001    /**
002     * Copyright (c) 2000-2012 Liferay, Inc. All rights reserved.
003     *
004     * This library is free software; you can redistribute it and/or modify it under
005     * the terms of the GNU Lesser General Public License as published by the Free
006     * Software Foundation; either version 2.1 of the License, or (at your option)
007     * any later version.
008     *
009     * This library is distributed in the hope that it will be useful, but WITHOUT
010     * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
011     * FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
012     * details.
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.RequiredUserException;
018    import com.liferay.portal.ReservedUserEmailAddressException;
019    import com.liferay.portal.UserEmailAddressException;
020    import com.liferay.portal.UserScreenNameException;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.search.Indexer;
024    import com.liferay.portal.kernel.search.IndexerRegistryUtil;
025    import com.liferay.portal.kernel.util.ArrayUtil;
026    import com.liferay.portal.kernel.util.GetterUtil;
027    import com.liferay.portal.kernel.workflow.WorkflowConstants;
028    import com.liferay.portal.kernel.workflow.WorkflowThreadLocal;
029    import com.liferay.portal.model.Address;
030    import com.liferay.portal.model.Company;
031    import com.liferay.portal.model.Contact;
032    import com.liferay.portal.model.EmailAddress;
033    import com.liferay.portal.model.Group;
034    import com.liferay.portal.model.GroupConstants;
035    import com.liferay.portal.model.Organization;
036    import com.liferay.portal.model.Phone;
037    import com.liferay.portal.model.Role;
038    import com.liferay.portal.model.User;
039    import com.liferay.portal.model.UserGroupRole;
040    import com.liferay.portal.model.Website;
041    import com.liferay.portal.security.auth.PrincipalException;
042    import com.liferay.portal.security.permission.ActionKeys;
043    import com.liferay.portal.security.permission.PermissionChecker;
044    import com.liferay.portal.service.ServiceContext;
045    import com.liferay.portal.service.base.UserServiceBaseImpl;
046    import com.liferay.portal.service.permission.GroupPermissionUtil;
047    import com.liferay.portal.service.permission.OrganizationPermissionUtil;
048    import com.liferay.portal.service.permission.PasswordPolicyPermissionUtil;
049    import com.liferay.portal.service.permission.PortalPermissionUtil;
050    import com.liferay.portal.service.permission.RolePermissionUtil;
051    import com.liferay.portal.service.permission.TeamPermissionUtil;
052    import com.liferay.portal.service.permission.UserGroupPermissionUtil;
053    import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
054    import com.liferay.portal.service.permission.UserPermissionUtil;
055    import com.liferay.portal.util.PropsValues;
056    import com.liferay.portlet.announcements.model.AnnouncementsDelivery;
057    import com.liferay.portlet.usersadmin.util.UsersAdminUtil;
058    
059    import java.util.List;
060    import java.util.Locale;
061    
062    /**
063     * The implementation of the user remote service.
064     *
065     * @author Brian Wing Shun Chan
066     * @author Brian Myunghun Kim
067     * @author Scott Lee
068     * @author Jorge Ferrer
069     * @author Julio Camarero
070     */
071    public class UserServiceImpl extends UserServiceBaseImpl {
072    
073            /**
074             * Adds the users to the group.
075             *
076             * @param  groupId the primary key of the group
077             * @param  userIds the primary keys of the users
078             * @throws PortalException if a group or user with the primary key could not
079             *         be found, or if the user did not have permission to assign group
080             *         members
081             * @throws SystemException if a system exception occurred
082             */
083            public void addGroupUsers(
084                            long groupId, long[] userIds, ServiceContext serviceContext)
085                    throws PortalException, SystemException {
086    
087                    try {
088                            GroupPermissionUtil.check(
089                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
090                    }
091                    catch (PrincipalException pe) {
092    
093                            // Allow any user to join open sites
094    
095                            boolean hasPermission = false;
096    
097                            if (userIds.length == 0) {
098                                    hasPermission = true;
099                            }
100                            else if (userIds.length == 1) {
101                                    User user = getUser();
102    
103                                    if (user.getUserId() == userIds[0]) {
104                                            Group group = groupPersistence.findByPrimaryKey(groupId);
105    
106                                            if (user.getCompanyId() == group.getCompanyId()) {
107                                                    int type = group.getType();
108    
109                                                    if (type == GroupConstants.TYPE_SITE_OPEN) {
110                                                            hasPermission = true;
111                                                    }
112                                            }
113                                    }
114                            }
115    
116                            if (!hasPermission) {
117                                    throw new PrincipalException();
118                            }
119                    }
120    
121                    userLocalService.addGroupUsers(groupId, userIds);
122            }
123    
124            /**
125             * Adds the users to the organization.
126             *
127             * @param  organizationId the primary key of the organization
128             * @param  userIds the primary keys of the users
129             * @throws PortalException if an organization or user with the primary key
130             *         could not be found, if the user did not have permission to assign
131             *         organization members, or if current user did not have an
132             *         organization in common with a given user
133             * @throws SystemException if a system exception occurred
134             */
135            public void addOrganizationUsers(long organizationId, long[] userIds)
136                    throws PortalException, SystemException {
137    
138                    OrganizationPermissionUtil.check(
139                            getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
140    
141                    validateOrganizationUsers(userIds);
142    
143                    userLocalService.addOrganizationUsers(organizationId, userIds);
144            }
145    
146            /**
147             * Assigns the password policy to the users, removing any other currently
148             * assigned password policies.
149             *
150             * @param  passwordPolicyId the primary key of the password policy
151             * @param  userIds the primary keys of the users
152             * @throws PortalException if the user did not have permission to assign
153             *         policy members
154             * @throws SystemException if a system exception occurred
155             */
156            public void addPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
157                    throws PortalException, SystemException {
158    
159                    PasswordPolicyPermissionUtil.check(
160                            getPermissionChecker(), passwordPolicyId,
161                            ActionKeys.ASSIGN_MEMBERS);
162    
163                    userLocalService.addPasswordPolicyUsers(passwordPolicyId, userIds);
164            }
165    
166            /**
167             * Adds the users to the role.
168             *
169             * @param  roleId the primary key of the role
170             * @param  userIds the primary keys of the users
171             * @throws PortalException if a role or user with the primary key could not
172             *         be found or if the user did not have permission to assign role
173             *         members
174             * @throws SystemException if a system exception occurred
175             */
176            public void addRoleUsers(long roleId, long[] userIds)
177                    throws PortalException, SystemException {
178    
179                    RolePermissionUtil.check(
180                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
181    
182                    userLocalService.addRoleUsers(roleId, userIds);
183            }
184    
185            /**
186             * Adds the users to the team.
187             *
188             * @param  teamId the primary key of the team
189             * @param  userIds the primary keys of the users
190             * @throws PortalException if a team or user with the primary key could not
191             *         be found or if the user did not have permission to assign team
192             *         members
193             * @throws SystemException if a system exception occurred
194             */
195            public void addTeamUsers(long teamId, long[] userIds)
196                    throws PortalException, SystemException {
197    
198                    TeamPermissionUtil.check(
199                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
200    
201                    userLocalService.addTeamUsers(teamId, userIds);
202            }
203    
204            /**
205             * Adds a user.
206             *
207             * <p>
208             * This method handles the creation and bookkeeping of the user including
209             * its resources, metadata, and internal data structures. It is not
210             * necessary to make subsequent calls to any methods to setup default
211             * groups, resources, etc.
212             * </p>
213             *
214             * @param  companyId the primary key of the user's company
215             * @param  autoPassword whether a password should be automatically generated
216             *         for the user
217             * @param  password1 the user's password
218             * @param  password2 the user's password confirmation
219             * @param  autoScreenName whether a screen name should be automatically
220             *         generated for the user
221             * @param  screenName the user's screen name
222             * @param  emailAddress the user's email address
223             * @param  facebookId the user's facebook ID
224             * @param  openId the user's OpenID
225             * @param  locale the user's locale
226             * @param  firstName the user's first name
227             * @param  middleName the user's middle name
228             * @param  lastName the user's last name
229             * @param  prefixId the user's name prefix ID
230             * @param  suffixId the user's name suffix ID
231             * @param  male whether the user is male
232             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
233             *         January)
234             * @param  birthdayDay the user's birthday day
235             * @param  birthdayYear the user's birthday year
236             * @param  jobTitle the user's job title
237             * @param  groupIds the primary keys of the user's groups
238             * @param  organizationIds the primary keys of the user's organizations
239             * @param  roleIds the primary keys of the roles this user possesses
240             * @param  userGroupIds the primary keys of the user's user groups
241             * @param  sendEmail whether to send the user an email notification about
242             *         their new account
243             * @param  serviceContext the user's service context (optionally
244             *         <code>null</code>). Can set the universally unique identifier
245             *         (with the <code>uuid</code> attribute), asset category IDs, asset
246             *         tag names, and expando bridge attributes for the user.
247             * @return the new user
248             * @throws PortalException if the user's information was invalid, if the
249             *         creator did not have permission to add users, or if the email
250             *         address was reserved
251             * @throws SystemException if a system exception occurred
252             */
253            public User addUser(
254                            long companyId, boolean autoPassword, String password1,
255                            String password2, boolean autoScreenName, String screenName,
256                            String emailAddress, long facebookId, String openId, Locale locale,
257                            String firstName, String middleName, String lastName, int prefixId,
258                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
259                            int birthdayYear, String jobTitle, long[] groupIds,
260                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
261                            boolean sendEmail, ServiceContext serviceContext)
262                    throws PortalException, SystemException {
263    
264                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
265    
266                    try {
267                            WorkflowThreadLocal.setEnabled(false);
268    
269                            return addUserWithWorkflow(
270                                    companyId, autoPassword, password1, password2, autoScreenName,
271                                    screenName, emailAddress, facebookId, openId, locale, firstName,
272                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
273                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
274                                    roleIds, userGroupIds, sendEmail, serviceContext);
275                    }
276                    finally {
277                            WorkflowThreadLocal.setEnabled(workflowEnabled);
278                    }
279            }
280    
281            /**
282             * Adds a user with additional parameters.
283             *
284             * <p>
285             * This method handles the creation and bookkeeping of the user including
286             * its resources, metadata, and internal data structures. It is not
287             * necessary to make subsequent calls to any methods to setup default
288             * groups, resources, etc.
289             * </p>
290             *
291             * @param  companyId the primary key of the user's company
292             * @param  autoPassword whether a password should be automatically generated
293             *         for the user
294             * @param  password1 the user's password
295             * @param  password2 the user's password confirmation
296             * @param  autoScreenName whether a screen name should be automatically
297             *         generated for the user
298             * @param  screenName the user's screen name
299             * @param  emailAddress the user's email address
300             * @param  facebookId the user's facebook ID
301             * @param  openId the user's OpenID
302             * @param  locale the user's locale
303             * @param  firstName the user's first name
304             * @param  middleName the user's middle name
305             * @param  lastName the user's last name
306             * @param  prefixId the user's name prefix ID
307             * @param  suffixId the user's name suffix ID
308             * @param  male whether the user is male
309             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
310             *         January)
311             * @param  birthdayDay the user's birthday day
312             * @param  birthdayYear the user's birthday year
313             * @param  jobTitle the user's job title
314             * @param  groupIds the primary keys of the user's groups
315             * @param  organizationIds the primary keys of the user's organizations
316             * @param  roleIds the primary keys of the roles this user possesses
317             * @param  userGroupIds the primary keys of the user's user groups
318             * @param  addresses the user's addresses
319             * @param  emailAddresses the user's email addresses
320             * @param  phones the user's phone numbers
321             * @param  websites the user's websites
322             * @param  announcementsDelivers the announcements deliveries
323             * @param  sendEmail whether to send the user an email notification about
324             *         their new account
325             * @param  serviceContext the user's service context (optionally
326             *         <code>null</code>). Can set the universally unique identifier
327             *         (with the <code>uuid</code> attribute), asset category IDs, asset
328             *         tag names, and expando bridge attributes for the user.
329             * @return the new user
330             * @throws PortalException if the user's information was invalid, if the
331             *         creator did not have permission to add users, if the email
332             *         address was reserved, or some other portal exception occurred
333             * @throws SystemException if a system exception occurred
334             */
335            public User addUser(
336                            long companyId, boolean autoPassword, String password1,
337                            String password2, boolean autoScreenName, String screenName,
338                            String emailAddress, long facebookId, String openId, Locale locale,
339                            String firstName, String middleName, String lastName, int prefixId,
340                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
341                            int birthdayYear, String jobTitle, long[] groupIds,
342                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
343                            List<Address> addresses, List<EmailAddress> emailAddresses,
344                            List<Phone> phones, List<Website> websites,
345                            List<AnnouncementsDelivery> announcementsDelivers,
346                            boolean sendEmail, ServiceContext serviceContext)
347                    throws PortalException, SystemException {
348    
349                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
350    
351                    try {
352                            WorkflowThreadLocal.setEnabled(false);
353    
354                            return addUserWithWorkflow(
355                                    companyId, autoPassword, password1, password2, autoScreenName,
356                                    screenName, emailAddress, facebookId, openId, locale, firstName,
357                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
358                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
359                                    roleIds, userGroupIds, addresses, emailAddresses, phones,
360                                    websites, announcementsDelivers, sendEmail, serviceContext);
361                    }
362                    finally {
363                            WorkflowThreadLocal.setEnabled(workflowEnabled);
364                    }
365            }
366    
367            /**
368             * Adds the users to the user group.
369             *
370             * @param  userGroupId the primary key of the user group
371             * @param  userIds the primary keys of the users
372             * @throws PortalException if a user group or user with the primary could
373             *         could not be found, or if the current user did not have
374             *         permission to assign group members
375             * @throws SystemException if a system exception occurred
376             */
377            public void addUserGroupUsers(long userGroupId, long[] userIds)
378                    throws PortalException, SystemException {
379    
380                    UserGroupPermissionUtil.check(
381                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
382    
383                    userLocalService.addUserGroupUsers(userGroupId, userIds);
384            }
385    
386            /**
387             * Adds a user with workflow.
388             *
389             * <p>
390             * This method handles the creation and bookkeeping of the user including
391             * its resources, metadata, and internal data structures. It is not
392             * necessary to make subsequent calls to any methods to setup default
393             * groups, resources, etc.
394             * </p>
395             *
396             * @param  companyId the primary key of the user's company
397             * @param  autoPassword whether a password should be automatically generated
398             *         for the user
399             * @param  password1 the user's password
400             * @param  password2 the user's password confirmation
401             * @param  autoScreenName whether a screen name should be automatically
402             *         generated for the user
403             * @param  screenName the user's screen name
404             * @param  emailAddress the user's email address
405             * @param  facebookId the user's facebook ID
406             * @param  openId the user's OpenID
407             * @param  locale the user's locale
408             * @param  firstName the user's first name
409             * @param  middleName the user's middle name
410             * @param  lastName the user's last name
411             * @param  prefixId the user's name prefix ID
412             * @param  suffixId the user's name suffix ID
413             * @param  male whether the user is male
414             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
415             *         January)
416             * @param  birthdayDay the user's birthday day
417             * @param  birthdayYear the user's birthday year
418             * @param  jobTitle the user's job title
419             * @param  groupIds the primary keys of the user's groups
420             * @param  organizationIds the primary keys of the user's organizations
421             * @param  roleIds the primary keys of the roles this user possesses
422             * @param  userGroupIds the primary keys of the user's user groups
423             * @param  sendEmail whether to send the user an email notification about
424             *         their new account
425             * @param  serviceContext the user's service context (optionally
426             *         <code>null</code>). Can set the universally unique identifier
427             *         (with the <code>uuid</code> attribute), asset category IDs, asset
428             *         tag names, and expando bridge attributes for the user.
429             * @return the new user
430             * @throws PortalException if the user's information was invalid, if the
431             *         creator did not have permission to add users, or if the email
432             *         address was reserved
433             * @throws SystemException if a system exception occurred
434             */
435            public User addUserWithWorkflow(
436                            long companyId, boolean autoPassword, String password1,
437                            String password2, boolean autoScreenName, String screenName,
438                            String emailAddress, long facebookId, String openId, Locale locale,
439                            String firstName, String middleName, String lastName, int prefixId,
440                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
441                            int birthdayYear, String jobTitle, long[] groupIds,
442                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
443                            boolean sendEmail, ServiceContext serviceContext)
444                    throws PortalException, SystemException {
445    
446                    long creatorUserId = 0;
447    
448                    try {
449                            creatorUserId = getUserId();
450                    }
451                    catch (PrincipalException pe) {
452                    }
453    
454                    checkAddUserPermission(
455                            creatorUserId, companyId, emailAddress, organizationIds,
456                            serviceContext);
457    
458                    return userLocalService.addUserWithWorkflow(
459                            creatorUserId, companyId, autoPassword, password1, password2,
460                            autoScreenName, screenName, emailAddress, facebookId, openId,
461                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
462                            birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
463                            organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
464            }
465    
466            /**
467             * Adds a user with workflow and additional parameters.
468             *
469             * <p>
470             * This method handles the creation and bookkeeping of the user including
471             * its resources, metadata, and internal data structures. It is not
472             * necessary to make subsequent calls to any methods to setup default
473             * groups, resources, etc.
474             * </p>
475             *
476             * @param  companyId the primary key of the user's company
477             * @param  autoPassword whether a password should be automatically generated
478             *         for the user
479             * @param  password1 the user's password
480             * @param  password2 the user's password confirmation
481             * @param  autoScreenName whether a screen name should be automatically
482             *         generated for the user
483             * @param  screenName the user's screen name
484             * @param  emailAddress the user's email address
485             * @param  facebookId the user's facebook ID
486             * @param  openId the user's OpenID
487             * @param  locale the user's locale
488             * @param  firstName the user's first name
489             * @param  middleName the user's middle name
490             * @param  lastName the user's last name
491             * @param  prefixId the user's name prefix ID
492             * @param  suffixId the user's name suffix ID
493             * @param  male whether the user is male
494             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
495             *         January)
496             * @param  birthdayDay the user's birthday day
497             * @param  birthdayYear the user's birthday year
498             * @param  jobTitle the user's job title
499             * @param  groupIds the primary keys of the user's groups
500             * @param  organizationIds the primary keys of the user's organizations
501             * @param  roleIds the primary keys of the roles this user possesses
502             * @param  userGroupIds the primary keys of the user's user groups
503             * @param  addresses the user's addresses
504             * @param  emailAddresses the user's email addresses
505             * @param  phones the user's phone numbers
506             * @param  websites the user's websites
507             * @param  announcementsDelivers the announcements deliveries
508             * @param  sendEmail whether to send the user an email notification about
509             *         their new account
510             * @param  serviceContext the user's service context (optionally
511             *         <code>null</code>). Can set the universally unique identifier
512             *         (with the <code>uuid</code> attribute), asset category IDs, asset
513             *         tag names, and expando bridge attributes for the user.
514             * @return the new user
515             * @throws PortalException if the user's information was invalid, if the
516             *         creator did not have permission to add users, if the email
517             *         address was reserved, or some other portal exception occurred
518             * @throws SystemException if a system exception occurred
519             */
520            public User addUserWithWorkflow(
521                            long companyId, boolean autoPassword, String password1,
522                            String password2, boolean autoScreenName, String screenName,
523                            String emailAddress, long facebookId, String openId, Locale locale,
524                            String firstName, String middleName, String lastName, int prefixId,
525                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
526                            int birthdayYear, String jobTitle, long[] groupIds,
527                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
528                            List<Address> addresses, List<EmailAddress> emailAddresses,
529                            List<Phone> phones, List<Website> websites,
530                            List<AnnouncementsDelivery> announcementsDelivers,
531                            boolean sendEmail, ServiceContext serviceContext)
532                    throws PortalException, SystemException {
533    
534                    boolean indexingEnabled = serviceContext.isIndexingEnabled();
535    
536                    serviceContext.setIndexingEnabled(false);
537    
538                    try {
539                            User user = addUserWithWorkflow(
540                                    companyId, autoPassword, password1, password2, autoScreenName,
541                                    screenName, emailAddress, facebookId, openId, locale, firstName,
542                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
543                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
544                                    roleIds, userGroupIds, sendEmail, serviceContext);
545    
546                            UsersAdminUtil.updateAddresses(
547                                    Contact.class.getName(), user.getContactId(), addresses);
548    
549                            UsersAdminUtil.updateEmailAddresses(
550                                    Contact.class.getName(), user.getContactId(), emailAddresses);
551    
552                            UsersAdminUtil.updatePhones(
553                                    Contact.class.getName(), user.getContactId(), phones);
554    
555                            UsersAdminUtil.updateWebsites(
556                                    Contact.class.getName(), user.getContactId(), websites);
557    
558                            updateAnnouncementsDeliveries(
559                                    user.getUserId(), announcementsDelivers);
560    
561                            if (indexingEnabled) {
562                                    Indexer indexer = IndexerRegistryUtil.getIndexer(User.class);
563    
564                                    indexer.reindex(user);
565                            }
566    
567                            return user;
568                    }
569                    finally {
570                            serviceContext.setIndexingEnabled(indexingEnabled);
571                    }
572            }
573    
574            /**
575             * Deletes the user's portrait image.
576             *
577             * @param  userId the primary key of the user
578             * @throws PortalException if a user with the primary key could not be
579             *         found, if the user's portrait could not be found, or if the
580             *         current user did not have permission to update the user
581             * @throws SystemException if a system exception occurred
582             */
583            public void deletePortrait(long userId)
584                    throws PortalException, SystemException {
585    
586                    UserPermissionUtil.check(
587                            getPermissionChecker(), userId, ActionKeys.UPDATE);
588    
589                    userLocalService.deletePortrait(userId);
590            }
591    
592            /**
593             * Removes the user from the role.
594             *
595             * @param  roleId the primary key of the role
596             * @param  userId the primary key of the user
597             * @throws PortalException if a role or user with the primary key could not
598             *         be found, or if the current user did not have permission to
599             *         assign role members
600             * @throws SystemException if a system exception occurred
601             */
602            public void deleteRoleUser(long roleId, long userId)
603                    throws PortalException, SystemException {
604    
605                    RolePermissionUtil.check(
606                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
607    
608                    userLocalService.deleteRoleUser(roleId, userId);
609            }
610    
611            /**
612             * Deletes the user.
613             *
614             * @param  userId the primary key of the user
615             * @throws PortalException if a user with the primary key could not be found
616             *         or if the current user did not have permission to delete the user
617             * @throws SystemException if a system exception occurred
618             */
619            public void deleteUser(long userId)
620                    throws PortalException, SystemException {
621    
622                    if (getUserId() == userId) {
623                            throw new RequiredUserException();
624                    }
625    
626                    UserPermissionUtil.check(
627                            getPermissionChecker(), userId, ActionKeys.DELETE);
628    
629                    userLocalService.deleteUser(userId);
630            }
631    
632            /**
633             * Returns the primary key of the default user for the company.
634             *
635             * @param  companyId the primary key of the company
636             * @return the primary key of the default user for the company
637             * @throws PortalException if a default user for the company could not be
638             *         found
639             * @throws SystemException if a system exception occurred
640             */
641            public long getDefaultUserId(long companyId)
642                    throws PortalException, SystemException {
643    
644                    return userLocalService.getDefaultUserId(companyId);
645            }
646    
647            /**
648             * Returns the primary keys of all the users belonging to the group.
649             *
650             * @param  groupId the primary key of the group
651             * @return the primary keys of the users belonging to the group
652             * @throws PortalException if the current user did not have permission to
653             *         view group assignments
654             * @throws SystemException if a system exception occurred
655             */
656            public long[] getGroupUserIds(long groupId)
657                    throws PortalException, SystemException {
658    
659                    GroupPermissionUtil.check(
660                            getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
661    
662                    return userLocalService.getGroupUserIds(groupId);
663            }
664    
665            /**
666             * Returns the primary keys of all the users belonging to the organization.
667             *
668             * @param  organizationId the primary key of the organization
669             * @return the primary keys of the users belonging to the organization
670             * @throws PortalException if the current user did not have permission to
671             *         view organization assignments
672             * @throws SystemException if a system exception occurred
673             */
674            public long[] getOrganizationUserIds(long organizationId)
675                    throws PortalException, SystemException {
676    
677                    OrganizationPermissionUtil.check(
678                            getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
679    
680                    return userLocalService.getOrganizationUserIds(organizationId);
681            }
682    
683            /**
684             * Returns the primary keys of all the users belonging to the role.
685             *
686             * @param  roleId the primary key of the role
687             * @return the primary keys of the users belonging to the role
688             * @throws PortalException if the current user did not have permission to
689             *         view role members
690             * @throws SystemException if a system exception occurred
691             */
692            public long[] getRoleUserIds(long roleId) throws
693                    PortalException, SystemException {
694    
695                    RolePermissionUtil.check(
696                            getPermissionChecker(), roleId, ActionKeys.VIEW);
697    
698                    return userLocalService.getRoleUserIds(roleId);
699            }
700    
701            /**
702             * Returns the user with the email address.
703             *
704             * @param  companyId the primary key of the user's company
705             * @param  emailAddress the user's email address
706             * @return the user with the email address
707             * @throws PortalException if a user with the email address could not be
708             *         found or if the current user did not have permission to view the
709             *         user
710             * @throws SystemException if a system exception occurred
711             */
712            public User getUserByEmailAddress(long companyId, String emailAddress)
713                    throws PortalException, SystemException {
714    
715                    User user = userLocalService.getUserByEmailAddress(
716                            companyId, emailAddress);
717    
718                    UserPermissionUtil.check(
719                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
720    
721                    return user;
722            }
723    
724            /**
725             * Returns the user with the primary key.
726             *
727             * @param  userId the primary key of the user
728             * @return the user with the primary key
729             * @throws PortalException if a user with the primary key could not be found
730             *         or if the current user did not have permission to view the user
731             * @throws SystemException if a system exception occurred
732             */
733            public User getUserById(long userId)
734                    throws PortalException, SystemException {
735    
736                    User user = userPersistence.findByPrimaryKey(userId);
737    
738                    UserPermissionUtil.check(
739                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
740    
741                    return user;
742            }
743    
744            /**
745             * Returns the user with the screen name.
746             *
747             * @param  companyId the primary key of the user's company
748             * @param  screenName the user's screen name
749             * @return the user with the screen name
750             * @throws PortalException if a user with the screen name could not be found
751             *         or if the current user did not have permission to veiw the user
752             * @throws SystemException if a system exception occurred
753             */
754            public User getUserByScreenName(long companyId, String screenName)
755                    throws PortalException, SystemException {
756    
757                    User user = userLocalService.getUserByScreenName(companyId, screenName);
758    
759                    UserPermissionUtil.check(
760                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
761    
762                    return user;
763            }
764    
765            /**
766             * Returns the primary key of the user with the email address.
767             *
768             * @param  companyId the primary key of the user's company
769             * @param  emailAddress the user's email address
770             * @return the primary key of the user with the email address
771             * @throws PortalException if a user with the email address could not be
772             *         found
773             * @throws SystemException if a system exception occurred
774             */
775            public long getUserIdByEmailAddress(long companyId, String emailAddress)
776                    throws PortalException, SystemException {
777    
778                    User user = getUserByEmailAddress(companyId, emailAddress);
779    
780                    return user.getUserId();
781            }
782    
783            /**
784             * Returns the primary key of the user with the screen name.
785             *
786             * @param  companyId the primary key of the user's company
787             * @param  screenName the user's screen name
788             * @return the primary key of the user with the screen name
789             * @throws PortalException if a user with the screen name could not be found
790             * @throws SystemException if a system exception occurred
791             */
792            public long getUserIdByScreenName(long companyId, String screenName)
793                    throws PortalException, SystemException {
794    
795                    User user = getUserByScreenName(companyId, screenName);
796    
797                    return user.getUserId();
798            }
799    
800            /**
801             * Returns <code>true</code> if the user is a member of the group.
802             *
803             * @param  groupId the primary key of the group
804             * @param  userId the primary key of the user
805             * @return <code>true</code> if the user is a member of the group;
806             *         <code>false</code> otherwise
807             * @throws SystemException if a system exception occurred
808             */
809            public boolean hasGroupUser(long groupId, long userId)
810                    throws SystemException {
811    
812                    return userLocalService.hasGroupUser(groupId, userId);
813            }
814    
815            /**
816             * Returns <code>true</code> if the user is a member of the role.
817             *
818             * @param  roleId the primary key of the role
819             * @param  userId the primary key of the user
820             * @return <code>true</code> if the user is a member of the role;
821             *         <code>false</code> otherwise
822             * @throws SystemException if a system exception occurred
823             */
824            public boolean hasRoleUser(long roleId, long userId)
825                    throws SystemException {
826    
827                    return userLocalService.hasRoleUser(roleId, userId);
828            }
829    
830            /**
831             * Returns <code>true</code> if the user has the role with the name,
832             * optionally through inheritance.
833             *
834             * @param  companyId the primary key of the role's company
835             * @param  name the name of the role (must be a regular role, not an
836             *         organization, site or provider role)
837             * @param  userId the primary key of the user
838             * @param  inherited whether to include roles inherited from organizations,
839             *         sites, etc.
840             * @return <code>true</code> if the user has the role; <code>false</code>
841             *         otherwise
842             * @throws PortalException if a role with the name could not be found
843             * @throws SystemException if a system exception occurred
844             */
845            public boolean hasRoleUser(
846                            long companyId, String name, long userId, boolean inherited)
847                    throws PortalException, SystemException {
848    
849                    return userLocalService.hasRoleUser(companyId, name, userId, inherited);
850            }
851    
852            /**
853             * Sets the users in the role, removing and adding users to the role as
854             * necessary.
855             *
856             * @param  roleId the primary key of the role
857             * @param  userIds the primary keys of the users
858             * @throws PortalException if the current user did not have permission to
859             *         assign role members
860             * @throws SystemException if a system exception occurred
861             */
862            public void setRoleUsers(long roleId, long[] userIds)
863                    throws PortalException, SystemException {
864    
865                    RolePermissionUtil.check(
866                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
867    
868                    userLocalService.setRoleUsers(roleId, userIds);
869            }
870    
871            /**
872             * Sets the users in the user group, removing and adding users to the user
873             * group as necessary.
874             *
875             * @param  userGroupId the primary key of the user group
876             * @param  userIds the primary keys of the users
877             * @throws PortalException if the current user did not have permission to
878             *         assign group members
879             * @throws SystemException if a system exception occurred
880             */
881            public void setUserGroupUsers(long userGroupId, long[] userIds)
882                    throws PortalException, SystemException {
883    
884                    UserGroupPermissionUtil.check(
885                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
886    
887                    userLocalService.setUserGroupUsers(userGroupId, userIds);
888            }
889    
890            /**
891             * Removes the users from the group.
892             *
893             * @param  groupId the primary key of the group
894             * @param  userIds the primary keys of the users
895             * @throws PortalException if the current user did not have permission to
896             *         modify group assignments
897             * @throws SystemException if a system exception occurred
898             */
899            public void unsetGroupUsers(
900                            long groupId, long[] userIds, ServiceContext serviceContext)
901                    throws PortalException, SystemException {
902    
903                    try {
904                            GroupPermissionUtil.check(
905                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
906                    }
907                    catch (PrincipalException pe) {
908    
909                            // Allow any user to leave open and restricted sites
910    
911                            boolean hasPermission = false;
912    
913                            if (userIds.length == 0) {
914                                    hasPermission = true;
915                            }
916                            else if (userIds.length == 1) {
917                                    User user = getUser();
918    
919                                    if (user.getUserId() == userIds[0]) {
920                                            Group group = groupPersistence.findByPrimaryKey(groupId);
921    
922                                            if (user.getCompanyId() == group.getCompanyId()) {
923                                                    int type = group.getType();
924    
925                                                    if ((type == GroupConstants.TYPE_SITE_OPEN) ||
926                                                            (type == GroupConstants.TYPE_SITE_RESTRICTED)) {
927    
928                                                            hasPermission = true;
929                                                    }
930                                            }
931                                    }
932                            }
933    
934                            if (!hasPermission) {
935                                    throw new PrincipalException();
936                            }
937                    }
938    
939                    userLocalService.unsetGroupUsers(groupId, userIds, serviceContext);
940            }
941    
942            /**
943             * Removes the users from the organization.
944             *
945             * @param  organizationId the primary key of the organization
946             * @param  userIds the primary keys of the users
947             * @throws PortalException if the current user did not have permission to
948             *         modify organization assignments
949             * @throws SystemException if a system exception occurred
950             */
951            public void unsetOrganizationUsers(long organizationId, long[] userIds)
952                    throws PortalException, SystemException {
953    
954                    OrganizationPermissionUtil.check(
955                            getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
956    
957                    userLocalService.unsetOrganizationUsers(organizationId, userIds);
958            }
959    
960            /**
961             * Removes the users from the password policy.
962             *
963             * @param  passwordPolicyId the primary key of the password policy
964             * @param  userIds the primary keys of the users
965             * @throws PortalException if the current user did not have permission to
966             *         modify policy assignments
967             * @throws SystemException if a system exception occurred
968             */
969            public void unsetPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
970                    throws PortalException, SystemException {
971    
972                    PasswordPolicyPermissionUtil.check(
973                            getPermissionChecker(), passwordPolicyId,
974                            ActionKeys.ASSIGN_MEMBERS);
975    
976                    userLocalService.unsetPasswordPolicyUsers(passwordPolicyId, userIds);
977            }
978    
979            /**
980             * Removes the users from the role.
981             *
982             * @param  roleId the primary key of the role
983             * @param  userIds the primary keys of the users
984             * @throws PortalException if the current user did not have permission to
985             *         modify role assignments
986             * @throws SystemException if a system exception occurred
987             */
988            public void unsetRoleUsers(long roleId, long[] userIds)
989                    throws PortalException, SystemException {
990    
991                    RolePermissionUtil.check(
992                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
993    
994                    userLocalService.unsetRoleUsers(roleId, userIds);
995            }
996    
997            /**
998             * Removes the users from the team.
999             *
1000             * @param  teamId the primary key of the team
1001             * @param  userIds the primary keys of the users
1002             * @throws PortalException if the current user did not have permission to
1003             *         modify team assignments
1004             * @throws SystemException if a system exception occurred
1005             */
1006            public void unsetTeamUsers(long teamId, long[] userIds)
1007                    throws PortalException, SystemException {
1008    
1009                    TeamPermissionUtil.check(
1010                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
1011    
1012                    userLocalService.unsetTeamUsers(teamId, userIds);
1013            }
1014    
1015            /**
1016             * Removes the users from the user group.
1017             *
1018             * @param  userGroupId the primary key of the user group
1019             * @param  userIds the primary keys of the users
1020             * @throws PortalException if the current user did not have permission to
1021             *         modify user group assignments
1022             * @throws SystemException if a system exception occurred
1023             */
1024            public void unsetUserGroupUsers(long userGroupId, long[] userIds)
1025                    throws PortalException, SystemException {
1026    
1027                    UserGroupPermissionUtil.check(
1028                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1029    
1030                    userLocalService.unsetUserGroupUsers(userGroupId, userIds);
1031            }
1032    
1033            /**
1034             * Updates the user's response to the terms of use agreement.
1035             *
1036             * @param  userId the primary key of the user
1037             * @param  agreedToTermsOfUse whether the user has agree to the terms of use
1038             * @return the user
1039             * @throws PortalException if the current user did not have permission to
1040             *         update the user's agreement to terms-of-use
1041             * @throws SystemException if a system exception occurred
1042             */
1043            public User updateAgreedToTermsOfUse(
1044                            long userId, boolean agreedToTermsOfUse)
1045                    throws PortalException, SystemException {
1046    
1047                    UserPermissionUtil.check(
1048                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1049    
1050                    return userLocalService.updateAgreedToTermsOfUse(
1051                            userId, agreedToTermsOfUse);
1052            }
1053    
1054            /**
1055             * Updates the user's email address.
1056             *
1057             * @param  userId the primary key of the user
1058             * @param  password the user's password
1059             * @param  emailAddress1 the user's new email address
1060             * @param  emailAddress2 the user's new email address confirmation
1061             * @return the user
1062             * @throws PortalException if a user with the primary key could not be found
1063             *         or if the current user did not have permission to update the user
1064             * @throws SystemException if a system exception occurred
1065             */
1066            public User updateEmailAddress(
1067                            long userId, String password, String emailAddress1,
1068                            String emailAddress2, ServiceContext serviceContext)
1069                    throws PortalException, SystemException {
1070    
1071                    UserPermissionUtil.check(
1072                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1073    
1074                    return userLocalService.updateEmailAddress(
1075                            userId, password, emailAddress1, emailAddress2, serviceContext);
1076            }
1077    
1078            /**
1079             * Updates a user account that was automatically created when a guest user
1080             * participated in an action (e.g. posting a comment) and only provided his
1081             * name and email address.
1082             *
1083             * @param  companyId the primary key of the user's company
1084             * @param  autoPassword whether a password should be automatically generated
1085             *         for the user
1086             * @param  password1 the user's password
1087             * @param  password2 the user's password confirmation
1088             * @param  autoScreenName whether a screen name should be automatically
1089             *         generated for the user
1090             * @param  screenName the user's screen name
1091             * @param  emailAddress the user's email address
1092             * @param  facebookId the user's facebook ID
1093             * @param  openId the user's OpenID
1094             * @param  locale the user's locale
1095             * @param  firstName the user's first name
1096             * @param  middleName the user's middle name
1097             * @param  lastName the user's last name
1098             * @param  prefixId the user's name prefix ID
1099             * @param  suffixId the user's name suffix ID
1100             * @param  male whether the user is male
1101             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
1102             *         January)
1103             * @param  birthdayDay the user's birthday day
1104             * @param  birthdayYear the user's birthday year
1105             * @param  jobTitle the user's job title
1106             * @param  updateUserInformation whether to update the user's information
1107             * @param  sendEmail whether to send the user an email notification about
1108             *         their new account
1109             * @param  serviceContext the user's service context (optionally
1110             *         <code>null</code>). Can set the expando bridge attributes for the
1111             *         user.
1112             * @return the user
1113             * @throws PortalException if the user's information was invalid or if the
1114             *         email address was reserved
1115             * @throws SystemException if a system exception occurred
1116             */
1117            public User updateIncompleteUser(
1118                            long companyId, boolean autoPassword, String password1,
1119                            String password2, boolean autoScreenName, String screenName,
1120                            String emailAddress, long facebookId, String openId, Locale locale,
1121                            String firstName, String middleName, String lastName, int prefixId,
1122                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
1123                            int birthdayYear, String jobTitle, boolean updateUserInformation,
1124                            boolean sendEmail, ServiceContext serviceContext)
1125                    throws PortalException, SystemException {
1126    
1127                    long creatorUserId = 0;
1128    
1129                    try {
1130                            creatorUserId = getUserId();
1131                    }
1132                    catch (PrincipalException pe) {
1133                    }
1134    
1135                    checkAddUserPermission(
1136                            creatorUserId, companyId, emailAddress, null, serviceContext);
1137    
1138                    return userLocalService.updateIncompleteUser(
1139                            creatorUserId, companyId, autoPassword, password1, password2,
1140                            autoScreenName, screenName, emailAddress, facebookId, openId,
1141                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
1142                            birthdayMonth, birthdayDay, birthdayYear, jobTitle,
1143                            updateUserInformation, sendEmail, serviceContext);
1144            }
1145    
1146            /**
1147             * Updates whether the user is locked out from logging in.
1148             *
1149             * @param  userId the primary key of the user
1150             * @param  lockout whether the user is locked out
1151             * @return the user
1152             * @throws PortalException if the user did not have permission to lock out
1153             *         the user
1154             * @throws SystemException if a system exception occurred
1155             */
1156            public User updateLockoutById(long userId, boolean lockout)
1157                    throws PortalException, SystemException {
1158    
1159                    UserPermissionUtil.check(
1160                            getPermissionChecker(), userId, ActionKeys.DELETE);
1161    
1162                    return userLocalService.updateLockoutById(userId, lockout);
1163            }
1164    
1165            /**
1166             * Updates the user's OpenID.
1167             *
1168             * @param  userId the primary key of the user
1169             * @param  openId the new OpenID
1170             * @return the user
1171             * @throws PortalException if a user with the primary key could not be found
1172             *         or if the current user did not have permission to update the user
1173             * @throws SystemException if a system exception occurred
1174             */
1175            public User updateOpenId(long userId, String openId)
1176                    throws PortalException, SystemException {
1177    
1178                    UserPermissionUtil.check(
1179                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1180    
1181                    return userLocalService.updateOpenId(userId, openId);
1182            }
1183    
1184            /**
1185             * Sets the organizations that the user is in, removing and adding
1186             * organizations as necessary.
1187             *
1188             * @param  userId the primary key of the user
1189             * @param  organizationIds the primary keys of the organizations
1190             * @throws PortalException if a user with the primary key could not be found
1191             *         or if the current user did not have permission to update the user
1192             * @throws SystemException if a system exception occurred
1193             */
1194            public void updateOrganizations(
1195                            long userId, long[] organizationIds, ServiceContext serviceContext)
1196                    throws PortalException, SystemException {
1197    
1198                    UserPermissionUtil.check(
1199                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1200    
1201                    userLocalService.updateOrganizations(
1202                            userId, organizationIds, serviceContext);
1203            }
1204    
1205            /**
1206             * Updates the user's password without tracking or validation of the change.
1207             *
1208             * @param  userId the primary key of the user
1209             * @param  password1 the user's new password
1210             * @param  password2 the user's new password confirmation
1211             * @param  passwordReset whether the user should be asked to reset their
1212             *         password the next time they log in
1213             * @return the user
1214             * @throws PortalException if a user with the primary key could not be found
1215             *         or if the current user did not have permission to update the user
1216             * @throws SystemException if a system exception occurred
1217             */
1218            public User updatePassword(
1219                            long userId, String password1, String password2,
1220                            boolean passwordReset)
1221                    throws PortalException, SystemException {
1222    
1223                    UserPermissionUtil.check(
1224                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1225    
1226                    return userLocalService.updatePassword(
1227                            userId, password1, password2, passwordReset);
1228            }
1229    
1230            /**
1231             * Updates the user's portrait image.
1232             *
1233             * @param  userId the primary key of the user
1234             * @param  bytes the new portrait image data
1235             * @return the user
1236             * @throws PortalException if a user with the primary key could not be
1237             *         found, if the new portrait was invalid, or if the current user
1238             *         did not have permission to update the user
1239             * @throws SystemException if a system exception occurred
1240             */
1241            public User updatePortrait(long userId, byte[] bytes)
1242                    throws PortalException, SystemException {
1243    
1244                    UserPermissionUtil.check(
1245                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1246    
1247                    return userLocalService.updatePortrait(userId, bytes);
1248            }
1249    
1250            /**
1251             * Updates the user's password reset question and answer.
1252             *
1253             * @param  userId the primary key of the user
1254             * @param  question the user's new password reset question
1255             * @param  answer the user's new password reset answer
1256             * @return the user
1257             * @throws PortalException if a user with the primary key could not be
1258             *         found, if the new question or answer were invalid, or if the
1259             *         current user did not have permission to update the user
1260             * @throws SystemException if a system exception occurred
1261             */
1262            public User updateReminderQuery(long userId, String question, String answer)
1263                    throws PortalException, SystemException {
1264    
1265                    UserPermissionUtil.check(
1266                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1267    
1268                    return userLocalService.updateReminderQuery(userId, question, answer);
1269            }
1270    
1271            /**
1272             * Updates the user's screen name.
1273             *
1274             * @param  userId the primary key of the user
1275             * @param  screenName the user's new screen name
1276             * @return the user
1277             * @throws PortalException if a user with the primary key could not be
1278             *         found, if the new screen name was invalid, or if the current user
1279             *         did not have permission to update the user
1280             * @throws SystemException if a system exception occurred
1281             */
1282            public User updateScreenName(long userId, String screenName)
1283                    throws PortalException, SystemException {
1284    
1285                    UserPermissionUtil.check(
1286                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1287    
1288                    return userLocalService.updateScreenName(userId, screenName);
1289            }
1290    
1291            /**
1292             * Updates the user's workflow status.
1293             *
1294             * @param  userId the primary key of the user
1295             * @param  status the user's new workflow status
1296             * @return the user
1297             * @throws PortalException if a user with the primary key could not be
1298             *         found, if the current user was updating her own status to
1299             *         anything but {@link WorkflowConstants.STATUS_APPROVED}, or if the
1300             *         current user did not have permission to update the user's
1301             *         workflow status.
1302             * @throws SystemException if a system exception occurred
1303             */
1304            public User updateStatus(long userId, int status)
1305                    throws PortalException, SystemException {
1306    
1307                    if ((getUserId() == userId) &&
1308                            (status != WorkflowConstants.STATUS_APPROVED)) {
1309    
1310                            throw new RequiredUserException();
1311                    }
1312    
1313                    UserPermissionUtil.check(
1314                            getPermissionChecker(), userId, ActionKeys.DELETE);
1315    
1316                    return userLocalService.updateStatus(userId, status);
1317            }
1318    
1319            /**
1320             * Updates the user with additional parameters.
1321             *
1322             * @param  userId the primary key of the user
1323             * @param  oldPassword the user's old password
1324             * @param  newPassword1 the user's new password (optionally
1325             *         <code>null</code>)
1326             * @param  newPassword2 the user's new password confirmation (optionally
1327             *         <code>null</code>)
1328             * @param  passwordReset whether the user should be asked to reset their
1329             *         password the next time they login
1330             * @param  reminderQueryQuestion the user's new password reset question
1331             * @param  reminderQueryAnswer the user's new password reset answer
1332             * @param  screenName the user's new screen name
1333             * @param  emailAddress the user's new email address
1334             * @param  facebookId the user's new Facebook ID
1335             * @param  openId the user's new OpenID
1336             * @param  languageId the user's new language ID
1337             * @param  timeZoneId the user's new time zone ID
1338             * @param  greeting the user's new greeting
1339             * @param  comments the user's new comments
1340             * @param  firstName the user's new first name
1341             * @param  middleName the user's new middle name
1342             * @param  lastName the user's new last name
1343             * @param  prefixId the user's new name prefix ID
1344             * @param  suffixId the user's new name suffix ID
1345             * @param  male whether user is male
1346             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1347             *         for January)
1348             * @param  birthdayDay the user's new birthday day
1349             * @param  birthdayYear the user's birthday year
1350             * @param  smsSn the user's new SMS screen name
1351             * @param  aimSn the user's new AIM screen name
1352             * @param  facebookSn the user's new Facebook screen name
1353             * @param  icqSn the user's new ICQ screen name
1354             * @param  jabberSn the user's new Jabber screen name
1355             * @param  msnSn the user's new MSN screen name
1356             * @param  mySpaceSn the user's new MySpace screen name
1357             * @param  skypeSn the user's new Skype screen name
1358             * @param  twitterSn the user's new Twitter screen name
1359             * @param  ymSn the user's new Yahoo! Messenger screen name
1360             * @param  jobTitle the user's new job title
1361             * @param  groupIds the primary keys of the user's groups
1362             * @param  organizationIds the primary keys of the user's organizations
1363             * @param  roleIds the primary keys of the user's roles
1364             * @param  userGroupRoles the user user's group roles
1365             * @param  userGroupIds the primary keys of the user's user groups
1366             * @param  addresses the user's addresses
1367             * @param  emailAddresses the user's email addresses
1368             * @param  phones the user's phone numbers
1369             * @param  websites the user's websites
1370             * @param  announcementsDelivers the announcements deliveries
1371             * @param  serviceContext the user's service context (optionally
1372             *         <code>null</code>). Can set the universally unique identifier
1373             *         (with the <code>uuid</code> attribute), asset category IDs, asset
1374             *         tag names, and expando bridge attributes for the user.
1375             * @return the user
1376             * @throws PortalException if a user with the primary key could not be
1377             *         found, if the new information was invalid, or if the current user
1378             *         did not have permission to update the user
1379             * @throws SystemException if a system exception occurred
1380             */
1381            public User updateUser(
1382                            long userId, String oldPassword, String newPassword1,
1383                            String newPassword2, boolean passwordReset,
1384                            String reminderQueryQuestion, String reminderQueryAnswer,
1385                            String screenName, String emailAddress, long facebookId,
1386                            String openId, String languageId, String timeZoneId,
1387                            String greeting, String comments, String firstName,
1388                            String middleName, String lastName, int prefixId, int suffixId,
1389                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1390                            String smsSn, String aimSn, String facebookSn, String icqSn,
1391                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1392                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1393                            long[] organizationIds, long[] roleIds,
1394                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1395                            List<Address> addresses, List<EmailAddress> emailAddresses,
1396                            List<Phone> phones, List<Website> websites,
1397                            List<AnnouncementsDelivery> announcementsDelivers,
1398                            ServiceContext serviceContext)
1399                    throws PortalException, SystemException {
1400    
1401                    User user = userPersistence.findByPrimaryKey(userId);
1402    
1403                    UsersAdminUtil.updateAddresses(
1404                            Contact.class.getName(), user.getContactId(), addresses);
1405    
1406                    UsersAdminUtil.updateEmailAddresses(
1407                            Contact.class.getName(), user.getContactId(), emailAddresses);
1408    
1409                    UsersAdminUtil.updatePhones(
1410                            Contact.class.getName(), user.getContactId(), phones);
1411    
1412                    UsersAdminUtil.updateWebsites(
1413                            Contact.class.getName(), user.getContactId(), websites);
1414    
1415                    updateAnnouncementsDeliveries(user.getUserId(), announcementsDelivers);
1416    
1417                    user = updateUser(
1418                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1419                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1420                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1421                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1422                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1423                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1424                            jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1425                            userGroupIds, serviceContext);
1426    
1427                    return user;
1428            }
1429    
1430            /**
1431             * Updates the user.
1432             *
1433             * @param  userId the primary key of the user
1434             * @param  oldPassword the user's old password
1435             * @param  newPassword1 the user's new password (optionally
1436             *         <code>null</code>)
1437             * @param  newPassword2 the user's new password confirmation (optionally
1438             *         <code>null</code>)
1439             * @param  passwordReset whether the user should be asked to reset their
1440             *         password the next time they login
1441             * @param  reminderQueryQuestion the user's new password reset question
1442             * @param  reminderQueryAnswer the user's new password reset answer
1443             * @param  screenName the user's new screen name
1444             * @param  emailAddress the user's new email address
1445             * @param  facebookId the user's new Facebook ID
1446             * @param  openId the user's new OpenID
1447             * @param  languageId the user's new language ID
1448             * @param  timeZoneId the user's new time zone ID
1449             * @param  greeting the user's new greeting
1450             * @param  comments the user's new comments
1451             * @param  firstName the user's new first name
1452             * @param  middleName the user's new middle name
1453             * @param  lastName the user's new last name
1454             * @param  prefixId the user's new name prefix ID
1455             * @param  suffixId the user's new name suffix ID
1456             * @param  male whether user is male
1457             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1458             *         for January)
1459             * @param  birthdayDay the user's new birthday day
1460             * @param  birthdayYear the user's birthday year
1461             * @param  smsSn the user's new SMS screen name
1462             * @param  aimSn the user's new AIM screen name
1463             * @param  facebookSn the user's new Facebook screen name
1464             * @param  icqSn the user's new ICQ screen name
1465             * @param  jabberSn the user's new Jabber screen name
1466             * @param  msnSn the user's new MSN screen name
1467             * @param  mySpaceSn the user's new MySpace screen name
1468             * @param  skypeSn the user's new Skype screen name
1469             * @param  twitterSn the user's new Twitter screen name
1470             * @param  ymSn the user's new Yahoo! Messenger screen name
1471             * @param  jobTitle the user's new job title
1472             * @param  groupIds the primary keys of the user's groups
1473             * @param  organizationIds the primary keys of the user's organizations
1474             * @param  roleIds the primary keys of the user's roles
1475             * @param  userGroupRoles the user user's group roles
1476             * @param  userGroupIds the primary keys of the user's user groups
1477             * @param  serviceContext the user's service context (optionally
1478             *         <code>null</code>). Can set the universally unique identifier
1479             *         (with the <code>uuid</code> attribute), asset category IDs, asset
1480             *         tag names, and expando bridge attributes for the user.
1481             * @return the user
1482             * @throws PortalException if a user with the primary key could not be
1483             *         found, if the new information was invalid, or if the current user
1484             *         did not have permission to update the user
1485             * @throws SystemException if a system exception occurred
1486             */
1487            public User updateUser(
1488                            long userId, String oldPassword, String newPassword1,
1489                            String newPassword2, boolean passwordReset,
1490                            String reminderQueryQuestion, String reminderQueryAnswer,
1491                            String screenName, String emailAddress, long facebookId,
1492                            String openId, String languageId, String timeZoneId,
1493                            String greeting, String comments, String firstName,
1494                            String middleName, String lastName, int prefixId, int suffixId,
1495                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1496                            String smsSn, String aimSn, String facebookSn, String icqSn,
1497                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1498                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1499                            long[] organizationIds, long[] roleIds,
1500                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1501                            ServiceContext serviceContext)
1502                    throws PortalException, SystemException {
1503    
1504                    UserPermissionUtil.check(
1505                            getPermissionChecker(), userId, organizationIds, ActionKeys.UPDATE);
1506    
1507                    long curUserId = getUserId();
1508    
1509                    if (curUserId == userId) {
1510                            User user = userPersistence.findByPrimaryKey(userId);
1511    
1512                            screenName = screenName.trim().toLowerCase();
1513    
1514                            if (!screenName.equalsIgnoreCase(user.getScreenName())) {
1515                                    validateScreenName(user, screenName);
1516                            }
1517    
1518                            emailAddress = emailAddress.trim().toLowerCase();
1519    
1520                            if (!emailAddress.equalsIgnoreCase(user.getEmailAddress())) {
1521                                    validateEmailAddress(user, emailAddress);
1522                            }
1523                    }
1524    
1525                    if (groupIds != null) {
1526                            groupIds = checkGroups(userId, groupIds);
1527                    }
1528    
1529                    if (organizationIds != null) {
1530                            organizationIds = checkOrganizations(userId, organizationIds);
1531                    }
1532    
1533                    if (roleIds != null) {
1534                            roleIds = checkRoles(userId, roleIds);
1535                    }
1536    
1537                    if (userGroupRoles != null) {
1538                            userGroupRoles = checkUserGroupRoles(userId, userGroupRoles);
1539                    }
1540    
1541                    return userLocalService.updateUser(
1542                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1543                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1544                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1545                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1546                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1547                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1548                            jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1549                            userGroupIds, serviceContext);
1550            }
1551    
1552            protected void checkAddUserPermission(
1553                            long creatorUserId, long companyId, String emailAddress,
1554                            long[] organizationIds, ServiceContext serviceContext)
1555                    throws PortalException, SystemException {
1556    
1557                    Company company = companyPersistence.findByPrimaryKey(companyId);
1558    
1559                    boolean anonymousUser = GetterUtil.getBoolean(
1560                            serviceContext.getAttribute("anonymousUser"));
1561    
1562                    if ((creatorUserId != 0) ||
1563                            (!company.isStrangers() && !anonymousUser)) {
1564    
1565                            if (!PortalPermissionUtil.contains(
1566                                            getPermissionChecker(), ActionKeys.ADD_USER) &&
1567                                    !OrganizationPermissionUtil.contains(
1568                                            getPermissionChecker(), organizationIds,
1569                                            ActionKeys.ASSIGN_MEMBERS)) {
1570    
1571                                    throw new PrincipalException();
1572                            }
1573                    }
1574    
1575                    if (creatorUserId == 0) {
1576                            if (!company.isStrangersWithMx() &&
1577                                    company.hasCompanyMx(emailAddress)) {
1578    
1579                                    throw new ReservedUserEmailAddressException();
1580                            }
1581                    }
1582            }
1583    
1584            protected long[] checkGroups(long userId, long[] groupIds)
1585                    throws PortalException, SystemException {
1586    
1587                    // Add back any groups that the administrator does not have the rights
1588                    // to remove and check that he has the permission to add any new group
1589    
1590                    List<Group> oldGroups = groupLocalService.getUserGroups(userId);
1591                    long[] oldGroupIds = new long[oldGroups.size()];
1592    
1593                    for (int i = 0; i < oldGroups.size(); i++) {
1594                            Group group = oldGroups.get(i);
1595    
1596                            if (!ArrayUtil.contains(groupIds, group.getGroupId()) &&
1597                                    !GroupPermissionUtil.contains(
1598                                            getPermissionChecker(), group.getGroupId(),
1599                                            ActionKeys.ASSIGN_MEMBERS)) {
1600    
1601                                    groupIds = ArrayUtil.append(groupIds, group.getGroupId());
1602                            }
1603    
1604                            oldGroupIds[i] = group.getGroupId();
1605                    }
1606    
1607                    for (long groupId : groupIds) {
1608                            if (!ArrayUtil.contains(oldGroupIds, groupId)) {
1609                                    GroupPermissionUtil.check(
1610                                            getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1611                            }
1612                    }
1613    
1614                    return groupIds;
1615            }
1616    
1617            protected long[] checkOrganizations(long userId, long[] organizationIds)
1618                    throws PortalException, SystemException {
1619    
1620                    // Add back any organizations that the administrator does not have the
1621                    // rights to remove and check that he has the permission to add any new
1622                    // organization
1623    
1624                    List<Organization> oldOrganizations =
1625                            organizationLocalService.getUserOrganizations(userId);
1626                    long[] oldOrganizationIds = new long[oldOrganizations.size()];
1627    
1628                    for (int i = 0; i < oldOrganizations.size(); i++) {
1629                            Organization organization = oldOrganizations.get(i);
1630    
1631                            if (!ArrayUtil.contains(
1632                                            organizationIds, organization.getOrganizationId()) &&
1633                                    !OrganizationPermissionUtil.contains(
1634                                            getPermissionChecker(), organization.getOrganizationId(),
1635                                            ActionKeys.ASSIGN_MEMBERS)) {
1636    
1637                                    organizationIds = ArrayUtil.append(
1638                                            organizationIds, organization.getOrganizationId());
1639                            }
1640    
1641                            oldOrganizationIds[i] = organization.getOrganizationId();
1642                    }
1643    
1644                    for (long organizationId : organizationIds) {
1645                            if (!ArrayUtil.contains(oldOrganizationIds, organizationId)) {
1646                                    OrganizationPermissionUtil.check(
1647                                            getPermissionChecker(), organizationId,
1648                                            ActionKeys.ASSIGN_MEMBERS);
1649                            }
1650                    }
1651    
1652                    return organizationIds;
1653            }
1654    
1655            protected long[] checkRoles(long userId, long[] roleIds)
1656                    throws PrincipalException, SystemException {
1657    
1658                    // Add back any roles that the administrator does not have the rights to
1659                    // remove and check that he has the permission to add any new role
1660    
1661                    List<Role> oldRoles = roleLocalService.getUserRoles(userId);
1662                    long[] oldRoleIds = new long[oldRoles.size()];
1663    
1664                    for (int i = 0; i < oldRoles.size(); i++) {
1665                            Role role = oldRoles.get(i);
1666    
1667                            if (!ArrayUtil.contains(roleIds, role.getRoleId()) &&
1668                                    !RolePermissionUtil.contains(
1669                                            getPermissionChecker(), role.getRoleId(),
1670                                            ActionKeys.ASSIGN_MEMBERS)) {
1671    
1672                                    roleIds = ArrayUtil.append(roleIds, role.getRoleId());
1673                            }
1674    
1675                            oldRoleIds[i] = role.getRoleId();
1676                    }
1677    
1678                    for (long roleId : roleIds) {
1679                            if (!ArrayUtil.contains(oldRoleIds, roleId)) {
1680                                    RolePermissionUtil.check(
1681                                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1682                            }
1683                    }
1684    
1685                    return roleIds;
1686            }
1687    
1688            protected List<UserGroupRole> checkUserGroupRoles(
1689                            long userId, List<UserGroupRole> userGroupRoles)
1690                    throws PortalException, SystemException {
1691    
1692                    // Add back any group roles that the administrator does not have the
1693                    // rights to remove
1694    
1695                    List<UserGroupRole> oldUserGroupRoles =
1696                            userGroupRoleLocalService.getUserGroupRoles(userId);
1697    
1698                    for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
1699                            if (!userGroupRoles.contains(oldUserGroupRole) &&
1700                                    !UserGroupRolePermissionUtil.contains(
1701                                            getPermissionChecker(), oldUserGroupRole.getGroupId(),
1702                                            oldUserGroupRole.getRoleId())) {
1703    
1704                                    userGroupRoles.add(oldUserGroupRole);
1705                            }
1706                    }
1707    
1708                    for (UserGroupRole userGroupRole : userGroupRoles) {
1709                            if (!oldUserGroupRoles.contains(userGroupRole)) {
1710                                    UserGroupRolePermissionUtil.check(
1711                                            getPermissionChecker(), userGroupRole.getGroupId(),
1712                                            userGroupRole.getRoleId());
1713                            }
1714                    }
1715    
1716                    return userGroupRoles;
1717            }
1718    
1719            protected void updateAnnouncementsDeliveries(
1720                            long userId, List<AnnouncementsDelivery> announcementsDeliveries)
1721                    throws PortalException, SystemException {
1722    
1723                    for (AnnouncementsDelivery announcementsDelivery :
1724                                    announcementsDeliveries) {
1725    
1726                            announcementsDeliveryService.updateDelivery(
1727                                    userId, announcementsDelivery.getType(),
1728                                    announcementsDelivery.getEmail(),
1729                                    announcementsDelivery.getSms(),
1730                                    announcementsDelivery.getWebsite());
1731                    }
1732            }
1733    
1734            protected void validateEmailAddress(User user, String emailAddress)
1735                    throws PortalException, SystemException {
1736    
1737                    PermissionChecker permissionChecker = getPermissionChecker();
1738    
1739                    if (!UsersAdminUtil.hasUpdateEmailAddress(permissionChecker, user)) {
1740                            throw new UserEmailAddressException();
1741                    }
1742    
1743                    if (!user.hasCompanyMx() && user.hasCompanyMx(emailAddress)) {
1744                            Company company = companyPersistence.findByPrimaryKey(
1745                                    user.getCompanyId());
1746    
1747                            if (!company.isStrangersWithMx()) {
1748                                    throw new ReservedUserEmailAddressException();
1749                            }
1750                    }
1751            }
1752    
1753            protected void validateOrganizationUsers(long[] userIds)
1754                    throws PortalException, SystemException {
1755    
1756                    PermissionChecker permissionChecker = getPermissionChecker();
1757    
1758                    if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT ||
1759                            permissionChecker.isCompanyAdmin()) {
1760    
1761                            return;
1762                    }
1763    
1764                    List<Organization> organizations =
1765                            organizationLocalService.getUserOrganizations(
1766                                    permissionChecker.getUserId());
1767    
1768                    for (long userId : userIds) {
1769                            boolean allowed = false;
1770    
1771                            for (Organization organization : organizations) {
1772                                    boolean manageUsers = OrganizationPermissionUtil.contains(
1773                                            permissionChecker, organization, ActionKeys.MANAGE_USERS);
1774                                    boolean manageSuborganizations =
1775                                            OrganizationPermissionUtil.contains(
1776                                                    permissionChecker, organization,
1777                                                    ActionKeys.MANAGE_SUBORGANIZATIONS);
1778    
1779                                    if (!manageUsers && !manageSuborganizations) {
1780                                            continue;
1781                                    }
1782    
1783                                    boolean inherited = false;
1784                                    boolean includeSpecifiedOrganization = false;
1785    
1786                                    if (manageUsers && manageSuborganizations) {
1787                                            inherited = true;
1788                                            includeSpecifiedOrganization = true;
1789                                    }
1790                                    else if (!manageUsers && manageSuborganizations) {
1791                                            inherited = true;
1792                                            includeSpecifiedOrganization = false;
1793                                    }
1794    
1795                                    if (organizationLocalService.hasUserOrganization(
1796                                                    userId, organization.getOrganizationId(), inherited,
1797                                                    includeSpecifiedOrganization)) {
1798    
1799                                            allowed = true;
1800    
1801                                            break;
1802                                    }
1803                            }
1804    
1805                            if (!allowed) {
1806                                    throw new PrincipalException();
1807                            }
1808                    }
1809            }
1810    
1811            protected void validateScreenName(User user, String screenName)
1812                    throws PortalException, SystemException {
1813    
1814                    PermissionChecker permissionChecker = getPermissionChecker();
1815    
1816                    if (!UsersAdminUtil.hasUpdateScreenName(permissionChecker, user)) {
1817                            throw new UserScreenNameException();
1818                    }
1819            }
1820    
1821    }