Removed Captcha checks for local requests

src/main/java/org/genesys2/server/service/UserService.java

@@ -29,6 +29,8 @@ public interface UserService {
 	@PreAuthorize("hasRole('ADMINISTRATOR')")
 	void addUser(User user) throws UserException;
 
+	User createAccount(String email, String initialPassword, String fullName);
+
 	@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
 	void updateUser(User user) throws UserException;
 

src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java

@@ -114,6 +114,26 @@ public class UserServiceImpl implements UserService {
 		return userWrapper;
 	}
 
+	@Override
+	@Transactional(readOnly = false)
+	public User createAccount(String email, String initialPassword, String fullName) {
+		User user = new User();
+		user.setEmail(email);
+		user.setName(fullName);
+		user.getRoles().add(UserRole.USER);
+		setPassword(user, initialPassword);
+
+		userPersistence.save(user);
+		return user;
+	}
+
+	/**
+	 * @deprecated Use {@link #createAccount(String, String, String)} to add
+	 *             users
+	 * @param user
+	 * @throws UserException
+	 */
+	@Deprecated
 	@Override
 	@Transactional(readOnly = false, rollbackFor = NotUniqueUserException.class)
 	public void addUser(User user) throws UserException {
@@ -161,11 +181,13 @@ public class UserServiceImpl implements UserService {
 	@Transactional(readOnly = false)
 	public void updatePassword(long userId, String rawPassword) throws UserException {
 		User user = userPersistence.findOne(userId);
+		setPassword(user, rawPassword);
+		userPersistence.save(user);
+	}
 
+	private void setPassword(User user, String rawPassword) {
 		// encrypt password
 		user.setPassword(passwordEncoder.encode(rawPassword));
-
-		userPersistence.save(user);
 	}
 
 	@Override

src/main/java/org/genesys2/server/servlet/controller/HtmlController.java

@@ -16,6 +16,8 @@
 
 package org.genesys2.server.servlet.controller;
 
+import java.net.InetAddress;
+import java.net.UnknownHostException;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Locale;
@@ -25,7 +27,6 @@ import javax.servlet.http.HttpServletRequest;
 import net.tanesha.recaptcha.ReCaptchaImpl;
 import net.tanesha.recaptcha.ReCaptchaResponse;
 
-import org.genesys2.server.aspect.AsAdmin;
 import org.genesys2.server.model.Permissions;
 import org.genesys2.server.model.UserRole;
 import org.genesys2.server.model.impl.User;
@@ -34,8 +35,6 @@ import org.genesys2.server.service.CropService;
 import org.genesys2.server.service.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
-import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.ModelMap;
 import org.springframework.validation.BindingResult;
@@ -100,38 +99,51 @@ public class HtmlController extends BaseController {
 	}
 
 	@RequestMapping(value = "new-user")
-	@AsAdmin
 	public String addUser(@ModelAttribute User user, BindingResult bindingResult, HttpServletRequest req,
-			@RequestParam("recaptcha_challenge_field") String challenge, @RequestParam("recaptcha_response_field") String response) {
+			@RequestParam(value = "recaptcha_challenge_field", required = false) String challenge,
+			@RequestParam(value = "recaptcha_response_field", required = false) String response) {
 		user.getRoles().add(UserRole.USER);
 		validator.validate(user, bindingResult);
 
 		// Validate the reCAPTCHA
 		String remoteAddr = req.getRemoteAddr();
-		ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
+		boolean isLocalRequest = false;
 
-		reCaptcha.setPrivateKey(captchaPrivateKey);
+		try {
+			InetAddress remoteInetAddr = InetAddress.getByName(remoteAddr);
+			isLocalRequest = remoteInetAddr.isAnyLocalAddress() || remoteInetAddr.isLoopbackAddress();
+			_logger.debug("Remote addr: " + remoteAddr + " " + remoteInetAddr + " isLocal=" + isLocalRequest);
+		} catch (UnknownHostException e1) {
+			_logger.warn(e1.getMessage());
+		}
+
+		if (!isLocalRequest) {
+			ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
+			reCaptcha.setPrivateKey(captchaPrivateKey);
 
-		ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(remoteAddr, challenge, response);
+			ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(remoteAddr, challenge, response);
 
-		if (!reCaptchaResponse.isValid()) {
-			FieldError fieldError = new FieldError("comment", "captcha", response, false, new String[] { "errors.badCaptcha" }, null, "Please try again.");
-			bindingResult.addError(fieldError);
+			if (!reCaptchaResponse.isValid()) {
+				_logger.warn("Invalid captcha.");
+				FieldError fieldError = new FieldError("comment", "captcha", response, false, new String[] { "errors.badCaptcha" }, null, "Please try again.");
+				bindingResult.addError(fieldError);
+			}
 		}
 
 		try {
 			if (!bindingResult.hasErrors()) {
 				if (!userService.exists(user.getEmail())) {
-					userService.addUser(user);
+					userService.createAccount(user.getEmail(), user.getPassword(), user.getName());
+					return "redirect:/content/account-created";
 				} else {
 					return "redirect:/registration.html?exist=true";
 				}
-
-				SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(user.getEmail(), user.getPassword()));
-				return "redirect:/";
+			} else {
+				_logger.warn("New account form has errors: " + bindingResult.getErrorCount());
 			}
 		} catch (Exception e) {
-			simpleExceptionHandler(e);
+			_logger.error(e.getMessage(), e);
+			// simpleExceptionHandler(e);
 		}
 
 		return "redirect:/registration.html?error=true";