From d8ec2df2d4511b9be954d44aaeb010a21b617fb0 Mon Sep 17 00:00:00 2001 From: Thamindu Aluthwala Date: Mon, 16 Dec 2024 16:29:22 +0530 Subject: [PATCH] Change execution order to ensure the account is locked in case of a notification error --- .../handler/UserSelfRegistrationHandler.java | 54 +++++++++---------- 1 file changed, 27 insertions(+), 27 deletions(-) diff --git a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserSelfRegistrationHandler.java b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserSelfRegistrationHandler.java index 9af36cb879..0f9c11396f 100644 --- a/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserSelfRegistrationHandler.java +++ b/components/org.wso2.carbon.identity.recovery/src/main/java/org/wso2/carbon/identity/recovery/handler/UserSelfRegistrationHandler.java @@ -122,6 +122,33 @@ public void handleEvent(Event event) throws IdentityEventException { if (IdentityEventConstants.Event.POST_ADD_USER.equals(event.getEventName())) { UserRecoveryDataStore userRecoveryDataStore = JDBCRecoveryDataStore.getInstance(); + if (isAccountLockOnCreation || isEnableConfirmationOnCreation) { + HashMap userClaims = new HashMap<>(); + if (isAccountLockOnCreation) { + // Need to lock user account. + userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_CLAIM, Boolean.TRUE.toString()); + userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_REASON_CLAIM, + IdentityMgtConstants.LockedReason.PENDING_SELF_REGISTRATION.toString()); + } + if (Utils.isAccountStateClaimExisting(tenantDomain)) { + userClaims.put(IdentityRecoveryConstants.ACCOUNT_STATE_CLAIM_URI, + IdentityRecoveryConstants.PENDING_SELF_REGISTRATION); + } + try { + userStoreManager.setUserClaimValues(user.getUserName(), userClaims, null); + if (log.isDebugEnabled()) { + if (isAccountLockOnCreation) { + log.debug("Locked user account: " + user.getUserName()); + } + if (isEnableConfirmationOnCreation) { + log.debug("Send verification notification for user account: " + user.getUserName()); + } + } + } catch (UserStoreException e) { + throw new IdentityEventException("Error while lock user account :" + user.getUserName(), e); + } + } + try { // Get the user preferred notification channel. String preferredChannel = resolveNotificationChannel(eventProperties, userName, tenantDomain, @@ -166,33 +193,6 @@ public void handleEvent(Event event) throws IdentityEventException { } catch (IdentityRecoveryException e) { throw new IdentityEventException("Error while sending self sign up notification ", e); } - if (isAccountLockOnCreation || isEnableConfirmationOnCreation) { - HashMap userClaims = new HashMap<>(); - if (isAccountLockOnCreation) { - // Need to lock user account. - userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_CLAIM, Boolean.TRUE.toString()); - userClaims.put(IdentityRecoveryConstants.ACCOUNT_LOCKED_REASON_CLAIM, - IdentityMgtConstants.LockedReason.PENDING_SELF_REGISTRATION.toString()); - } - if (Utils.isAccountStateClaimExisting(tenantDomain)) { - userClaims.put(IdentityRecoveryConstants.ACCOUNT_STATE_CLAIM_URI, - IdentityRecoveryConstants.PENDING_SELF_REGISTRATION); - } - try { - userStoreManager.setUserClaimValues(user.getUserName(), userClaims, null); - if (log.isDebugEnabled()) { - if (isAccountLockOnCreation) { - log.debug("Locked user account: " + user.getUserName()); - } - if (isEnableConfirmationOnCreation) { - log.debug("Send verification notification for user account: " + user.getUserName()); - } - } - } catch (UserStoreException e) { - throw new IdentityEventException("Error while lock user account :" + user.getUserName(), e); - } - } - } }