Implemented Changes:

Data model changes:

• User model objects now have a persistent property "activationId"
• Before activation, "activationId" SHOULD be some reasonably unique string of URL safe characters
• After activation, "activationId" set to null
• A new index on activationId
• User model objects have two new transient methods:
  • public boolean isActivated()
  • public void activate()

Data access object changes:

• New user lookup method in UserDao "public User getUserByActivationId(String id)"

Service level changes:

• New service interface "AccountActivationService" with four methods:
  • public String getActivationToken()
  • public void initiateActivationProcess(User user)
  • public void activateUserFromToken(String activationToken)
  • public User getUserFromToken(String activationToken)

• New abstract implementation of AccountActivationService "AbstractCosmoActivationService" to encapsulate the behavior of our User model described above (ie, use "User.activate and UserDao.getUserByActivationId)
  • Implemented methods:
    • activateUserFromToken
    • getUserFromToken

• Temporary default implementation of AccountActivationService that extends AbstractCosmoActivationService "AutomaticAccountActivationService"
  • getActivationToken returns null,
  • initiateActivationProcess(user) calls user.activate()
  • will probably remain as AccountActivationService for unit testing.

• StandardUserService.createUser sets activationId on User object with activationToken from AccountActivationService.getActivationToken() and then calls AccountActivationService.initiateActivationProcess()

Proposed Changes:

Service level changes:

• New "EmailAccountActivationService" which will extend "AbstractCosmoAccountActivationService"
• getActivationToken will return reasonably unique URL safe string
• initiateActivationProcess will send an e-mail to the e-mail address specified in the User object with a link to /cosmo/account/activate/{User.activationId}

CMP changes:

• Unactivated users will have an tag in their XML user representation with that user's activation id as its content
• GET /cmp/activate/{activationId} will return the XML representation of the user associated with {activationId}
• POST /cmp/activate/{activationId} will activate the user associated with {activationId}
• Both commands on this url will be accessible to principles authorized as ROLE_ANONYMOUS, ROLE_USER or ROLE_ROOT

UI Changes:

• /account/activate/{activationId} will bring users to a page with the account information for the user associated with activationId and a button that says "Activate"
• Both the account information and the "Activate" action will be handled through CMP
• The user list widget at /admin/users will include an "Activated" field, which will be either "Yes" or "No"
• The control links at the bottom of the user list widget will have an "Activate User" link when only unactivated users are included in the current selection. Clicking this link will activate all selected users.

-- TravisVachon - 20 Nov 2006