1   /**
2    * Copyright (c) 2000-2010 Liferay, Inc. All rights reserved.
3    *
4    * The contents of this file are subject to the terms of the Liferay Enterprise
5    * Subscription License ("License"). You may not use this file except in
6    * compliance with the License. You can obtain a copy of the License by
7    * contacting Liferay, Inc. See the License for the specific language governing
8    * permissions and limitations under the License, including but not limited to
9    * distribution rights of the Software.
10   *
11   *
12   * 
13   */
14  
15  package com.liferay.portlet.enterpriseadmin.action;
16  
17  import com.liferay.portal.kernel.servlet.SessionErrors;
18  import com.liferay.portal.kernel.util.Constants;
19  import com.liferay.portal.kernel.util.ParamUtil;
20  import com.liferay.portal.kernel.util.PropsKeys;
21  import com.liferay.portal.kernel.util.Validator;
22  import com.liferay.portal.model.Company;
23  import com.liferay.portal.model.RoleConstants;
24  import com.liferay.portal.security.auth.PrincipalException;
25  import com.liferay.portal.security.ldap.PortalLDAPUtil;
26  import com.liferay.portal.service.CompanyServiceUtil;
27  import com.liferay.portal.service.RoleLocalServiceUtil;
28  import com.liferay.portal.servlet.filters.sso.cas.CASFilter;
29  import com.liferay.portal.struts.PortletAction;
30  import com.liferay.portal.util.PortalUtil;
31  import com.liferay.portal.util.PrefsPropsUtil;
32  import com.liferay.util.ldap.LDAPUtil;
33  
34  import javax.portlet.ActionRequest;
35  import javax.portlet.ActionResponse;
36  import javax.portlet.PortletConfig;
37  import javax.portlet.PortletPreferences;
38  
39  import org.apache.struts.action.ActionForm;
40  import org.apache.struts.action.ActionMapping;
41  
42  /**
43   * <a href="EditSettingsAction.java.html"><b><i>View Source</i></b></a>
44   *
45   * @author Brian Wing Shun Chan
46   * @author Scott Lee
47   */
48  public class EditSettingsAction extends PortletAction {
49  
50      public void processAction(
51              ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
52              ActionRequest actionRequest, ActionResponse actionResponse)
53          throws Exception {
54  
55          long companyId = PortalUtil.getCompanyId(actionRequest);
56          long userId = PortalUtil.getUserId(actionRequest);
57  
58          if (!RoleLocalServiceUtil.hasUserRole(
59                  userId, companyId, RoleConstants.ADMINISTRATOR, true)) {
60  
61              SessionErrors.add(
62                  actionRequest, PrincipalException.class.getName());
63  
64              setForward(actionRequest, "portlet.enterprise_admin.error");
65  
66              return;
67          }
68  
69          PortletPreferences prefs = PrefsPropsUtil.getPreferences(companyId);
70  
71          String cmd = ParamUtil.getString(actionRequest, Constants.CMD);
72  
73          if (cmd.equals("updateCAS")) {
74              updateCAS(actionRequest, companyId, prefs);
75          }
76          else if (cmd.equals("updateDefaultGroupsAndRoles")) {
77              updateDefaultGroupsAndRoles(actionRequest, prefs);
78          }
79          else if (cmd.equals("updateEmails")) {
80              updateEmails(actionRequest, prefs);
81          }
82          else if (cmd.equals("updateLdap")) {
83              updateLdap(actionRequest, companyId, prefs);
84          }
85          else if (cmd.equals("updateMailHostNames")) {
86              updateMailHostNames(actionRequest, prefs);
87          }
88          else if (cmd.equals("updateNtlm")) {
89              updateNtlm(actionRequest, companyId, prefs);
90          }
91          else if (cmd.equals("updateOpenId")) {
92              updateOpenId(actionRequest, prefs);
93          }
94          else if (cmd.equals("updateOpenSSO")) {
95              updateOpenSSO(actionRequest, companyId, prefs);
96          }
97          else if (cmd.equals("updateReservedUsers")) {
98              updateReservedUsers(actionRequest, prefs);
99          }
100         else if (cmd.equals("updateSecurity")) {
101             updateSecurity(actionRequest);
102         }
103         else if (cmd.equals("updateSiteMinder")) {
104             updateSiteMinder(actionRequest, companyId, prefs);
105         }
106 
107         if (SessionErrors.isEmpty(actionRequest)) {
108             if (!cmd.equals("updateLdap") && !cmd.equals("updateSecurity")) {
109                 prefs.store();
110             }
111 
112             sendRedirect(actionRequest, actionResponse);
113         }
114         else {
115             setForward(actionRequest, "portlet.enterprise_admin.view");
116         }
117     }
118 
119     protected void updateCAS(
120             ActionRequest actionRequest, long companyId,
121             PortletPreferences prefs)
122         throws Exception {
123 
124         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
125         boolean importFromLdap = ParamUtil.getBoolean(
126             actionRequest, "importFromLdap");
127         String loginUrl = ParamUtil.getString(actionRequest, "loginUrl");
128         String logoutUrl = ParamUtil.getString(actionRequest, "logoutUrl");
129         String serverName = ParamUtil.getString(actionRequest, "serverName");
130         String serverUrl = ParamUtil.getString(actionRequest, "serverUrl");
131         String serviceUrl = ParamUtil.getString(actionRequest, "serviceUrl");
132 
133         prefs.setValue(
134             PropsKeys.CAS_AUTH_ENABLED, String.valueOf(enabled));
135         prefs.setValue(
136             PropsKeys.CAS_IMPORT_FROM_LDAP, String.valueOf(importFromLdap));
137         prefs.setValue(PropsKeys.CAS_LOGIN_URL, loginUrl);
138         prefs.setValue(PropsKeys.CAS_LOGOUT_URL, logoutUrl);
139         prefs.setValue(PropsKeys.CAS_SERVER_NAME, serverName);
140         prefs.setValue(PropsKeys.CAS_SERVER_URL, serverUrl);
141         prefs.setValue(PropsKeys.CAS_SERVICE_URL, serviceUrl);
142 
143         prefs.store();
144 
145         CASFilter.reload(companyId);
146     }
147 
148     protected void updateDefaultGroupsAndRoles(
149             ActionRequest actionRequest, PortletPreferences prefs)
150         throws Exception {
151 
152         boolean syncDefaultAssociations = ParamUtil.getBoolean(
153             actionRequest, "syncDefaultAssociations");
154                 String defaultGroupNames = ParamUtil.getString(
155             actionRequest, "defaultGroupNames");
156         String defaultRoleNames = ParamUtil.getString(
157             actionRequest, "defaultRoleNames");
158         String defaultUserGroupNames = ParamUtil.getString(
159             actionRequest, "defaultUserGroupNames");
160 
161         prefs.setValue(
162             PropsKeys.ADMIN_SYNC_DEFAULT_ASSOCIATIONS,
163             String.valueOf(syncDefaultAssociations));
164         prefs.setValue(PropsKeys.ADMIN_DEFAULT_GROUP_NAMES, defaultGroupNames);
165         prefs.setValue(PropsKeys.ADMIN_DEFAULT_ROLE_NAMES, defaultRoleNames);
166         prefs.setValue(
167             PropsKeys.ADMIN_DEFAULT_USER_GROUP_NAMES, defaultUserGroupNames);
168     }
169 
170     protected void updateEmails(
171             ActionRequest actionRequest, PortletPreferences prefs)
172         throws Exception {
173 
174         String tabs3 = ParamUtil.getString(actionRequest, "tabs3");
175 
176         if (tabs3.equals("account-created-notification")) {
177             String emailUserAddedEnabled = ParamUtil.getString(
178                 actionRequest, "emailUserAddedEnabled");
179             String emailUserAddedSubject = ParamUtil.getString(
180                 actionRequest, "emailUserAddedSubject");
181             String emailUserAddedBody = ParamUtil.getString(
182                 actionRequest, "emailUserAddedBody");
183 
184             if (Validator.isNull(emailUserAddedSubject)) {
185                 SessionErrors.add(actionRequest, "emailUserAddedSubject");
186             }
187             else if (Validator.isNull(emailUserAddedBody)) {
188                 SessionErrors.add(actionRequest, "emailUserAddedBody");
189             }
190             else {
191                 prefs.setValue(
192                     PropsKeys.ADMIN_EMAIL_USER_ADDED_ENABLED,
193                     emailUserAddedEnabled);
194                 prefs.setValue(
195                     PropsKeys.ADMIN_EMAIL_USER_ADDED_SUBJECT,
196                     emailUserAddedSubject);
197                 prefs.setValue(
198                     PropsKeys.ADMIN_EMAIL_USER_ADDED_BODY, emailUserAddedBody);
199             }
200         }
201         else if (tabs3.equals("password-changed-notification")) {
202             String emailPasswordSentEnabled = ParamUtil.getString(
203                 actionRequest, "emailPasswordSentEnabled");
204             String emailPasswordSentSubject = ParamUtil.getString(
205                 actionRequest, "emailPasswordSentSubject");
206             String emailPasswordSentBody = ParamUtil.getString(
207                 actionRequest, "emailPasswordSentBody");
208 
209             if (Validator.isNull(emailPasswordSentSubject)) {
210                 SessionErrors.add(actionRequest, "emailPasswordSentSubject");
211             }
212             else if (Validator.isNull(emailPasswordSentBody)) {
213                 SessionErrors.add(actionRequest, "emailPasswordSentBody");
214             }
215             else {
216                 prefs.setValue(
217                     PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_ENABLED,
218                     emailPasswordSentEnabled);
219                 prefs.setValue(
220                     PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_SUBJECT,
221                     emailPasswordSentSubject);
222                 prefs.setValue(
223                     PropsKeys.ADMIN_EMAIL_PASSWORD_SENT_BODY,
224                     emailPasswordSentBody);
225             }
226         }
227         else {
228             String emailFromName = ParamUtil.getString(
229                 actionRequest, "emailFromName");
230             String emailFromAddress = ParamUtil.getString(
231                 actionRequest, "emailFromAddress");
232 
233             if (Validator.isNull(emailFromName)) {
234                 SessionErrors.add(actionRequest, "emailFromName");
235             }
236             else if (!Validator.isEmailAddress(emailFromAddress)) {
237                 SessionErrors.add(actionRequest, "emailFromAddress");
238             }
239             else {
240                 prefs.setValue(PropsKeys.ADMIN_EMAIL_FROM_NAME, emailFromName);
241                 prefs.setValue(
242                     PropsKeys.ADMIN_EMAIL_FROM_ADDRESS, emailFromAddress);
243             }
244         }
245     }
246 
247     protected void updateLdap(
248             ActionRequest actionRequest, long companyId,
249             PortletPreferences prefs)
250         throws Exception {
251 
252         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
253         boolean required = ParamUtil.getBoolean(actionRequest, "required");
254         String baseProviderURL = ParamUtil.getString(
255             actionRequest, "baseProviderURL");
256         String baseDN = ParamUtil.getString(actionRequest, "baseDN");
257         String principal = ParamUtil.getString(actionRequest, "principal");
258         String credentials = ParamUtil.getString(actionRequest, "credentials");
259         String searchFilter = ParamUtil.getString(
260             actionRequest, "searchFilter");
261         String userDefaultObjectClasses = ParamUtil.getString(
262             actionRequest, "userDefaultObjectClasses");
263 
264         String userMappings =
265             "screenName=" +
266                 ParamUtil.getString(actionRequest, "userMappingScreenName") +
267             "\npassword=" +
268                 ParamUtil.getString(actionRequest, "userMappingPassword") +
269             "\nemailAddress=" +
270                 ParamUtil.getString(actionRequest, "userMappingEmailAddress") +
271             "\nfullName=" +
272                 ParamUtil.getString(actionRequest, "userMappingFullName") +
273             "\nfirstName=" +
274                 ParamUtil.getString(actionRequest, "userMappingFirstName") +
275             "\nmiddleName=" +
276                 ParamUtil.getString(actionRequest, "userMappingMiddleName") +
277             "\nlastName=" +
278                 ParamUtil.getString(actionRequest, "userMappingLastName") +
279             "\njobTitle=" +
280                 ParamUtil.getString(actionRequest, "userMappingJobTitle") +
281             "\ngroup=" + ParamUtil.getString(actionRequest, "userMappingGroup");
282 
283         String groupMappings =
284             "groupName=" +
285                 ParamUtil.getString(actionRequest, "groupMappingGroupName") +
286             "\ndescription=" +
287                 ParamUtil.getString(actionRequest, "groupMappingDescription") +
288             "\nuser=" + ParamUtil.getString(actionRequest, "groupMappingUser");
289 
290         boolean importEnabled = ParamUtil.getBoolean(
291             actionRequest, "importEnabled");
292         boolean importOnStartup = ParamUtil.getBoolean(
293             actionRequest, "importOnStartup");
294         long importInterval = ParamUtil.getLong(
295             actionRequest, "importInterval");
296         String importUserSearchFilter = ParamUtil.getString(
297             actionRequest, "importUserSearchFilter");
298         String importGroupSearchFilter = ParamUtil.getString(
299             actionRequest, "importGroupSearchFilter");
300         boolean exportEnabled = ParamUtil.getBoolean(
301             actionRequest, "exportEnabled");
302         String usersDN = ParamUtil.getString(actionRequest, "usersDN");
303         String groupsDN = ParamUtil.getString(actionRequest, "groupsDN");
304         boolean passwordPolicyEnabled = ParamUtil.getBoolean(
305             actionRequest, "passwordPolicyEnabled");
306 
307         try {
308             if (enabled) {
309                 String fullProviderURL = LDAPUtil.getFullProviderURL(
310                     baseProviderURL, baseDN);
311 
312                 PortalLDAPUtil.getContext(
313                     companyId, fullProviderURL, principal, credentials);
314             }
315         }
316         catch (Exception e) {
317             SessionErrors.add(actionRequest, "ldapAuthentication");
318 
319             return;
320         }
321 
322         prefs.setValue(PropsKeys.LDAP_AUTH_ENABLED, String.valueOf(enabled));
323         prefs.setValue(PropsKeys.LDAP_AUTH_REQUIRED, String.valueOf(required));
324         prefs.setValue(PropsKeys.LDAP_BASE_PROVIDER_URL, baseProviderURL);
325         prefs.setValue(PropsKeys.LDAP_BASE_DN, baseDN);
326         prefs.setValue(PropsKeys.LDAP_SECURITY_PRINCIPAL, principal);
327         prefs.setValue(PropsKeys.LDAP_SECURITY_CREDENTIALS, credentials);
328         prefs.setValue(PropsKeys.LDAP_AUTH_SEARCH_FILTER, searchFilter);
329         prefs.setValue(
330             PropsKeys.LDAP_USER_DEFAULT_OBJECT_CLASSES,
331             userDefaultObjectClasses);
332         prefs.setValue(PropsKeys.LDAP_USER_MAPPINGS, userMappings);
333         prefs.setValue(PropsKeys.LDAP_GROUP_MAPPINGS, groupMappings);
334         prefs.setValue(
335             PropsKeys.LDAP_IMPORT_ENABLED, String.valueOf(importEnabled));
336         prefs.setValue(
337             PropsKeys.LDAP_IMPORT_ON_STARTUP, String.valueOf(importOnStartup));
338         prefs.setValue(
339             PropsKeys.LDAP_IMPORT_INTERVAL, String.valueOf(importInterval));
340         prefs.setValue(
341             PropsKeys.LDAP_IMPORT_USER_SEARCH_FILTER, importUserSearchFilter);
342         prefs.setValue(
343             PropsKeys.LDAP_IMPORT_GROUP_SEARCH_FILTER, importGroupSearchFilter);
344         prefs.setValue(
345             PropsKeys.LDAP_EXPORT_ENABLED, String.valueOf(exportEnabled));
346         prefs.setValue(PropsKeys.LDAP_USERS_DN, usersDN);
347         prefs.setValue(PropsKeys.LDAP_GROUPS_DN, groupsDN);
348         prefs.setValue(
349             PropsKeys.LDAP_PASSWORD_POLICY_ENABLED,
350             String.valueOf(passwordPolicyEnabled));
351 
352         prefs.store();
353     }
354 
355     protected void updateMailHostNames(
356             ActionRequest actionRequest, PortletPreferences prefs)
357         throws Exception {
358 
359         String mailHostNames = ParamUtil.getString(
360             actionRequest, "mailHostNames");
361 
362         prefs.setValue(PropsKeys.ADMIN_MAIL_HOST_NAMES, mailHostNames);
363     }
364 
365     protected void updateNtlm(
366             ActionRequest actionRequest, long companyId,
367             PortletPreferences prefs)
368         throws Exception {
369 
370         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
371         String domainController = ParamUtil.getString(
372             actionRequest, "domainController");
373         String domain = ParamUtil.getString(actionRequest, "domain");
374 
375         prefs.setValue(
376             PropsKeys.NTLM_AUTH_ENABLED, String.valueOf(enabled));
377         prefs.setValue(PropsKeys.NTLM_DOMAIN_CONTROLLER, domainController);
378         prefs.setValue(PropsKeys.NTLM_DOMAIN, domain);
379 
380         prefs.store();
381     }
382 
383     protected void updateOpenId(
384             ActionRequest actionRequest, PortletPreferences prefs)
385         throws Exception {
386 
387         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
388 
389         prefs.setValue(PropsKeys.OPEN_ID_AUTH_ENABLED, String.valueOf(enabled));
390 
391         prefs.store();
392     }
393 
394     protected void updateOpenSSO(
395             ActionRequest actionRequest, long companyId,
396             PortletPreferences prefs)
397         throws Exception {
398 
399         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
400         String loginUrl = ParamUtil.getString(actionRequest, "loginUrl");
401         String logoutUrl = ParamUtil.getString(actionRequest, "logoutUrl");
402         String serviceUrl = ParamUtil.getString(actionRequest, "serviceUrl");
403         String screenName = ParamUtil.getString(
404             actionRequest, "screenNameAttr");
405         String emailAddress = ParamUtil.getString(
406             actionRequest, "emailAddressAttr");
407         String firstName = ParamUtil.getString(actionRequest, "firstNameAttr");
408         String lastName = ParamUtil.getString(actionRequest, "lastNameAttr");
409 
410         prefs.setValue(
411             PropsKeys.OPEN_SSO_AUTH_ENABLED, String.valueOf(enabled));
412         prefs.setValue(PropsKeys.OPEN_SSO_LOGIN_URL, loginUrl);
413         prefs.setValue(PropsKeys.OPEN_SSO_LOGOUT_URL, logoutUrl);
414         prefs.setValue(PropsKeys.OPEN_SSO_SERVICE_URL, serviceUrl);
415         prefs.setValue(PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR, screenName);
416         prefs.setValue(PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR, emailAddress);
417         prefs.setValue(PropsKeys.OPEN_SSO_FIRST_NAME_ATTR, firstName);
418         prefs.setValue(PropsKeys.OPEN_SSO_LAST_NAME_ATTR, lastName);
419 
420         prefs.store();
421     }
422 
423     protected void updateReservedUsers(
424             ActionRequest actionRequest, PortletPreferences prefs)
425         throws Exception {
426 
427         String reservedScreenNames = ParamUtil.getString(
428             actionRequest, "reservedScreenNames");
429         String reservedEmailAddresses = ParamUtil.getString(
430             actionRequest, "reservedEmailAddresses");
431 
432         prefs.setValue(
433             PropsKeys.ADMIN_RESERVED_SCREEN_NAMES, reservedScreenNames);
434         prefs.setValue(
435             PropsKeys.ADMIN_RESERVED_EMAIL_ADDRESSES, reservedEmailAddresses);
436     }
437 
438     protected void updateSecurity(ActionRequest actionRequest)
439         throws Exception {
440 
441         Company company = PortalUtil.getCompany(actionRequest);
442 
443         String authType = ParamUtil.getString(actionRequest, "authType");
444         boolean autoLogin = ParamUtil.getBoolean(actionRequest, "autoLogin");
445         boolean sendPassword = ParamUtil.getBoolean(
446             actionRequest, "sendPassword");
447         boolean strangers = ParamUtil.getBoolean(actionRequest, "strangers");
448         boolean strangersWithMx = ParamUtil.getBoolean(
449             actionRequest, "strangersWithMx");
450         boolean strangersVerify = ParamUtil.getBoolean(
451             actionRequest, "strangersVerify");
452 
453         CompanyServiceUtil.updateSecurity(
454             company.getCompanyId(), authType, autoLogin, sendPassword,
455             strangers, strangersWithMx, strangersVerify,
456             company.isCommunityLogo());
457     }
458 
459     protected void updateSiteMinder(
460             ActionRequest actionRequest, long companyId,
461             PortletPreferences prefs)
462         throws Exception {
463 
464         boolean enabled = ParamUtil.getBoolean(actionRequest, "enabled");
465         boolean importFromLdap = ParamUtil.getBoolean(
466             actionRequest, "importFromLdap");
467         String userHeader = ParamUtil.getString(actionRequest, "userHeader");
468 
469         prefs.setValue(
470             PropsKeys.SITEMINDER_AUTH_ENABLED, String.valueOf(enabled));
471         prefs.setValue(
472             PropsKeys.SITEMINDER_IMPORT_FROM_LDAP,
473             String.valueOf(importFromLdap));
474         prefs.setValue(PropsKeys.SITEMINDER_USER_HEADER, userHeader);
475 
476         prefs.store();
477     }
478 
479 }