Hi:

I implemented a Custom Struts action that handles creation of new user accounts. In the UI I allow the user to pick the organizations they belong to as part of their account creation. When my action reaches the point where the user account is getting created it stumbles when doing permission checks at the code lines below. I have my sites set to open membership (not sure how to do this for organizations). How can I prevent this? I don't want portal admins to associate users manually to organizations and rather want the end user to pick this.

The code part that gets called:

       User user = UserServiceUtil.addUserWithWorkflow(
			company.getCompanyId(), autoPassword, password1, password2,
			autoScreenName, screenName, emailAddress, facebookId, openId,
			themeDisplay.getLocale(), firstName, middleName, lastName, prefixId,
			suffixId, male, birthdayMonth, birthdayDay, birthdayYear, jobTitle,
			groupIds, organizationIds, roleIds, userGroupIds, sendEmail,
			serviceContext);

raises the exception below:

com.liferay.portal.security.auth.PrincipalException
	at com.liferay.portal.service.permission.OrganizationPermissionImpl.check(OrganizationPermissionImpl.java:52)
	at com.liferay.portal.service.permission.OrganizationPermissionUtil.check(OrganizationPermissionUtil.java:42)
	at com.liferay.portal.service.impl.UserServiceImpl.checkOrganizations(UserServiceImpl.java:2330)
	at com.liferay.portal.service.impl.UserServiceImpl.checkAddUserPermission(UserServiceImpl.java:2155)
	at com.liferay.portal.service.impl.UserServiceImpl.addUserWithWorkflow(UserServiceImpl.java:528)

If I hold off on populating the organizationIds[] array till after the user is created i.e. update the same user that was created a few moments ago by making the call below:

		user = UserServiceUtil.updateUser(user.getUserId(), user.getPassword(), null, null, user.getPasswordReset(), 
				user.getReminderQueryQuestion(), user.getReminderQueryAnswer(), user.getScreenName(), 
				emailAddress, facebookId, openId, user.getLanguageId(), user.getTimeZoneId(), user.getGreeting(),
				user.getComments(), firstName, middleName, lastName, prefixId, suffixId, male, birthdayMonth,
				birthdayDay, birthdayYear, null, null, null, null, null, null, null, null,
				null, null, jobTitle, groupIds, organizationIds, user.getRoleIds(), 
				//necessary to use the service as we don't want to accidentally
				//null auto-assigned usergrouprole's
				UserGroupRoleLocalServiceUtil.getUserGroupRoles(user.getUserId()), user.getUserGroupIds(),
				user.getAddresses(), user.getEmailAddresses(), phones, user.getWebsites(), null,
				serviceContext);

gives the following exception:

com.liferay.portal.security.auth.PrincipalException
	at com.liferay.portal.service.permission.UserPermissionImpl.check(UserPermissionImpl.java:61)
	at com.liferay.portal.service.permission.UserPermissionUtil.check(UserPermissionUtil.java:44)
	at com.liferay.portal.service.impl.UserServiceImpl.updateUser(UserServiceImpl.java:1777)
	at com.liferay.portal.spring.aop.ServiceBeanMethodInvocation.proceed(ServiceBeanMethodInvocation.java:115)

Can anyone help me understand what I am doing wrong? Why is the action getting restricted from updating the user just created?

Thanks for all help.