001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.security.ldap;
016    
017    import com.liferay.portal.kernel.log.Log;
018    import com.liferay.portal.kernel.log.LogFactoryUtil;
019    import com.liferay.portal.kernel.util.PropsKeys;
020    import com.liferay.portal.model.Contact;
021    import com.liferay.portal.model.User;
022    import com.liferay.portal.model.UserGroup;
023    import com.liferay.portal.security.auth.AuthSettingsUtil;
024    import com.liferay.portal.service.UserGroupLocalServiceUtil;
025    import com.liferay.portal.service.UserLocalServiceUtil;
026    import com.liferay.portal.util.PrefsPropsUtil;
027    
028    import java.io.Serializable;
029    
030    import java.util.List;
031    import java.util.Map;
032    import java.util.Properties;
033    
034    import javax.naming.Binding;
035    import javax.naming.CompositeName;
036    import javax.naming.Name;
037    import javax.naming.NameNotFoundException;
038    import javax.naming.directory.Attributes;
039    import javax.naming.directory.ModificationItem;
040    import javax.naming.ldap.LdapContext;
041    
042    /**
043     * @author Michael C. Han
044     * @author Brian Wing Shun Chan
045     * @author Marcellus Tavares
046     * @author Wesley Gong
047     */
048    public class PortalLDAPExporterImpl implements PortalLDAPExporter {
049    
050            public void exportToLDAP(
051                            Contact contact, Map<String, Serializable> contactExpandoAttributes)
052                    throws Exception {
053    
054                    long companyId = contact.getCompanyId();
055    
056                    if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
057                            !LDAPSettingsUtil.isExportEnabled(companyId)) {
058    
059                            return;
060                    }
061    
062                    User user = UserLocalServiceUtil.getUserByContactId(
063                            contact.getContactId());
064    
065                    long ldapServerId = PortalLDAPUtil.getLdapServerId(
066                            companyId, user.getScreenName(), user.getEmailAddress());
067    
068                    LdapContext ldapContext = PortalLDAPUtil.getContext(
069                            ldapServerId, companyId);
070    
071                    try {
072                            if (ldapContext == null) {
073                                    return;
074                            }
075    
076                            Properties contactMappings = LDAPSettingsUtil.getContactMappings(
077                                    ldapServerId, companyId);
078                            Properties contactExpandoMappings =
079                                    LDAPSettingsUtil.getContactExpandoMappings(
080                                            ldapServerId, companyId);
081    
082                            Binding binding = PortalLDAPUtil.getUser(
083                                    ldapServerId, contact.getCompanyId(), user.getScreenName(),
084                                    user.getEmailAddress());
085    
086                            if (binding == null) {
087                                    Properties userMappings = LDAPSettingsUtil.getUserMappings(
088                                            ldapServerId, companyId);
089    
090                                    binding = addUser(
091                                            ldapServerId, ldapContext, user, userMappings);
092                            }
093    
094                            Name name = new CompositeName();
095    
096                            name.add(
097                                    PortalLDAPUtil.getNameInNamespace(
098                                            ldapServerId, companyId, binding));
099    
100                            Modifications modifications =
101                                    _portalToLDAPConverter.getLDAPContactModifications(
102                                            contact, contactExpandoAttributes, contactMappings,
103                                            contactExpandoMappings);
104    
105                            if (modifications == null) {
106                                    return;
107                            }
108    
109                            ModificationItem[] modificationItems = modifications.getItems();
110    
111                            ldapContext.modifyAttributes(name, modificationItems);
112                    }
113                    catch (Exception e) {
114                            throw e;
115                    }
116                    finally {
117                            if (ldapContext != null) {
118                                    ldapContext.close();
119                            }
120                    }
121            }
122    
123            public void exportToLDAP(long userId, long userGroupId) throws Exception {
124                    User user = UserLocalServiceUtil.getUser(userId);
125    
126                    long companyId = user.getCompanyId();
127    
128                    if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
129                            !LDAPSettingsUtil.isExportEnabled(companyId) ||
130                            !LDAPSettingsUtil.isExportGroupEnabled(companyId)) {
131    
132                            return;
133                    }
134    
135                    long ldapServerId = PortalLDAPUtil.getLdapServerId(
136                            companyId, user.getScreenName(), user.getEmailAddress());
137    
138                    LdapContext ldapContext = PortalLDAPUtil.getContext(
139                            ldapServerId, companyId);
140    
141                    try {
142                            if (ldapContext == null) {
143                                    return;
144                            }
145    
146                            UserGroup userGroup = UserGroupLocalServiceUtil.getUserGroup(
147                                    userGroupId);
148    
149                            Properties groupMappings = LDAPSettingsUtil.getGroupMappings(
150                                    ldapServerId, companyId);
151    
152                            Properties userMappings = LDAPSettingsUtil.getUserMappings(
153                                    ldapServerId, companyId);
154    
155                            Binding binding = PortalLDAPUtil.getGroup(
156                                    ldapServerId, companyId, userGroup.getName());
157    
158                            if (binding == null) {
159                                    addGroup(
160                                            ldapServerId, ldapContext, userGroup, user, groupMappings,
161                                            userMappings);
162    
163                                    return;
164                            }
165    
166                            Name name = new CompositeName();
167    
168                            name.add(
169                                    PortalLDAPUtil.getNameInNamespace(
170                                            ldapServerId, companyId, binding));
171    
172                            Modifications modifications =
173                                    _portalToLDAPConverter.getLDAPGroupModifications(
174                                            ldapServerId, userGroup, user, groupMappings, userMappings);
175    
176                            ModificationItem[] modificationItems = modifications.getItems();
177    
178                            ldapContext.modifyAttributes(name, modificationItems);
179                    }
180                    catch (Exception e) {
181                            _log.error(e, e);
182                    }
183                    finally {
184                            if (ldapContext != null) {
185                                    ldapContext.close();
186                            }
187                    }
188            }
189    
190            public void exportToLDAP(
191                            User user, Map<String, Serializable> userExpandoAttributes)
192                    throws Exception {
193    
194                    long companyId = user.getCompanyId();
195    
196                    if (!AuthSettingsUtil.isLDAPAuthEnabled(companyId) ||
197                            !LDAPSettingsUtil.isExportEnabled(companyId)) {
198    
199                            return;
200                    }
201    
202                    long ldapServerId = PortalLDAPUtil.getLdapServerId(
203                            companyId, user.getScreenName(), user.getEmailAddress());
204    
205                    LdapContext ldapContext = PortalLDAPUtil.getContext(
206                            ldapServerId, companyId);
207    
208                    try {
209                            if (ldapContext == null) {
210                                    return;
211                            }
212    
213                            Properties userMappings = LDAPSettingsUtil.getUserMappings(
214                                    ldapServerId, companyId);
215                            Properties userExpandoMappings =
216                                    LDAPSettingsUtil.getUserExpandoMappings(
217                                            ldapServerId, companyId);
218    
219                            Binding binding = PortalLDAPUtil.getUser(
220                                    ldapServerId, user.getCompanyId(), user.getScreenName(),
221                                    user.getEmailAddress());
222    
223                            if (binding == null) {
224                                    binding = addUser(
225                                            ldapServerId, ldapContext, user, userMappings);
226                            }
227    
228                            Name name = new CompositeName();
229    
230                            name.add(
231                                    PortalLDAPUtil.getNameInNamespace(
232                                            ldapServerId, companyId, binding));
233    
234                            Modifications modifications =
235                                    _portalToLDAPConverter.getLDAPUserModifications(
236                                            user, userExpandoAttributes, userMappings,
237                                            userExpandoMappings);
238    
239                            if (modifications == null) {
240                                    return;
241                            }
242    
243                            ModificationItem[] modificationItems = modifications.getItems();
244    
245                            ldapContext.modifyAttributes(name, modificationItems);
246    
247                            if (!LDAPSettingsUtil.isExportGroupEnabled(companyId)) {
248                                    return;
249                            }
250    
251                            List<UserGroup> userGroups =
252                                    UserGroupLocalServiceUtil.getUserUserGroups(user.getUserId());
253    
254                            for (UserGroup userGroup : userGroups) {
255                                    exportToLDAP(user.getUserId(), userGroup.getUserGroupId());
256                            }
257    
258                            Modifications groupModifications =
259                                    _portalToLDAPConverter.getLDAPUserGroupModifications(
260                                            ldapServerId, userGroups, user, userMappings);
261    
262                            ModificationItem[] groupModificationItems =
263                                    groupModifications.getItems();
264    
265                            if (groupModificationItems.length > 0) {
266                                    ldapContext.modifyAttributes(name, groupModificationItems);
267                            }
268                    }
269                    catch (NameNotFoundException nnfe) {
270                            if (PrefsPropsUtil.getBoolean(
271                                            companyId, PropsKeys.LDAP_AUTH_REQUIRED)) {
272    
273                                    throw nnfe;
274                            }
275    
276                            _log.error(nnfe, nnfe);
277                    }
278                    catch (Exception e) {
279                            throw e;
280                    }
281                    finally {
282                            if (ldapContext != null) {
283                                    ldapContext.close();
284                            }
285                    }
286            }
287    
288            public void setPortalToLDAPConverter(
289                    PortalToLDAPConverter portalToLDAPConverter) {
290    
291                    _portalToLDAPConverter = portalToLDAPConverter;
292            }
293    
294            protected Binding addGroup(
295                            long ldapServerId, LdapContext ldapContext, UserGroup userGroup,
296                            User user, Properties groupMappings, Properties userMappings)
297                    throws Exception {
298    
299                    Name name = new CompositeName();
300    
301                    name.add(
302                            _portalToLDAPConverter.getGroupDNName(
303                                    ldapServerId, userGroup, groupMappings));
304    
305                    Attributes attributes = _portalToLDAPConverter.getLDAPGroupAttributes(
306                            ldapServerId, userGroup, user, groupMappings, userMappings);
307    
308                    ldapContext.bind(name, new PortalLDAPContext(attributes));
309    
310                    Binding binding = PortalLDAPUtil.getGroup(
311                            ldapServerId, userGroup.getCompanyId(), userGroup.getName());
312    
313                    return binding;
314            }
315    
316            protected Binding addUser(
317                            long ldapServerId, LdapContext ldapContext, User user,
318                            Properties userMappings)
319                    throws Exception {
320    
321                    Name name = new CompositeName();
322    
323                    name.add(
324                            _portalToLDAPConverter.getUserDNName(
325                                    ldapServerId, user, userMappings));
326    
327                    Attributes attributes = _portalToLDAPConverter.getLDAPUserAttributes(
328                            ldapServerId, user, userMappings);
329    
330                    ldapContext.bind(name, new PortalLDAPContext(attributes));
331    
332                    Binding binding = PortalLDAPUtil.getUser(
333                            ldapServerId, user.getCompanyId(), user.getScreenName(),
334                            user.getEmailAddress());
335    
336                    return binding;
337            }
338    
339            private static Log _log = LogFactoryUtil.getLog(
340                    PortalLDAPExporterImpl.class);
341    
342            private PortalToLDAPConverter _portalToLDAPConverter;
343    
344    }