/* ====================================================================
    * The Jcorporate Apache Style Software License, Version 1.2 05-07-2002
    *
    * Copyright (c) 1995-2002 Jcorporate Ltd. All rights reserved.
    *
    * Redistribution and use in source and binary forms, with or without
    * modification, are permitted provided that the following conditions
    * are met:
    *
   * 1. Redistributions of source code must retain the above copyright
   *    notice, this list of conditions and the following disclaimer.
   *
   * 2. Redistributions in binary form must reproduce the above copyright
   *    notice, this list of conditions and the following disclaimer in
   *    the documentation and/or other materials provided with the
   *    distribution.
   *
   * 3. The end-user documentation included with the redistribution,
   *    if any, must include the following acknowledgment:
   *       "This product includes software developed by Jcorporate Ltd.
   *        (http://www.jcorporate.com/)."
   *    Alternately, this acknowledgment may appear in the software itself,
   *    if and wherever such third-party acknowledgments normally appear.
   *
   * 4. "Jcorporate" and product names such as "Expresso" must
   *    not be used to endorse or promote products derived from this
   *    software without prior written permission. For written permission,
   *    please contact info@jcorporate.com.
   *
   * 5. Products derived from this software may not be called "Expresso",
   *    or other Jcorporate product names; nor may "Expresso" or other
   *    Jcorporate product names appear in their name, without prior
   *    written permission of Jcorporate Ltd.
   *
   * 6. No product derived from this software may compete in the same
   *    market space, i.e. framework, without prior written permission
   *    of Jcorporate Ltd. For written permission, please contact
   *    partners@jcorporate.com.
   *
   * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESSED OR IMPLIED
   * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
   * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
   * DISCLAIMED.  IN NO EVENT SHALL JCORPORATE LTD OR ITS CONTRIBUTORS
   * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
   * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
   * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF
   * USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND
   * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
   * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
   * OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
   * SUCH DAMAGE.
   * ====================================================================
   *
   * This software consists of voluntary contributions made by many
   * individuals on behalf of the Jcorporate Ltd. Contributions back
   * to the project(s) are encouraged when you make modifications.
   * Please send them to support@jcorporate.com. For more information
   * on Jcorporate Ltd. and its products, please see
   * <http://www.jcorporate.com/>.
   *
   * Portions of this software are based upon other open source
   * products and are subject to their respective licenses.
   */
  
  /***
   * ControllerSecurityMatrix.java Copyright 2000, 2001 Jcorporate Ltd.
   */
  package com.sri.emo.controller;
  
  import com.jcorporate.expresso.core.controller.*;
  import com.jcorporate.expresso.core.db.DBException;
  import com.jcorporate.expresso.core.security.User;
  import com.jcorporate.expresso.services.controller.SimpleRegistration;
  import com.jcorporate.expresso.services.dbobj.RegistrationDomain;
  import com.jcorporate.expresso.services.dbobj.Setup;
  import com.jcorporate.expresso.services.validation.AuthValidationException;
  import com.jcorporate.expresso.services.validation.LoginEmailValidator;
  import com.jcorporate.expresso.services.validation.ValidationEntry;
  import com.sri.emo.EmoSchema;
  
  import javax.servlet.http.HttpServletRequest;
  
  
  /***
   * This is the implementation of Registration.
   */
  public class EmoRegistration
          extends SimpleRegistration {
  
      /***
  	 * 
  	 */
  	private static final long serialVersionUID = 1L;
  	private static String[] PUBLIC_METHODS = {"showDBMenu", "emailValidate",
              "promptSelfRegister", "processSelfRegister", "processRevalidate"};
  
      /***
       * constructor.
       */
     public EmoRegistration() {
     }
 
     /***
      * Creates the validation entry for validating email.
      *
      * @param request             The ControllerRequest object
      * @param response            The ControllerResponse object
      * @param user                the user that is registering
      * @param rd                  The registration domain that the user is signing up for
      * @param loginControllerName the name of the login controller used
      * @throws com.jcorporate.expresso.core.db.DBException
      *          upon data access error
      * @throws com.jcorporate.expresso.core.controller.ControllerException
      *          for other errors
      */
     protected void setupEmailValidation(final ExpressoRequest request,
                                         final ExpressoResponse response,
                                         final User user,
                                         final RegistrationDomain rd,
                                         final String loginControllerName) throws DBException, ControllerException {
         String emailAuthCode = user.getEmailAuthCode();
         String loginName = user.getLoginName();
         user.setEmailValCode(emailAuthCode);
         user.update();
 
         HttpServletRequest hreq = (HttpServletRequest) ((ServletControllerRequest) request).getServletRequest();
 
         try {
 
             ValidationEntry ve = new ValidationEntry(request.getDataContext());
             ve.expiresAfter(72, 0, 0); //Expires after 72 hours
             ve.setValidationHandler(LoginEmailValidator.class);
             ve.setTitle("Registration Email Validation");
             ve.setDesc("user=" + loginName + ", db=" + request.getDataContext());
             ve.setServer(Setup.getValueRequired("HTTPServ"));
             ve.setPort(Integer.toString(hreq.getServerPort()));
             ve.setContextPath(hreq.getContextPath());
             ve.addParam("db", request.getDataContext());
             ve.addParam("UserName", loginName);
             ve.addParam("RegistrationController", this.getClass().getName());
             ve.addParam("LoginController", loginControllerName);
 
             ///////////////////////////////////////
             /// here's the diff
             //////////////////////////////////////
             ve.addParam("schema", EmoSchema.class.getName());
             /////////////////////////////////////
 
             ve.submit();
         } catch (AuthValidationException avex) {
             delayLogin();
             throw new ControllerException("Validation framework exception",
                     avex);
         }
 
     }
 
 
     /***
      * For database controllers, we check if the new state is allowed
      * against the database objects for that purpose
      *
      * @param newState  The name of the new state that is being requested; controller class is assumed to be 'this'
      * @param myRequest the <code>ControllerRequest</code> object
      * @return True if the state is permitted for this user, else false
      * @throws com.jcorporate.expresso.core.controller.ControllerException
      *          if another undefined error takes place while
      *          checking security.
      */
     public boolean stateAllowed(final String newState, final ExpressoRequest myRequest) throws ControllerException {
 
         for (int i = 0; i < PUBLIC_METHODS.length; i++) {
             String s = PUBLIC_METHODS[i];
             if (s.equals(newState)) {
                 return true;
             }
         }
         return super.stateAllowed(newState, myRequest);
     } /* stateAllowed(String) */
 
     /***
      * Processes post Registration If the user is done.
      *
      * @param request             the ControllerRequest Object
      * @param response            the ControllerResponse object
      * @param user                An instantiated user object representing the current User
      *                            registering
      * @param rd                  The RegistrationDomain that this user is registering for
      * @param loginControllerName The name of the login controller used for
      *                            referencing back to this class
      * @return A completed ControllerResponse object
      * @throws com.jcorporate.expresso.core.controller.NonHandleableException
      *          upon fatal error
      */
     protected ExpressoResponse processPostRegistration(ExpressoRequest request,
                                                        ExpressoResponse response,
                                                        User user,
                                                        RegistrationDomain rd,
                                                        String loginControllerName) throws DBException,
             ControllerException, NonHandleableException {
 
         // allow our message bundle to override
 //        Stack stack = response.getSchemaStack(); // already comes with expresso; assumes this is ONLY place stack is manipulated
 //        stack.push(EmoSchema.class.getName());
 //        response.setSchemaStack(stack);
 
         ExpressoResponse result = super.processPostRegistration(request, response, user, rd, loginControllerName);
 
         result.add(new Output("email", user.getEmail()));
         return result;
 
 
     }
 }