public String save()

in app/src/main/java/org/apache/roller/weblogger/ui/struts2/admin/UserEdit.java [140:226]


    public String save() {
        myValidate();
        
        if (!hasActionErrors()) {
            getBean().copyTo(user);

            if (authMethod == AuthMethod.DB_OPENID) {
                if (StringUtils.isEmpty(user.getPassword())
                        && StringUtils.isEmpty(bean.getPassword())
                        && StringUtils.isEmpty(bean.getOpenIdUrl())) {
                    addError("userRegister.error.missingOpenIDOrPassword");
                    return INPUT;
                } else if (StringUtils.isNotEmpty(bean.getOpenIdUrl())
                        && StringUtils.isNotEmpty(bean.getPassword())) {
                    addError("userRegister.error.bothOpenIDAndPassword");
                    return INPUT;
                }
            }

            // User.password does not allow null, so generate one
            if (authMethod.equals(AuthMethod.OPENID) ||
                    (authMethod.equals(AuthMethod.DB_OPENID) && !StringUtils.isEmpty(bean.getOpenIdUrl()))) {
                String randomString = RandomStringUtils.randomAlphanumeric(255);
                user.resetPassword(randomString);
            }

            // reset password if set
            if (!StringUtils.isEmpty(getBean().getPassword())) {
                user.resetPassword(getBean().getPassword());

                // invalidate user's session if it's not user executing this action
                if (!getAuthenticatedUser().getUserName().equals(user.getUserName())) {
                    RollerLoginSessionManager sessionManager = RollerLoginSessionManager.getInstance();
                    sessionManager.invalidate(user.getUserName());
                }
            }

            // if user is disabled and not the same as the user executing this action, then invalidate their session
           if (!user.getEnabled() && !getAuthenticatedUser().getUserName().equals(user.getUserName())) {
                RollerLoginSessionManager sessionManager = RollerLoginSessionManager.getInstance();
                sessionManager.invalidate(user.getUserName());
            }

            try {
                UserManager mgr = WebloggerFactory.getWeblogger().getUserManager();
                if (isAdd()) {
                    // fields not copied over from above copyTo():
                    user.setUserName(getBean().getUserName());
                    user.setDateCreated(new java.util.Date());
                    // save new user
                    mgr.addUser(user);
                } else {
                    mgr.saveUser(user);
                }

                // update Admin role as appropriate
                boolean hasAdmin = false;
                GlobalPermission adminPerm =
                    new GlobalPermission(Collections.singletonList(GlobalPermission.ADMIN));
                if (mgr.checkPermission(adminPerm, user)) {
                    hasAdmin = true;
                }  
                // grant/revoke admin role if needed
                if (hasAdmin && !getBean().isAdministrator()) {
                    if (!isUserEditingSelf()) {
                        // revoke role
                        mgr.revokeRole("admin", user);
                    } else {
                        addError("userAdmin.cantChangeOwnRole");
                    }
                } else if(!hasAdmin && getBean().isAdministrator()) {
                    mgr.grantRole("admin", user);
                }
                WebloggerFactory.getWeblogger().flush();

                // successful add or edit: send user back to user admin page
                bean = new CreateUserBean();
                addMessage("userAdmin.userSaved");
                return SUCCESS;

            } catch (WebloggerException ex) {
                log.error("ERROR in action", ex);
                addError("generic.error.check.logs");
            }
        }
        return INPUT;
    }