Author: shane.bryzak(a)jboss.com Date: 2008-07-23 01:51:33 -0400 (Wed, 23 Jul 2008) New Revision: 8493 Modified: trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java Log: create new user if grantRole() can't find an existing user Modified: trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java =================================================================== --- trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-07-23 05:39:44 UTC (rev 8492) +++ trunk/src/main/org/jboss/seam/security/management/JpaIdentityStore.java 2008-07-23 05:51:33 UTC (rev 8493) @@ -223,10 +223,30 @@ public boolean grantRole(String username, String role) { + if (roleClass == null) return false; + Object user = lookupUser(username); if (user == null) { - throw new NoSuchUserException("Could not grant role, no such user '" + username + "'"); + if (userPasswordProperty != null) + { + // If no userPasswordProperty is set, it means that authentication is being performed + // by another identity store and this one is just managing roles + throw new NoSuchUserException("Could not grant role, no such user '" + username + "'"); + } + else + { + // We need to create a new user object + if (createUser(username, null)) + { + user = lookupUser(username); + } + else + { + throw new IdentityManagementException( + "Could not grant role - user does not exist and an attempt to create the user failed."); + } + } } Object roleToGrant = lookupRole(role);