001    /**
002     * Copyright (c) 2000-2013 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.DuplicatePasswordPolicyException;
018    import com.liferay.portal.PasswordPolicyNameException;
019    import com.liferay.portal.RequiredPasswordPolicyException;
020    import com.liferay.portal.kernel.cache.ThreadLocalCachable;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.systemevent.SystemEvent;
024    import com.liferay.portal.kernel.util.ArrayUtil;
025    import com.liferay.portal.kernel.util.CharPool;
026    import com.liferay.portal.kernel.util.OrderByComparator;
027    import com.liferay.portal.kernel.util.Validator;
028    import com.liferay.portal.model.Organization;
029    import com.liferay.portal.model.PasswordPolicy;
030    import com.liferay.portal.model.PasswordPolicyRel;
031    import com.liferay.portal.model.ResourceConstants;
032    import com.liferay.portal.model.SystemEventConstants;
033    import com.liferay.portal.model.User;
034    import com.liferay.portal.security.auth.CompanyThreadLocal;
035    import com.liferay.portal.security.ldap.LDAPSettingsUtil;
036    import com.liferay.portal.service.ServiceContext;
037    import com.liferay.portal.service.base.PasswordPolicyLocalServiceBaseImpl;
038    import com.liferay.portal.util.PropsValues;
039    
040    import java.util.Date;
041    import java.util.List;
042    
043    /**
044     * @author Scott Lee
045     */
046    public class PasswordPolicyLocalServiceImpl
047            extends PasswordPolicyLocalServiceBaseImpl {
048    
049            /**
050             * @deprecated As of 6.2.0, replaced by {@link #addPasswordPolicy(long,
051             *             boolean, String, String, boolean, boolean, long, boolean,
052             *             boolean, int, int, int, int, int, int, String, boolean, int,
053             *             boolean, long, long, int, boolean, int, long, long, long,
054             *             ServiceContext)}
055             */
056            @Override
057            public PasswordPolicy addPasswordPolicy(
058                            long userId, boolean defaultPolicy, String name, String description,
059                            boolean changeable, boolean changeRequired, long minAge,
060                            boolean checkSyntax, boolean allowDictionaryWords,
061                            int minAlphanumeric, int minLength, int minLowerCase,
062                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
063                            int historyCount, boolean expireable, long maxAge, long warningTime,
064                            int graceLimit, boolean lockout, int maxFailure,
065                            long lockoutDuration, long resetFailureCount,
066                            long resetTicketMaxAge)
067                    throws PortalException, SystemException {
068    
069                    return addPasswordPolicy(
070                            userId, defaultPolicy, name, description, changeable,
071                            changeRequired, minAge, checkSyntax, allowDictionaryWords,
072                            minAlphanumeric, minLength, minLowerCase, minNumbers, minSymbols,
073                            minUpperCase, null, history, historyCount, expireable, maxAge,
074                            warningTime, graceLimit, lockout, maxFailure, lockoutDuration,
075                            resetFailureCount, resetTicketMaxAge, new ServiceContext());
076            }
077    
078            @Override
079            public PasswordPolicy addPasswordPolicy(
080                            long userId, boolean defaultPolicy, String name, String description,
081                            boolean changeable, boolean changeRequired, long minAge,
082                            boolean checkSyntax, boolean allowDictionaryWords,
083                            int minAlphanumeric, int minLength, int minLowerCase,
084                            int minNumbers, int minSymbols, int minUpperCase, String regex,
085                            boolean history, int historyCount, boolean expireable, long maxAge,
086                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
087                            long lockoutDuration, long resetFailureCount,
088                            long resetTicketMaxAge, ServiceContext serviceContext)
089                    throws PortalException, SystemException {
090    
091                    // Password policy
092    
093                    User user = userPersistence.findByPrimaryKey(userId);
094                    Date now = new Date();
095    
096                    validate(0, user.getCompanyId(), name);
097    
098                    long passwordPolicyId = counterLocalService.increment();
099    
100                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.create(
101                            passwordPolicyId);
102    
103                    passwordPolicy.setUuid(serviceContext.getUuid());
104                    passwordPolicy.setCompanyId(user.getCompanyId());
105                    passwordPolicy.setUserId(userId);
106                    passwordPolicy.setUserName(user.getFullName());
107                    passwordPolicy.setCreateDate(serviceContext.getCreateDate(now));
108                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
109                    passwordPolicy.setDefaultPolicy(defaultPolicy);
110                    passwordPolicy.setName(name);
111                    passwordPolicy.setDescription(description);
112                    passwordPolicy.setChangeable(changeable);
113                    passwordPolicy.setChangeRequired(changeRequired);
114                    passwordPolicy.setMinAge(minAge);
115                    passwordPolicy.setCheckSyntax(checkSyntax);
116                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
117                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
118                    passwordPolicy.setMinLength(minLength);
119                    passwordPolicy.setMinLowerCase(minLowerCase);
120                    passwordPolicy.setMinNumbers(minNumbers);
121                    passwordPolicy.setMinSymbols(minSymbols);
122                    passwordPolicy.setMinUpperCase(minUpperCase);
123                    passwordPolicy.setRegex(regex);
124                    passwordPolicy.setHistory(history);
125                    passwordPolicy.setHistoryCount(historyCount);
126                    passwordPolicy.setExpireable(expireable);
127                    passwordPolicy.setMaxAge(maxAge);
128                    passwordPolicy.setWarningTime(warningTime);
129                    passwordPolicy.setGraceLimit(graceLimit);
130                    passwordPolicy.setLockout(lockout);
131                    passwordPolicy.setMaxFailure(maxFailure);
132                    passwordPolicy.setLockoutDuration(lockoutDuration);
133                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
134                    passwordPolicy.setResetFailureCount(resetFailureCount);
135                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
136                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
137    
138                    passwordPolicyPersistence.update(passwordPolicy);
139    
140                    // Resources
141    
142                    long ownerId = userId;
143    
144                    if (user.isDefaultUser()) {
145                            ownerId = 0;
146                    }
147    
148                    resourceLocalService.addResources(
149                            user.getCompanyId(), 0, ownerId, PasswordPolicy.class.getName(),
150                            passwordPolicy.getPasswordPolicyId(), false, false, false);
151    
152                    return passwordPolicy;
153            }
154    
155            @Override
156            public void checkDefaultPasswordPolicy(long companyId)
157                    throws PortalException, SystemException {
158    
159                    String defaultPasswordPolicyName =
160                            PropsValues.PASSWORDS_DEFAULT_POLICY_NAME;
161    
162                    PasswordPolicy defaultPasswordPolicy =
163                            passwordPolicyPersistence.fetchByC_N(
164                                    companyId, defaultPasswordPolicyName);
165    
166                    if (defaultPasswordPolicy == null) {
167                            long defaultUserId = userLocalService.getDefaultUserId(companyId);
168    
169                            addPasswordPolicy(
170                                    defaultUserId, true, defaultPasswordPolicyName,
171                                    defaultPasswordPolicyName,
172                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGEABLE,
173                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHANGE_REQUIRED,
174                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_AGE,
175                                    PropsValues.PASSWORDS_DEFAULT_POLICY_CHECK_SYNTAX,
176                                    PropsValues.PASSWORDS_DEFAULT_POLICY_ALLOW_DICTIONARY_WORDS,
177                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_ALPHANUMERIC,
178                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LENGTH,
179                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_LOWERCASE,
180                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_NUMBERS,
181                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_SYMBOLS,
182                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MIN_UPPERCASE,
183                                    PropsValues.PASSWORDS_DEFAULT_POLICY_REGEX,
184                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY,
185                                    PropsValues.PASSWORDS_DEFAULT_POLICY_HISTORY_COUNT,
186                                    PropsValues.PASSWORDS_DEFAULT_POLICY_EXPIREABLE,
187                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_AGE,
188                                    PropsValues.PASSWORDS_DEFAULT_POLICY_WARNING_TIME,
189                                    PropsValues.PASSWORDS_DEFAULT_POLICY_GRACE_LIMIT,
190                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT,
191                                    PropsValues.PASSWORDS_DEFAULT_POLICY_MAX_FAILURE,
192                                    PropsValues.PASSWORDS_DEFAULT_POLICY_LOCKOUT_DURATION,
193                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_FAILURE_COUNT,
194                                    PropsValues.PASSWORDS_DEFAULT_POLICY_RESET_TICKET_MAX_AGE,
195                                    new ServiceContext());
196                    }
197            }
198    
199            @Override
200            public void deleteNondefaultPasswordPolicies(long companyId)
201                    throws PortalException, SystemException {
202    
203                    List<PasswordPolicy> passwordPolicies =
204                            passwordPolicyPersistence.findByCompanyId(companyId);
205    
206                    for (PasswordPolicy passwordPolicy : passwordPolicies) {
207                            if (!passwordPolicy.isDefaultPolicy()) {
208                                    passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
209                            }
210                    }
211            }
212    
213            @Override
214            public PasswordPolicy deletePasswordPolicy(long passwordPolicyId)
215                    throws PortalException, SystemException {
216    
217                    PasswordPolicy passwordPolicy =
218                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
219    
220                    return passwordPolicyLocalService.deletePasswordPolicy(passwordPolicy);
221            }
222    
223            @Override
224            @SystemEvent(
225                    action = SystemEventConstants.ACTION_SKIP,
226                    type = SystemEventConstants.TYPE_DELETE)
227            public PasswordPolicy deletePasswordPolicy(PasswordPolicy passwordPolicy)
228                    throws PortalException, SystemException {
229    
230                    if (passwordPolicy.isDefaultPolicy() &&
231                            !CompanyThreadLocal.isDeleteInProcess()) {
232    
233                            throw new RequiredPasswordPolicyException();
234                    }
235    
236                    // Password policy relations
237    
238                    passwordPolicyRelLocalService.deletePasswordPolicyRels(
239                            passwordPolicy.getPasswordPolicyId());
240    
241                    // Resources
242    
243                    resourceLocalService.deleteResource(
244                            passwordPolicy.getCompanyId(), PasswordPolicy.class.getName(),
245                            ResourceConstants.SCOPE_INDIVIDUAL,
246                            passwordPolicy.getPasswordPolicyId());
247    
248                    // Password policy
249    
250                    return passwordPolicyPersistence.remove(passwordPolicy);
251            }
252    
253            @Override
254            public PasswordPolicy fetchPasswordPolicy(long companyId, String name)
255                    throws SystemException {
256    
257                    return passwordPolicyPersistence.fetchByC_N(companyId, name);
258            }
259    
260            @Override
261            public PasswordPolicy getDefaultPasswordPolicy(long companyId)
262                    throws PortalException, SystemException {
263    
264                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
265                            return null;
266                    }
267    
268                    return passwordPolicyPersistence.findByC_DP(companyId, true);
269            }
270    
271            /**
272             * @deprecated As of 6.1.0
273             */
274            @Override
275            public PasswordPolicy getPasswordPolicy(
276                            long companyId, long organizationId, long locationId)
277                    throws PortalException, SystemException {
278    
279                    return getPasswordPolicy(
280                            companyId, new long[] {organizationId, locationId});
281            }
282    
283            @Override
284            public PasswordPolicy getPasswordPolicy(
285                            long companyId, long[] organizationIds)
286                    throws PortalException, SystemException {
287    
288                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(companyId)) {
289                            return null;
290                    }
291    
292                    if (ArrayUtil.isEmpty(organizationIds)) {
293                            return getDefaultPasswordPolicy(companyId);
294                    }
295    
296                    long classNameId = classNameLocalService.getClassNameId(
297                            Organization.class.getName());
298    
299                    PasswordPolicyRel passwordPolicyRel = null;
300    
301                    for (int i = 0; i < organizationIds.length; i++) {
302                            long organizationId = organizationIds[i];
303    
304                            passwordPolicyRel = passwordPolicyRelPersistence.fetchByC_C(
305                                    classNameId, organizationId);
306    
307                            if (passwordPolicyRel != null) {
308                                    return passwordPolicyPersistence.findByPrimaryKey(
309                                            passwordPolicyRel.getPasswordPolicyId());
310                            }
311                    }
312    
313                    return getDefaultPasswordPolicy(companyId);
314            }
315    
316            @Override
317            @ThreadLocalCachable
318            public PasswordPolicy getPasswordPolicyByUserId(long userId)
319                    throws PortalException, SystemException {
320    
321                    User user = userPersistence.findByPrimaryKey(userId);
322    
323                    if (LDAPSettingsUtil.isPasswordPolicyEnabled(user.getCompanyId())) {
324                            return null;
325                    }
326    
327                    long classNameId = classNameLocalService.getClassNameId(
328                            User.class.getName());
329    
330                    PasswordPolicyRel passwordPolicyRel =
331                            passwordPolicyRelPersistence.fetchByC_C(classNameId, userId);
332    
333                    if (passwordPolicyRel != null) {
334                            return getPasswordPolicy(passwordPolicyRel.getPasswordPolicyId());
335                    }
336    
337                    List<Organization> organizations = userPersistence.getOrganizations(
338                            userId);
339    
340                    if (organizations.isEmpty()) {
341                            return passwordPolicyPersistence.findByC_DP(
342                                    user.getCompanyId(), true);
343                    }
344    
345                    long[] organizationIds = new long[organizations.size()];
346    
347                    for (int i = 0; i < organizationIds.length; i++) {
348                            Organization organization = organizations.get(i);
349    
350                            organizationIds[i] = organization.getOrganizationId();
351                    }
352    
353                    return getPasswordPolicy(user.getCompanyId(), organizationIds);
354            }
355    
356            @Override
357            public List<PasswordPolicy> search(
358                            long companyId, String name, int start, int end,
359                            OrderByComparator obc)
360                    throws SystemException {
361    
362                    return passwordPolicyFinder.findByC_N(companyId, name, start, end, obc);
363            }
364    
365            @Override
366            public int searchCount(long companyId, String name) throws SystemException {
367                    return passwordPolicyFinder.countByC_N(companyId, name);
368            }
369    
370            /**
371             * @deprecated As of 6.2.0, replaced by {@link #updatePasswordPolicy(long,
372             *             String, String, boolean, boolean, long, boolean, boolean,
373             *             int, int, int, int, int, int, String, boolean, int, boolean,
374             *             long, long, int, boolean, int, long, long, long,
375             *             ServiceContext)}
376             */
377            @Override
378            public PasswordPolicy updatePasswordPolicy(
379                            long passwordPolicyId, String name, String description,
380                            boolean changeable, boolean changeRequired, long minAge,
381                            boolean checkSyntax, boolean allowDictionaryWords,
382                            int minAlphanumeric, int minLength, int minLowerCase,
383                            int minNumbers, int minSymbols, int minUpperCase, boolean history,
384                            int historyCount, boolean expireable, long maxAge, long warningTime,
385                            int graceLimit, boolean lockout, int maxFailure,
386                            long lockoutDuration, long resetFailureCount,
387                            long resetTicketMaxAge)
388                    throws PortalException, SystemException {
389    
390                    return updatePasswordPolicy(
391                            passwordPolicyId, name, description, changeable, changeRequired,
392                            minAge, checkSyntax, allowDictionaryWords, minAlphanumeric,
393                            minLength, minLowerCase, minNumbers, minSymbols, minUpperCase, null,
394                            history, historyCount, expireable, maxAge, warningTime, graceLimit,
395                            lockout, maxFailure, lockoutDuration, resetFailureCount,
396                            resetTicketMaxAge, new ServiceContext());
397            }
398    
399            @Override
400            public PasswordPolicy updatePasswordPolicy(
401                            long passwordPolicyId, String name, String description,
402                            boolean changeable, boolean changeRequired, long minAge,
403                            boolean checkSyntax, boolean allowDictionaryWords,
404                            int minAlphanumeric, int minLength, int minLowerCase,
405                            int minNumbers, int minSymbols, int minUpperCase, String regex,
406                            boolean history, int historyCount, boolean expireable, long maxAge,
407                            long warningTime, int graceLimit, boolean lockout, int maxFailure,
408                            long lockoutDuration, long resetFailureCount,
409                            long resetTicketMaxAge, ServiceContext serviceContext)
410                    throws PortalException, SystemException {
411    
412                    Date now = new Date();
413    
414                    PasswordPolicy passwordPolicy =
415                            passwordPolicyPersistence.findByPrimaryKey(passwordPolicyId);
416    
417                    if (!passwordPolicy.getDefaultPolicy()) {
418                            validate(passwordPolicyId, passwordPolicy.getCompanyId(), name);
419    
420                            passwordPolicy.setName(name);
421                    }
422    
423                    passwordPolicy.setModifiedDate(serviceContext.getModifiedDate(now));
424                    passwordPolicy.setDescription(description);
425                    passwordPolicy.setChangeable(changeable);
426                    passwordPolicy.setChangeRequired(changeRequired);
427                    passwordPolicy.setMinAge(minAge);
428                    passwordPolicy.setCheckSyntax(checkSyntax);
429                    passwordPolicy.setAllowDictionaryWords(allowDictionaryWords);
430                    passwordPolicy.setMinAlphanumeric(minAlphanumeric);
431                    passwordPolicy.setMinLength(minLength);
432                    passwordPolicy.setMinLowerCase(minLowerCase);
433                    passwordPolicy.setMinNumbers(minNumbers);
434                    passwordPolicy.setMinSymbols(minSymbols);
435                    passwordPolicy.setMinUpperCase(minUpperCase);
436                    passwordPolicy.setRegex(regex);
437                    passwordPolicy.setHistory(history);
438                    passwordPolicy.setHistoryCount(historyCount);
439                    passwordPolicy.setExpireable(expireable);
440                    passwordPolicy.setMaxAge(maxAge);
441                    passwordPolicy.setWarningTime(warningTime);
442                    passwordPolicy.setGraceLimit(graceLimit);
443                    passwordPolicy.setLockout(lockout);
444                    passwordPolicy.setMaxFailure(maxFailure);
445                    passwordPolicy.setLockoutDuration(lockoutDuration);
446                    passwordPolicy.setRequireUnlock(lockoutDuration == 0);
447                    passwordPolicy.setResetFailureCount(resetFailureCount);
448                    passwordPolicy.setResetTicketMaxAge(resetTicketMaxAge);
449                    passwordPolicy.setExpandoBridgeAttributes(serviceContext);
450    
451                    passwordPolicyPersistence.update(passwordPolicy);
452    
453                    return passwordPolicy;
454            }
455    
456            protected void validate(long passwordPolicyId, long companyId, String name)
457                    throws PortalException, SystemException {
458    
459                    if (Validator.isNull(name) || Validator.isNumber(name) ||
460                            (name.indexOf(CharPool.COMMA) != -1) ||
461                            (name.indexOf(CharPool.STAR) != -1)) {
462    
463                            throw new PasswordPolicyNameException();
464                    }
465    
466                    PasswordPolicy passwordPolicy = passwordPolicyPersistence.fetchByC_N(
467                            companyId, name);
468    
469                    if ((passwordPolicy != null) &&
470                            (passwordPolicy.getPasswordPolicyId() != passwordPolicyId)) {
471    
472                            throw new DuplicatePasswordPolicyException(
473                                    "{passwordPolicyId=" + passwordPolicyId + "}");
474                    }
475            }
476    
477    }