001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.PasswordPolicyNameException;
019    import com.liferay.portal.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.util.CharPool;
024    import com.liferay.portal.kernel.util.OrderByComparator;
025    import com.liferay.portal.kernel.util.Validator;
026    import com.liferay.portal.model.Organization;
027    import com.liferay.portal.model.PasswordPolicy;
028    import com.liferay.portal.model.PasswordPolicyRel;
029    import com.liferay.portal.model.ResourceConstants;
030    import com.liferay.portal.model.User;
031    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
032    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
033    import com.liferay.portal.util.PropsValues;
034    
035    import java.util.Date;
036    import java.util.List;
037    
038    /**
039     * @author Scott Lee
040     */
041    public class PasswordPolicyLocalServiceImpl
042            extends PasswordPolicyLocalServiceBaseImpl {
043    
044            public PasswordPolicy addPasswordPolicy(
045                            long userId, boolean defaultPolicy, String name, String description,
046                            boolean changeable, boolean changeRequired, long minAge,
047                            boolean checkSyntax, boolean allowDictionaryWords,
048                            int minAlphanumeric, int minLength, int minLowerCase,
049                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
050                            int historyCount, boolean expireable, long maxAge, long warningTime,
051                            int graceLimit, boolean lockout, int maxFailure,
052                            long lockoutDuration, long resetFailureCount,
053                            long resetTicketMaxAge)
054                    throws PortalException, SystemException {
055    
056                    // Password policy
057    
058                    User user = userPersistence.findByPrimaryKey(userId);
059                    Date now = new Date();
060    
061                    validate(0, user.getCompanyId(), name);
062    
063                    long passwordPolicyId = counterLocalService.increment();
064    
065                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
066                            passwordPolicyId);
067    
068                    passwordPolicy.setUserId(userId);
069                    passwordPolicy.setCompanyId(user.getCompanyId());
070                    passwordPolicy.setUserName(user.getFullName());
071                    passwordPolicy.setCreateDate(now);
072                    passwordPolicy.setModifiedDate(now);
073                    passwordPolicy.setDefaultPolicy(defaultPolicy);
074                    passwordPolicy.setName(name);
075                    passwordPolicy.setDescription(description);
076                    passwordPolicy.setChangeable(changeable);
077                    passwordPolicy.setChangeRequired(changeRequired);
078                    passwordPolicy.setMinAge(minAge);
079                    passwordPolicy.setCheckSyntax(checkSyntax);
080                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
081                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
082                    passwordPolicy.setMinLength(minLength);
083                    passwordPolicy.setMinLowerCase(minLowerCase);
084                    passwordPolicy.setMinNumbers(minNumbers);
085                    passwordPolicy.setMinSymbols(minSymbols);
086                    passwordPolicy.setMinUpperCase(minUpperCase);
087                    passwordPolicy.setHistory(history);
088                    passwordPolicy.setHistoryCount(historyCount);
089                    passwordPolicy.setExpireable(expireable);
090                    passwordPolicy.setMaxAge(maxAge);
091                    passwordPolicy.setWarningTime(warningTime);
092                    passwordPolicy.setGraceLimit(graceLimit);
093                    passwordPolicy.setLockout(lockout);
094                    passwordPolicy.setMaxFailure(maxFailure);
095                    passwordPolicy.setLockoutDuration(lockoutDuration);
096                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
097                    passwordPolicy.setResetFailureCount(resetFailureCount);
098                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
099    
100                    passwordPolicyPersistence.update(passwordPolicy, false);
101    
102                    // Resources
103    
104                    if (!user.isDefaultUser()) {
105                            resourceLocalService.addResources(
106                                    user.getCompanyId(), 0, userId, PasswordPolicy.class.getName(),
107                                    passwordPolicy.getPasswordPolicyId(), false, false, false);
108                    }
109    
110                    return passwordPolicy;
111            }
112    
113            public void checkDefaultPasswordPolicy(long companyId)
114                    throws PortalException, SystemException {
115    
116                    String defaultPasswordPolicyName =
117                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
118    
119                    PasswordPolicy defaultPasswordPolicy =
120                            passwordPolicyPersistence.fetchByC_N(
121                                    companyId, defaultPasswordPolicyName);
122    
123                    if (defaultPasswordPolicy == null) {
124                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
125    
126                            addPasswordPolicy(
127                                    defaultUserId, true, defaultPasswordPolicyName,
128                                    defaultPasswordPolicyName, true, true, 0, false, true, 0, 6, 0,
129                                    1, 0, 1, false, 6, false, 8640000, 86400, 0, false, 3, 0, 600,
130                                    86400);
131                    }
132            }
133    
134            @Override
135            public void deletePasswordPolicy(long passwordPolicyId)
136                    throws PortalException, SystemException {
137    
138                    PasswordPolicy passwordPolicy =
139                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
140    
141                    deletePasswordPolicy(passwordPolicy);
142            }
143    
144            @Override
145            public void deletePasswordPolicy(PasswordPolicy passwordPolicy)
146                    throws PortalException, SystemException {
147    
148                    if (passwordPolicy.isDefaultPolicy()) {
149                            throw new RequiredPasswordPolicyException();
150                    }
151    
152                    // Password policy relations
153    
154                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
155                            passwordPolicy.getPasswordPolicyId());
156    
157                    // Resources
158    
159                    resourceLocalService.deleteResource(
160                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
161                            ResourceConstants.SCOPE_INDIVIDUAL,
162                            passwordPolicy.getPasswordPolicyId());
163    
164                    // Password policy
165    
166                    passwordPolicyPersistence.remove(passwordPolicy);
167            }
168    
169            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
170                    throws PortalException, SystemException {
171    
172                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
173                            return null;
174                    }
175    
176                    return passwordPolicyPersistence.findByC_DP(companyId, true);
177            }
178    
179            @Override
180            public PasswordPolicy getPasswordPolicy(long passwordPolicyId)
181                    throws PortalException, SystemException {
182    
183                    return passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
184            }
185    
186            /**
187             * @deprecated
188             */
189            public PasswordPolicy getPasswordPolicy(
190                            long companyId, long organizationId, long locationId)
191                    throws PortalException, SystemException {
192    
193                    return getPasswordPolicy(
194                            companyId, new long[] {organizationId, locationId});
195            }
196    
197            public PasswordPolicy getPasswordPolicy(
198                            long companyId, long[] organizationIds)
199                    throws PortalException, SystemException {
200    
201                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
202                            return null;
203                    }
204    
205                    if ((organizationIds == null) || (organizationIds.length == 0)) {
206                            return getDefaultPasswordPolicy(companyId);
207                    }
208    
209                    long classNameId = classNameLocalService.getClassNameId(
210                            Organization.class.getName());
211    
212                    PasswordPolicyRel passwordPolicyRel = null;
213    
214                    for (int i = 0; i < organizationIds.length; i++) {
215                            long organizationId = organizationIds[i];
216    
217                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
218                                    classNameId, organizationId);
219    
220                            if (passwordPolicyRel != null) {
221                                    return passwordPolicyPersistence.findByPrimaryKey(
222                                            passwordPolicyRel.getPasswordPolicyId());
223                            }
224                    }
225    
226                    return getDefaultPasswordPolicy(companyId);
227            }
228    
229            @ThreadLocalCachable
230            public PasswordPolicy getPasswordPolicyByUserId(long userId)
231                    throws PortalException, SystemException {
232    
233                    User user = userPersistence.findByPrimaryKey(userId);
234    
235                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
236                            return null;
237                    }
238    
239                    long classNameId = classNameLocalService.getClassNameId(
240                            User.class.getName());
241    
242                    PasswordPolicyRel passwordPolicyRel =
243                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
244    
245                    if (passwordPolicyRel != null) {
246                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
247                    }
248                    else {
249                            List<Organization> organizations = userPersistence.getOrganizations(
250                                    userId);
251    
252                            if (organizations.isEmpty()) {
253                                    return passwordPolicyPersistence.findByC_DP(
254                                            user.getCompanyId(), true);
255                            }
256    
257                            long[] organizationIds = new long[organizations.size()];
258    
259                            for (int i = 0; i < organizationIds.length; i++) {
260                                    Organization organization = organizations.get(i);
261    
262                                    organizationIds[i] = organization.getOrganizationId();
263                            }
264    
265                            return getPasswordPolicy(user.getCompanyId(), organizationIds);
266                    }
267            }
268    
269            public List<PasswordPolicy> search(
270                            long companyId, String name, int start, int end,
271                            OrderByComparator obc)
272                    throws SystemException {
273    
274                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
275            }
276    
277            public int searchCount(long companyId, String name)
278                    throws SystemException {
279    
280                    return passwordPolicyFinder.countByC_N(companyId, name);
281            }
282    
283            public PasswordPolicy updatePasswordPolicy(
284                            long passwordPolicyId, String name, String description,
285                            boolean changeable, boolean changeRequired, long minAge,
286                            boolean checkSyntax, boolean allowDictionaryWords,
287                            int minAlphanumeric, int minLength, int minLowerCase,
288                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
289                            int historyCount, boolean expireable, long maxAge, long warningTime,
290                            int graceLimit, boolean lockout, int maxFailure,
291                            long lockoutDuration, long resetFailureCount,
292                            long resetTicketMaxAge)
293                    throws PortalException, SystemException {
294    
295                    Date now = new Date();
296    
297                    PasswordPolicy passwordPolicy =
298                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
299    
300                    if (!passwordPolicy.getDefaultPolicy()) {
301                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
302    
303                            passwordPolicy.setName(name);
304                    }
305    
306                    passwordPolicy.setModifiedDate(now);
307                    passwordPolicy.setDescription(description);
308                    passwordPolicy.setChangeable(changeable);
309                    passwordPolicy.setChangeRequired(changeRequired);
310                    passwordPolicy.setMinAge(minAge);
311                    passwordPolicy.setCheckSyntax(checkSyntax);
312                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
313                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
314                    passwordPolicy.setMinLength(minLength);
315                    passwordPolicy.setMinLowerCase(minLowerCase);
316                    passwordPolicy.setMinNumbers(minNumbers);
317                    passwordPolicy.setMinSymbols(minSymbols);
318                    passwordPolicy.setMinUpperCase(minUpperCase);
319                    passwordPolicy.setHistory(history);
320                    passwordPolicy.setHistoryCount(historyCount);
321                    passwordPolicy.setExpireable(expireable);
322                    passwordPolicy.setMaxAge(maxAge);
323                    passwordPolicy.setWarningTime(warningTime);
324                    passwordPolicy.setGraceLimit(graceLimit);
325                    passwordPolicy.setLockout(lockout);
326                    passwordPolicy.setMaxFailure(maxFailure);
327                    passwordPolicy.setLockoutDuration(lockoutDuration);
328                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
329                    passwordPolicy.setResetFailureCount(resetFailureCount);
330                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
331    
332                    passwordPolicyPersistence.update(passwordPolicy, false);
333    
334                    return passwordPolicy;
335            }
336    
337            protected void validate(long passwordPolicyId, long companyId, String name)
338                    throws PortalException, SystemException {
339    
340                    if ((Validator.isNull(name)) || (Validator.isNumber(name)) ||
341                            (name.indexOf(CharPool.COMMA) != -1) ||
342                            (name.indexOf(CharPool.STAR) != -1)) {
343    
344                            throw new PasswordPolicyNameException();
345                    }
346    
347                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
348                            companyId, name);
349    
350                    if (passwordPolicy != null) {
351                            if ((passwordPolicyId <= 0) ||
352                                    (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
353    
354                                    throw new DuplicatePasswordPolicyException();
355                            }
356                    }
357            }
358    
359    }