1   /**
2    * Copyright (c) 2000-2008 Liferay, Inc. All rights reserved.
3    *
4    * Permission is hereby granted, free of charge, to any person obtaining a copy
5    * of this software and associated documentation files (the "Software"), to deal
6    * in the Software without restriction, including without limitation the rights
7    * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
8    * copies of the Software, and to permit persons to whom the Software is
9    * furnished to do so, subject to the following conditions:
10   *
11   * The above copyright notice and this permission notice shall be included in
12   * all copies or substantial portions of the Software.
13   *
14   * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
15   * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
16   * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
17   * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
18   * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
19   * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
20   * SOFTWARE.
21   */
22  
23  package com.liferay.portal.service.impl;
24  
25  import com.liferay.portal.PortalException;
26  import com.liferay.portal.RequiredUserException;
27  import com.liferay.portal.ReservedUserEmailAddressException;
28  import com.liferay.portal.SystemException;
29  import com.liferay.portal.kernel.security.permission.ActionKeys;
30  import com.liferay.portal.kernel.util.StringPool;
31  import com.liferay.portal.model.Company;
32  import com.liferay.portal.model.Group;
33  import com.liferay.portal.model.User;
34  import com.liferay.portal.model.impl.GroupImpl;
35  import com.liferay.portal.security.auth.PrincipalException;
36  import com.liferay.portal.service.base.UserServiceBaseImpl;
37  import com.liferay.portal.service.permission.GroupPermissionUtil;
38  import com.liferay.portal.service.permission.OrganizationPermissionUtil;
39  import com.liferay.portal.service.permission.PasswordPolicyPermissionUtil;
40  import com.liferay.portal.service.permission.RolePermissionUtil;
41  import com.liferay.portal.service.permission.UserGroupPermissionUtil;
42  import com.liferay.portal.service.permission.UserPermissionUtil;
43  
44  import java.util.List;
45  import java.util.Locale;
46  
47  /**
48   * <a href="UserServiceImpl.java.html"><b><i>View Source</i></b></a>
49   *
50   * @author Brian Wing Shun Chan
51   * @author Brian Myunghun Kim
52   * @author Scott Lee
53   * @author Jorge Ferrer
54   *
55   */
56  public class UserServiceImpl extends UserServiceBaseImpl {
57  
58      public void addGroupUsers(long groupId, long[] userIds)
59          throws PortalException, SystemException {
60  
61          try {
62              GroupPermissionUtil.check(
63                  getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
64          }
65          catch (PrincipalException pe) {
66  
67              // Allow any user to join open communities
68  
69              boolean hasPermission = false;
70  
71              if (userIds.length == 0) {
72                  hasPermission = true;
73              }
74              else if (userIds.length == 1) {
75                  User user = getUser();
76  
77                  if (user.getUserId() == userIds[0]) {
78                      Group group = groupPersistence.findByPrimaryKey(groupId);
79  
80                      if (user.getCompanyId() == group.getCompanyId()) {
81                          int type = group.getType();
82  
83                          if (type == GroupImpl.TYPE_COMMUNITY_OPEN) {
84                              hasPermission = true;
85                          }
86                      }
87                  }
88              }
89  
90              if (!hasPermission) {
91                  throw new PrincipalException();
92              }
93          }
94  
95          userLocalService.addGroupUsers(groupId, userIds);
96      }
97  
98      public void addOrganizationUsers(long organizationId, long[] userIds)
99          throws PortalException, SystemException {
100 
101         OrganizationPermissionUtil.check(
102             getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
103 
104         userLocalService.addOrganizationUsers(organizationId, userIds);
105     }
106 
107     public void addPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
108         throws PortalException, SystemException {
109 
110         PasswordPolicyPermissionUtil.check(
111             getPermissionChecker(), passwordPolicyId,
112             ActionKeys.ASSIGN_MEMBERS);
113 
114         userLocalService.addPasswordPolicyUsers(passwordPolicyId, userIds);
115     }
116 
117     public void addRoleUsers(long roleId, long[] userIds)
118         throws PortalException, SystemException {
119 
120         RolePermissionUtil.check(
121             getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
122 
123         userLocalService.addRoleUsers(roleId, userIds);
124     }
125 
126     public void addUserGroupUsers(long userGroupId, long[] userIds)
127         throws PortalException, SystemException {
128 
129         UserGroupPermissionUtil.check(
130             getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
131 
132         userLocalService.addUserGroupUsers(userGroupId, userIds);
133     }
134 
135     public User addUser(
136             long companyId, boolean autoPassword, String password1,
137             String password2, boolean autoScreenName, String screenName,
138             String emailAddress, Locale locale, String firstName,
139             String middleName, String lastName, int prefixId, int suffixId,
140             boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
141             String jobTitle, long[] organizationIds, boolean sendEmail)
142         throws PortalException, SystemException {
143 
144         Company company = companyPersistence.findByPrimaryKey(companyId);
145 
146         if (!company.isStrangers()) {
147             checkPermission(0, organizationIds, ActionKeys.ADD_USER);
148         }
149 
150         long creatorUserId = 0;
151 
152         try {
153             creatorUserId = getUserId();
154         }
155         catch (PrincipalException pe) {
156         }
157 
158         if (creatorUserId == 0) {
159             if (!company.isStrangersWithMx() &&
160                 company.hasCompanyMx(emailAddress)) {
161 
162                 throw new ReservedUserEmailAddressException();
163             }
164         }
165 
166         return userLocalService.addUser(
167             creatorUserId, companyId, autoPassword, password1, password2,
168             autoScreenName, screenName, emailAddress, locale, firstName,
169             middleName, lastName, prefixId, suffixId, male, birthdayMonth,
170             birthdayDay, birthdayYear, jobTitle, organizationIds, sendEmail);
171     }
172 
173     public void deleteRoleUser(long roleId, long userId)
174         throws PortalException, SystemException {
175 
176         RolePermissionUtil.check(
177             getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
178 
179         userLocalService.deleteRoleUser(roleId, userId);
180     }
181 
182     public void deleteUser(long userId)
183         throws PortalException, SystemException {
184 
185         if (getUserId() == userId) {
186             throw new RequiredUserException();
187         }
188 
189         checkPermission(userId, ActionKeys.DELETE);
190 
191         userLocalService.deleteUser(userId);
192     }
193 
194     public long getDefaultUserId(long companyId)
195         throws PortalException, SystemException {
196 
197         return userLocalService.getDefaultUserId(companyId);
198     }
199 
200     public List getGroupUsers(long groupId)
201         throws PortalException, SystemException {
202 
203         return userLocalService.getGroupUsers(groupId);
204     }
205 
206     public List getRoleUsers(long roleId)
207         throws PortalException, SystemException {
208 
209         return userLocalService.getRoleUsers(roleId);
210     }
211 
212     public User getUserByEmailAddress(long companyId, String emailAddress)
213         throws PortalException, SystemException {
214 
215         User user = userLocalService.getUserByEmailAddress(
216             companyId, emailAddress);
217 
218         checkPermission(user.getUserId(), ActionKeys.VIEW);
219 
220         return user;
221     }
222 
223     public User getUserById(long userId)
224         throws PortalException, SystemException {
225 
226         User user = userLocalService.getUserById(userId);
227 
228         checkPermission(user.getUserId(), ActionKeys.VIEW);
229 
230         return user;
231     }
232 
233     public User getUserByScreenName(long companyId, String screenName)
234         throws PortalException, SystemException {
235 
236         User user = userLocalService.getUserByScreenName(
237             companyId, screenName);
238 
239         checkPermission(user.getUserId(), ActionKeys.VIEW);
240 
241         return user;
242     }
243 
244     public long getUserIdByEmailAddress(long companyId, String emailAddress)
245         throws PortalException, SystemException {
246 
247         User user = getUserByEmailAddress(companyId, emailAddress);
248 
249         return user.getUserId();
250     }
251 
252     public long getUserIdByScreenName(long companyId, String screenName)
253         throws PortalException, SystemException {
254 
255         User user = getUserByScreenName(companyId, screenName);
256 
257         return user.getUserId();
258     }
259 
260     public boolean hasGroupUser(long groupId, long userId)
261         throws PortalException, SystemException {
262 
263         return userLocalService.hasGroupUser(groupId, userId);
264     }
265 
266     public boolean hasRoleUser(long roleId, long userId)
267         throws PortalException, SystemException {
268 
269         return userLocalService.hasRoleUser(roleId, userId);
270     }
271 
272     public void setRoleUsers(long roleId, long[] userIds)
273         throws PortalException, SystemException {
274 
275         RolePermissionUtil.check(
276             getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
277 
278         userLocalService.setRoleUsers(roleId, userIds);
279     }
280 
281     public void setUserGroupUsers(long userGroupId, long[] userIds)
282         throws PortalException, SystemException {
283 
284         UserGroupPermissionUtil.check(
285             getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
286 
287         userLocalService.setUserGroupUsers(userGroupId, userIds);
288     }
289 
290     public void unsetGroupUsers(long groupId, long[] userIds)
291         throws PortalException, SystemException {
292 
293         try {
294             GroupPermissionUtil.check(
295                 getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
296         }
297         catch (PrincipalException pe) {
298 
299             // Allow any user to leave open and restricted communities
300 
301             boolean hasPermission = false;
302 
303             if (userIds.length == 0) {
304                 hasPermission = true;
305             }
306             else if (userIds.length == 1) {
307                 User user = getUser();
308 
309                 if (user.getUserId() == userIds[0]) {
310                     Group group = groupPersistence.findByPrimaryKey(groupId);
311 
312                     if (user.getCompanyId() == group.getCompanyId()) {
313                         int type = group.getType();
314 
315                         if ((type == GroupImpl.TYPE_COMMUNITY_OPEN) ||
316                             (type == GroupImpl.TYPE_COMMUNITY_RESTRICTED)) {
317 
318                             hasPermission = true;
319                         }
320                     }
321                 }
322             }
323 
324             if (!hasPermission) {
325                 throw new PrincipalException();
326             }
327         }
328 
329         userLocalService.unsetGroupUsers(groupId, userIds);
330     }
331 
332     public void unsetOrganizationUsers(long organizationId, long[] userIds)
333         throws PortalException, SystemException {
334 
335         OrganizationPermissionUtil.check(
336             getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
337 
338         userLocalService.unsetOrganizationUsers(organizationId, userIds);
339     }
340 
341     public void unsetPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
342         throws PortalException, SystemException {
343 
344         PasswordPolicyPermissionUtil.check(
345             getPermissionChecker(), passwordPolicyId,
346             ActionKeys.ASSIGN_MEMBERS);
347 
348         userLocalService.unsetPasswordPolicyUsers(passwordPolicyId, userIds);
349     }
350 
351     public void unsetRoleUsers(long roleId, long[] userIds)
352         throws PortalException, SystemException {
353 
354         RolePermissionUtil.check(
355             getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
356 
357         userLocalService.unsetRoleUsers(roleId, userIds);
358     }
359 
360     public void unsetUserGroupUsers(long userGroupId, long[] userIds)
361         throws PortalException, SystemException {
362 
363         UserGroupPermissionUtil.check(
364             getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
365 
366         userLocalService.unsetUserGroupUsers(userGroupId, userIds);
367     }
368 
369     public User updateActive(long userId, boolean active)
370         throws PortalException, SystemException {
371 
372         if ((getUserId() == userId) && !active) {
373             throw new RequiredUserException();
374         }
375 
376         checkPermission(userId, ActionKeys.DELETE);
377 
378         return userLocalService.updateActive(userId, active);
379     }
380 
381     public User updateAgreedToTermsOfUse(
382             long userId, boolean agreedToTermsOfUse)
383         throws PortalException, SystemException {
384 
385         checkPermission(userId, ActionKeys.UPDATE);
386 
387         return userLocalService.updateAgreedToTermsOfUse(
388             userId, agreedToTermsOfUse);
389     }
390 
391     public User updateLockout(long userId, boolean lockout)
392         throws PortalException, SystemException {
393 
394         checkPermission(userId, ActionKeys.DELETE);
395 
396         return userLocalService.updateLockoutById(userId, lockout);
397     }
398 
399     public void updateOrganizations(long userId, long[] organizationIds)
400         throws PortalException, SystemException {
401 
402         checkPermission(userId, ActionKeys.UPDATE);
403 
404         userLocalService.updateOrganizations(userId, organizationIds);
405     }
406 
407     public User updatePassword(
408             long userId, String password1, String password2,
409             boolean passwordReset)
410         throws PortalException, SystemException {
411 
412         checkPermission(userId, ActionKeys.UPDATE);
413 
414         return userLocalService.updatePassword(
415             userId, password1, password2, passwordReset);
416     }
417 
418     public void updatePortrait(long userId, byte[] bytes)
419         throws PortalException, SystemException {
420 
421         checkPermission(userId, ActionKeys.UPDATE);
422 
423         userLocalService.updatePortrait(userId, bytes);
424     }
425 
426     public User updateUser(
427             long userId, String oldPassword, boolean passwordReset,
428             String screenName, String emailAddress, String languageId,
429             String timeZoneId, String greeting, String comments,
430             String firstName, String middleName, String lastName, int prefixId,
431             int suffixId, boolean male, int birthdayMonth, int birthdayDay,
432             int birthdayYear, String smsSn, String aimSn, String icqSn,
433             String jabberSn, String msnSn, String skypeSn, String ymSn,
434             String jobTitle, long[] organizationIds)
435         throws PortalException, SystemException {
436 
437         String newPassword1 = StringPool.BLANK;
438         String newPassword2 = StringPool.BLANK;
439 
440         return updateUser(
441             userId, oldPassword, newPassword1, newPassword2, passwordReset,
442             screenName, emailAddress, languageId, timeZoneId, greeting,
443             comments, firstName, middleName, lastName, prefixId, suffixId, male,
444             birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, icqSn,
445             jabberSn, msnSn, skypeSn, ymSn, jobTitle, organizationIds);
446     }
447 
448     public User updateUser(
449             long userId, String oldPassword, String newPassword1,
450             String newPassword2, boolean passwordReset, String screenName,
451             String emailAddress, String languageId, String timeZoneId,
452             String greeting, String comments, String firstName,
453             String middleName, String lastName, int prefixId, int suffixId,
454             boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
455             String smsSn, String aimSn, String icqSn, String jabberSn,
456             String msnSn, String skypeSn, String ymSn, String jobTitle,
457             long[] organizationIds)
458         throws PortalException, SystemException {
459 
460         checkPermission(userId, organizationIds, ActionKeys.UPDATE);
461 
462         long curUserId = getUserId();
463 
464         if (curUserId == userId) {
465             emailAddress = emailAddress.trim().toLowerCase();
466 
467             User user = userPersistence.findByPrimaryKey(userId);
468 
469             if (!emailAddress.equalsIgnoreCase(user.getEmailAddress())) {
470                 if (!user.hasCompanyMx() && user.hasCompanyMx(emailAddress)) {
471                     Company company = companyPersistence.findByPrimaryKey(
472                         user.getCompanyId());
473 
474                     if (!company.isStrangersWithMx()) {
475                         throw new ReservedUserEmailAddressException();
476                     }
477                 }
478             }
479         }
480 
481         return userLocalService.updateUser(
482             userId, oldPassword, newPassword1, newPassword2, passwordReset,
483             screenName, emailAddress, languageId, timeZoneId, greeting,
484             comments, firstName, middleName, lastName, prefixId, suffixId, male,
485             birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, icqSn,
486             jabberSn, msnSn, skypeSn, ymSn, jobTitle, organizationIds);
487     }
488 
489     protected void checkPermission(long userId, String actionId)
490         throws PortalException, SystemException {
491 
492         User user = userPersistence.findByPrimaryKey(userId);
493 
494         checkPermission(userId, user.getOrganizationIds(), actionId);
495     }
496 
497     protected void checkPermission(
498             long userId, long[] organizationIds, String actionId)
499         throws PortalException, SystemException {
500 
501         UserPermissionUtil.check(
502             getPermissionChecker(), userId, organizationIds, actionId);
503     }
504 
505 }