); id.updateProfile(user); user.save(); return user; }
/** Try to make this user a super-user */ private void tryToMakeAdmin(User u) throws IOException { WwpassIdentity p = u.getProperty(WwpassIdentity.class); p.activate(); u.save(); AuthorizationStrategy as = Jenkins.getInstance().getAuthorizationStrategy(); for (PermissionAdder adder : Jenkins.getInstance().getExtensionList(PermissionAdder.class)) { if (adder.add(as, u, Jenkins.ADMINISTER)) { return; } } LOGGER.severe( "Admin permission wasn't added for user: "******", ID: " + u.getId()); }