001
014
015 package com.liferay.portal.service.impl;
016
017 import com.liferay.portal.DuplicatePasswordPolicyException;
018 import com.liferay.portal.PasswordPolicyNameException;
019 import com.liferay.portal.RequiredPasswordPolicyException;
020 import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021 import com.liferay.portal.kernel.exception.PortalException;
022 import com.liferay.portal.kernel.exception.SystemException;
023 import com.liferay.portal.kernel.systemevent.SystemEvent;
024 import com.liferay.portal.kernel.util.ArrayUtil;
025 import com.liferay.portal.kernel.util.CharPool;
026 import com.liferay.portal.kernel.util.OrderByComparator;
027 import com.liferay.portal.kernel.util.Validator;
028 import com.liferay.portal.model.Organization;
029 import com.liferay.portal.model.PasswordPolicy;
030 import com.liferay.portal.model.PasswordPolicyRel;
031 import com.liferay.portal.model.ResourceConstants;
032 import com.liferay.portal.model.SystemEventConstants;
033 import com.liferay.portal.model.User;
034 import com.liferay.portal.security.auth.CompanyThreadLocal;
035 import com.liferay.portal.security.ldap.LDAPSettingsUtil;
036 import com.liferay.portal.service.ServiceContext;
037 import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
038 import com.liferay.portal.util.PropsValues;
039
040 import java.util.Date;
041 import java.util.List;
042
043
046 public class PasswordPolicyLocalServiceImpl
047 extends PasswordPolicyLocalServiceBaseImpl {
048
049
056 @Override
057 public PasswordPolicy addPasswordPolicy(
058 long userId, boolean defaultPolicy, String name, String description,
059 boolean changeable, boolean changeRequired, long minAge,
060 boolean checkSyntax, boolean allowDictionaryWords,
061 int minAlphanumeric, int minLength, int minLowerCase,
062 int minNumbers, int minSymbols, int minUpperCase, boolean history,
063 int historyCount, boolean expireable, long maxAge, long warningTime,
064 int graceLimit, boolean lockout, int maxFailure,
065 long lockoutDuration, long resetFailureCount,
066 long resetTicketMaxAge)
067 throws PortalException, SystemException {
068
069 return addPasswordPolicy(
070 userId, defaultPolicy, name, description, changeable,
071 changeRequired, minAge, checkSyntax, allowDictionaryWords,
072 minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
073 minUpperCase, null, history, historyCount, expireable, maxAge,
074 warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
075 resetFailureCount, resetTicketMaxAge, new ServiceContext());
076 }
077
078 @Override
079 public PasswordPolicy addPasswordPolicy(
080 long userId, boolean defaultPolicy, String name, String description,
081 boolean changeable, boolean changeRequired, long minAge,
082 boolean checkSyntax, boolean allowDictionaryWords,
083 int minAlphanumeric, int minLength, int minLowerCase,
084 int minNumbers, int minSymbols, int minUpperCase, String regex,
085 boolean history, int historyCount, boolean expireable, long maxAge,
086 long warningTime, int graceLimit, boolean lockout, int maxFailure,
087 long lockoutDuration, long resetFailureCount,
088 long resetTicketMaxAge, ServiceContext serviceContext)
089 throws PortalException, SystemException {
090
091
092
093 User user = userPersistence.findByPrimaryKey(userId);
094 Date now = new Date();
095
096 validate(0, user.getCompanyId(), name);
097
098 long passwordPolicyId = counterLocalService.increment();
099
100 PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
101 passwordPolicyId);
102
103 passwordPolicy.setUuid(serviceContext.getUuid());
104 passwordPolicy.setCompanyId(user.getCompanyId());
105 passwordPolicy.setUserId(userId);
106 passwordPolicy.setUserName(user.getFullName());
107 passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
108 passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
109 passwordPolicy.setDefaultPolicy(defaultPolicy);
110 passwordPolicy.setName(name);
111 passwordPolicy.setDescription(description);
112 passwordPolicy.setChangeable(changeable);
113 passwordPolicy.setChangeRequired(changeRequired);
114 passwordPolicy.setMinAge(minAge);
115 passwordPolicy.setCheckSyntax(checkSyntax);
116 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
117 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
118 passwordPolicy.setMinLength(minLength);
119 passwordPolicy.setMinLowerCase(minLowerCase);
120 passwordPolicy.setMinNumbers(minNumbers);
121 passwordPolicy.setMinSymbols(minSymbols);
122 passwordPolicy.setMinUpperCase(minUpperCase);
123 passwordPolicy.setRegex(regex);
124 passwordPolicy.setHistory(history);
125 passwordPolicy.setHistoryCount(historyCount);
126 passwordPolicy.setExpireable(expireable);
127 passwordPolicy.setMaxAge(maxAge);
128 passwordPolicy.setWarningTime(warningTime);
129 passwordPolicy.setGraceLimit(graceLimit);
130 passwordPolicy.setLockout(lockout);
131 passwordPolicy.setMaxFailure(maxFailure);
132 passwordPolicy.setLockoutDuration(lockoutDuration);
133 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
134 passwordPolicy.setResetFailureCount(resetFailureCount);
135 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
136 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
137
138 passwordPolicyPersistence.update(passwordPolicy);
139
140
141
142 long ownerId = userId;
143
144 if (user.isDefaultUser()) {
145 ownerId = 0;
146 }
147
148 resourceLocalService.addResources(
149 user.getCompanyId(), 0, ownerId, PasswordPolicy.class.getName(),
150 passwordPolicy.getPasswordPolicyId(), false, false, false);
151
152 return passwordPolicy;
153 }
154
155 @Override
156 public void checkDefaultPasswordPolicy(long companyId)
157 throws PortalException, SystemException {
158
159 String defaultPasswordPolicyName =
160 PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
161
162 PasswordPolicy defaultPasswordPolicy =
163 passwordPolicyPersistence.fetchByC_N(
164 companyId, defaultPasswordPolicyName);
165
166 if (defaultPasswordPolicy == null) {
167 long defaultUserId = userLocalService.getDefaultUserId(companyId);
168
169 addPasswordPolicy(
170 defaultUserId, true, defaultPasswordPolicyName,
171 defaultPasswordPolicyName,
172 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
173 PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
174 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
175 PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
176 PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
177 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
178 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
179 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
180 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
181 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
182 PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
183 PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
184 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
185 PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
186 PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
187 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
188 PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
189 PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
190 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
191 PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
192 PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
193 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
194 PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
195 new ServiceContext());
196 }
197 }
198
199 @Override
200 public void deleteNondefaultPasswordPolicies(long companyId)
201 throws PortalException, SystemException {
202
203 List<PasswordPolicy> passwordPolicies =
204 passwordPolicyPersistence.findByCompanyId(companyId);
205
206 for (PasswordPolicy passwordPolicy : passwordPolicies) {
207 if (!passwordPolicy.isDefaultPolicy()) {
208 passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
209 }
210 }
211 }
212
213 @Override
214 public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
215 throws PortalException, SystemException {
216
217 PasswordPolicy passwordPolicy =
218 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
219
220 return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
221 }
222
223 @Override
224 @SystemEvent(
225 action = SystemEventConstants.ACTION_SKIP,
226 type = SystemEventConstants.TYPE_DELETE)
227 public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
228 throws PortalException, SystemException {
229
230 if (passwordPolicy.isDefaultPolicy() &&
231 !CompanyThreadLocal.isDeleteInProcess()) {
232
233 throw new RequiredPasswordPolicyException();
234 }
235
236
237
238 passwordPolicyRelLocalService.deletePasswordPolicyRels(
239 passwordPolicy.getPasswordPolicyId());
240
241
242
243 resourceLocalService.deleteResource(
244 passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
245 ResourceConstants.SCOPE_INDIVIDUAL,
246 passwordPolicy.getPasswordPolicyId());
247
248
249
250 return passwordPolicyPersistence.remove(passwordPolicy);
251 }
252
253 @Override
254 public PasswordPolicy fetchPasswordPolicy(long companyId, String name)
255 throws SystemException {
256
257 return passwordPolicyPersistence.fetchByC_N(companyId, name);
258 }
259
260 @Override
261 public PasswordPolicy getDefaultPasswordPolicy(long companyId)
262 throws PortalException, SystemException {
263
264 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
265 return null;
266 }
267
268 return passwordPolicyPersistence.findByC_DP(companyId, true);
269 }
270
271
274 @Override
275 public PasswordPolicy getPasswordPolicy(
276 long companyId, long organizationId, long locationId)
277 throws PortalException, SystemException {
278
279 return getPasswordPolicy(
280 companyId, new long[] {organizationId, locationId});
281 }
282
283 @Override
284 public PasswordPolicy getPasswordPolicy(
285 long companyId, long[] organizationIds)
286 throws PortalException, SystemException {
287
288 if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
289 return null;
290 }
291
292 if (ArrayUtil.isEmpty(organizationIds)) {
293 return getDefaultPasswordPolicy(companyId);
294 }
295
296 long classNameId = classNameLocalService.getClassNameId(
297 Organization.class.getName());
298
299 PasswordPolicyRel passwordPolicyRel = null;
300
301 for (int i = 0; i < organizationIds.length; i++) {
302 long organizationId = organizationIds[i];
303
304 passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
305 classNameId, organizationId);
306
307 if (passwordPolicyRel != null) {
308 return passwordPolicyPersistence.findByPrimaryKey(
309 passwordPolicyRel.getPasswordPolicyId());
310 }
311 }
312
313 return getDefaultPasswordPolicy(companyId);
314 }
315
316 @Override
317 @ThreadLocalCachable
318 public PasswordPolicy getPasswordPolicyByUserId(long userId)
319 throws PortalException, SystemException {
320
321 User user = userPersistence.findByPrimaryKey(userId);
322
323 if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
324 return null;
325 }
326
327 long classNameId = classNameLocalService.getClassNameId(
328 User.class.getName());
329
330 PasswordPolicyRel passwordPolicyRel =
331 passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
332
333 if (passwordPolicyRel != null) {
334 return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
335 }
336
337 List<Organization> organizations = userPersistence.getOrganizations(
338 userId);
339
340 if (organizations.isEmpty()) {
341 return passwordPolicyPersistence.findByC_DP(
342 user.getCompanyId(), true);
343 }
344
345 long[] organizationIds = new long[organizations.size()];
346
347 for (int i = 0; i < organizationIds.length; i++) {
348 Organization organization = organizations.get(i);
349
350 organizationIds[i] = organization.getOrganizationId();
351 }
352
353 return getPasswordPolicy(user.getCompanyId(), organizationIds);
354 }
355
356 @Override
357 public List<PasswordPolicy> search(
358 long companyId, String name, int start, int end,
359 OrderByComparator obc)
360 throws SystemException {
361
362 return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
363 }
364
365 @Override
366 public int searchCount(long companyId, String name) throws SystemException {
367 return passwordPolicyFinder.countByC_N(companyId, name);
368 }
369
370
377 @Override
378 public PasswordPolicy updatePasswordPolicy(
379 long passwordPolicyId, String name, String description,
380 boolean changeable, boolean changeRequired, long minAge,
381 boolean checkSyntax, boolean allowDictionaryWords,
382 int minAlphanumeric, int minLength, int minLowerCase,
383 int minNumbers, int minSymbols, int minUpperCase, boolean history,
384 int historyCount, boolean expireable, long maxAge, long warningTime,
385 int graceLimit, boolean lockout, int maxFailure,
386 long lockoutDuration, long resetFailureCount,
387 long resetTicketMaxAge)
388 throws PortalException, SystemException {
389
390 return updatePasswordPolicy(
391 passwordPolicyId, name, description, changeable, changeRequired,
392 minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
393 minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
394 history, historyCount, expireable, maxAge, warningTime, graceLimit,
395 lockout, maxFailure, lockoutDuration, resetFailureCount,
396 resetTicketMaxAge, new ServiceContext());
397 }
398
399 @Override
400 public PasswordPolicy updatePasswordPolicy(
401 long passwordPolicyId, String name, String description,
402 boolean changeable, boolean changeRequired, long minAge,
403 boolean checkSyntax, boolean allowDictionaryWords,
404 int minAlphanumeric, int minLength, int minLowerCase,
405 int minNumbers, int minSymbols, int minUpperCase, String regex,
406 boolean history, int historyCount, boolean expireable, long maxAge,
407 long warningTime, int graceLimit, boolean lockout, int maxFailure,
408 long lockoutDuration, long resetFailureCount,
409 long resetTicketMaxAge, ServiceContext serviceContext)
410 throws PortalException, SystemException {
411
412 Date now = new Date();
413
414 PasswordPolicy passwordPolicy =
415 passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
416
417 if (!passwordPolicy.getDefaultPolicy()) {
418 validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
419
420 passwordPolicy.setName(name);
421 }
422
423 passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
424 passwordPolicy.setDescription(description);
425 passwordPolicy.setChangeable(changeable);
426 passwordPolicy.setChangeRequired(changeRequired);
427 passwordPolicy.setMinAge(minAge);
428 passwordPolicy.setCheckSyntax(checkSyntax);
429 passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
430 passwordPolicy.setMinAlphanumeric(minAlphanumeric);
431 passwordPolicy.setMinLength(minLength);
432 passwordPolicy.setMinLowerCase(minLowerCase);
433 passwordPolicy.setMinNumbers(minNumbers);
434 passwordPolicy.setMinSymbols(minSymbols);
435 passwordPolicy.setMinUpperCase(minUpperCase);
436 passwordPolicy.setRegex(regex);
437 passwordPolicy.setHistory(history);
438 passwordPolicy.setHistoryCount(historyCount);
439 passwordPolicy.setExpireable(expireable);
440 passwordPolicy.setMaxAge(maxAge);
441 passwordPolicy.setWarningTime(warningTime);
442 passwordPolicy.setGraceLimit(graceLimit);
443 passwordPolicy.setLockout(lockout);
444 passwordPolicy.setMaxFailure(maxFailure);
445 passwordPolicy.setLockoutDuration(lockoutDuration);
446 passwordPolicy.setRequireUnlock(lockoutDuration == 0);
447 passwordPolicy.setResetFailureCount(resetFailureCount);
448 passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
449 passwordPolicy.setExpandoBridgeAttributes(serviceContext);
450
451 passwordPolicyPersistence.update(passwordPolicy);
452
453 return passwordPolicy;
454 }
455
456 protected void validate(long passwordPolicyId, long companyId, String name)
457 throws PortalException, SystemException {
458
459 if (Validator.isNull(name) || Validator.isNumber(name) ||
460 (name.indexOf(CharPool.COMMA) != -1) ||
461 (name.indexOf(CharPool.STAR) != -1)) {
462
463 throw new PasswordPolicyNameException();
464 }
465
466 PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
467 companyId, name);
468
469 if ((passwordPolicy != null) &&
470 (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
471
472 throw new DuplicatePasswordPolicyException(
473 "{passwordPolicyId=" + passwordPolicyId + "}");
474 }
475 }
476
477 }