001    /**
002     * Copyright (c) 2000-2011 Liferay, Inc. All rights reserved.
003     *
004     * The contents of this file are subject to the terms of the Liferay Enterprise
005     * Subscription License ("License"). You may not use this file except in
006     * compliance with the License. You can obtain a copy of the License by
007     * contacting Liferay, Inc. See the License for the specific language governing
008     * permissions and limitations under the License, including but not limited to
009     * distribution rights of the Software.
010     *
011     *
012     *
013     */
014    
015    package com.liferay.portal.service.impl;
016    
017    import com.liferay.portal.RequiredUserException;
018    import com.liferay.portal.ReservedUserEmailAddressException;
019    import com.liferay.portal.UserEmailAddressException;
020    import com.liferay.portal.UserScreenNameException;
021    import com.liferay.portal.kernel.exception.PortalException;
022    import com.liferay.portal.kernel.exception.SystemException;
023    import com.liferay.portal.kernel.search.Indexer;
024    import com.liferay.portal.kernel.search.IndexerRegistryUtil;
025    import com.liferay.portal.kernel.util.ArrayUtil;
026    import com.liferay.portal.kernel.util.GetterUtil;
027    import com.liferay.portal.kernel.workflow.WorkflowConstants;
028    import com.liferay.portal.kernel.workflow.WorkflowThreadLocal;
029    import com.liferay.portal.model.Address;
030    import com.liferay.portal.model.Company;
031    import com.liferay.portal.model.Contact;
032    import com.liferay.portal.model.EmailAddress;
033    import com.liferay.portal.model.Group;
034    import com.liferay.portal.model.GroupConstants;
035    import com.liferay.portal.model.Organization;
036    import com.liferay.portal.model.Phone;
037    import com.liferay.portal.model.Role;
038    import com.liferay.portal.model.User;
039    import com.liferay.portal.model.UserGroupRole;
040    import com.liferay.portal.model.Website;
041    import com.liferay.portal.security.auth.PrincipalException;
042    import com.liferay.portal.security.permission.ActionKeys;
043    import com.liferay.portal.security.permission.PermissionChecker;
044    import com.liferay.portal.service.ServiceContext;
045    import com.liferay.portal.service.base.UserServiceBaseImpl;
046    import com.liferay.portal.service.permission.GroupPermissionUtil;
047    import com.liferay.portal.service.permission.OrganizationPermissionUtil;
048    import com.liferay.portal.service.permission.PasswordPolicyPermissionUtil;
049    import com.liferay.portal.service.permission.PortalPermissionUtil;
050    import com.liferay.portal.service.permission.RolePermissionUtil;
051    import com.liferay.portal.service.permission.TeamPermissionUtil;
052    import com.liferay.portal.service.permission.UserGroupPermissionUtil;
053    import com.liferay.portal.service.permission.UserGroupRolePermissionUtil;
054    import com.liferay.portal.service.permission.UserPermissionUtil;
055    import com.liferay.portal.util.PropsValues;
056    import com.liferay.portlet.announcements.model.AnnouncementsDelivery;
057    import com.liferay.portlet.usersadmin.util.UsersAdminUtil;
058    
059    import java.util.List;
060    import java.util.Locale;
061    
062    /**
063     * The implementation of the user remote service.
064     *
065     * @author Brian Wing Shun Chan
066     * @author Brian Myunghun Kim
067     * @author Scott Lee
068     * @author Jorge Ferrer
069     * @author Julio Camarero
070     */
071    public class UserServiceImpl extends UserServiceBaseImpl {
072    
073            /**
074             * Adds the users to the group.
075             *
076             * @param  groupId the primary key of the group
077             * @param  userIds the primary keys of the users
078             * @throws PortalException if a group or user with the primary key could
079             *         not be found, or if the user did not have permission to assign
080             *         group members
081             * @throws SystemException if a system exception occurred
082             */
083            public void addGroupUsers(long groupId, long[] userIds)
084                    throws PortalException, SystemException {
085    
086                    try {
087                            GroupPermissionUtil.check(
088                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
089                    }
090                    catch (PrincipalException pe) {
091    
092                            // Allow any user to join open sites
093    
094                            boolean hasPermission = false;
095    
096                            if (userIds.length == 0) {
097                                    hasPermission = true;
098                            }
099                            else if (userIds.length == 1) {
100                                    User user = getUser();
101    
102                                    if (user.getUserId() == userIds[0]) {
103                                            Group group = groupPersistence.findByPrimaryKey(groupId);
104    
105                                            if (!group.isOrganization() &&
106                                                    (user.getCompanyId() == group.getCompanyId())) {
107    
108                                                    int type = group.getType();
109    
110                                                    if (type == GroupConstants.TYPE_SITE_OPEN) {
111                                                            hasPermission = true;
112                                                    }
113                                            }
114                                    }
115                            }
116    
117                            if (!hasPermission) {
118                                    throw new PrincipalException();
119                            }
120                    }
121    
122                    userLocalService.addGroupUsers(groupId, userIds);
123            }
124    
125            /**
126             * Adds the users to the organization.
127             *
128             * @param  organizationId the primary key of the organization
129             * @param  userIds the primary keys of the users
130             * @throws PortalException if an organization or user with the primary key
131             *         could not be found, if the user did not have permission to
132             *         assign organization members, or if current user did not have an
133             *         organization in common with a given user
134             * @throws SystemException if a system exception occurred
135             */
136            public void addOrganizationUsers(long organizationId, long[] userIds)
137                    throws PortalException, SystemException {
138    
139                    OrganizationPermissionUtil.check(
140                            getPermissionChecker(), organizationId, ActionKeys.ASSIGN_MEMBERS);
141    
142                    validateOrganizationUsers(userIds);
143    
144                    userLocalService.addOrganizationUsers(organizationId, userIds);
145            }
146    
147            /**
148             * Assigns the password policy to the users, removing any other currently
149             * assigned password policies.
150             *
151             * @param  passwordPolicyId the primary key of the password policy
152             * @param  userIds the primary keys of the users
153             * @throws PortalException if the user did not have permission to assign
154             *         policy members
155             * @throws SystemException if a system exception occurred
156             */
157            public void addPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
158                    throws PortalException, SystemException {
159    
160                    PasswordPolicyPermissionUtil.check(
161                            getPermissionChecker(), passwordPolicyId,
162                            ActionKeys.ASSIGN_MEMBERS);
163    
164                    userLocalService.addPasswordPolicyUsers(passwordPolicyId, userIds);
165            }
166    
167            /**
168             * Adds the users to the role.
169             *
170             * @param  roleId the primary key of the role
171             * @param  userIds the primary keys of the users
172             * @throws PortalException if a role or user with the primary key could not
173             *         be found or if the user did not have permission to assign role
174             *         members
175             * @throws SystemException if a system exception occurred
176             */
177            public void addRoleUsers(long roleId, long[] userIds)
178                    throws PortalException, SystemException {
179    
180                    RolePermissionUtil.check(
181                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
182    
183                    userLocalService.addRoleUsers(roleId, userIds);
184            }
185    
186            /**
187             * Adds the users to the team.
188             *
189             * @param  teamId the primary key of the team
190             * @param  userIds the primary keys of the users
191             * @throws PortalException if a team or user with the primary key could not
192             *         be found or if the user did not have permission to assign team
193             *         members
194             * @throws SystemException if a system exception occurred
195             */
196            public void addTeamUsers(long teamId, long[] userIds)
197                    throws PortalException, SystemException {
198    
199                    TeamPermissionUtil.check(
200                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
201    
202                    userLocalService.addTeamUsers(teamId, userIds);
203            }
204    
205            /**
206             * Adds a user with additional parameters.
207             *
208             * <p>
209             * This method handles the creation and bookkeeping of the user including
210             * its resources, metadata, and internal data structures. It is not
211             * necessary to make subsequent calls to any methods to setup default
212             * groups, resources, etc.
213             * </p>
214             *
215             * @param  companyId the primary key of the user's company
216             * @param  autoPassword whether a password should be automatically
217             *         generated for the user
218             * @param  password1 the user's password
219             * @param  password2 the user's password confirmation
220             * @param  autoScreenName whether a screen name should be automatically
221             *         generated for the user
222             * @param  screenName the user's screen name
223             * @param  emailAddress the user's email address
224             * @param  facebookId the user's facebook ID
225             * @param  openId the user's OpenID
226             * @param  locale the user's locale
227             * @param  firstName the user's first name
228             * @param  middleName the user's middle name
229             * @param  lastName the user's last name
230             * @param  prefixId the user's name prefix ID
231             * @param  suffixId the user's name suffix ID
232             * @param  male whether the user is male
233             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
234             *         January)
235             * @param  birthdayDay the user's birthday day
236             * @param  birthdayYear the user's birthday year
237             * @param  jobTitle the user's job title
238             * @param  groupIds the primary keys of the user's groups
239             * @param  organizationIds the primary keys of the user's organizations
240             * @param  roleIds the primary keys of the roles this user possesses
241             * @param  userGroupIds the primary keys of the user's user groups
242             * @param  addresses the user's addresses
243             * @param  emailAddresses the user's email addresses
244             * @param  phones the user's phone numbers
245             * @param  websites the user's websites
246             * @param  announcementsDelivers the announcements deliveries
247             * @param  sendEmail whether to send the user an email notification about
248             *         their new account
249             * @param  serviceContext the user's service context (optionally
250             *         <code>null</code>). Can specify the user's universally unique
251             *         identifier (with the <code>uuid</code> attribute), asset
252             *         category IDs, asset tag names, and expando bridge attributes.
253             * @return the new user
254             * @throws PortalException if the user's information was invalid, if the
255             *         creator did not have permission to add users, if the email
256             *         address was reserved, or some other portal exception occurred
257             * @throws SystemException if a system exception occurred
258             */
259            public User addUser(
260                            long companyId, boolean autoPassword, String password1,
261                            String password2, boolean autoScreenName, String screenName,
262                            String emailAddress, long facebookId, String openId, Locale locale,
263                            String firstName, String middleName, String lastName, int prefixId,
264                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
265                            int birthdayYear, String jobTitle, long[] groupIds,
266                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
267                            List<Address> addresses, List<EmailAddress> emailAddresses,
268                            List<Phone> phones, List<Website> websites,
269                            List<AnnouncementsDelivery> announcementsDelivers,
270                            boolean sendEmail, ServiceContext serviceContext)
271                    throws PortalException, SystemException {
272    
273                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
274    
275                    try {
276                            WorkflowThreadLocal.setEnabled(false);
277    
278                            return addUserWithWorkflow(
279                                    companyId, autoPassword, password1, password2, autoScreenName,
280                                    screenName, emailAddress, facebookId, openId, locale, firstName,
281                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
282                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
283                                    roleIds, userGroupIds, addresses, emailAddresses, phones,
284                                    websites, announcementsDelivers, sendEmail, serviceContext);
285                    }
286                    finally {
287                            WorkflowThreadLocal.setEnabled(workflowEnabled);
288                    }
289            }
290    
291            /**
292             * Adds a user.
293             *
294             * <p>
295             * This method handles the creation and bookkeeping of the user including
296             * its resources, metadata, and internal data structures. It is not
297             * necessary to make subsequent calls to any methods to setup default
298             * groups, resources, etc.
299             * </p>
300             *
301             * @param  companyId the primary key of the user's company
302             * @param  autoPassword whether a password should be automatically
303             *         generated for the user
304             * @param  password1 the user's password
305             * @param  password2 the user's password confirmation
306             * @param  autoScreenName whether a screen name should be automatically
307             *         generated for the user
308             * @param  screenName the user's screen name
309             * @param  emailAddress the user's email address
310             * @param  facebookId the user's facebook ID
311             * @param  openId the user's OpenID
312             * @param  locale the user's locale
313             * @param  firstName the user's first name
314             * @param  middleName the user's middle name
315             * @param  lastName the user's last name
316             * @param  prefixId the user's name prefix ID
317             * @param  suffixId the user's name suffix ID
318             * @param  male whether the user is male
319             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
320             *         January)
321             * @param  birthdayDay the user's birthday day
322             * @param  birthdayYear the user's birthday year
323             * @param  jobTitle the user's job title
324             * @param  groupIds the primary keys of the user's groups
325             * @param  organizationIds the primary keys of the user's organizations
326             * @param  roleIds the primary keys of the roles this user possesses
327             * @param  userGroupIds the primary keys of the user's user groups
328             * @param  sendEmail whether to send the user an email notification about
329             *         their new account
330             * @param  serviceContext the user's service context (optionally
331             *         <code>null</code>). Can specify the user's universally unique
332             *         identifier (with the <code>uuid</code> attribute), asset
333             *         category IDs, asset tag names, and expando bridge attributes.
334             * @return the new user
335             * @throws PortalException if the user's information was invalid, if the
336             *         creator did not have permission to add users, or if the email
337             *         address was reserved
338             * @throws SystemException if a system exception occurred
339             */
340            public User addUser(
341                            long companyId, boolean autoPassword, String password1,
342                            String password2, boolean autoScreenName, String screenName,
343                            String emailAddress, long facebookId, String openId, Locale locale,
344                            String firstName, String middleName, String lastName, int prefixId,
345                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
346                            int birthdayYear, String jobTitle, long[] groupIds,
347                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
348                            boolean sendEmail, ServiceContext serviceContext)
349                    throws PortalException, SystemException {
350    
351                    boolean workflowEnabled = WorkflowThreadLocal.isEnabled();
352    
353                    try {
354                            WorkflowThreadLocal.setEnabled(false);
355    
356                            return addUserWithWorkflow(
357                                    companyId, autoPassword, password1, password2, autoScreenName,
358                                    screenName, emailAddress, facebookId, openId, locale, firstName,
359                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
360                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
361                                    roleIds, userGroupIds, sendEmail, serviceContext);
362                    }
363                    finally {
364                            WorkflowThreadLocal.setEnabled(workflowEnabled);
365                    }
366            }
367    
368            /**
369             * Adds a user with workflow and additional parameters.
370             *
371             * <p>
372             * This method handles the creation and bookkeeping of the user including
373             * its resources, metadata, and internal data structures. It is not
374             * necessary to make subsequent calls to any methods to setup default
375             * groups, resources, etc.
376             * </p>
377             *
378             * @param  companyId the primary key of the user's company
379             * @param  autoPassword whether a password should be automatically
380             *         generated for the user
381             * @param  password1 the user's password
382             * @param  password2 the user's password confirmation
383             * @param  autoScreenName whether a screen name should be automatically
384             *         generated for the user
385             * @param  screenName the user's screen name
386             * @param  emailAddress the user's email address
387             * @param  facebookId the user's facebook ID
388             * @param  openId the user's OpenID
389             * @param  locale the user's locale
390             * @param  firstName the user's first name
391             * @param  middleName the user's middle name
392             * @param  lastName the user's last name
393             * @param  prefixId the user's name prefix ID
394             * @param  suffixId the user's name suffix ID
395             * @param  male whether the user is male
396             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
397             *         January)
398             * @param  birthdayDay the user's birthday day
399             * @param  birthdayYear the user's birthday year
400             * @param  jobTitle the user's job title
401             * @param  groupIds the primary keys of the user's groups
402             * @param  organizationIds the primary keys of the user's organizations
403             * @param  roleIds the primary keys of the roles this user possesses
404             * @param  userGroupIds the primary keys of the user's user groups
405             * @param  addresses the user's addresses
406             * @param  emailAddresses the user's email addresses
407             * @param  phones the user's phone numbers
408             * @param  websites the user's websites
409             * @param  announcementsDelivers the announcements deliveries
410             * @param  sendEmail whether to send the user an email notification about
411             *         their new account
412             * @param  serviceContext the user's service context (optionally
413             *         <code>null</code>). Can specify the user's universally unique
414             *         identifier (with the <code>uuid</code> attribute), asset
415             *         category IDs, asset tag names, and expando bridge attributes.
416             * @return the new user
417             * @throws PortalException if the user's information was invalid, if the
418             *         creator did not have permission to add users, if the email
419             *         address was reserved, or some other portal exception occurred
420             * @throws SystemException if a system exception occurred
421             */
422            public User addUserWithWorkflow(
423                            long companyId, boolean autoPassword, String password1,
424                            String password2, boolean autoScreenName, String screenName,
425                            String emailAddress, long facebookId, String openId, Locale locale,
426                            String firstName, String middleName, String lastName, int prefixId,
427                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
428                            int birthdayYear, String jobTitle, long[] groupIds,
429                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
430                            List<Address> addresses, List<EmailAddress> emailAddresses,
431                            List<Phone> phones, List<Website> websites,
432                            List<AnnouncementsDelivery> announcementsDelivers,
433                            boolean sendEmail, ServiceContext serviceContext)
434                    throws PortalException, SystemException {
435    
436                    boolean indexingEnabled = serviceContext.isIndexingEnabled();
437    
438                    serviceContext.setIndexingEnabled(false);
439    
440                    try {
441                            User user = addUserWithWorkflow(
442                                    companyId, autoPassword, password1, password2, autoScreenName,
443                                    screenName, emailAddress, facebookId, openId, locale, firstName,
444                                    middleName, lastName, prefixId, suffixId, male, birthdayMonth,
445                                    birthdayDay, birthdayYear, jobTitle, groupIds, organizationIds,
446                                    roleIds, userGroupIds, sendEmail, serviceContext);
447    
448                            UsersAdminUtil.updateAddresses(
449                                    Contact.class.getName(), user.getContactId(), addresses);
450    
451                            UsersAdminUtil.updateEmailAddresses(
452                                    Contact.class.getName(), user.getContactId(), emailAddresses);
453    
454                            UsersAdminUtil.updatePhones(
455                                    Contact.class.getName(), user.getContactId(), phones);
456    
457                            UsersAdminUtil.updateWebsites(
458                                    Contact.class.getName(), user.getContactId(), websites);
459    
460                            updateAnnouncementsDeliveries(
461                                    user.getUserId(), announcementsDelivers);
462    
463                            if (indexingEnabled) {
464                                    Indexer indexer = IndexerRegistryUtil.getIndexer(
465                                            User.class);
466    
467                                    indexer.reindex(user);
468                            }
469    
470                            return user;
471                    }
472                    finally {
473                            serviceContext.setIndexingEnabled(indexingEnabled);
474                    }
475            }
476    
477            /**
478             * Adds a user with workflow.
479             *
480             * <p>
481             * This method handles the creation and bookkeeping of the user including
482             * its resources, metadata, and internal data structures. It is not
483             * necessary to make subsequent calls to any methods to setup default
484             * groups, resources, etc.
485             * </p>
486             *
487             * @param  companyId the primary key of the user's company
488             * @param  autoPassword whether a password should be automatically
489             *         generated for the user
490             * @param  password1 the user's password
491             * @param  password2 the user's password confirmation
492             * @param  autoScreenName whether a screen name should be automatically
493             *         generated for the user
494             * @param  screenName the user's screen name
495             * @param  emailAddress the user's email address
496             * @param  facebookId the user's facebook ID
497             * @param  openId the user's OpenID
498             * @param  locale the user's locale
499             * @param  firstName the user's first name
500             * @param  middleName the user's middle name
501             * @param  lastName the user's last name
502             * @param  prefixId the user's name prefix ID
503             * @param  suffixId the user's name suffix ID
504             * @param  male whether the user is male
505             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
506             *         January)
507             * @param  birthdayDay the user's birthday day
508             * @param  birthdayYear the user's birthday year
509             * @param  jobTitle the user's job title
510             * @param  groupIds the primary keys of the user's groups
511             * @param  organizationIds the primary keys of the user's organizations
512             * @param  roleIds the primary keys of the roles this user possesses
513             * @param  userGroupIds the primary keys of the user's user groups
514             * @param  sendEmail whether to send the user an email notification about
515             *         their new account
516             * @param  serviceContext the user's service context (optionally
517             *         <code>null</code>). Can specify the user's universally unique
518             *         identifier (with the <code>uuid</code> attribute), asset
519             *         category IDs, asset tag names, and expando bridge attributes.
520             * @return the new user
521             * @throws PortalException if the user's information was invalid, if the
522             *         creator did not have permission to add users, or if the email
523             *         address was reserved
524             * @throws SystemException if a system exception occurred
525             */
526            public User addUserWithWorkflow(
527                            long companyId, boolean autoPassword, String password1,
528                            String password2, boolean autoScreenName, String screenName,
529                            String emailAddress, long facebookId, String openId, Locale locale,
530                            String firstName, String middleName, String lastName, int prefixId,
531                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
532                            int birthdayYear, String jobTitle, long[] groupIds,
533                            long[] organizationIds, long[] roleIds, long[] userGroupIds,
534                            boolean sendEmail, ServiceContext serviceContext)
535                    throws PortalException, SystemException {
536    
537                    long creatorUserId = 0;
538    
539                    try {
540                            creatorUserId = getUserId();
541                    }
542                    catch (PrincipalException pe) {
543                    }
544    
545                    checkAddUserPermission(
546                            creatorUserId, companyId, emailAddress, organizationIds,
547                            serviceContext);
548    
549                    return userLocalService.addUserWithWorkflow(
550                            creatorUserId, companyId, autoPassword, password1, password2,
551                            autoScreenName, screenName, emailAddress, facebookId, openId,
552                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
553                            birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
554                            organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
555            }
556    
557            /**
558             * Adds the users to the user group.
559             *
560             * @param  userGroupId the primary key of the user group
561             * @param  userIds the primary keys of the users
562             * @throws PortalException if a user group or user with the primary could
563             *         could not be found, or if the current user did not have
564             *         permission to assign group members
565             * @throws SystemException if a system exception occurred
566             */
567            public void addUserGroupUsers(long userGroupId, long[] userIds)
568                    throws PortalException, SystemException {
569    
570                    UserGroupPermissionUtil.check(
571                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
572    
573                    userLocalService.addUserGroupUsers(userGroupId, userIds);
574            }
575    
576            /**
577             * Deletes the user's portrait image.
578             *
579             * @param  userId the primary key of the user
580             * @throws PortalException if a user with the primary key could not be
581             *         found, if the user's portrait could not be found, or if the
582             *         current user did not have permission to update the user
583             * @throws SystemException if a system exception occurred
584             */
585            public void deletePortrait(long userId)
586                    throws PortalException, SystemException {
587    
588                    UserPermissionUtil.check(
589                            getPermissionChecker(), userId, ActionKeys.UPDATE);
590    
591                    userLocalService.deletePortrait(userId);
592            }
593    
594            /**
595             * Removes the user from the role.
596             *
597             * @param  roleId the primary key of the role
598             * @param  userId the primary key of the user
599             * @throws PortalException if a role or user with the primary key could not
600             *         be found, or if the current user did not have permission to
601             *         assign role members
602             * @throws SystemException if a system exception occurred
603             */
604            public void deleteRoleUser(long roleId, long userId)
605                    throws PortalException, SystemException {
606    
607                    RolePermissionUtil.check(
608                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
609    
610                    userLocalService.deleteRoleUser(roleId, userId);
611            }
612    
613            /**
614             * Deletes the user.
615             *
616             * @param  userId the primary key of the user
617             * @throws PortalException if a user with the primary key could not be
618             *         found or if the current user did not have permission to delete
619             *         the user
620             * @throws SystemException if a system exception occurred
621             */
622            public void deleteUser(long userId)
623                    throws PortalException, SystemException {
624    
625                    if (getUserId() == userId) {
626                            throw new RequiredUserException();
627                    }
628    
629                    UserPermissionUtil.check(
630                            getPermissionChecker(), userId, ActionKeys.DELETE);
631    
632                    userLocalService.deleteUser(userId);
633            }
634    
635            /**
636             * Returns the primary key of the default user for the company.
637             *
638             * @param  companyId the primary key of the company
639             * @return the primary key of the default user for the company
640             * @throws PortalException if a default user for the company could not be
641             *         found
642             * @throws SystemException if a system exception occurred
643             */
644            public long getDefaultUserId(long companyId)
645                    throws PortalException, SystemException {
646    
647                    return userLocalService.getDefaultUserId(companyId);
648            }
649    
650            /**
651             * Returns the primary keys of all the users belonging to the group.
652             *
653             * @param  groupId the primary key of the group
654             * @return the primary keys of the users belonging to the group
655             * @throws PortalException if the current user did not have permission to
656             *         view group assignments
657             * @throws SystemException if a system exception occurred
658             */
659            public long[] getGroupUserIds(long groupId)
660                    throws PortalException, SystemException {
661    
662                    GroupPermissionUtil.check(
663                            getPermissionChecker(), groupId, ActionKeys.VIEW_MEMBERS);
664    
665                    return userLocalService.getGroupUserIds(groupId);
666            }
667    
668            /**
669             * Returns the primary keys of all the users belonging to the organization.
670             *
671             * @param  organizationId the primary key of the organization
672             * @return the primary keys of the users belonging to the organization
673             * @throws PortalException if the current user did not have permission to
674             *         view organization assignments
675             * @throws SystemException if a system exception occurred
676             */
677            public long[] getOrganizationUserIds(long organizationId)
678                    throws PortalException, SystemException {
679    
680                    OrganizationPermissionUtil.check(
681                            getPermissionChecker(), organizationId, ActionKeys.VIEW_MEMBERS);
682    
683                    return userLocalService.getOrganizationUserIds(organizationId);
684            }
685    
686            /**
687             * Returns the primary keys of all the users belonging to the role.
688             *
689             * @param  roleId the primary key of the role
690             * @return the primary keys of the users belonging to the role
691             * @throws PortalException if the current user did not have permission to
692             *         view role members
693             * @throws SystemException if a system exception occurred
694             */
695            public long[] getRoleUserIds(long roleId) throws
696                    PortalException, SystemException {
697    
698                    RolePermissionUtil.check(
699                            getPermissionChecker(), roleId, ActionKeys.VIEW);
700    
701                    return userLocalService.getRoleUserIds(roleId);
702            }
703    
704            /**
705             * Returns the user with the email address.
706             *
707             * @param  companyId the primary key of the user's company
708             * @param  emailAddress the user's email address
709             * @return the user with the email address
710             * @throws PortalException if a user with the email address could not be
711             *         found or if the current user did not have permission to view the
712             *         user
713             * @throws SystemException if a system exception occurred
714             */
715            public User getUserByEmailAddress(long companyId, String emailAddress)
716                    throws PortalException, SystemException {
717    
718                    User user = userLocalService.getUserByEmailAddress(
719                            companyId, emailAddress);
720    
721                    UserPermissionUtil.check(
722                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
723    
724                    return user;
725            }
726    
727            /**
728             * Returns the user with the primary key.
729             *
730             * @param  userId the primary key of the user
731             * @return the user with the primary key
732             * @throws PortalException if a user with the primary key could not be
733             *         found or if the current user did not have permission to view the
734             *         user
735             * @throws SystemException if a system exception occurred
736             */
737            public User getUserById(long userId)
738                    throws PortalException, SystemException {
739    
740                    User user = userPersistence.findByPrimaryKey(userId);
741    
742                    UserPermissionUtil.check(
743                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
744    
745                    return user;
746            }
747    
748            /**
749             * Returns the user with the screen name.
750             *
751             * @param  companyId the primary key of the user's company
752             * @param  screenName the user's screen name
753             * @return the user with the screen name
754             * @throws PortalException if a user with the screen name could not be
755             *         found or if the current user did not have permission to veiw the
756             *         user
757             * @throws SystemException if a system exception occurred
758             */
759            public User getUserByScreenName(long companyId, String screenName)
760                    throws PortalException, SystemException {
761    
762                    User user = userLocalService.getUserByScreenName(
763                            companyId, screenName);
764    
765                    UserPermissionUtil.check(
766                            getPermissionChecker(), user.getUserId(), ActionKeys.VIEW);
767    
768                    return user;
769            }
770    
771            /**
772             * Returns the primary key of the user with the email address.
773             *
774             * @param  companyId the primary key of the user's company
775             * @param  emailAddress the user's email address
776             * @return the primary key of the user with the email address
777             * @throws PortalException if a user with the email address could not be
778             *         found
779             * @throws SystemException if a system exception occurred
780             */
781            public long getUserIdByEmailAddress(long companyId, String emailAddress)
782                    throws PortalException, SystemException {
783    
784                    User user = getUserByEmailAddress(companyId, emailAddress);
785    
786                    return user.getUserId();
787            }
788    
789            /**
790             * Returns the primary key of the user with the screen name.
791             *
792             * @param  companyId the primary key of the user's company
793             * @param  screenName the user's screen name
794             * @return the primary key of the user with the screen name
795             * @throws PortalException if a user with the screen name could not be
796             *         found
797             * @throws SystemException if a system exception occurred
798             */
799            public long getUserIdByScreenName(long companyId, String screenName)
800                    throws PortalException, SystemException {
801    
802                    User user = getUserByScreenName(companyId, screenName);
803    
804                    return user.getUserId();
805            }
806    
807            /**
808             * Returns <code>true</code> if the user is a member of the group.
809             *
810             * @param  groupId the primary key of the group
811             * @param  userId the primary key of the user
812             * @return <code>true</code> if the user is a member of the group;
813             *         <code>false</code> otherwise
814             * @throws SystemException if a system exception occurred
815             */
816            public boolean hasGroupUser(long groupId, long userId)
817                    throws SystemException {
818    
819                    return userLocalService.hasGroupUser(groupId, userId);
820            }
821    
822            /**
823             * Returns <code>true</code> if the user is a member of the role.
824             *
825             * @param  roleId the primary key of the role
826             * @param  userId the primary key of the user
827             * @return <code>true</code> if the user is a member of the role;
828             *         <code>false</code> otherwise
829             * @throws SystemException if a system exception occurred
830             */
831            public boolean hasRoleUser(long roleId, long userId)
832                    throws SystemException {
833    
834                    return userLocalService.hasRoleUser(roleId, userId);
835            }
836    
837            /**
838             * Returns <code>true</code> if the user has the role with the name,
839             * optionally through inheritance.
840             *
841             * @param  companyId the primary key of the role's company
842             * @param  name the name of the role (must be a regular role, not an
843             *         organization, site or provider role)
844             * @param  userId the primary key of the user
845             * @param  inherited whether to include roles inherited from organizations,
846             *         sites, etc.
847             * @return <code>true</code> if the user has the role; <code>false</code>
848             *         otherwise
849             * @throws PortalException if a role with the name could not be found
850             * @throws SystemException if a system exception occurred
851             */
852            public boolean hasRoleUser(
853                            long companyId, String name, long userId, boolean inherited)
854                    throws PortalException, SystemException {
855    
856                    return userLocalService.hasRoleUser(companyId, name, userId, inherited);
857            }
858    
859            /**
860             * Updates a user account that was automatically created when a guest user
861             * participated in an action (e.g. posting a comment) and only provided his
862             * name and email address.
863             *
864             * @param  companyId the primary key of the user's company
865             * @param  autoPassword whether a password should be automatically
866             *         generated for the user
867             * @param  password1 the user's password
868             * @param  password2 the user's password confirmation
869             * @param  autoScreenName whether a screen name should be automatically
870             *         generated for the user
871             * @param  screenName the user's screen name
872             * @param  emailAddress the user's email address
873             * @param  facebookId the user's facebook ID
874             * @param  openId the user's OpenID
875             * @param  locale the user's locale
876             * @param  firstName the user's first name
877             * @param  middleName the user's middle name
878             * @param  lastName the user's last name
879             * @param  prefixId the user's name prefix ID
880             * @param  suffixId the user's name suffix ID
881             * @param  male whether the user is male
882             * @param  birthdayMonth the user's birthday month (0-based, meaning 0 for
883             *         January)
884             * @param  birthdayDay the user's birthday day
885             * @param  birthdayYear the user's birthday year
886             * @param  jobTitle the user's job title
887             * @param  updateUserInformation whether to update the user's information
888             * @param  sendEmail whether to send the user an email notification about
889             *         their new account
890             * @param  serviceContext the user's service context (optionally
891             *         <code>null</code>). Can specify the user's expando bridge
892             *         attributes.
893             * @return the user
894             * @throws PortalException if the user's information was invalid or if the
895             *         email address was reserved
896             * @throws SystemException if a system exception occurred
897             */
898            public User updateIncompleteUser(
899                            long companyId, boolean autoPassword, String password1,
900                            String password2, boolean autoScreenName, String screenName,
901                            String emailAddress, long facebookId, String openId, Locale locale,
902                            String firstName, String middleName, String lastName, int prefixId,
903                            int suffixId, boolean male, int birthdayMonth, int birthdayDay,
904                            int birthdayYear, String jobTitle, boolean updateUserInformation,
905                            boolean sendEmail, ServiceContext serviceContext)
906                    throws PortalException, SystemException {
907    
908                    long creatorUserId = 0;
909    
910                    try {
911                            creatorUserId = getUserId();
912                    }
913                    catch (PrincipalException pe) {
914                    }
915    
916                    checkAddUserPermission(
917                            creatorUserId, companyId, emailAddress, null, serviceContext);
918    
919                    return userLocalService.updateIncompleteUser(
920                            creatorUserId, companyId, autoPassword, password1, password2,
921                            autoScreenName, screenName, emailAddress, facebookId, openId,
922                            locale, firstName, middleName, lastName, prefixId, suffixId, male,
923                            birthdayMonth, birthdayDay, birthdayYear, jobTitle,
924                            updateUserInformation, sendEmail, serviceContext);
925            }
926    
927            /**
928             * Sets the users in the role, removing and adding users to the role as
929             * necessary.
930             *
931             * @param  roleId the primary key of the role
932             * @param  userIds the primary keys of the users
933             * @throws PortalException if the current user did not have permission to
934             *         assign role members
935             * @throws SystemException if a system exception occurred
936             */
937            public void setRoleUsers(long roleId, long[] userIds)
938                    throws PortalException, SystemException {
939    
940                    RolePermissionUtil.check(
941                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
942    
943                    userLocalService.setRoleUsers(roleId, userIds);
944            }
945    
946            /**
947             * Sets the users in the user group, removing and adding users to the user
948             * group as necessary.
949             *
950             * @param  userGroupId the primary key of the user group
951             * @param  userIds the primary keys of the users
952             * @throws PortalException if the current user did not have permission to
953             *         assign group members
954             * @throws SystemException if a system exception occurred
955             */
956            public void setUserGroupUsers(long userGroupId, long[] userIds)
957                    throws PortalException, SystemException {
958    
959                    UserGroupPermissionUtil.check(
960                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
961    
962                    userLocalService.setUserGroupUsers(userGroupId, userIds);
963            }
964    
965            /**
966             * Removes the users from the group.
967             *
968             * @param  groupId the primary key of the group
969             * @param  userIds the primary keys of the users
970             * @throws PortalException if the current user did not have permission to
971             *         modify group assignments
972             * @throws SystemException if a system exception occurred
973             */
974            public void unsetGroupUsers(long groupId, long[] userIds)
975                    throws PortalException, SystemException {
976    
977                    try {
978                            GroupPermissionUtil.check(
979                                    getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
980                    }
981                    catch (PrincipalException pe) {
982    
983                            // Allow any user to leave open and restricted sites
984    
985                            boolean hasPermission = false;
986    
987                            if (userIds.length == 0) {
988                                    hasPermission = true;
989                            }
990                            else if (userIds.length == 1) {
991                                    User user = getUser();
992    
993                                    if (user.getUserId() == userIds[0]) {
994                                            Group group = groupPersistence.findByPrimaryKey(groupId);
995    
996                                            if (user.getCompanyId() == group.getCompanyId()) {
997                                                    int type = group.getType();
998    
999                                                    if ((type == GroupConstants.TYPE_SITE_OPEN) ||
1000                                                            (type == GroupConstants.TYPE_SITE_RESTRICTED)) {
1001    
1002                                                            hasPermission = true;
1003                                                    }
1004                                            }
1005                                    }
1006                            }
1007    
1008                            if (!hasPermission) {
1009                                    throw new PrincipalException();
1010                            }
1011                    }
1012    
1013                    userLocalService.unsetGroupUsers(groupId, userIds);
1014            }
1015    
1016            /**
1017             * Removes the users from the organization.
1018             *
1019             * @param  organizationId the primary key of the organization
1020             * @param  userIds the primary keys of the users
1021             * @throws PortalException if the current user did not have permission to
1022             *         modify organization assignments
1023             * @throws SystemException if a system exception occurred
1024             */
1025            public void unsetOrganizationUsers(long organizationId, long[] userIds)
1026                    throws PortalException, SystemException {
1027    
1028                    OrganizationPermissionUtil.check(
1029                            getPermissionChecker(), organizationId,
1030                            ActionKeys.ASSIGN_MEMBERS);
1031    
1032                    userLocalService.unsetOrganizationUsers(organizationId, userIds);
1033            }
1034    
1035            /**
1036             * Removes the users from the password policy.
1037             *
1038             * @param  passwordPolicyId the primary key of the password policy
1039             * @param  userIds the primary keys of the users
1040             * @throws PortalException if the current user did not have permission to
1041             *         modify policy assignments
1042             * @throws SystemException if a system exception occurred
1043             */
1044            public void unsetPasswordPolicyUsers(long passwordPolicyId, long[] userIds)
1045                    throws PortalException, SystemException {
1046    
1047                    PasswordPolicyPermissionUtil.check(
1048                            getPermissionChecker(), passwordPolicyId,
1049                            ActionKeys.ASSIGN_MEMBERS);
1050    
1051                    userLocalService.unsetPasswordPolicyUsers(passwordPolicyId, userIds);
1052            }
1053    
1054            /**
1055             * Removes the users from the role.
1056             *
1057             * @param  roleId the primary key of the role
1058             * @param  userIds the primary keys of the users
1059             * @throws PortalException if the current user did not have permission to
1060             *         modify role assignments
1061             * @throws SystemException if a system exception occurred
1062             */
1063            public void unsetRoleUsers(long roleId, long[] userIds)
1064                    throws PortalException, SystemException {
1065    
1066                    RolePermissionUtil.check(
1067                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1068    
1069                    userLocalService.unsetRoleUsers(roleId, userIds);
1070            }
1071    
1072            /**
1073             * Removes the users from the team.
1074             *
1075             * @param  teamId the primary key of the team
1076             * @param  userIds the primary keys of the users
1077             * @throws PortalException if the current user did not have permission to
1078             *         modify team assignments
1079             * @throws SystemException if a system exception occurred
1080             */
1081            public void unsetTeamUsers(long teamId, long[] userIds)
1082                    throws PortalException, SystemException {
1083    
1084                    TeamPermissionUtil.check(
1085                            getPermissionChecker(), teamId, ActionKeys.ASSIGN_MEMBERS);
1086    
1087                    userLocalService.unsetTeamUsers(teamId, userIds);
1088            }
1089    
1090            /**
1091             * Removes the users from the user group.
1092             *
1093             * @param  userGroupId the primary key of the user group
1094             * @param  userIds the primary keys of the users
1095             * @throws PortalException if the current user did not have permission to
1096             *         modify user group assignments
1097             * @throws SystemException if a system exception occurred
1098             */
1099            public void unsetUserGroupUsers(long userGroupId, long[] userIds)
1100                    throws PortalException, SystemException {
1101    
1102                    UserGroupPermissionUtil.check(
1103                            getPermissionChecker(), userGroupId, ActionKeys.ASSIGN_MEMBERS);
1104    
1105                    userLocalService.unsetUserGroupUsers(userGroupId, userIds);
1106            }
1107    
1108            /**
1109             * Updates the user's response to the terms of use agreement.
1110             *
1111             * @param  userId the primary key of the user
1112             * @param  agreedToTermsOfUse whether the user has agree to the terms of
1113             *         use
1114             * @return the user
1115             * @throws PortalException if the current user did not have permission to
1116             *         update the user's agreement to terms-of-use
1117             * @throws SystemException if a system exception occurred
1118             */
1119            public User updateAgreedToTermsOfUse(
1120                            long userId, boolean agreedToTermsOfUse)
1121                    throws PortalException, SystemException {
1122    
1123                    UserPermissionUtil.check(
1124                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1125    
1126                    return userLocalService.updateAgreedToTermsOfUse(
1127                            userId, agreedToTermsOfUse);
1128            }
1129    
1130            /**
1131             * Updates the user's email address.
1132             *
1133             * @param  userId the primary key of the user
1134             * @param  password the user's password
1135             * @param  emailAddress1 the user's new email address
1136             * @param  emailAddress2 the user's new email address confirmation
1137             * @return the user
1138             * @throws PortalException if a user with the primary key could not be
1139             *         found or if the current user did not have permission to update
1140             *         the user
1141             * @throws SystemException if a system exception occurred
1142             */
1143            public User updateEmailAddress(
1144                            long userId, String password, String emailAddress1,
1145                            String emailAddress2)
1146                    throws PortalException, SystemException {
1147    
1148                    UserPermissionUtil.check(
1149                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1150    
1151                    return userLocalService.updateEmailAddress(
1152                            userId, password, emailAddress1, emailAddress2);
1153            }
1154    
1155            /**
1156             * Updates whether the user is locked out from logging in.
1157             *
1158             * @param  userId the primary key of the user
1159             * @param  lockout whether the user is locked out
1160             * @return the user
1161             * @throws PortalException if the user did not have permission to lock out
1162             *         the user
1163             * @throws SystemException if a system exception occurred
1164             */
1165            public User updateLockoutById(long userId, boolean lockout)
1166                    throws PortalException, SystemException {
1167    
1168                    UserPermissionUtil.check(
1169                            getPermissionChecker(), userId, ActionKeys.DELETE);
1170    
1171                    return userLocalService.updateLockoutById(userId, lockout);
1172            }
1173    
1174            /**
1175             * Updates the user's OpenID.
1176             *
1177             * @param  userId the primary key of the user
1178             * @param  openId the new OpenID
1179             * @return the user
1180             * @throws PortalException if a user with the primary key could not be
1181             *         found or if the current user did not have permission to update
1182             *         the user
1183             * @throws SystemException if a system exception occurred
1184             */
1185            public User updateOpenId(long userId, String openId)
1186                    throws PortalException, SystemException {
1187    
1188                    UserPermissionUtil.check(
1189                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1190    
1191                    return userLocalService.updateOpenId(userId, openId);
1192            }
1193    
1194            /**
1195             * Sets the organizations that the user is in, removing and adding
1196             * organizations as necessary.
1197             *
1198             * @param  userId the primary key of the user
1199             * @param  organizationIds the primary keys of the organizations
1200             * @throws PortalException if a user with the primary key could not be
1201             *         found or if the current user did not have permission to update
1202             *         the user
1203             * @throws SystemException if a system exception occurred
1204             */
1205            public void updateOrganizations(
1206                            long userId, long[] organizationIds, ServiceContext serviceContext)
1207                    throws PortalException, SystemException {
1208    
1209                    UserPermissionUtil.check(
1210                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1211    
1212                    userLocalService.updateOrganizations(
1213                            userId, organizationIds, serviceContext);
1214            }
1215    
1216            /**
1217             * Updates the user's password without tracking or validation of the
1218             * change.
1219             *
1220             * @param  userId the primary key of the user
1221             * @param  password1 the user's new password
1222             * @param  password2 the user's new password confirmation
1223             * @param  passwordReset whether the user should be asked to reset their
1224             *         password the next time they log in
1225             * @return the user
1226             * @throws PortalException if a user with the primary key could not be
1227             *         found or if the current user did not have permission to update
1228             *         the user
1229             * @throws SystemException if a system exception occurred
1230             */
1231            public User updatePassword(
1232                            long userId, String password1, String password2,
1233                            boolean passwordReset)
1234                    throws PortalException, SystemException {
1235    
1236                    UserPermissionUtil.check(
1237                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1238    
1239                    return userLocalService.updatePassword(
1240                            userId, password1, password2, passwordReset);
1241            }
1242    
1243            /**
1244             * Updates the user's portrait image.
1245             *
1246             * @param  userId the primary key of the user
1247             * @param  bytes the new portrait image data
1248             * @return the user
1249             * @throws PortalException if a user with the primary key could not be
1250             *         found, if the new portrait was invalid, or if the current user
1251             *         did not have permission to update the user
1252             * @throws SystemException if a system exception occurred
1253             */
1254            public User updatePortrait(long userId, byte[] bytes)
1255                    throws PortalException, SystemException {
1256    
1257                    UserPermissionUtil.check(
1258                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1259    
1260                    return userLocalService.updatePortrait(userId, bytes);
1261            }
1262    
1263            /**
1264             * Updates the user's password reset question and answer.
1265             *
1266             * @param  userId the primary key of the user
1267             * @param  question the user's new password reset question
1268             * @param  answer the user's new password reset answer
1269             * @return the user
1270             * @throws PortalException if a user with the primary key could not be
1271             *         found, if the new question or answer were invalid, or if the
1272             *         current user did not have permission to update the user
1273             * @throws SystemException if a system exception occurred
1274             */
1275            public User updateReminderQuery(
1276                            long userId, String question, String answer)
1277                    throws PortalException, SystemException {
1278    
1279                    UserPermissionUtil.check(
1280                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1281    
1282                    return userLocalService.updateReminderQuery(userId, question, answer);
1283            }
1284    
1285            /**
1286             * Updates the user's screen name.
1287             *
1288             * @param  userId the primary key of the user
1289             * @param  screenName the user's new screen name
1290             * @return the user
1291             * @throws PortalException if a user with the primary key could not be
1292             *         found, if the new screen name was invalid, or if the current
1293             *         user did not have permission to update the user
1294             * @throws SystemException if a system exception occurred
1295             */
1296            public User updateScreenName(long userId, String screenName)
1297                    throws PortalException, SystemException {
1298    
1299                    UserPermissionUtil.check(
1300                            getPermissionChecker(), userId, ActionKeys.UPDATE);
1301    
1302                    return userLocalService.updateScreenName(userId, screenName);
1303            }
1304    
1305            /**
1306             * Updates the user's workflow status.
1307             *
1308             * @param  userId the primary key of the user
1309             * @param  status the user's new workflow status
1310             * @return the user
1311             * @throws PortalException if a user with the primary key could not be
1312             *         found, if the current user was updating her own status to
1313             *         anything but {@link WorkflowConstants.STATUS_APPROVED}, or if
1314             *         the current user did not have permission to update the user's
1315             *         workflow status.
1316             * @throws SystemException if a system exception occurred
1317             */
1318            public User updateStatus(long userId, int status)
1319                    throws PortalException, SystemException {
1320    
1321                    if ((getUserId() == userId) &&
1322                            (status != WorkflowConstants.STATUS_APPROVED)) {
1323    
1324                            throw new RequiredUserException();
1325                    }
1326    
1327                    UserPermissionUtil.check(
1328                            getPermissionChecker(), userId, ActionKeys.DELETE);
1329    
1330                    return userLocalService.updateStatus(userId, status);
1331            }
1332    
1333            /**
1334             * Updates the user with additional parameters.
1335             *
1336             * @param  userId the primary key of the user
1337             * @param  oldPassword the user's old password
1338             * @param  newPassword1 the user's new password (optionally
1339             *         <code>null</code>)
1340             * @param  newPassword2 the user's new password confirmation (optionally
1341             *         <code>null</code>)
1342             * @param  passwordReset whether the user should be asked to reset their
1343             *         password the next time they login
1344             * @param  reminderQueryQuestion the user's new password reset question
1345             * @param  reminderQueryAnswer the user's new password reset answer
1346             * @param  screenName the user's new screen name
1347             * @param  emailAddress the user's new email address
1348             * @param  facebookId the user's new Facebook ID
1349             * @param  openId the user's new OpenID
1350             * @param  languageId the user's new language ID
1351             * @param  timeZoneId the user's new time zone ID
1352             * @param  greeting the user's new greeting
1353             * @param  comments the user's new comments
1354             * @param  firstName the user's new first name
1355             * @param  middleName the user's new middle name
1356             * @param  lastName the user's new last name
1357             * @param  prefixId the user's new name prefix ID
1358             * @param  suffixId the user's new name suffix ID
1359             * @param  male whether user is male
1360             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1361             *         for January)
1362             * @param  birthdayDay the user's new birthday day
1363             * @param  birthdayYear the user's birthday year
1364             * @param  smsSn the user's new SMS screen name
1365             * @param  aimSn the user's new AIM screen name
1366             * @param  facebookSn the user's new Facebook screen name
1367             * @param  icqSn the user's new ICQ screen name
1368             * @param  jabberSn the user's new Jabber screen name
1369             * @param  msnSn the user's new MSN screen name
1370             * @param  mySpaceSn the user's new MySpace screen name
1371             * @param  skypeSn the user's new Skype screen name
1372             * @param  twitterSn the user's new Twitter screen name
1373             * @param  ymSn the user's new Yahoo! Messenger screen name
1374             * @param  jobTitle the user's new job title
1375             * @param  groupIds the primary keys of the user's groups
1376             * @param  organizationIds the primary keys of the user's organizations
1377             * @param  roleIds the primary keys of the user's roles
1378             * @param  userGroupRoles the user user's group roles
1379             * @param  userGroupIds the primary keys of the user's user groups
1380             * @param  addresses the user's addresses
1381             * @param  emailAddresses the user's email addresses
1382             * @param  phones the user's phone numbers
1383             * @param  websites the user's websites
1384             * @param  announcementsDelivers the announcements deliveries
1385             * @param  serviceContext the user's service context (optionally
1386             *         <code>null</code>). Can specify the user's universally unique
1387             *         identifier (with the <code>uuid</code> attribute), replacement
1388             *         asset category IDs, replacement asset tag names, and new expando
1389             *         bridge attributes.
1390             * @return the user
1391             * @throws PortalException if a user with the primary key could not be
1392             *         found, if the new information was invalid, or if the current
1393             *         user did not have permission to update the user
1394             * @throws SystemException if a system exception occurred
1395             */
1396            public User updateUser(
1397                            long userId, String oldPassword, String newPassword1,
1398                            String newPassword2, boolean passwordReset,
1399                            String reminderQueryQuestion, String reminderQueryAnswer,
1400                            String screenName, String emailAddress, long facebookId,
1401                            String openId, String languageId, String timeZoneId,
1402                            String greeting, String comments, String firstName,
1403                            String middleName, String lastName, int prefixId, int suffixId,
1404                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1405                            String smsSn, String aimSn, String facebookSn, String icqSn,
1406                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1407                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1408                            long[] organizationIds, long[] roleIds,
1409                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1410                            List<Address> addresses, List<EmailAddress> emailAddresses,
1411                            List<Phone> phones, List<Website> websites,
1412                            List<AnnouncementsDelivery> announcementsDelivers,
1413                            ServiceContext serviceContext)
1414                    throws PortalException, SystemException {
1415    
1416                    User user = userPersistence.findByPrimaryKey(userId);
1417    
1418                    UsersAdminUtil.updateAddresses(
1419                            Contact.class.getName(), user.getContactId(), addresses);
1420    
1421                    UsersAdminUtil.updateEmailAddresses(
1422                            Contact.class.getName(), user.getContactId(), emailAddresses);
1423    
1424                    UsersAdminUtil.updatePhones(
1425                            Contact.class.getName(), user.getContactId(), phones);
1426    
1427                    UsersAdminUtil.updateWebsites(
1428                            Contact.class.getName(), user.getContactId(), websites);
1429    
1430                    updateAnnouncementsDeliveries(user.getUserId(), announcementsDelivers);
1431    
1432                    user = updateUser(
1433                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1434                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1435                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1436                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1437                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1438                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1439                            jobTitle, groupIds, organizationIds, roleIds,
1440                            userGroupRoles, userGroupIds, serviceContext);
1441    
1442                    return user;
1443            }
1444    
1445            /**
1446             * Updates the user.
1447             *
1448             * @param  userId the primary key of the user
1449             * @param  oldPassword the user's old password
1450             * @param  newPassword1 the user's new password (optionally
1451             *         <code>null</code>)
1452             * @param  newPassword2 the user's new password confirmation (optionally
1453             *         <code>null</code>)
1454             * @param  passwordReset whether the user should be asked to reset their
1455             *         password the next time they login
1456             * @param  reminderQueryQuestion the user's new password reset question
1457             * @param  reminderQueryAnswer the user's new password reset answer
1458             * @param  screenName the user's new screen name
1459             * @param  emailAddress the user's new email address
1460             * @param  facebookId the user's new Facebook ID
1461             * @param  openId the user's new OpenID
1462             * @param  languageId the user's new language ID
1463             * @param  timeZoneId the user's new time zone ID
1464             * @param  greeting the user's new greeting
1465             * @param  comments the user's new comments
1466             * @param  firstName the user's new first name
1467             * @param  middleName the user's new middle name
1468             * @param  lastName the user's new last name
1469             * @param  prefixId the user's new name prefix ID
1470             * @param  suffixId the user's new name suffix ID
1471             * @param  male whether user is male
1472             * @param  birthdayMonth the user's new birthday month (0-based, meaning 0
1473             *         for January)
1474             * @param  birthdayDay the user's new birthday day
1475             * @param  birthdayYear the user's birthday year
1476             * @param  smsSn the user's new SMS screen name
1477             * @param  aimSn the user's new AIM screen name
1478             * @param  facebookSn the user's new Facebook screen name
1479             * @param  icqSn the user's new ICQ screen name
1480             * @param  jabberSn the user's new Jabber screen name
1481             * @param  msnSn the user's new MSN screen name
1482             * @param  mySpaceSn the user's new MySpace screen name
1483             * @param  skypeSn the user's new Skype screen name
1484             * @param  twitterSn the user's new Twitter screen name
1485             * @param  ymSn the user's new Yahoo! Messenger screen name
1486             * @param  jobTitle the user's new job title
1487             * @param  groupIds the primary keys of the user's groups
1488             * @param  organizationIds the primary keys of the user's organizations
1489             * @param  roleIds the primary keys of the user's roles
1490             * @param  userGroupRoles the user user's group roles
1491             * @param  userGroupIds the primary keys of the user's user groups
1492             * @param  serviceContext the user's service context (optionally
1493             *         <code>null</code>). Can specify the user's universally unique
1494             *         identifier (with the <code>uuid</code> attribute), replacement
1495             *         asset category IDs, replacement asset tag names, and new expando
1496             *         bridge attributes.
1497             * @return the user
1498             * @throws PortalException if a user with the primary key could not be
1499             *         found, if the new information was invalid, or if the current
1500             *         user did not have permission to update the user
1501             * @throws SystemException if a system exception occurred
1502             */
1503            public User updateUser(
1504                            long userId, String oldPassword, String newPassword1,
1505                            String newPassword2, boolean passwordReset,
1506                            String reminderQueryQuestion, String reminderQueryAnswer,
1507                            String screenName, String emailAddress, long facebookId,
1508                            String openId, String languageId, String timeZoneId,
1509                            String greeting, String comments, String firstName,
1510                            String middleName, String lastName, int prefixId, int suffixId,
1511                            boolean male, int birthdayMonth, int birthdayDay, int birthdayYear,
1512                            String smsSn, String aimSn, String facebookSn, String icqSn,
1513                            String jabberSn, String msnSn, String mySpaceSn, String skypeSn,
1514                            String twitterSn, String ymSn, String jobTitle, long[] groupIds,
1515                            long[] organizationIds, long[] roleIds,
1516                            List<UserGroupRole> userGroupRoles, long[] userGroupIds,
1517                            ServiceContext serviceContext)
1518                    throws PortalException, SystemException {
1519    
1520                    UserPermissionUtil.check(
1521                            getPermissionChecker(), userId, organizationIds, ActionKeys.UPDATE);
1522    
1523                    long curUserId = getUserId();
1524    
1525                    if (curUserId == userId) {
1526                            User user = userPersistence.findByPrimaryKey(userId);
1527    
1528                            screenName = screenName.trim().toLowerCase();
1529    
1530                            if (!screenName.equalsIgnoreCase(user.getScreenName())) {
1531                                    validateScreenName(user, screenName);
1532                            }
1533    
1534                            emailAddress = emailAddress.trim().toLowerCase();
1535    
1536                            if (!emailAddress.equalsIgnoreCase(user.getEmailAddress())) {
1537                                    validateEmailAddress(user, emailAddress);
1538                            }
1539                    }
1540    
1541                    if (groupIds != null) {
1542                            groupIds = checkGroups(userId, groupIds);
1543                    }
1544    
1545                    if (organizationIds != null) {
1546                            organizationIds = checkOrganizations(userId, organizationIds);
1547                    }
1548    
1549                    if (roleIds != null) {
1550                            roleIds = checkRoles(userId, roleIds);
1551                    }
1552    
1553                    if (userGroupRoles != null) {
1554                            userGroupRoles = checkUserGroupRoles(userId, userGroupRoles);
1555                    }
1556    
1557                    return userLocalService.updateUser(
1558                            userId, oldPassword, newPassword1, newPassword2, passwordReset,
1559                            reminderQueryQuestion, reminderQueryAnswer, screenName,
1560                            emailAddress, facebookId, openId, languageId, timeZoneId, greeting,
1561                            comments, firstName, middleName, lastName, prefixId, suffixId, male,
1562                            birthdayMonth, birthdayDay, birthdayYear, smsSn, aimSn, facebookSn,
1563                            icqSn, jabberSn, msnSn, mySpaceSn, skypeSn, twitterSn, ymSn,
1564                            jobTitle, groupIds, organizationIds, roleIds, userGroupRoles,
1565                            userGroupIds, serviceContext);
1566            }
1567    
1568            protected void checkAddUserPermission(
1569                            long creatorUserId, long companyId, String emailAddress,
1570                            long[] organizationIds, ServiceContext serviceContext)
1571                    throws PortalException, SystemException {
1572    
1573                    Company company = companyPersistence.findByPrimaryKey(companyId);
1574    
1575                    boolean anonymousUser = GetterUtil.getBoolean(
1576                            serviceContext.getAttribute("anonymousUser"));
1577    
1578                    if ((creatorUserId != 0) ||
1579                            (!company.isStrangers() && !anonymousUser)) {
1580    
1581                            if (!PortalPermissionUtil.contains(
1582                                            getPermissionChecker(), ActionKeys.ADD_USER) &&
1583                                    !OrganizationPermissionUtil.contains(
1584                                            getPermissionChecker(), organizationIds,
1585                                            ActionKeys.ASSIGN_MEMBERS)) {
1586    
1587                                    throw new PrincipalException();
1588                            }
1589                    }
1590    
1591                    if (creatorUserId == 0) {
1592                            if (!company.isStrangersWithMx() &&
1593                                    company.hasCompanyMx(emailAddress)) {
1594    
1595                                    throw new ReservedUserEmailAddressException();
1596                            }
1597                    }
1598            }
1599    
1600            protected long[] checkGroups(long userId, long[] groupIds)
1601                    throws PortalException, SystemException {
1602    
1603                    // Add back any groups that the administrator does not have the rights
1604                    // to remove and check that he has the permission to add any new group
1605    
1606                    List<Group> oldGroups = groupLocalService.getUserGroups(userId);
1607                    long[] oldGroupIds = new long[oldGroups.size()];
1608    
1609                    for (int i = 0; i < oldGroups.size(); i++) {
1610                            Group group = oldGroups.get(i);
1611    
1612                            if (!ArrayUtil.contains(groupIds, group.getGroupId()) &&
1613                                    !GroupPermissionUtil.contains(
1614                                            getPermissionChecker(), group.getGroupId(),
1615                                            ActionKeys.ASSIGN_MEMBERS)) {
1616    
1617                                    groupIds = ArrayUtil.append(groupIds, group.getGroupId());
1618                            }
1619    
1620                            oldGroupIds[i] = group.getGroupId();
1621                    }
1622    
1623                    for (long groupId : groupIds) {
1624                            if (!ArrayUtil.contains(oldGroupIds, groupId)) {
1625                                    GroupPermissionUtil.check(
1626                                            getPermissionChecker(), groupId, ActionKeys.ASSIGN_MEMBERS);
1627                            }
1628                    }
1629    
1630                    return groupIds;
1631            }
1632    
1633            protected long[] checkOrganizations(long userId, long[] organizationIds)
1634                    throws PortalException, SystemException {
1635    
1636                    // Add back any organizations that the administrator does not have the
1637                    // rights to remove and check that he has the permission to add any new
1638                    // organization
1639    
1640                    List<Organization> oldOrganizations =
1641                            organizationLocalService.getUserOrganizations(userId);
1642                    long[] oldOrganizationIds = new long[oldOrganizations.size()];
1643    
1644                    for (int i = 0; i < oldOrganizations.size(); i++) {
1645                            Organization organization = oldOrganizations.get(i);
1646    
1647                            if (!ArrayUtil.contains(
1648                                            organizationIds, organization.getOrganizationId()) &&
1649                                    !OrganizationPermissionUtil.contains(
1650                                            getPermissionChecker(), organization.getOrganizationId(),
1651                                            ActionKeys.ASSIGN_MEMBERS)) {
1652    
1653                                    organizationIds = ArrayUtil.append(
1654                                            organizationIds, organization.getOrganizationId());
1655                            }
1656    
1657                            oldOrganizationIds[i] = organization.getOrganizationId();
1658                    }
1659    
1660                    for (long organizationId : organizationIds) {
1661                            if (!ArrayUtil.contains(oldOrganizationIds, organizationId)) {
1662                                    OrganizationPermissionUtil.check(
1663                                            getPermissionChecker(), organizationId,
1664                                            ActionKeys.ASSIGN_MEMBERS);
1665                            }
1666                    }
1667    
1668                    return organizationIds;
1669            }
1670    
1671            protected long[] checkRoles(long userId, long[] roleIds)
1672                    throws PrincipalException, SystemException {
1673    
1674                    // Add back any roles that the administrator does not have the rights to
1675                    // remove and check that he has the permission to add any new role
1676    
1677                    List<Role> oldRoles = roleLocalService.getUserRoles(userId);
1678                    long[] oldRoleIds = new long[oldRoles.size()];
1679    
1680                    for (int i = 0; i < oldRoles.size(); i++) {
1681                            Role role = oldRoles.get(i);
1682    
1683                            if (!ArrayUtil.contains(roleIds, role.getRoleId()) &&
1684                                    !RolePermissionUtil.contains(
1685                                            getPermissionChecker(), role.getRoleId(),
1686                                            ActionKeys.ASSIGN_MEMBERS)) {
1687    
1688                                    roleIds = ArrayUtil.append(roleIds, role.getRoleId());
1689                            }
1690    
1691                            oldRoleIds[i] = role.getRoleId();
1692                    }
1693    
1694                    for (long roleId : roleIds) {
1695                            if (!ArrayUtil.contains(oldRoleIds, roleId)) {
1696                                    RolePermissionUtil.check(
1697                                            getPermissionChecker(), roleId, ActionKeys.ASSIGN_MEMBERS);
1698                            }
1699                    }
1700    
1701                    return roleIds;
1702            }
1703    
1704            protected List<UserGroupRole> checkUserGroupRoles(
1705                            long userId, List<UserGroupRole> userGroupRoles)
1706                    throws PortalException, SystemException {
1707    
1708                    // Add back any group roles that the administrator does not have the
1709                    // rights to remove
1710    
1711                    List<UserGroupRole> oldUserGroupRoles =
1712                            userGroupRoleLocalService.getUserGroupRoles(userId);
1713    
1714                    for (UserGroupRole oldUserGroupRole : oldUserGroupRoles) {
1715                            if (!userGroupRoles.contains(oldUserGroupRole) &&
1716                                    !UserGroupRolePermissionUtil.contains(
1717                                            getPermissionChecker(), oldUserGroupRole.getGroupId(),
1718                                            oldUserGroupRole.getRoleId())) {
1719    
1720                                    userGroupRoles.add(oldUserGroupRole);
1721                            }
1722                    }
1723    
1724                    for (UserGroupRole userGroupRole : userGroupRoles) {
1725                            if (!oldUserGroupRoles.contains(userGroupRole)) {
1726                                    UserGroupRolePermissionUtil.check(
1727                                            getPermissionChecker(), userGroupRole.getGroupId(),
1728                                            userGroupRole.getRoleId());
1729                            }
1730                    }
1731    
1732                    return userGroupRoles;
1733            }
1734    
1735            protected void updateAnnouncementsDeliveries(
1736                            long userId, List<AnnouncementsDelivery> announcementsDeliveries)
1737                    throws PortalException, SystemException {
1738    
1739                    for (AnnouncementsDelivery announcementsDelivery :
1740                                    announcementsDeliveries) {
1741    
1742                            announcementsDeliveryService.updateDelivery(
1743                                    userId, announcementsDelivery.getType(),
1744                                    announcementsDelivery.getEmail(),
1745                                    announcementsDelivery.getSms(),
1746                                    announcementsDelivery.getWebsite());
1747                    }
1748            }
1749    
1750            protected void validateEmailAddress(User user, String emailAddress)
1751                    throws PortalException, SystemException {
1752    
1753                    PermissionChecker permissionChecker = getPermissionChecker();
1754    
1755                    if (!UsersAdminUtil.hasUpdateEmailAddress(permissionChecker, user)) {
1756                            throw new UserEmailAddressException();
1757                    }
1758    
1759                    if (!user.hasCompanyMx() && user.hasCompanyMx(emailAddress)) {
1760                            Company company = companyPersistence.findByPrimaryKey(
1761                                    user.getCompanyId());
1762    
1763                            if (!company.isStrangersWithMx()) {
1764                                    throw new ReservedUserEmailAddressException();
1765                            }
1766                    }
1767            }
1768    
1769            protected void validateOrganizationUsers(long[] userIds)
1770                    throws PortalException, SystemException {
1771    
1772                    PermissionChecker permissionChecker = getPermissionChecker();
1773    
1774                    if (!PropsValues.ORGANIZATIONS_ASSIGNMENT_STRICT ||
1775                            permissionChecker.isCompanyAdmin()) {
1776    
1777                            return;
1778                    }
1779    
1780                    List<Organization> organizations =
1781                            organizationLocalService.getUserOrganizations(
1782                                    permissionChecker.getUserId());
1783    
1784                    for (long userId : userIds) {
1785                            boolean allowed = false;
1786    
1787                            for (Organization organization : organizations) {
1788                                    boolean manageUsers = OrganizationPermissionUtil.contains(
1789                                            permissionChecker, organization, ActionKeys.MANAGE_USERS);
1790                                    boolean manageSuborganizations =
1791                                            OrganizationPermissionUtil.contains(
1792                                                    permissionChecker, organization,
1793                                                    ActionKeys.MANAGE_SUBORGANIZATIONS);
1794    
1795                                    if (!manageUsers && !manageSuborganizations) {
1796                                            continue;
1797                                    }
1798    
1799                                    boolean inherited = false;
1800                                    boolean includeSpecifiedOrganization = false;
1801    
1802                                    if (manageUsers && manageSuborganizations) {
1803                                            inherited = true;
1804                                            includeSpecifiedOrganization = true;
1805                                    }
1806                                    else if (!manageUsers && manageSuborganizations) {
1807                                            inherited = true;
1808                                            includeSpecifiedOrganization = false;
1809                                    }
1810    
1811                                    if (organizationLocalService.hasUserOrganization(
1812                                                    userId, organization.getOrganizationId(), inherited,
1813                                                    false, includeSpecifiedOrganization)) {
1814    
1815                                            allowed = true;
1816    
1817                                            break;
1818                                    }
1819                            }
1820    
1821                            if (!allowed) {
1822                                    throw new PrincipalException();
1823                            }
1824                    }
1825            }
1826    
1827            protected void validateScreenName(User user, String screenName)
1828                    throws PortalException, SystemException {
1829    
1830                    PermissionChecker permissionChecker = getPermissionChecker();
1831    
1832                    if (!UsersAdminUtil.hasUpdateScreenName(permissionChecker, user)) {
1833                            throw new UserScreenNameException();
1834                    }
1835            }
1836    
1837    }