Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Table of Contents
minLevel1
maxLevel7

Design

...

How it works

Sign up page composition

  • Title of the page : “Sign up”

  • Introductory text : “

  • Sign up Form

...

  • Firstname field*

  • Lastname field *

  • Email field *

    • Plus a tooltip : “Your email will not be shared”

  • Password Field *

    • Plus a tooltip a tooltip : “At least 8 characters, including 1 number, 1 capital letter and 1 punctuation mark.”

  • Company

  • Terms of use Checkbox*

  • Sign up button

  • I already have an account link that redirect user to the login page

*Mandatory fields

...

Sign up

...

process

When users clicks on the sign up button after filling the sign up form :

  • A popin message appear to confirm the registration is made with successAn email is sent to all administrators to let them know a user is requesting accessconfirmation message display

  • The user for whom the sign up request was made receives an email informing him that he must validate his email address to confirm his account creation request. At this stage the user appears is not visible in the list of users to be approved by administrators in the administration interface, but in an inactive status.When the user's email is confirmed, the user to be approved becomes active in the administration interfacethe backoffice.

  • As soon as the user confirmed his email, the pending account display in administrators’s dashboards in the backoffice.

  • A confirmation email is sent to the user to let him know his account request is pending validation.

  • Administrators can approve the account or not.

  • As soon as the user awaiting validation account is validated approved by an administrator (from the back office), then the user's account becomes active, and he the user receives a confirmation by email.

...

  • I already have an account link : signup.signupForm.cancelButton (i18n)

  • Sign up button : signup.signupForm.inscriptionButton (i18n)

  • Sign up title : page.title.signup(i18n)

  • Introductory text : signup.description(i18n)

Migration from a pre-2022.1

The issue :

Info

The process of creating a new user has been revised in 2022.1 sends to new users an email asking them to validate their account.

When the user clicks on the button to validate their account the /verify action ends in error 500 with the following exception:

Code Block
LOGGER:applicatif
 Class: java.lang.RuntimeException Msg: java.lang.RuntimeException: noheto.BusinessException: You do not have the right to create an authority of this object: user.
 source: website
 remoteaddr: 52.47.89.117
 uri: /api/packaged/register/verify/pX1sSnSb31qaQF1w1CC3pnNGALmkdCAjtF7-tt67ieRJTnDS8SJGSyfimxdsmP4jecoPTM6ue6A
 referer: -
 user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:96.0) Gecko/20100101 Firefox/96.0
 
-------------
Throwable information:
Class: java.lang.RuntimeException Msg: java.lang.RuntimeException: noheto.BusinessException: You do not have the right to create an authority of this object: user.
 noheto.workflow.standard.Workflow.doAction(Workflow.java:346)
 noheto.workflow.standard.Workflow.execute(Workflow.java:231)
 wsnoheto.engine.ObjectWritable.processWorkflowAction(ObjectWritable.java:3518)
 wsnoheto.engine.ObjectWritable.processWorkflowAction(ObjectWritable.java:3472)

Explanation : when the systems sends an email to validate the email address, the link that is provided executes an action on the temporary

Status
titleuserregistration
account: it executes the workflow action defined in the validate_email_workflow_action plugin parameter which has the default value validate.

In previous versions, the validate action was creating a user, and when the application is correctly secured, a non connected surfer is not allowed to create a user.

The purpose of the action should be to validate the email address entered and thus allow the administrators to approve the creation of the final account.

How to solve :

  1. Create a new step in the workflow of the userregistration object: unverified email

  2. Add a verify action from unverified email to inactive

  3. Inactive status must be published true

  4. Change the default status of userregistration to have the ID of unverified email

  5. Change the activated value of userregistration to 2

  6. Set the validate_email_workflow_action of the PACKAGED_RegistrationEmails to verify

In starter-kit, we have chosen not to go through the workflow to approve the creation of an account: by going through the workflow, it is not possible to send the user back to the account finally created. So we have a button that appears in the toolbar if enable_create_account_from_request is set to true. To keep your existing operation, you'll have to set this parameter to false (to not have the button)

Some notes:

  • By creating a new status and setting the default value of status, non-validated accounts created before the update can still be approved even if they haven't validated their email address (as before). The following ones on the other hand will have to go through this address.

  • You will have to customize the email template, but... it's documented → https://crossmedia.atlassian.net/wiki/spaces/WD/pages/2160427009/UI+configuration+checklist#Registration-related

  • Depending on how the account creation trigger is written (validate in your workflow), you may be able to name the action that changes from unverified email to inactive validate → advantage, no need to change the default value of validate_email_workflow_action (a rather limited advantage, I agree)

  • you can prevent admins to see userregistration with unverified email status → avoid creating accounts with unvalidated email