From ba349936fa7f4669411e53c16102954c7f57cfcb Mon Sep 17 00:00:00 2001
From: Patrick Huang <pahuang@redhat.com>
Date: Mon, 9 Sep 2013 13:39:48 +1000
Subject: [PATCH] rhbz1002340 - verify username availability in first openid
 log in

---
 .../src/test/resources/conf/standalone.xml    |  6 ++++
 .../java/org/zanata/action/ProfileAction.java | 30 ++++++++++++-------
 zanata-war/src/main/webapp/profile/edit.xhtml |  3 +-
 3 files changed, 28 insertions(+), 11 deletions(-)

diff --git a/functional-test/src/test/resources/conf/standalone.xml b/functional-test/src/test/resources/conf/standalone.xml
index 3f15311ac6..2d91872b6b 100644
--- a/functional-test/src/test/resources/conf/standalone.xml
+++ b/functional-test/src/test/resources/conf/standalone.xml
@@ -218,6 +218,7 @@
         <subsystem xmlns="urn:jboss:domain:naming:1.3">
             <bindings>
                 <simple name="java:global/zanata/security/auth-policy-names/internal" value="zanata.internal"/>
+                <simple name="java:global/zanata/security/auth-policy-names/openid" value="zanata.openid"/>
                 <simple name="java:global/zanata/security/admin-users" value="admin"/>
                 <simple name="java:global/zanata/email/default-from-address" value="no-reply@zanata.org" />
                 <simple name="java:global/zanata/files/document-storage-directory" value="${project.build.directory}/zanata-documents"/>
@@ -262,6 +263,11 @@
                         <login-module code="org.jboss.seam.security.jaas.SeamLoginModule" flag="required"/>
                     </authentication>
                 </security-domain>
+               <security-domain name="zanata.openid">
+                  <authentication>
+                     <login-module code="org.zanata.security.OpenIdLoginModule" flag="required"/>
+                  </authentication>
+               </security-domain>
             </security-domains>
         </subsystem>
         <subsystem xmlns="urn:jboss:domain:threads:1.1"/>
diff --git a/zanata-war/src/main/java/org/zanata/action/ProfileAction.java b/zanata-war/src/main/java/org/zanata/action/ProfileAction.java
index 27e6e4513b..6c4e23b5c8 100644
--- a/zanata-war/src/main/java/org/zanata/action/ProfileAction.java
+++ b/zanata-war/src/main/java/org/zanata/action/ProfileAction.java
@@ -22,6 +22,7 @@
 
 import java.io.Serializable;
 
+import javax.faces.event.ValueChangeEvent;
 import javax.validation.constraints.Pattern;
 import javax.validation.constraints.Size;
 
@@ -63,10 +64,11 @@ public class ProfileAction implements Serializable
    private String username;
    private String activationKey;
    private boolean valid;
+   private boolean newUser;
 
    @In
    ApplicationConfiguration applicationConfiguration;
-   
+
    @Logger
    Log log;
 
@@ -93,14 +95,14 @@ public class ProfileAction implements Serializable
 
    @In
    RegisterService registerServiceImpl;
-   
+
    @In
    EmailChangeService emailChangeService;
 
    private void validateEmail(String email)
    {
       HPerson person = personDAO.findByEmail(email);
-      
+
       if( person != null && !person.getAccount().equals( authenticatedAccount ) )
       {
          valid = false;
@@ -108,9 +110,9 @@ private void validateEmail(String email)
       }
    }
 
-   private void validateUsername()
+   private void validateUsername(String username)
    {
-      HAccount account = accountDAO.getByUsername(this.username);
+      HAccount account = accountDAO.getByUsername(username);
 
       if( account != null && !account.equals( authenticatedAccount ) )
       {
@@ -119,11 +121,18 @@ private void validateUsername()
       }
    }
 
+   public void verifyUsernameAvailable(ValueChangeEvent e)
+   {
+      String username = (String) e.getNewValue();
+      validateUsername(username);
+   }
+
    @Create
    public void onCreate()
    {
       username = identity.getCredentials().getUsername();
-      if (identityStore.isNewUser(username))
+      newUser = identityStore.isNewUser(username);
+      if (newUser)
       {
          name = identity.getCredentials().getUsername();
          String domain = applicationConfiguration.getDomainName();
@@ -131,7 +140,7 @@ public void onCreate()
          {
             email = "";
          }
-         else 
+         else
          {
             if( applicationConfiguration.isOpenIdAuth() )
             {
@@ -188,7 +197,7 @@ public String getUsername()
    public void setUsername(String username)
    {
       this.username = username;
-      validateUsername();
+      validateUsername(username);
    }
 
    public String getActivationKey()
@@ -206,7 +215,7 @@ public String edit()
    {
       this.valid = true;
       validateEmail(this.email);
-      validateUsername();
+      validateUsername(username);
 
       if( !this.isValid() )
       {
@@ -267,7 +276,8 @@ public boolean isValid()
 
    public boolean isNewUser()
    {
-      return identityStore.isNewUser(username);
+      // in case someone else has registered in the middle
+      return newUser || identityStore.isNewUser(username);
    }
 
 }
diff --git a/zanata-war/src/main/webapp/profile/edit.xhtml b/zanata-war/src/main/webapp/profile/edit.xhtml
index 9fbb043c7e..1a3d7effb0 100644
--- a/zanata-war/src/main/webapp/profile/edit.xhtml
+++ b/zanata-war/src/main/webapp/profile/edit.xhtml
@@ -36,7 +36,8 @@
             </ui:remove>
             <s:decorate id="usernameField" template="../WEB-INF/layout/edit.xhtml" rendered="#{profileAction.newUser}" enclose="true">
               <ui:define name="label">#{messages['jsf.Username']}</ui:define>
-              <h:inputText id="username" value="#{profileAction.username}" required="true" >
+              <h:inputText id="username" value="#{profileAction.username}" required="true"
+                           valueChangeListener="#{profileAction.verifyUsernameAvailable}" onchange="submit()" >
                   <a4j:ajax event="blur" render="usernameField" execute="@this"/>
               </h:inputText>