| Table of Contents | ||||
|---|---|---|---|---|
|
Design
...
How it works
Sign up page composition
...
I already have an account link :
signup.signupForm.cancelButton(i18n)Sign up button :
signup.signupForm.inscriptionButton(i18n)Sign up title :
page.title.signup(i18n)Introductory text :
signup.description(i18n)
Migration from a pre-2022.1
The issue :
| Info |
|---|
The process of creating a new user has been revised in 2022.1 sends to new users an email asking them to validate their account. When the user clicks on the button to validate their account the /verify action ends in error 500 with the following exception: |
| Code Block |
|---|
LOGGER:applicatif Class: java.lang.RuntimeException Msg: java.lang.RuntimeException: noheto.BusinessException: You do not have the right to create an authority of this object: user. source: website remoteaddr: 52.47.89.117 uri: /api/packaged/register/verify/pX1sSnSb31qaQF1w1CC3pnNGALmkdCAjtF7-tt67ieRJTnDS8SJGSyfimxdsmP4jecoPTM6ue6A referer: - user_agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:96.0) Gecko/20100101 Firefox/96.0 ------------- Throwable information: Class: java.lang.RuntimeException Msg: java.lang.RuntimeException: noheto.BusinessException: You do not have the right to create an authority of this object: user. noheto.workflow.standard.Workflow.doAction(Workflow.java:346) noheto.workflow.standard.Workflow.execute(Workflow.java:231) wsnoheto.engine.ObjectWritable.processWorkflowAction(ObjectWritable.java:3518) wsnoheto.engine.ObjectWritable.processWorkflowAction(ObjectWritable.java:3472) |
Explanation : when the systems sends an email to validate the email address, the link that is provided executes an action on the temporary
| Status | ||
|---|---|---|
|
In previous versions, the validate action was creating a user, and when the application is correctly secured, a non connected surfer is not allowed to create a user.
The purpose of the action should be to validate the email address entered and thus allow the administrators to approve the creation of the final account.
How to solve :
Create a new step in the workflow of the userregistration object: unverified email
Add a verify action from unverified email to inactive
Inactive status must be published true
Change the default status of userregistration to have the ID of unverified email
Change the activated value of userregistration to 2
Set the validate_email_workflow_action of the PACKAGED_RegistrationEmails to verify
In starter-kit, we have chosen not to go through the workflow to approve the creation of an account: by going through the workflow, it is not possible to send the user back to the account finally created. So we have a button that appears in the toolbar if enable_create_account_from_request is set to true. To keep your existing operation, you'll have to set this parameter to false (to not have the button)
Some notes:
By creating a new status and setting the default value of status, non-validated accounts created before the update can still be approved even if they haven't validated their email address (as before). The following ones on the other hand will have to go through this address.
You will have to customize the email template, but... it's documented → https://crossmedia.atlassian.net/wiki/spaces/WD/pages/2160427009/UI+configuration+checklist#Registration-related
Depending on how the account creation trigger is written (validate in your workflow), you may be able to name the action that changes from unverified email to inactive validate → advantage, no need to change the default value of validate_email_workflow_action (a rather limited advantage, I agree)
you can prevent admins to see userregistration with unverified email status → avoid creating accounts with unvalidated email